Daniel0

Change Name: <b>$track[$i]</b> to Name: <b>$track</b> and change Artist: <b>$artist[$i]</b> to Artist: <b>$artist</b> Neither of those two variables are arrays.

Yes. By installing that package it'll also install the dependencies, so you'll get the PHP binaries as well. The following packages should be sufficient for a LAMP: apache2 libapache2-mod-php5 mysql-server-5.0 You might also want the phpmyadmin package. Edit: You might want to check out this: https://help.ubuntu.com/community/ApacheMySQLPHP

Ah, well... I just assumed the domain would look sort of like the one you originally posted. Try this instead: <?php $url = 'http://yourdomain.com/files/1186885_f5plf/Dj_Mtamerr_-_Lessons_In_Love_-[32kbs]-_[YourDomain.com].mp3'; list($artist, $track) = explode('-', strrchr($url, '/')); $artist = trim(str_replace('_', ' ', ltrim($artist, '/'))); $track = trim(str_replace('_', ' ', $track)); ?>

<?php $url = 'http://yourdomain.com/Dj_Mtamerr_-_Lessons_In_Love_-[32kbs]-_[YourDomain.com].mp3'; list($artist, $track) = explode('-', parse_url($url, PHP_URL_PATH)); $artist = str_replace('_', ' ', ltrim($artist, '/')); $track = str_replace('_', ' ', $track); ?> Try that. It isn't tested. Edit: Just tested it. It does work. You might want to run both $artist and $track through trim() to remove the spaces at the start and end of the string.

You could take this part of your code: <?php echo str_replace("\n","<br>",$html) ?> and change it to <?php echo str_replace("\n","<br>", preg_replace('#<a(.*)>(.*)</a>#iU', '<a$1 rel="nofollow">$2</a>', $html)) ?> It should work, but I haven't tested it.

Well, you could use a regular expression: $text = preg_replace('#<a(.*)>(.*)</a>#iU', '<a$1 rel="nofollow">$2</a>', $text); Unless you trust your authors a lot you're better off using bbcodes though.

How does the author type it? Using html or bbcodes?

You need to connect again.

There is no Cookie response header. There is a Set-Cookie response header which must be formed like this: Set-Cookie: <name>=<value>[; <name>=<value>][; expires=<date>][; domain=<domain_name>][; path=<some_path>][; secure][; httponly] It would be much easier to just use the setcookie() function though. It'll handle it for you. You might also want to check up on sessions and cookies, because you seem to be using it incorrectly. The session id will automatically be sent if you use session_start().

You could use window.open to open a new window leading to a page where you'd get that info. person_details?id=684 for instance.

Well, there are loads of content management systems (CMS) out there. There is Drupal and Joomla just to name a few. I haven't used any of them and I'm not sure how their licenses are though. You could try to check them out.

rel='nofollow' only works on links...

You should just store the users id, then you can fetch the information from the database you need on each page. The session id is sent on each request regardless of whether you put session_start() or not. It's stored in a cookie on the user's computer or in the URL if cookies are not possible. You shouldn't make the session dependent on the IP as some users' IP addresses change after only a few requests. AOL users in particular.

It will parse any well-formed XML document, so yes.

The reason why Facebook would use SSL when logging in is so the username and password could not be intercepted, not so the session id wouldn't be intercepted. The contents of $_SESSION is stored on the server, so there is no chance that it would be intercepted between the server and the client. There is no reason whatsoever why you would want to store the password in a session variable though. If you are worried about session fixation by people getting the session id when it's being sent between the client and the server then you should always use SSL.

Any reason why you cannot use SimpleXML which comes with PHP?

Why are you putting the user id in the switch?

It doesn't look very efficient. I suppose the get_username() function queries the database, right? Nonetheless, you shouldn't use the username as the primary key, use the user ID instead. You'll also need to post how your tables look like, otherwise it's pretty difficult to tell you how to do it and optionally how to improve it. You can't run a function inside a string either. Interpolation only works with variables.

It's a basic many to many relationship. Just have a table storing the IDs. Tables: CREATE TABLE users ( user_id int(11) PRIMARY KEY NOT NULL auto_increment, username varchar(100) NOT NULL, # etc... ); CREATE TABLE friends ( user_id int(11) NOT NULL REFERENCES users(user_id), friend_id int(11) NOT NULL REFERENCES users(user_id) ); Both of the IDs reference the users table. Then to get user #34's friends you'd do: SELECT u.* FROM friends AS f INNER JOIN users AS u ON f.friend_id = u.user_id WHERE f.user_id = 34; This is also what MadTechie said.

That wouldn't be a good idea. You could however utilize Javascript in form of AJAX to do some validation on the client side before the form is submitted. You should however still check it in your PHP script though. Do a Google search for AJAX. There are plenty of resources out there.

I don't understand either of your two questions you just posted.

Yeah. And the manual says so as well: You should see the difference you want when formatting it using date().

Yeah, they can pick a session ID for themselves. They are the ones responsible for sending it to you after all (well, indirectly at least... it'll be the browser which does it). If they don't send one then PHP will give them one. That's why you need a session ID with a high entropy so you cannot easily guess previous session IDs. For instance, if your session IDs are generated using integers which increase linearly, then if you see that you get session ID 468, then someone else would probably have 467 and then you could try that and see if you could fixate their session. If you however have a session ID which consists of say 32 alphanumeric characters which are randomly chosen, then it would be pretty difficult to guess what a previous valid session ID could've been. Can the attacker guess a valid session ID though, then he will essentially be logged in as the user to whom the session ID belongs. Normally you needn't worry about picking a good enough session ID as PHP will take care of that. Taking some of the precautions previously mentioned in this topic will increase the security. Always remember though, virtually every information you know about the user is what the user told you itself. A general rule for security is that you shouldn't trust anything whatsoever. Filter and check data when it enters your system (e.g. a form submission) and when it leaves your system (e.g. text outputted to the browser). That should take care of the majority of security issues. You can't do anything about your users' carelessness other than inform them of good security practice. Typically humans are the most vulnerable entity in a secured system.

Something like: <?php header("refresh: 3; url=http://localhost/usrs"); $usrs = "usr.txt"; $input = $_POST['usr']; $lines = file($usrs); $usrp = fopen ($usrs, "a+"); if (in_array($input, $lines)) { echo 'duplicate entry'; } else if ($usrp) { fwrite ($usrp, "$input\r\n"); fclose ($usrp); echo ("<center>Database updated<br>Thank you for the submission.</center>"); } else { echo ("An error occurred and database was not updated"); } ?>

It's too large for a signed integer. It cannot be higher than 2,147,483,647 for signed integers and 4,294,967,295 for unsigned integers. Try bigint instead.