PFMaBiSmAd

Further to the above, since you have not provided any information about how you got the usernames/passwords into your database (i.e. you are the only person here who knows how you got to this point), I'm going to guess that you imported the values from your .txt file and the new-line characters that are on the end of each md5 password value in the .txt file (your previous working code was trim()'ing them) are now stored in the user_pass field in your table and your query won't ever match them because they should have been stripped off when the data was placed into the table.

cinos11, you are the only person here who has access to your database, so you are the only person here who can troubleshoot what your code is doing and why the query does not match the values in your table. In my last post, I specifically asked if you had checked if the password values matched. You failed to answer that question and just posted more/different code. If you are not going to actually look at the data values to find out why your query is not matching anything, you can change your code all you want and it will never work.

Probably in - require($_SERVER['DOCUMENT_ROOT'].'/inc/db/db.php'); nevermind as well.

It's pretty much up to you at this point to determine why the values you are putting into your queries do not match the values in your database. Have you checked that every character in $newpass matches the value in your table? Also, because passwords are not unique (any number of your users could have used the same password), your second query could match anyones password, not the specific password that matches $user2. You need to match both the user_login and user_pass values in the same row.

Your include_path setting is missing a . (dot) entry that would cause php to search for include files relative to the current directory.

What does echo ini_get('allow_url_fopen'); show? If ini_get() returns a string that evaluates as TRUE, your existing code will say that the setting is enabled. However, if it is set to an invalid setting, it won't actually be on. And why did you start a new thread when you already have an active thread for this problem? That just throws away the history of how you got to this point and any information that was gained in your original thread.

Enable full php error_reporting/display_errors to see if php is reporting the reason why the file_get_contents() is failing. Add the following two lines immediately after the line with your first opening <?php tag - ini_set("display_errors", "1"); error_reporting(E_ALL);

You can schedule a VB script to run that will request a URL. Name the following script scheduled.vbs (or a similar name) - '************************************************ '* schedule this VB Script to fetch/execute a web page '************************************************ url = "http://yourdomain.com/yourscript.php" goURL url, "GET", "" sub goURL(url, method, data) 'uses the MSXML COM for http request set objReq = CreateObject("Microsoft.XMLHTTP.1") If method = "GET" Then objReq.open "GET", url & "?" & data, False objReq.Send "" Else objReq.open "POST", url, False objReq.setRequestHeader "Content-Type", "application/x-www-form-urlencoded" objReq.Send data End If set objReq = nothing end sub

Your first step would be to buy a basic php/mysql book and go through it until you are comfortable with reading and writing basic php code (variables, conditional statements, loops, using built-in functions, ...) and basic mysql queries (SELECT/INSERT/UPDATE.) Then you would need to find and study tutorials that would serve as the building blocks needed to perform specific actions like you have listed. Then you would need to define the details for each action you have listed and break each down into steps until you reach the point where you can actually write and test the code necessary to carry out each action. Turing any of your list of 'I want' and 'I need' items into actual working and tested code requires, well, a programmer, and it is beyond the few hundred words that could be written in the replies in a thread in a help forum to do so. It will also take several hundred hours of programing time to complete all the items you listed, so it is unlikely you will find someone willing to do this for free.

There you go. That would explain why the gd functions your code called are not defined.

Your post does not contain any specific information about what you are doing, what your code and data is that exhibits the problem, what error or symptom you are getting, or what your server/hosting setup is, that would allow anyone to directly help you.

The php extensions you use must be built using the same C header files as the php version you are using. It would appear that you installed the mysqli extension from a different php version than the php version you are using. Since you did not provide any actual information in your post about the operating system you are using or how you obtained and installed php and the mysqli extension, it will be a little hard to help you.

The Loaded Configuration File value in the output from a phpinfo(); statement is the php.ini that is being used.

Since 8-10 people/scripts had read this thread by the time mjdamato posted that warning, it was too late anyway. Your only choice once you hit the submit button and that information was present on a public web page was to change your actual username/password. Is there some reason you are not developing and debugging your code on a local development system and only putting it onto a live server once it has been fully tested? You will save a TON of time and since code that has not been fully tested often contains security holes, you will not be exposing your server to abuse or in this case abuse by accidentally posting database access information.

What does a phpinfo(); statement show in the "gd" section for the GD Version and JPEG Support?

Thank you for reporting back with the actual cause of the problem

The error is occurring at the session_start() statement, but it is caused by the output your script is sending before that point - The reason your code worked on your development system is because your development system has output_buffering turned ON, which hid this problem. In order to develop code that will work on the greatest number of systems without needing to mess with settings every time you move it to a different server configuration, turn output_buffering off.

Your code is producing php syntax errors because there are no quotes around the string values in the // The locations... section of code. You should have error_reporting set to E_ALL and display_errors set to ON in your master php.ini on your development system so that ALL the php errors will be reported and displayed. Putting those two settings in your script won't cause fatal parse errors to be displayed.

You need to remove the single-quotes that are around your column names in the query. Single-quotes are used around string data values, not column names.

http://dev.mysql.com/doc/refman/5.1/en/reserved-words.html

And what permissions does the IIS user have for the C:/Windows/Temp/ folder? I suspect only read/write but not delete permissions?

What does a phpinfo(); statement show for the following three settings - session.gc_divisor session.gc_maxlifetime session.gc_probability

The error message's suggestion to check the mysql manual - http://dev.mysql.com/doc/ for the correct syntax to use, is a generic syntax error when mysql cannot determine what you intended in your query. When you use the incorrect syntax at some point in your query, mysql can only determine that it found an element where it is not permitted. It cannot determine if you are using a feature that is present in some other version or if you simply did not learn the correct syntax that you should be using.

And you need to remove the single-quotes that are around your column names in the query. Single-quotes are used around string data values, not column names.