Jenk

It will still contain newline chars with file_get_contents(), outputting is a lot easier with a string than an array.

better to keep them out of the docroot and use php to serve the file.. take a look at readfile()

file_get_contents()

It's better to redesign your script to send the header()'s before any output. Using output buffering (ob_start/ob_end_flush) does work, but it can be load inducing on the server (all output is stored in memory until flush, instead of direct output to browser) Also, meta tag refresh is more reliable than header('Location: ... '); as surprisingly, more browsers support meta's than do header. (Some browsers also have options to ignore header redirects)

depends on your database layout. If you have a foreign key for Department name(s) on tbl_telephone numbers, then you can [code]SELECT * FROM `tbl_department` JOIN `tbl_telephonenumbers` ON `tbl_department`.`Department` = `tbl_telephonenumbers`.`Department` ORDER BY `tbl_department`.`Department`, `tbl_telephonenumbers`.`last_name` ASC[/code] Or just have: [code]SELECT * FROM `tbl_telephonenumbers` ORDER BY `Department`, `Last_name` ASC;[/code] otherwise you can add a challenge to your loop: [code]<?php while ($row = mysql_fetch_array($result)) {     printf("%s <br>\n", $row["Department"]);     while ($row2 = mysql_fetch_array($subresult)) {         if ($row['Department'] == $row2['Department']) {             printf("%s %s<br>\n", $row2["First_Name"], $row2["Last_Name"]);         }     }     echo '<br><br>'; } ?>[/code]must have a foreign key though.

or: [code=php:0]$array[] = '180.180';[/code]

there is no guaranteed method to ensure your session data is destroyed the moment a user leaves your site. Some users don't have JS enabled, some browsers don't have that function. It's easiest to just let PHP do the clean up after session.max_lifetime has expired.

now also bear in mind it varies across platforms. *nix is just \n windows is \r\n and mac is strangely \n\r

price is a bad choice for foreign key. what if different properties have the same price? create a new field on your clients table for the id of the property, which matches the property id from the properties table that said client is affiliated with. as for not escaping.. well, not going to argue but it needs escaping. what happens when you move it to production? Can you absolutely 100% guarantee you won't forget to change it? It's also bad habits to not escape even when you think it's safe. :p

The reason you won't of had any 'help' from other places is because that operation is not possible. 10quid you go elsewhere posting phpfreaks couldn't help :p

You make it sound so easy.. when it's not. Most hosts refuse to change a simple setting in php.ini, let alone install a completely different setup to what they already have.

For every page that is restricted to authorised users only, you'll need to have a simple check that the user is logged in before displaying the page.

the part you refer to as "Doesn't need to escaping there -"

thanks for misquoting. Take a read at the rest of it. nanoweb is not default PHP like 99% of php hosts have. It is a custom made webserver, thus only hosts that install nanoweb can run 'php' (which it isn't, it's nanoweb) as a daemon. Therefore, it is of no use to this topic.

[code]<?php $query = "SELECT * FROM `yourtable` WHERE `id` = '" . mysql_real_escape_string($_GET['query']) . "'"; ?>[/code]

I call shennanigans. PHP is incapable of running on it's own as it is from php.net.

No, trying to run an application that is a scripting app as a daemon is a bad idea. Apache is the daemon, PHP is not.

It most definately does need escaping.

That sounds like an Observer. If you want to learn more about it, google for "Observer Design Pattern" Listeners are bad.. trigger the job when it is needed, not have it on standby.

you might want to remove your DB credentials.. and you'll also want to escape your input for the SQL query. As for the original question.. can you clarify please? you want to select clients based on property? If so, you'll need a foreign key in either table to link them together, then select based on that. [code]SELECT * FROM `clients` WHERE `property_id` = '$foo'[/code]

Best advice: do NOT use PHP for this type of situation. PHP is not designed for this and will have dramatic performance implications. Redesign your system so that it does not require a 24/7/365 listener. I find it hard to believe any web-based application requires one.

[code]<?php if ($session->userid == $user_id_from_post) {   // show buttons } ?>[/code] to get you started.

Just remove the top table?!

php5 has other advances over php4. use php5, php4 syntax is still valid.

Yes it is. [code]<?php while ($row = mysql_fetch_assoc($result)) {     echo '<a href="foo.php?=' . $row['id'] . '">Clicky clicky</a>' . "\n"; } ?>[/code]