PFMaBiSmAd

$_SERVER['DOCUMENT_ROOT'] is a file system path. It only has meaning on the server to the file system and php statements that use file system paths. It is not a URL. A URL is - http://some_domain.com/some_path/some_file.ext

Any script involving payments should record (log to a file or log to a database table) the actual information that it received. This will provide you with a record on your server of both successful and failed payments and having that information will let you troubleshoot what your code is doing (at this point, you don't even know if the mail() function was called.) You need to find out what execution path the following logic tests are taking - if (strcmp ($res, "VERIFIED") == 0) { if ($payment_status=="Completed") { if ($payment_amount==29.99&&$payment_currency=="GBP") { What exactly is in $res, $payment_status, $payment_amount, and $payment_currency? Edit: you also need to record when you get a // HTTP ERROR from the fsockopen() statement.

The last code you posted is not referencing the $_POST variables where the actual form values are at, so of course it doesn't work.

^^^ Don't do that either. Doing so will allow the same people who are monitoring data packets and were able to get the session id from the end of the URL with the previously suggested method, can now just as easily get the session id when the session id cookie is sent in the non-HTTPS request. The point of buying a SSL certificate is because you want the information being sent back and forth between the client and the server to be secure. As soon as you send that information over a non-HTTPS connection, you might as well have saved your money on getting the SSL certificate.

^^^ That line of code is only producing the random 6 character user password. It has nothing to do with the problem or the hashed value being stored in the user table or the code trying to match the entered password with the stored hashed value. My post above told you what you need to alter with the column definition and in the code- .

The action="" attribute is the URL that the form data will be submitted to. Forms only exist in the browser/client and the only thing the client can do is make HTTP/HTTPS requests to the server. You cannot 'call' php functions from the browser. You would need to specify, either by using completely different URLs/pages for each different operation, a GET parameter on the end of one URL, or using a hidden form field value what you want the php code to do when the form is submitted to whatever URL you put into the action="" attribute.

$HTTP_GET_VARS and $HTTP_POST_VARS were depreciated 9 years ago, in favor of the $_GET and $_POST arrays, where turned off by default in php5, finally throw a depreciated error message in php5.3, and will be completely removed in an upcoming php release. Use the $_GET and $_POST arrays instead. You have a simple logic error and are performing the query any time $_POST['testing_sign_up'] is set. You would need to put the query code into the same conditional test you are using for the email code.

^^^ The mysql PASSWORD() function should NOT be used by applications to hash your user passwords. I'm sorry, but the tutorial link you found and are trying to use is out of date and won't work as is on current versions of mysql. If you alter the the user table password column so that it is VARCHAR(32) and change any use of the mysql PASSWORD() function to the mysql MD5() function, the code may work, barring any other problems in it. You will need to delete and re-register any users/passwords after you make the above change.

That's not the code you posted at the start of the thread. Seriously, how can anyone help you with what YOUR code is doing unless you post the actual code you need help with.

Someone already suggested the problem could be your form. Posting all the code that reproduces the problem would be the quickest way of getting a solution. We could see exactly what you are doing that is being affected by the register_globals setting.

That's a compost key, made up of those three fields. As long as your id is different in each row, the compost key made up of `id`,`title`,`pictures` is different. You would need to create a separate key just for the title.

You would need to get the file names into an array and use - http://us3.php.net/natsort or http://us3.php.net/manual/en/function.natcasesort.php

Remove enctype="text/plain" from the <form> tag, as it prevents php from populating the $_POST variables.

A) Store numbers using a numeric data type, such as INT B) Don't put numbers in single-quotes inside your query. Single-quotes go around string data, not numbers.

There's probably something in your form that is affected by register_globals. As thorpe already asked, what debugging have you done to find out exactly at what point your code and data has the expected values and exactly at what point they don't. I can guarantee that the problem is somewhere between those two points.

^^^ That would result in duplicate/redundant information stored in your table and would be a bad design. To get the year and the month name from your race_date column any time you need those values, you would simply use the mysql YEAR() and MONTHNAME() functions in your queries.

You would need to be more specific about where you are getting the data from and where you are using the data. We only see the information you supply in your post and for the error message you hinted at, that can only occur when you have the value literally entered in a php statement. When that value comes from a form or reading some data into a variable, you won't be getting php parse errors.

That's a php parse error because your data string contains quotes that break the php string syntax. For typing that data literally into your php code, whatever overall start/end quote type is being used, must be escaped when it occurs inside of the string. The following two variations work - <?php $var = "151°06'50\"E"; echo $var; $var4 = '151°06\'50"E'; echo $var4; ?>

No extra query is needed - mysql_insert_id

define("main","true"); is not the same as define("MAIN","true"); unless you set the 3rd parameter to TRUE. Perhaps if you posted the actual code you put into the main file to define the constant and the code you put into the include file to check if the constant is defined.

Without any information about how you are uploading, storing, and serving/downloading the files, it is a little hard to help.

I recommend working with the current code. By simply fixing the functions, the logic in any section of your code will become clearer and you can work on making the logic do what you want. For example, I was going through your code and if your currentBatsman() function was changed to the following (renamed as well) - function build_player($id, $name, $ability, $strength, $out, $in, $runs) { return array('id'=>$id,'name'=>$name,'ability'=>$ability,'strength'=>$strength,'out'=>$out,'in'=>$in,'runs'=>$runs); } You can use (reuse) it to set the $current_batsman, the $batsmen[] array, the $bowlers[] array (ignore the id, out, in, and runs elements), and you would also use it inside your other functions to simplify all the logic and remove countless lines of code. For example, your selectBowler() function would look like this - function selectBowler($bowlers) { // Select random bowler $choose_bowler = array_rand($bowlers, 1); return build_player($bowlers[$choose_bowler]['id'],$bowlers[$choose_bowler]['name'],$bowlers[$choose_bowler]['ability'],$bowlers[$choose_bowler]['strength'],0,0,0); // id, out,in,runs not used } And you would call it like this - $current_bowler = selectBowler($bowlers);

Just some advice - 1) Put all your function definitions either near the start of your code (before you start the main logic that makes up your page) or put them into an include file. When you are looking at the main logic in your file, that's all you should see, the main logic. 2) Rewrite your functions to be general purpose, so that they are passed the values they operate on as parameters when they are called and they return the results they produce, which you then assign to main program variables. For example, if your currentBatsman() function was written this way, you could have reused it in 3 - 5 different places in the code and saved a bunch of typing and made your code simpler and clearer. If your functions don't fit this model of - values in as parameters, perform some useful function, return the result produced - then the code you have wrapped in a function definition is likely part of your main program logic and does not belong in a function.

Most of the major ISP's check that the email is actually coming from a mail server that is authorized to send an email for the domain in the From: address. You should put the email address from the form into the Reply-to: mail header and put a valid email address at the sending mail server into the From: mail header. Would you trust a letter with a From: address of your bank, but the post mark (where it was actually mailed from) was a different country from where your bank is located?

This topic has been moved to PHP Freelancing. http://www.phpfreaks.com/forums/index.php?topic=320722.0