PFMaBiSmAd

Cookies don't exist on the server. If you cannot see a matching cookie in your browser, it means you already have one set by the same name that matches your domain/localhost and you need to delete it before your new settings take effect and/or the code you posted is outputting something before the session id cookie and is not really setting the session id cookie. The first parameter in the session_set_cookie_params() is the life time of the session id cookie after you close the browser. If you want the session id cookie to be deleted when the browser is closed, you need to use a zero value.

You would use an array (always when you have sets of related values.) $_SESSION['var1'][] = "data"; $_SESSION['var2'][] = "moredata"; Each time through another index 0, 1, 2, ... will be added to each base array variable. You will end up with - $_SESSION['var1'][0] = "data"; // 1st set of data $_SESSION['var2'][0] = "moredata"; // 1st set of data $_SESSION['var1'][1] = "data"; // 2nd set of data $_SESSION['var2'][1] = "moredata"; // 2nd set of data $_SESSION['var1'][2] = "data"; // 3rd set of data $_SESSION['var2'][2] = "moredata"; // 3rd set of data ... You must do something (move to a folder, save as a session variable, store in a database table) with the temporary uploaded file because it will be deleted when the script on your page ends.

With what? Without even the name/author/url of the script, how would anyone be able to determine if they knew anything specific about what you have?

You do realize that the answers provided in a forum cannot be any better than the question that was asked and has already been pointed out your question and example is lacking in specifics. Also, if you don't state what "doesn't work either" in relation to your question and expected result means, no one can help you.

To do literally what you show in your pseudo example - $query = "(SELECT * FROM your_table WHERE varset = 1 GROUP BY category) UNION (SELECT * FROM your_table WHERE varset != 1) ORDER BY id"; However I have my doubts that is really what you want in all cases with the real data, in which case you will need to use a mysql user variable to keep track of when the varset value changes in order to form groups.

Ummm... did doing that correct the Fatal error: Call to undefined function mysql_connect() in ... error?

XSS - refers to X©ross Site Scripting. It means getting some of my javascript and html to be output to the visitors on your site. That javascropt and html typically does things like read your visitor's cookies (including the session id cookie) and send it to me by requesting an image from my server and providing the information that was gotten on the end of the URL when the request is made to my server. So, I could sign up on your site and in any of the data that you accept from me and then output to any other visitor on your site, you would need to prevent XSS by passing that data through htmlentities() when it is displayed.

"<?php echo $rows['displayname']; ?>" should be - "<?php echo htmlspecialchars($rows['displayname'], ENT_QUOTES); ?>" One of the points of using htmlspecialchars() or better yet htmlentities() is so that any special html characters in the data does not break the html syntax of your web page Edit: the other is to prevent XSS through the injection of javascript and html that gets output to the visitors on your site.

Does that mean when you display them on a web page? If so, it is likely that your HTML that you are putting them into on the page is invalid. Could you post a specific example and code that demonstrates the problem?

Perhaps this will help - http://www.ipower.com/knowledgebase/read_article.bml?kbid=7137

By returning the array from the function - i.e return $row; Functions are designed to accept (optional) parameters in the function call, perform some operation and in most cases return the results so that you can either assign the results to a program variable or use the returned results as a parameter in another function call - $program_variable = your_function('parameter1','parameter2'); or $program_variable = your_function1(your_function2('parameter1','parameter2'));

Sounds like the uploading of the files to your server is failing and you actually have empty files on the server. Download one of your files to a different name (so that you don't overwrite the original) and check exactly what is in it.

^^^ He has that, though I didn't look to see if the code was testing that or the button name.

Php variables are parsed and replaced with their values when contained within double-quotes AFAIK since the first php version was released and certainly since php 4.0.

Did you develop your code using FF? If so, you probably already have a cookie set. Try it in FF after you delete any cookies that match your domain/localhost name. Edit: Actually I tried the form in IE8 and it submitted the expected POST variables, though it is true that IE and buttons generally need some javascropt to submit forms.

The point in the query that the error is calling your attention to INT is a reserved key word - http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html Either rename your column to something else or enclose it in back-ticks `` every time you use it as a column name in a query.

You need to use - date_default_timezone_set in your script to set the timezone in your script. I could not get setting the TZ env variable in a script to override the date.timezone setting despite what the php.net documentation states. The TZ env variable is being set and read back but has no affect on the timezone your script uses (it is likely only read once at the start of execution.) Use the following instead of the putenv() statements - date_default_timezone_set($start_tz); date_default_timezone_set($end_tz); Also, all of the North_America/... settings are invalid. They should just be America/... (without the North_ )

String data must be enclosed in single-quotes, making them strings instead of keywords. ..... VALUES ($ID, $time, '$action', '$undo')";

Not to mention that setting or referencing an array variable is 3x faster than using a variable-variable. Also with arrays, you can use array functions, such as foreach() and count() so that you don't need to keep track of how many of or what the names of the variable-variables are.

You do realize that if you used an array, the syntax would be easier to figure out and it would be quicker - If $q is an array so that the values are $q[0], $q[1], $q[2], you would use '{$q[$counter]}' to reference them in the query.

That back-ticks around the table name in the query are not a problem. The error is self explanatory, the table name you are using in the query doesn't exit in the database that you have selected.

<?php $array = array(); $array[] = "1633541"; $array[] = "1064544"; require_once('connectvars.php'); $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die( "Unable to select database"); foreach($array as $value){ // load the XML file $file = "http://api.foursquare.com/v1/venue?vid=$value"; $xml = @simplexml_load_file($file) or die ("no file loaded"); // assign the listName element to a string $name = $xml->name; $id = $xml->id; $checkins = $xml->stats->checkins; $herenow = $xml->stats->herenow; $address = $xml->address; $crossstreet = $xml->crossstreet; $city = $xml->city; $userid = $xml->stats->mayor->user->id; $firstname = $xml->stats->mayor->user->firstname; $lastname = $xml->stats->mayor->user->lastname; $photo = $xml->stats->mayor->user->photo; $tips = $xml->tips->tip->text; $tipuserfirst = $xml->tips->tip->user->firstname; $tipuserlast = $xml->tips->tip->user->lastname; $tipuserid = $xml->tips->tip->user->id; echo '<div class="venue"><a href="http://foursquare.com/venue/'.$id.'" target="_blank"><h2 class="name">'.$name."</h2></a>"; echo '<div class="address">'.$address.' '.$crossstreet.' '.$city.'</div>'; echo '<div class="herenow">'.$herenow.' people here right now.</div>'; echo '<div class="checkins">'.$checkins.' total checkins. </div>'; echo '<div class="mayor"><a href="http://foursquare.com/user/-'.$userid.'">'.$firstname.' '.$lastname.'</a></div>'; echo '</div>'; $query ="INSERT INTO `mb_foursquare`.`venues` (`id`, `v_id`,`v_name`,`v_address`,`v_mayor`,`v_mayor_url`) VALUES (NULL,'$id','$name','$address','$firstname','$userid')"; mysqli_query($dbc, $query); } // end of loop echo 'that worked!'; ?>

After you fix the sql problems, if one of your files was altered, I would check the server access log to find out the computer-user/account name that wrote to it (web server files are normally only read.) That will at least pin down if it was through FTP, your web hosting control panel, a php script, one of the other accounts on the server...

The easiest and fastest way of formating a mysql DATETIME or mysql TIMESTAMP or even a UNIX Timestamp value stored in a database is to do it in the query when you retrieve it. For a mysql DATETIME or mysql TIMESTAMP, use the mysql DATE_FORMAT() function (that's what it is for.) For a UNIX Timestamp, the FROM_UNIXTIME() function accepts a second format parameter of the same style as the DATE_FORMAT() uses. Doing this in a query is at least 8x faster than using some slow parsed/tokenized/interpreted php code.

You haven't told us what was changed, so it will be a little hard to pin down exactly which one of the problems in your code was used. Given that you have not escaped or validated ALL of the external variables being put into your queries, I will guess that someone injected a UNION query and dumped all your tables.