tomfmason

The level of security also depends on your host's setup(assuming shared host). If the session files are stored in a publicly readable directory such as /tmp (the default) and a little work I could hijack those sessions. As a general rule I would set the session_save_path <?php ini_set("session.save_path", "/path/to/your/sessions/"); session_start(); ?>

from the two snippets above it appears that some basic security fundamentals like sanitizing user input were missed . If I were you I would checkout Daniel's php security tutorial.

with a quick google search I found http://www.t4vn.net/tutorials/showtutorials/An-Introduction-to-Mcrypt-and-PHP.html although it is php4

in your directory config for phpmyadmin (/etc/apache2/config.d/phpmyadmin.conf) you need something like this: <Directory /usr/share/phpmyadmin/> AllowOverride All Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory> you may need to use the ip address for the server instead of 127.0.0.1. I had to do that for postgresql as it was seeing my ssh connection as the external ip address and not 127.0.0.1 I am going to assume that you are using putty to connect to the box. In which case checkout http://oldsite.precedence.co.uk/nc/putty.html. Use port 80 for the remote port and whatever you want for the local port. Then you can go to http://localhost:xx/phpmyadmin(xx is the local port)

on debian phpmyadmin is installed to /usr/share/phpmyadmin. I bet ubuntu is the same. If I were the only one using phpmyadmin I would not make it publicly accessible and use it via a ssh tunnel.

I prefer Git over SVN

imo, that is hardly enough for standard usage let alone a media server of any kind. 40gb monthly usage is really nothing. Most remote hosts give 1500gb+. You should also check your providers TOS as I am willing to bet that they do not allow their customers to host servers with their service. Most ISPs will allow this but it often requires a business account and higher monthly rates.

For css, html and javascript I like to use aptana.. It really makes codding js much easier.. It has the dreamweaver like "auto-complete" feature for javascript. However, there is one major draw back. It is a java based app and seems to take a large amount system resources. Anyone familiar with Eclipse will know what I mean..

Np.. I am here to help

Your post got me thinking.. I do something like this for the get and post method for my php scripts so I thought why couldn't it be done with javascript.. I have only tested this is IE6 I am not sure about FF or Opera. [code=php:0] function something(form) {     var fld = document.forms[form].elements;     //this will get the total number of fields in the form     var fmax = fld.length;     var vals;     var error = new Array();     //now we loop thorough the fields.     for (var i = 0; i < fmax; i++) {           //this is going to assume that you have a name for the submit button          if (fld[i].name !== 'submit') {              if (fld[i].value == '') {                   error[] = fld[i].name;              }              if (i == 0) {                  vals += fld[i].name + '=' + fld[i].value;              } else {                  vals += '&' + fld[i].name + '=' + fld[i].name;              }          }      }      if (error.length !== 0) {          var errors;          for (var i = 0; i < error.length; i++;) {                 errors += error[i] + ', ';          }          var val = errors.split('undefinded');          alert('You did not enter the following fields ' + val);      } else {          var param = vals.split('undefined');          //now we return the second part of the split          return param[1];      } }                [/code] now you can do this in the function that sends the results to the php file. [code=php:0] function yourfunction(form) {     var params = something(form);     first.open('POST', 'youscript.php');     first.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');     first.send(params);     first.onreadystatechange = somethingElse; } [/code] now you call this function like this onclick="yourfunction(this.form.name);" You could also add the name of the script that you want to send it to by doing this onclick="yourfunction(this.form.name, script);" and adding that to that to the yourfunction  function like this. [code=php:0] function yourfunction(form, script) {     var params = something(form);     first.open('POST', script + '.php');     first.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');     first.send(params);     first.onreadystatechange = somethingElse; } [/code] You will also have to have a name for the form and a name for the fields. hope that helps, Tom

here is a nice reference for [url=http://www.websina.com/bugzero/kb/regexp.html]regular expressions[/url] Good Luck, TOm

Yea I tested that and it works fine in FF, Opera and IE6.. You could have less of a delay but you will still need one for fire fox. Also, this will only work if you are trying to change the location of a frame on the page that you opened the popup from. Good Luck, Tom

This may help with targetting the a frame in the main window then set a small delay before closing the poup window. I have yet to test this but give it a try.. [code=php:0] function something() {     if (opener.frames['yourFrame'].location.href = 'yourpage.html') {         setTimeout('self.close();', 1000);     } } [/code] then <a href="#" onclick="something();">Something</a> Hope that helps, Tom

ok I think that I am understanding you correctly. You are wanting to use another function after returning the results from your first request... If so you can do something like this.. [code=php:0] //I am assuming that the Request object function is called createRequestObject() var first = createRequestObject(); var second = createRequestObject(); function something() {     var somefield = document.getElementById('fieldName').value;     first.open('POST', 'youscript.php');     first.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');     first.send('somefield=' + somefield);     first.onreadystatechange = somethingElse; } //now we can do something with the response. I am going to assume that you are updating //something in the db and will be returning ether the word updated or a error string function somethingElse() {     if (first.readyState = 4) {         var response = http.responseText;         if (response == 'update') {             doSomethingElse();         } else {             alert(response);         }     } } //now in the do someting else function you could display something or what ever. function doSomethingElse() {     second.open('GET', 'somescript.php?page=somepage');     second.send(null);     second.onreadystatechange = handleSomething; } function handleSomething() {    if (second.readyState = 4) {        var page = second.resonseText;        if (page == 'error') {           alert('there was an error');        } else {           document.getElementById('yourContentDiv').innerHTML = page;        }    } }[/code] Does that answer you question? Tom

Like ober told me when i first started with Ajax well really javascript in general. You have to be absolutely precise. Did you try putting alerts at different points in the javascript? As I said if you use ether FireFox for Opera it would make your life alot easier. First make sure that you have no errors in your php script. Then start debuging your javascript with the alerts like I said. Good Luck, Tom