Eiolon

Typically, a sub domain is just another directory in the your domains root (ie. domain.com/sub). It's just DNS settings that make it accessible with the directory name infront of the domain (ie. sub.domain.com) So with that in mind, handle sessions as you normally would. Use session_start(); at the top of each page you are passing it to, and if in a shared hosting environment, consider storing session information in a database.

Oh, I see. I used concatentation and it appears to be working now

I have a config file that has connection info for an ODBC connection: define("MSSQL_HOSTNAME", "IP_HERE"); define("MSSQL_DATABASE", "DB_HERE"); define("MSSQL_USERNAME", "USER_HERE"); define("MSSQL_PASSWORD", "PASS_HERE"); My connection string is (taken directly from PHP.net manual): <?php require_once('config.php'); $connect_mssql = odbc_connect("Driver={SQL Server};Server=MSSQL_HOSTNAME;Database=MSSQL_DATABASE;", MSSQL_USERNAME, MSSQL_PASSWORD); ?> If I change from using to defined constants to variables the connection works. For example: $MSSQL_HOSTNAME = "IP_HERE"); $MSSQL_DATABASE = "DB_HERE"); $MSSQL_USERNAME = "USER_HERE"); $MSSQL_PASSWORD = "PASS_HERE"); <?php require_once('config.php'); $connect_mssql = odbc_connect("Driver={SQL Server};Server=$MSSQL_HOSTNAME;Database=$MSSQL_DATABASE;", $MSSQL_USERNAME, $MSSQL_PASSWORD); ?> Any ideas?

I'm just wondering where the best place is for me to store the key for when I encrypt. Should it be in a file outside of the document root?

Well, I tried mysql_escape_string and the form works as intended, but I am not sure if it is really escaping data or not as I don't know how to inject things. I'll try the prepared statements instead since it looks more for tailored for ODBC.

Nearly all of my backend is MySQL-based but I have one area (login) that connects to a MSSQL database via ODBC to verify credentials. I was wondering what is the best way to sanitize the data being sent from the form? Can I use mysql_escape_string for an ODBC connection?

mod_rewrite will do the trick. Used it on one of my projects. Turned URL from http://www.mysite.com/user.php?id=23 to username.mysite.com.

Sorry, without some identifying factor or standardization, I don't know how the system would be able to tell what is what. As you said, the user could be too lazy to put something like ( ) around the area code, which could have been an identifying marker for the phone number. The @ symbol could be used to identify the e-mail address, which is the only thing gauranteed to be added, but it won't help with a street address or phone number. EDIT: I guess if they are gauranteed to use line breaks for each piece of data that could do it.

Oh, I see. You may need to standardize the way the data is stored first by using comma-delimited fields. Look up CSV. Then when you know where the commas are, you can identify which ones are address, phone, e-mail, etc.

You can query the database to see if the customer has been added. If it returns a row (mysql_num_rows) then echo the link. If no rows are returned, then echo nothing.

What do you mean, identifies? It looks like you have all the information to begin with if you are inputting it...

I see. I was trying to separate the PHP from the HTML to make it easier for me to work with. The above code works, but it also outputs an error that $row_color is an undefined variable.

This is probably completely wrong but I am trying to figure out how to alternate table row colors. The color I am getting is a bright green for all the rows, even though I clearly specify RED and GRAY. <table> <tr> <th><div align="left">Program</div></th> <th><div align="left">Session</div></th> <th><div align="left">Start Date</div></th> <th><div align="left">End Date</div></th> </tr> <?php do { $color1 = "#FF0000"; $color2 = "#808080"; $count = 0; $color = ($count % 2) ? $color1 : $color2; ?> <tr> <td bgcolor="$row_color"><?php echo $row_programs['pname']; ?></td> <td bgcolor="$row_color"><?php echo $row_programs['sname']; ?></td> <td bgcolor="$row_color"><?php echo $row_programs['start_date']; ?></td> <td bgcolor="$row_color"><?php echo $row_programs['end_date']; ?></td> </tr> <?php $count++; } while ($row_programs = mysql_fetch_assoc($programs)); ?> </table>

Can be done with jquery. Create a function that sets the idle timeout and also what events constitute as activity (key down, mouse, etc). Then create a function for what to do when idle, and what to do when active.

Also, make sure that http:// is part of the URL stored in the database or at least put in front of the variable: <b>Link: </b> <?php Echo '<a href="http://$site">$site</a>' ?> </center></br>

Nice, thank you both for your suggestions. Works great!

I have two tables, Programs and Sessions. I want to list the Program once, then all it's sessions beneath it. As of now, I can't quite get the query correct. If I use a order by clause I get the program listed multiple times, if I use group by clause I get one instance of the program but only one session. $query_programs = "SELECT p.id, p.name AS pname, s.id, s.name AS sname FROM programs p LEFT JOIN sessions s ON (p.id = s.program_id) ORDER BY p.id"; $programs = mysql_query($query_programs) OR die ('SQL query error: Cannot retrieve program information.'); $row_programs = mysql_fetch_assoc($programs); <?php $last = '0'; while ($row_programs = mysql_fetch_assoc($programs)) { if($row_programs['id'] != $last){ echo '<b>' . $row_programs['pname'] . '</b><br>'; } echo $row_programs['sname'] . '<br>'; $last = $row_programs['pname']; } ?>

Thanks for the info. It's interesting to see that I should also use mysql_real_escape_string when I just SELECT data. I had only been using it when inserting or updating the data.

In my form tag, I have been leaving the action field blank, which I read is not good. I read from one source that putting a # symbol in its place would be good, then I read the contrary elsewhere. What would be a good value to place in my action field? All my php processing is done on the same page so I do not link to a separate page.

You can use CSS. Just put the image in a DIV, the text in a second DIV, and place the DIV's next to each other. Or you can use tables and place them in each in their own cell next to each other on the same row.

You do not seem to have a WHERE clause. Example: SELECT id, headline, whole FROM $table WHERE headline = 'YOUR STRING HERE' OR whole = 'YOUR STRING HERE' Not sure if wanted the words to be exact or not, but that is for exact.

What happens when you manually execute the query in MySQL by manually putting your own variables in? Example: INSERT INTO products (product_name, price, details, category, date_added, small, medium, large) VALUES ('Three wolf moon shirt','15.00','Cool shirt!','T-shirts',now(),'1','1','1'); Secondly, in your PHP I notice you have a double quote near the end of your insert query near $large.

I am using a script that simulates an onclick if a checkbox was selected when my record loads, but have not been able to modify it for a radio button and if a certain value is selected. Here is what I am using: <script type="text/javascript"> window.onload = function() { if (document.forms[0].checkboxname.checked == true) { document.forms[0].checkboxname.onclick(); } } </script> Any ideas? thnaks!

Thanks. I understand now. It's working.

I have a two part form, because I have to insert into two different tables. First table is event information. Second table is the intended audience. If first part of the form inserts successfully into events table, it moves on to process the audience table. If no selections are made for the audience, it errors out as "Warning: Invalid argument supplied for foreach()" If a selection is made, it works fine. I don't want to make selecting a target audience a requirement so I want it to forward to the confirmation page as if I did make a selection. if (empty($errors)) { $insert_program = "INSERT INTO programs (name, coordinator, description, instructions, online_option, session_limit) VALUES ('$n','$c','$d','$i','$oo','$sl')"; $result_program = mysql_query($insert_program) OR die ('Could not create the new program.'); $id = mysql_insert_id(); if ($insert_program) { foreach($_POST['audience'] as $aid) { if ($aid > 0) { $insert_audience = "INSERT INTO programs_audiences (program_id, audience_id) VALUES ('$id','$aid')"; $result_audience = mysql_query($insert_audience) OR die ('Could not insert the intended audiences.'); if ($insert_audience) { header("Location: program_created.php?id=$id"); exit; } } else if ($aid < 1) { header("Location: program_created.php?id=$id"); exit; } } } }