PFMaBiSmAd

Anything put into the hands of the visitor or in his browser can be bypassed.

The only sure way of preventing access or the use of any specific 'temporary' password after a specific time has passed is to store the time value you want to test for in a database (flat-file, mysql...) on the server. The suggestions to store time values in a session variable can be easily bypassed by simply dropping the session id and logging in again. If you want a specific password to only allow access for a specific time period, store the date/time when it was created (or first used) in a database table. Then on each page access check if the date/time for that password is farther in the past than a value of your choice. If it is, prevent access and take any other action that you need.

I would also store a sha1 hash of the value and the length of the value in the table (you could determine these at the time the query is executed but if ultimate performance is an issue, calculate them once when the data is inserted.) Then you will only need to compare the hash and length of the data with the information in the table. There is a very very high probability that if both the hash and length of data matches something already in the table that it is an exact match and does not need to be inserted again. Does each piece of data in the xml file contain any sort of date/time information that you could instead use to filter out things that have already been processed by storing the latest date/time each time you process the file?

The size of the file is probably larger than the upload_max_filesize setting and you are probably getting an upload error - http://www.php.net/manual/en/features.file-upload.errors.php Any upload script must check for upload errors before attempting to use any of the uploaded file information. Also, if you exceed the post_max_size setting, the $_FILES array will be empty, so you must actually check for that condition first, then check the ['error'] element of the $_FILES array for errors.

The posted code does not contain any code to connect to a database server or select a database once you are connected. Are you developing and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php would help you by displaying all the errors it detects? Stop and start your web server to get any change made to php.ini to take effect. Also, for debugging, echo mysql_error() on the line immediately after your mysql_query() statement to find out why a specific query failed to execute.

As to what now() is - You can find all the answer to basic mysql questions in the documentation - http://dev.mysql.com/doc/refman/5.1/en/index.html I personally recommend downloading the .chm version of the manual as both the Index and Search tabs in it make finding information extremely easy.

However, DON'T use the mysql password() function in your application - The hash length used by the password() function has changed at least once, thereby breaking any application that was using it.

The Unknown column 'e_mail' in 'where clause' is from some previous query on the page and the rest of what you printed is from your echo "$str<br>"; statement. You would need to identify the query that is causing the Unknown column 'e_mail' in 'where clause' error to be output.

What are the php versions on the two servers, because php.net has had a significant number of bugs in the strtotime().

By echoing it (or printing it, depending on your coding preferences.) kgb49, if you have jumped into trying to use php, a programming language, without first having read a basic php book or at least gone through a comprehensive php tutorial, it is going to take you a very long time to get any piece of code to work and it is going to be extremely frustrating for you and for those trying to help you when you have to be told the basics.

You need a session_start() on every page that references or sets a session variable.

What is the total number of expected rows to the nearest power of 10? 100, 1K, 10K, 100K, 1M??? And once a value has been inserted will it always be that same value or can it be altered and if it is altered and the original is still in the xml file should the original be inserted as a new value? Help us out by filling in some of the blanks that you know about the data.

Your column in your database table should be a unique key. Then, you can simply use the IGNORE keyword in your INSERT query to prevent duplicates values from being inserted without producing an error.

You are also going to find that since $slot[100] does not exist, that you will randomly get a null value out when rand(0, 100) gives a 100.

Your problem with it not working, it not a math problem.

You already have an existing thread for this. Don't start another one.

http://www.phpfreaks.com/forums/index.php/topic,269373.msg1284757.html#msg1284757

Phpmyadmin is just a database management tool. It uses the mysql extension to interface with the database. That has no bearing on you using the mysqli extension in the scripts that you write.

Well what part do you need help with? Without a specific statement of a problem you had when you tried to do this, we don't know at what point you succeeded and at what point you need help.

You need the following two lines to both report and display all php errors - ini_set("display_errors", "1"); error_reporting(E_ALL); Your code worked as expected for me.

Setting any of the session settings after the session_start() has no effect. They must be set before the session start and they must be set before every session_start. It is best and simpler to globally set them in the master php.ini (when you have access to it), in a .htaccess file (when php is running as an Apache Module), or in a local php.ini (when php is running as a CGI appliction.) If you are on a shared web server you must also set the session.save_path to be to a private folder within your account's folder tree so that your session data files will only be affected by your session settings. The session.cookie_lifetime only has an effect if the browser is completely closed. If the browser is kept open (even if none of the windows/tabs are a page on your site), it has no effect.

The entire message STATES why the copy() failed. Of the 3-4 possible reasons, how would be know which one (the solution is different for each possible reason) unless you provide the relavant information from the error message.

The actual error message tells you where the output is occurring at that is preventing the session_start() from working. Find what is causing that output first.

For debugging, echo mysql_error() on the line right after your mysql_query() statement. Beyond that you would need to post your actual code. You could for example be overwriting the result resource inside of a loop, among 4-5 other possible reasons for that error.

Use a case sensitive comparison or store user names using a case sensitive collation or as binary strings.