pixy

You could always make a function that stored the user's md5($_SERVER[HTTP_USER_AGENT']) in a cookie when they log in, and check it against the actual user's md5($_SERVER[HTTP_USER_AGENT']) while browsing. Chances are there will be some sort of difference between them if the account is hijacked, and then you can kick them off.

Okay, firstly DONT seperate items by - marks. If you were even going to try to store stuff in a database like that, use serialize() (it stores arrays in text format, which you can unserialize() later)--but that's not a good idea either...far too messy IMO. Actually, I'm going to be working on an inventory system too, for my own RPG (it's based on Harry Potter) so if you want I could definately help you out. I'm going to be making shops and a bank and such...

Yep. I prefer to use the SHA() function myself, but it's basically the same thing. Lets say you enter password as your password. You store is as md5('password') and when you check it, you check if ((md5($_POST['password']) === (md5($password))) {   // whatever } Where $password is the password you pulled from the db.

^ Not really. You can choose to store information as a session, or as a cookie. Its a preference.

^ The problem is that the code it is messing up layout.

I haven't the slighest clue about that product, sorry! Looks like they have some sort of forum, so you might want to post your problem there so people who have more experience with it can help you out.

Maybe set a cookie on their computer with the time, then request it and see if enough time has passed for them to use the features...?

^ Agreed about the main page--that's what really makes a person want to join it. And I like your suggestions... I'm not a fan of the colorscheme--it's a bit too bold. I think the purple looks overkill. Your little creatures are really cute though. :)

^ That site is blocked by my internet filter for "criminal skills", lol. I think it looks really good! Not a fan of the white background, maybe do a very light green? I think it would look more "pulled together" that way. Love the colorscheme, very easy on the eyes.

Sometimes when I click on the tabs, the actual tab disappears for all of them and only the text remains...

Is this a script you installed?

Here's problem number one: Whenever my main <td> is taller that the menu, it pulls the menu down. I even used <td valign="top"> and it still doesn't work! This is how it looks right: [IMG]http://img.photobucket.com/albums/v72/vanillachick/looks_right.gif[/img] This is how it looks stretched: [IMG]http://img.photobucket.com/albums/v72/vanillachick/looks_bad.gif[/img] Any ideas what I can do to fix that?

Try plugging the query directly into the database and see what it gives you: SELECT * FROM `tbl_category` WHERE cat_parent_id=0;

Maybe you should take a screenshot of your database? Perhaps there's a problem with the values--since the PHP code looks valid to me.

If you have a database, this is essentially what you'd do. Asumming you access the "associations" through stories.php?id=123 where 123 is the "association" being worked on. [code] <?php // Connect to database if (isset($_GET['id'])) {     if (!is_numeric($_GET['id'])) {         die('you stupid hacker');     }     else {         $id = $_GET['id'];     } } $query = "SELECT story FROM stories WHERE story_id='$id'"; $result = mysql_query($query); $row = myqsl_fetch_array($result, MYSQL_NUM); $story = $row[0]; if (isset($_POST['story'])) {     if (empty($_POST['word'])) {         die('you did not enter a word');     }     else {         $word = $_POST['word'];         $storyid = $_POST['story'];         $newstory = ' '.$word;         $query = "UPDATE stories SET story='$newstory' WHERE story_id='$story_id'";         $result = mysql_query($query);         if ($result) {             echo 'Thanks for adding your word to story story.<br>             <a href="stories.php?id='.$story_id.'">View updated story!</a>';         }         else {             echo 'There has been an error.';         }     } } else {     echo $story . '<br>Would you like to add to this story:     <form action="stories.php" method="post">     <b>Add a Word:</b> <input type="text" name="word">     <input type="hidden" name="story" value="'.$id.'">     <input type="submit" name="submit" value="Add Word"></form>'; } ?> [/code] You'd need a database and a table called stories with fields "story_id" and "story".

All the images take a long time to load on my computer, even though I have a fast connection. Looks good, but I really dislike the bright green "newly added" or whatever next to the links. It looks randomly there, and ew.

I honestly don't know what "printf" does, but here's a shot... $query = "SELECT * FROM tbl_category WHERE cat_parent_id=0"; $result = mysql_query($query); echo '<select name="mainCategory" id="mainCategory"> <option value="0" selected>-- NONE --</option>'; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {     echo '<option value='.$row['cat_id'].'">'.$row['cat_name'].'</option>'; } echo '</select>'; ?>

PHP Freaks has a user-log in system tutorial. There's also a really great one at www.daydreamgraphics.com in the PHP tutorials section. As for sessions, there are also PHP Freaks tutorials on sessions. The essence is, sessions (unlike cookies) store information from a database in the session, instead of cookies which store an actual value. Sessions are generally more secure, as the information is never actually store on the user's computer. Be sure to read the sticky about headers in this forum, because if you don't use the start_session(); function before sending information to the browser you will get "headers already sent" errors.

You MUST setcookie(); before you load ANY information onto the page, or you will get this error. Please read the sticky in thread forum about "headers sent" before posting issues about headers.

Looks like javascript to me. Javascript for the countdown, and PHP to force the download (using headers).

Why not just do the entire thing, and committ it to the database when everything is sucessfull?

I am assuming you are going to be using transations for this? You can do all the queries and if one of them fails, tell the user to try again and it will rollback all changes. You've got to use the mysqli connections and functions to use transactions, and must be using an InnoDB database type.

You could try something like... $query = "SELECT COUNT(*) FROM pm WHERE sendto='{$_SESSION['user']['user']}' AND stats='0'"; $result = mysql_query($query); if (mysql_num_rows($result) != 0) {     echo '<script>alert("You have got a new Private message")</script>'; } Question: Why do you have $_SESSION['user']['user']? Why don't you use use $_SESSION['user']? And, some people disable javascript so your alert wouldn't do anything anyways. You can put <noscript> tags around an alternate message for people who turn it off. That way, they would be notified even if they have javascript turned off.

If you're not having people doing things to your site, then you should have no reason to ban them.

The bright color hurts my eyes and I don't like the way you laid out all the options. They should be more orginized in not so bright tables or something. Like the idea, though.