magnetica

So just the images?? Do the colors work together? Is the layout ok?

Hi all I have spent a few weeks creating a site where people can find and buy products and read reviews from across many sites. If you've got the time take a moment to take a look and letme know what you think e.g. colors, layouts, errors, etc http://www.googlebasesearch.com/ Thanks in advance, Magnetica

So long as you check the data with PHP then everything should be ok. The only reason someone would make a copy form is to avoid client side validating easier. Plus you can't stop them from doing so.. After you filter the input, if you are going to output any tainted data then its always customary to escape the output before display.. Filter Input then Escape Output... and all your security problem will go away. Apart from some more complex websecurity issues

Perfect. Told you it'd be simple! Thanks alot AlexWD

Hi all I am grabbing the _SERVER['REQUEST_URI'] and trying to compare it but this doesnt work $currpage = $_SERVER['REQUEST_URI'];//when i echo this i get ' / ' $home = '/'; //but this doesnt work if(strpos($currpage, $home)){echo 'test works';} PS It will work if i use if($currpage == $home){echo 'test2';} Any ideas? Thanks, Magnetica

Goto mediafire and download a file look at the link and construct a regex expression according to their url for downloading files

Hi all If there a better way of setting variables within classes than taking it through the __construct and setting via $this ?? e.g. class SectionsConnect { protected $var; public function __construct($var){ $this->var= $var; } } Can you not set the variable automatically as it comes in through the __construct? Thanks Magnetica

Thanks alot Zanus.. Can't see it getting more complicated then the characters you have put there

Such as â.. What character it is could be any? Is there a function to convert of replace letters by encoding?

Hi all I was wondering if you are able to replace such characters as â with a in php? Regards Magnetica

Hi All I was wondering how important it is to unset() all your variables once used? Most of my code is object oriented so the functions discard any variables created within them. But do I have to unset() all the objects that I instantiate? Also how much will it improve on speed if I do so? Regards, Magnetica

You shoudln't rely on cookies here, as soon as they reliase they can't download a file because of a cookie (which most amatuerish webbies could do).... They would delete the cookie and download the file Think about maybe storing their email and name in a database or XML file or something where they havn't got access to.. Regards, Magnetica

$data = htmlentities($data); $data = mysql_real_escape_string($data); Also these two functions are used to escape output not filter input..

Definetly not!! There probably are functions to clean input but security should be application specific. You are on the right lines here but you do have to do it all manually. Best practice is to get the user input then clean it appropiatley and store it within a $clean array; $clean = array(); if (ctype_alpha($_POST['username'])) { $clean['username'] = $_POST['username']; } if (ctype_alnum($_POST['password'])) { $clean['password'] = $_POST['password']; } Obviously your checks would be more intensive.

Be sure that the session_start() is situated right at the beginning of the document except before the <?php tag but before any whitespace or declared variables etc.