KevinM1

It took me about 3 weeks to setup a Postfix server once. Was not fun. At least it made me realize I hate server setup and maintenance. That's what dedicated IT people are for.

If you're not using the query string data in a query, then there's not much harm that can be done. Keep a white list of legit pages one can go to, and check that the incoming data matches one of them. If it does, redirect. Else, error. There's more danger if the query string data is to be used in a query, but nothing frightening or exotic. Thats where db security comes into play. Use an account OTHER than root, and only give it the minimum privileges it needs to do the job. Validate the data and escape it. Regarding the appearance of the URLs, .htaccess and mod_rewrite can be used to make them look pretty. It can make something like site.com/login/currentPage/destination Perhaps not ideal, but better than the raw query string. As an aside, these kinds of issues highlight the strength of frameworks. They tend to come with route table functionality, mod_rewrite, and navigation helper functions out of the box.

REST - Using HTTP as a API. GET and POST (and PUT and DELETE, but those are accessed through raw headers) have meaning. GET should only be used when attempting to retrieve data. It should be used in an inmutable context (meaning that when you use GET, you're not trying to change/edit data with it). Similarly, POST should only be used in creating or updating data. And, yes, you're on the right track with your modified URL. In fact, I say ditch the session for the previous page and add it to the query string, too: site.com/login.php?currentPage=article&destination=comment Then, in login.php: if (isset_GET['destination'])) { // redirect to destination } else { // no destination set, so redirect to currentPage }

Trust me when I say that pretty URLs are not a security benefit. What you should do is use RESTful principles, harden your db, and be smart about validation, sanitation, and how you structure your queries. Regarding your actual problem, I don't see why you'd want the 'add comment' functionality on a separate page. Unless you're building a forum, you're better off just having a simple WYSIWYG editor at the bottom of your article that posts to itself (article.php). It's a better, proven design. If you insist on keeping the extra page, then you should really view your site navigation in terms of actions with intent. As in, "If someone clicks this link/button, what are they trying to do? And where should the site send them?" Saving their current location isn't enough, as you're seeing. At times, you'll need to capture their desired destination, too. There are different ways to do it, but if you're following RESTful principles, you'd append the destination to a query string. The page acting as the middleman/controller would need to parse and redirect to the destination after whatever necessary middle step was completed.

Ajax isn't necessary unless you don't want the page to refresh. The bare-bones basic version would be to simply make the buttons form submit buttons, and have your page post to itself. Based on what button was pressed, different info would be shown. That's how ASP.NET webforms tend to work (have you ever noticed how everything is actually taking place in a form, hense the term 'webforms'?). This is a common pattern on the web. For more info google 'page controller'.

Yes you did. $_POST is a superglobal array. As such, it is always directly accessible, meaning you don't have to declare it before using it. Beyond that, NEVER use the 'global' keyword. It's a bad/sloppy way of passing variables around. If you're learning PHP from a resource that uses 'global', get a better resource. 'global' is an indicator of an amateur.

The thing is, people like Zuckerberg are the exceptions to the rule. There are always a select few who, through a combination of intelligence, instinct, opportunity, and luck, become wildly successful. The thing is, chances are, you're (the royal you) aren't going to be that person. Now, that doesn't mean that you should never take a chance, or dare to dream, or whatever. What it means is don't bank on one thing being the thing to make you successful. Like I've said before, what a lot of our own members don't realize is that the skills they've learned attempting to make their idea/scheme come to life are often more valuable than whatever site/service they made.

Since you're checking for specific strings, you need to put what you're looking for in quotes: if ($teenus === "vip" && $server === 1) and if ($teenus === "admin" && $server === 1) otherwise PHP will think they're constants. Also, put the following lines at the top of your script: ini_set("display errors", 1); error_reporting(-1);

It's fairly rare to come up with sites that churn out a reasonable profit. Ads suck, especially in the age of ad blockers, and services are wrought with peril unless you can come up with something novel. In a industry filled with people trying to make the next Facebook, good luck with that. There's a reason why most of us work for others. It's the only reliable way to make money in this field. Looking for a magic bullet is the wrong way to go IMO.

Yes to both. What have you tried?

This. We're here to help, not do all of your work for you. If you need help, show us some code. If you simply want someone to do all the work for you, post in the 'Freelance' section.

That's because you're missing the closing ) on your if-conditional.

The campaign is nice, if a bit predictable. Lots of Firefly vibe during a lot of the story parts. Online isn't my thing with that game. Too many players who live it 24/7 for a casual player to have a chance. Been playing Star Wars: The Old Republic since X-Mas. Great game, revolutionary MMO. Plenty of warts, but it's definitely more than the sum of its parts. All interactive characters have audio dialogue, and the quests fit into the narrative just about seamlessly. Feels like a single player game a lot of the time, in terms of plot and presentation. Been playing a Jedi as my main. Trooper wasn't bad, but Bounty Hunter was disappointing early. Thinking about playing a Sith, as Jedi can be a bit staid at times.

I've been using the free trial of PhpStorm for the last week or so. I'm loving it. Does just about everything I'm looking for out of the box, and is simple to tweak. Even better, it's still reasonably quick in my VM setup. Definitely buying a licence when the evaluation period ends.

You're missing a ) at the end of your if-conditional

Can you show us the relevant code?

InnerHTML is only available when you're accessing an HTML element. Do you know how to access array data in general? Because that's all you need to do.

Ain't that the truth. I tend to use ICDSoft. A bit expensive, (~$7 a month), but they offer a lot, have a rock solid CP, no down time, and great technical support.

No. Odd... It looks right, but the div is still collapsing. To be honest, I don't think I need that containing div anyway. I'll play with it later.

Webforms (which is regular ASP.NET) and PHP aren't really directly comparable. Webforms are built with 'server controls', which are bits and pieces of mashed together code. Some of the code is used purely for display, while other parts do things behind the scenes. There's nothing remotely like that in PHP. ASP.NET MVC is a lot closer to what web developers deal with. The framework is modeled after (stolen from) Rails. The closest PHP counterpart I can think of to that would be Symfony2. As someone who's done both webforms and MVC, I say skip webforms. They're clunky, horrible to work with (the Page object's lifestyle is just baffling at times), and nearly impossible to test well. MVC w/ C# is where it's at.

This. I have never understood why vendors do this to us! As another example, MySQL - I'd expect "Developers Info", or something similar at least in the footer... but one doesn't exist. My eyes cross whenever I go to MySQL's site. It's like reading a *nix man page. Ugh.

Solved it, I think. Looks like the explicit heights I set for those boxes were screwing things up. Not sure why. Maybe the text I had was overrunning the height. Looks like it's fixed now.

Good point. Edited. I tried adding the <br /> but I'm away from my dev machine and WordPress' shitty editor won't actually render it, even though it's there in the file. I'll try floating the content later, as I need a break from this POS site for a while.

Actually, MSDN has a ton of documentation. The problem is that it's hard to find, and its search sucks. Also, what kind of ASP.NET are you looking into? Webforms (which is regular ASP.NET and sucks), or MVC (based on Rails, and pretty good)? And, what programming language are you looking for, VB.NET (sucks), or C# (great)?

This is odd. I'm finishing up a WordPress theme for a client, and am getting a collapsing div on an element only after I upload it. The layout looks fine outside of Wordpress, when I test it as straight HTML and CSS in my browsers. The site is located here: http://thesewingdivaquiltshop.com/ The element in question is <div id="content"></div>. Any help would be greatly appreciated.