benjaminbeazy

hey... when i started this post, I was makin under 30k. Got a new gig now makin' over 60!

hope this gives you a better understanding and some place to start. if(isset($_GET['page']) && !empty($_GET['page'])){ $page = $_GET['page']; }else{ //no page provided in url, use your home page $page = 'home'; } //list of acceptable pages $pages = array('about','home','contact'); //check to see if user is admin. if so add admin pages // this assumes checklogin returns true when user is admin // modify as needed... if(checklogin()){ array_push($pages, 'restrictedpage1','restrictedpage2'); } //include your header here //see if $page is acceptable. if not show an error page if(in_array($page,$pages)){ include('/path/to/includes/'.$page.'.php'); }else{ include('/path/to/includes/error_page.php'); } //include your footer here

use a frontend controller and do your access checks before including page specific scripts. or a simple die('Ur haxoring me!'); on false...

you should be able to just tack on shipping_costs to you select..

you cant use header() to redirect after any output, unless you turn on output buffering..

your problem is variable scope.... you can't access global variables inside functions unless declaring them in the function or passing them to the function. so you could either do this.... (passing vars) function get_news($mysql_server, $username, $password, $database) {... and call the function like... get_news($mysql_server, $username, $password, $database); or this (declaring globals) function get_news() { global $mysql_server, $username, $password, $database; ...

your update query will update all records if you don't have where clause. it should be something like... if ( !$cx->query( "UPDATE $table SET price = '$price' WHERE id=$id")

that's too much code for me to look through. inside your while (!feof($fp)), throw in a $var = time(); and test it against the start time of the read, if its greater than however many seconds: throw a notice of some sort and..... here it is: break;

move_uploaded_file($_FILES["NAME_OF_FILE_FIELD_IN_YOUR_FORM"]["tmp_name"], "upload/" . $somename);

try this... var end = int(month.site.value) + 100;

try this... <?php require("connect.php"); $username = $_POST['user']; $password = sha1($_POST['pass']); $password2 = sha1($_POST['pass2']); $email = $_POST['email']; function error() { if(!$query) { echo "Query Failed: " . mysql_errno() . '<br />' . mysql_error(); } } function exist() { global $result; $num_rows = mysql_num_rows($result); if($num_rows<=0) { die('No Username in database'); } elseif($num_rows>1) { die('Cannot enter more then one username!'); } } function check() { global $result; mysql_select_db("divnx5_web"); $result = "SELECT `username` FROM `users` WHERE `username` = '$username'"; $error = mysql_query($result) OR die(mysql_error()); while($row = mysql_fetch_array($result)) { echo "The username " . $username . 'is already taken!'; } } if(!$con) { echo "<br /><br />Registering is disabled right now, please check back later."; } else { if(!$_POST['register']) { echo "<br /><br />Use the following form to register a new account with us. <form action='register.php' method='post'><br /><br /> <font size='2'>Username:</font><br /> <input type='text' id='user' name='user' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br /> <font size='2'>Password:</font><br /> <input type='password' id='pass' name='pass' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br /> <font size='2'>Confirm Password:</font><br /> <input type='password' id='pass2' name='pass2' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br /> <font size='2'>E-mail Address:</font><br /> <input type='text' id='email' name='email' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br /><br /> <input type='submit' name='register' id='register' value='Register' style='background-color: #FFFFFF; color: #000000; font-size: 8pt; border: 1 solid #003399' /> <input type='reset' value='Clear' style='background-color: #FFFFFF; color: #000000; font-size: 8pt; border: 1 solid #003399' /> </form>"; } else { if(!$username) echo "The username you entered encountered a problem.<br /><br />"; exist(); check(); if(!$password || !$password2) echo "The password field cannot be left empty!<br /><br />"; if(!$email) echo "The email you entered encountered a problem.<br /><br />"; if($password != $password2) echo "The passwords you entered do not match.<br /><br />"; else { mysql_select_db("divnx5_web"); mysql_query("INSERT INTO users(username, password, email) VALUES('$username', '$password', '$email')"); error(); mysql_close($con); echo "Thank you for registering with us " . $username . '! Enjoy your stay!'; } } } ?>

no prob. remember whenever you post to a script through a form that you have to declare the variables as $var = $_POST['var'] or something similar

try this... <?php if ($_POST['searching'] == "yes") { echo "<h2>Results</h2><p>"; $find = $_POST['find']; $field = $_POST['field']; if ($find == "") { echo "<p>You forgot to enter a search term"; exit; } mysql_connect("xxxxxxxxx", "xxxxx", "xxxxx") or die(mysql_error()); mysql_select_db("xxxxx") or die(mysql_error()); $find = strtoupper($find); $find = strip_tags($find); $find = trim ($find); $data = mysql_query("SELECT * FROM users WHERE upper($field) LIKE'%$find%'"); while($result = mysql_fetch_array( $data )) { echo $result['first_name']; echo " "; echo $result['last_name']; echo "<br>"; echo "<br>"; } $anymatches=mysql_num_rows($data); if ($anymatches == 0) { echo "Sorry, but we can not find an entry to match your query<br><br>"; } echo "<b>Searched For:</b> " .$find; } ?> <h2>Search</h2> <form name="search" method="post" action="<?=$_SERVER['PHP_SELF']?>"> Seach for: <input type="text" name="find" /> in <Select NAME="field"> <Option VALUE="first_name">First Name</option> <Option VALUE="last_name">Last Name</option> </Select> <input type="hidden" name="searching" value="yes" /> <input type="submit" name="search" value="Search" /> </form>

it's all good..

i certainly agree, but to each his own...