PFMaBiSmAd

It would appear that you are using the php .msi installer package? If so, good luck. You should manually install php from the .zip package.

These would be the minimum lines needed - PHPIniDir "your_actual_path_here" LoadModule php5_module "your_actual_path_here/php5apache2_2.dll" AddType application/x-httpd-php .php Did you stop and start the web server after making any changes so that they would take effect?

What does your php code look like (show us the opening php tag in the file also)?

That would imply you are uploading files to a web host that you don't have an account on. The answer would be no you cannot. If you mean a web host that you do have an account on, the answer depends on if they allow individual accounts to modify php settings and the actual method would depend on how php is installed and running on the web server. The web host's FAQ section would both indicate if and how to accomplish this.

Also, writing an OOP class is a somewhat advanced programming topic. If you are not comfortable enough with which mysql_ functions to use to fetch a row from a result set and know that you have an array at that point, you are not ready to be writing an OOP class.

How about let the database engine do it in the query - http://dev.mysql.com/doc/refman/5.1/en/group-by-functions.html#function_sum No slow parsed, tokenized, interpreted php code is needed.

A little number/string comparison theory - you can only compare dates when the format is left-to-right, most significant digit (year) to least significant digit (day), and the length of each corresponding field is the same (you need leading zero's) which is one reason why databases use a YYYY-MM-DD format. 'Y-m-d' would be the recommend date() format string to use.

Yes, but you failed to provide any feed-back as to what you result you got when you tried them that would narrow down the problem and would suggest which direction to check further. We only see the information you provide in your post. Reread what you posted. Does that tell anyone here that you tried anything more than just trying emails and passwords? I suggested finding out what value mysql_num_rows() returned. Each of the three different wrong values has a different cause. Did you find that the query was failing or working and what error was the query producing if it was not working? Did you find that the query worked but did not match any rows in the table and what reason did you find why it was not matching the expected row? Did you find that there are 2 or more matching rows in the table and eliminate the duplicate and take steps to prevent duplicates in the future? I'll tell you what the most likely problem is. Your password field is not long enough to hold a SHA() value and you failed to look at it to see if the sha() of the entered password matched what was in the table as someone had suggested doing.

Each image displayed on a web page requires an <img src="URL_of_an_image" alt=""> tag - http://w3schools.com/html/html_images.asp This is basic html. The URL_of_an_image that you put into the <img tag would be to your .php script that retrieves the image from the database and output the content-type header followed by the image data. You cannot output image data directly on a web page.

You need a properly configured mail server in order to send emails and you need a properly configured public (i.e. one with a domain name associated with it and all the necessary DNS records that allow receiving mail servers to verify that an email came from the correct sending mail server) mail server in order to send an email to anyone other than yourself. The error message is fairly clear that it failed to connect to mailserver at "localhost" port 25, meaning that you don't have a mail server running on your localhost computer using port 25. So, is it your intention to set up a properly configured public mail server on your localhost computer or are you actually wanting to send email through your web host's mail server or your ISP's mail server (such as gmail, hotmail...)?

<?php $php_self ?> The above code is meaningless for two reasons. $php_self does not exist (unless you have some code you did not show) and you need to echo variables in order for the value in them to be output to the browser.

Someone already suggested several things to check. You are the only person here who can troubleshoot what your code and data are doing on your server. If you are not going to investigate what is going on, you are never going to be able to produce code that does what you want it to.

You will also find that it won't work in Opera. Read this recent thread - http://www.phpfreaks.com/forums/index.php/topic,291949.0.html You will also find that your action="...." attribute is not what you think (do a 'view source' in your browser.) You should just use an empty value to cause the page to submit to itself - action=""

So, that error means that the following test failed - if (mysql_num_rows($result) == 1) { Troubleshoot and find out why you did not get exactly one row in the result set. What is mysql_num_rows($result)? It could be a false value if $result is not a result resource because the query failed due to an error (you have no logic to test if the query failed or not before attempting to access any of the results from the query.) It could be a zero if the query matched no rows (you would need look if there is in fact a row in the table that matches the entered email and the sha() value of the entered password.) It is apparently not a 1. It could be a 2 or higher if you happen to have more than one matching row in the table (you should both look to see if there is more than one row and have a unique key setup for the email column to insure that there can only be one row.)

Best guess is that your URL's changed from not having www. to having www. on them due to your redirects and you have not set up the session.cookie_domain to match all sub-domains/host-names of your domain and/or the same problem with the path in the URL and the session.cookie_path setting to match all paths on your site. It would take seeing your code and what URL's you are using to know for sure.

So, did you use mysql_error() in your error reporting logic, like mjdamato suggested, to find out why the query is failing?

I think you missed the point of what that URL means. It has nothing to do with what code or html your footer is, it concerns getting your site to include and execute the code from the URL that was passed as a parameter to your code. If your code is using an include/require statement and allow_url_fopen and/or allow_url_include is on (depending on php version), then the raw php code in the ..../list/respon1.txt will get executed on your server. That code is - <?php /* Fx29ID */ echo("FeeL"."CoMz"); die("FeeL"."CoMz"); /* Fx29ID */ ?> which would output the the feelcomz string back to the bot script to signify that a site was found that could be taken over.

Have any queries ever executed on the server in question?

The first error occurred because $_FILES[$key]['tmp_name'] was not an uploaded file. Since it is unlikely that you are trying to fake out your own code by putting files directly put into the tmp upload file location on the server, the error is probably occurring because $_FILES[$key]['tmp_name'] is not set due to an upload error. That would indicate that your code is not checking for any of the possible upload errors before it attempts to access any of the uploaded file information. Is your code in fact checking the ['error'] element of each possible uploaded file before reaching the code that you did post? The second error is because the exif_imagetype() function does not exist in your version of php. Since the code is checking and passing the test if the GD functions are present, that would indicate that your version of php is older than 4.3. The end of life of php4 was well over two years ago. It is time you planned upgrading to the latest php5 version.

You are attempting to reuse the same result set from your query. You must reset the result pointer before the second while(){} loop. See the mysql_data_seek function.

If the time zone database that mysql uses is up to date (which also tells it when the DST start/end dates are) and the time zone setting that is in effect at the time the query is executed is correct (some time zones don't use DST while the one you are in does) and the date/time setting on the server is correct, NOW() should give the correct value. Where is this msyql server running? On a web host somewhere or on a development system?

To format dates in other languages, you should use the setlocale and strftime functions instead of date().

What URL are you entering in your browser? What does a 'view source' in your browser show?

So did you examine the script that was mentioned in the thread I posted a link to above. It has the ability to check the Content-Length header and abort the upload if it is greater than a value you choose. Someone would need to test how well this actually works. AFAIK, when php handles the upload, php does not cause the upload to abort if the size exceeds the various php settings.

Based on what you have stated you are doing, setting the session.cookie_domain (as long as it is being set the same before every session_start()) should work. What have you done to troubleshoot what it is doing? Are full php error_reporting/display_errors on so that you would know if the session is starting without errors (i.e. would sessions work at all in both pieces of code even without changing sub-domains)? Is the session cookie being sent to your browser and is the value in the session cookie the the same that session_id() shows that php is using on each page? Show us the two different URL's you are using. xxxxx out any sensitive information but don't change any of the other parts of the whole urls that you are using.