mac.php

mysql_query("INSERT INTO roster (Name, Title, CellPhone, HomePhone, Email, Notes, Position, Terminated) VALUES ('".$_POST['Name1']."', '".$_POST['Title1']."', '".$_POST['CellPhone1']."', '".$_POST['HomePhone1']."', '".$_POST['Email1']."', '".$_POST['Notes1']."', '".$_POST['Position1']."', '".$_POST['Terminated1']."')"); change too: mysql_query("INSERT INTO roster (Name, Title, CellPhone, HomePhone, Email, Notes, Position, Terminated) VALUES ('".$_POST['Name1']."', '".$_POST['Title1']."', '".$_POST['CellPhone1']."', '".$_POST['HomePhone1']."', '".$_POST['Email1']."', '".$_POST['Notes1']."', '".$_POST['Position1']."', '".$_POST['Terminated1']."')")or die( mysql_error() ); and then see if any error is outputted...

Hey ummm starting off i'm sorry if i posted this in the wrong area, this is kind of a broad section. but I know basic php/mysql security. MySQL Injection and things like that I know. I know to md5 or base64_encode and all that...but I read that those are no longer sufficent. It's been a while for me, and I would like to hear any of your recommendations/sites that can help me secure my code more efficently. (i am googling this, etc just wanted to hear your opinions) Thanks in advance!

[quote author=eunicewt link=topic=98963.msg389789#msg389789 date=1151687602] Hi,   It is a school project.I want to know how to send an email notification to this manager after the user has edited its profile and pressed the add button. It not only update the database but it also sends out an email to inform the manager as well? Anyone can help me? I am super stress by the codings. [/quote] post a new thread man.  :(  anyways it isn't the message board's doing, those servers may just have static ips.  There isn't a way to make the mail deliver any faster.  You can try a healthy alternatitive, such as image verification, or just warning users about the hotmail problem. 

There may be an error that is server side.  I'd suggest asking talking to your host if mysql_query() or die();  doesn't work or display an error 

Personally I think it needs more color. But it's good though, easy to read, doesn't really hurt the eyes, and best of all the load time is pretty good. So I think it's pretty good over all. 8.5/10

Yeah that makes your system more secure in my humble opinion.

[!--quoteo(post=371422:date=May 4 2006, 06:57 PM:name=roflwnt)--][div class=\'quotetop\']QUOTE(roflwnt @ May 4 2006, 06:57 PM) [snapback]371422[/snapback][/div][div class=\'quotemain\'][!--quotec--] Hi, ive been looking all over the place for an answer to this question and have been unable to find an answer. When i try to echo a string variable that has and html code in it, that code is not read by the browser and just ends up as regular text. Just for reference, what im trying to do is take partuicular posts on my forum database and display them in another page. the post shows up, but if there are any liks, images, etc in the post, rather than the browser displaying the link or image it gives me the html. any suggestions? [/quote] Because you are pulling this info out of a database, it will be hard to \" everything. So instead do echo($var); or: [code] echo'Post:' . $var . ' ';   [/code] notice the use of ' instead of " I hope I'm understanding you right.