Adam

Surely it would make more sense for your cousin to come and ask? Then when people give feedback and help to work out the solution, he'll learn through the process and won't be just relayed the working code?

May want to quickly remove the MySQL details you've just posed.

You won't be able to see them as literally "\n" within the browser (or by viewing the source) because the browser interprets them the same as if you'd hit return a few times in a text editor.

Definitely, those things are immense! Gun Arnie uses in T2 isn't it?

I'm guessing you meant user ID and password? But yeah, this is pretty common practice.

The extract function may be what you're looking for?

Quite frankly you seem pissed that nobodies done the work and given you the answer, and as a result blaming the entire web development community. In actual fact (based on my previous post (which I tested)) perhaps the problem was down to your own implementation? As for using $_SESSION in that manor, strictly speaking it goes against 'good coding practices' IMO. Session variables should be for... session variables. Not to pass data between pages. Yes it works. But it's a bit of a hack, or, bad coding practices. There is another method - which is probably why nobody suggested to you to use $_SESSION - that does work.

Mmmm.. right. test.html: <iframe src="test.php?test=this does work!"></iframe> test.php: <?php echo $_GET['test']; ?> How does that not work?

First of all, considering you mentioned PHP5, you're using deprecated session methods (session_register, session_is_registered) as of PHP5.3 - if you're wanting to 'modernize' the code this would be the first place I'd start. I think that link you've been learning from has been teaching you old tricks! In the way of security, echoing out any form of user input without proper filtering leaves you open to XSS attacks: echo $_COOKIE["user_name"]; The login process itself seems secure enough though, except I think this is a bit superfluous (and doesn't prevent SQL injections as it says): // Strip slashes from user input (preventing SQL injection) $username = stripslashes($username); $password = stripslashes($password); Looks like that's catering for "magic_quotes" - again deprecated as of PHP5.3. That's pretty much it really - not mentioning the 'short_open_tags'. Take a look at the manual for a better description and examples: http://php.net/manual/en/function.session-destroy.php As I mentioned before though, that tutorial you've been following seems out of date.

Maybe missing something (there's quite a lot to read), but could'nt you just use for example: src="your_file.php?var=123" ??

I bet that kid doesn't even care, just got a day off! I'd laugh if he'd been drawing his teacher on the crucifix but just said it was himself when s?he found it.

No problem. It may be that PayPal are using header redirects (though obviously not PHP) which is why your condition is failing -- I don't believe they populate the HTTP_REFERER. Have you tried a var_dump on $_SERVER['HTTP_REFERER']?

http://news.sky.com/skynews/Home/World-News/Australia-Runaway-Car-Driver-Chase-Weir-Hurtled-At-Oncoming-Traffic-When-Cruise-Control-Locked-On/Article/200912315501398?lpos=World_News_Second_Home_Page_Feature_Teaser_Region_0&lid=ARTICLE_15501398_Australia%3A_Runaway_Car_Driver_Chase_Weir_Hurtled_At_Oncoming_Traffic_When_Cruise_Control_Locked_On Ha, I love the ending:

(Note my edit - maybe why it's not working for you) As I said though, this isn't a secure method. Also doesn't allow people to continue later if they get interrupted during registration. Perhaps you should look into generating a kind of 'register key' for each purchase? You send the user a link like register.php?key=1345234nff345r34f34f (something along those lines). During registration this key is checked to make sure it's valid, they're allowed to register, and once complete the key is removed (so they can't forward the address onto anyone else).

Not entirely sure what you're trying to do, but relying on the HTTP_REFERER for security is never actually secure. Consider that I could easily just modify the PayPal homepage with firebug, creating a link to that page, then the condition would then return true and I'd have access. Edit: Also remember that not everybody uses "paypal.com"...

Guessing you didn't get a reply because you never actually asked a question.

Hah yeah, ridiculous. Though I think the father's now taking it a bit far:

http://www.tonymarston.net/php-mysql/stored-procedures-are-evil.html I have to agree. Although it's fair to say I generally only ever use PL/SQL for stored procedures and they're awful IMO.

http://php.net/manual/en/function.utf8-decode.php Not totally sure on this, the second / third comment down may be helpful to you.

I think as others are pointing out though there's always going to be a free, just as good alternative available to those entry companies; with the larger businesses and enterprises willing to pay.

Not sure I know what you mean. What would you then do with this variable? You can't store PHP code to be run in that sense (unless you ran it through eval). Do you not mean a "function"?

If the index names you wish to list always have the "skill_" prefix, you can use a foreach loop as you said: foreach ($array_name as $key => $skill) { if (substr($key, 0, 6) == 'skill_' && $skill != 0) { echo $skill.'<br />'; } } As writing that though I noticed you wanted to use a label that wasn't stored in the array, which is a problem. Although you could still make this work by creating an array of labels, associated by the array key returned from the query -- if that makes sense? This may be a little over-doing it though for just 3 or 4 values. Instead you could just use a series of if statements.. if ($array_name['skill_speed'] != 0) echo 'Skill Speed ' . $array_name['skill_speed'] . '<br />'; (...)

No probd! bottom left some where around quick reply.

Mmm, not sure what you mean.. produced dynamically? "word.php" was just a file I made up, passing the actual word returned from the query through the GET parameter "w". You'd need to create word.php on your server in order to remove the 404 error; then within word.php you can return and process / do whatever you want with the "w" parameter value.

http://monty-says.blogspot.com/2009/12/help-saving-mysql.html