Adam

Nice one!

Try this: $name = "Name: ".$_REQUEST['name']."\n" ."Email: ".$_REQUEST['email']."\n" ."Address: ".$_REQUEST['address']."\n" ."City: ".$_REQUEST['city']."\n" ."State: ".$_REQUEST['state']."\n" ."Zip: ".$_REQUEST['zip']."\n" ."How they heard about us: ".$_REQUEST['hear'];

I can't see any reason why it wouldn't work, but you're going a round-about way of doing it. You could just put $cert straight into the in_array() function, removing the need for: $num = count($cert); for ($i=0; $i >= $num; $i++) { $id[] = $cert[$i]; }

Perhaps show us the SQL, bit more code?

$prep1 = mysql_query(" update contacts set phone = replace(phone, ' ', ''), phone = replace(phone, '-', ''), phone = replace(phone, '(', ''), phone = replace(phone, ')', '') ");

I think there's a good opportunity for some humor, if it's done right, but I think it would be really hard to build up a user base with what Ken2k7 said. I'd suggest following everyone's advice with centering it, better color scheme and graphics etc, and also making the links more obvious and adding a rollover effect.

Yeah, it's processed server side so it doesn't matter which browser they are using.

Also take a look at the advertising services Facebook offers, and the range of departments they employ: http://www.facebook.com/advertising/ http://www.facebook.com/careers/ I'm assuming PHPFreaks just doesn't have anywhere near this at hand...

Yeah after a quick look on Google, seems isset() can be a little undependable for certain situations.

Redarrow means here: $sSql = ($_GET['type']) ? .... You can safely just use the above code, but I guess for coding standards it's better to use isset(): $sSql = (isset($_GET['type'])) ? .... I'm not really sure what the general opinion on this is?

mysql_real_escape_string() is just preventing someone from injecting their own SQL - more about XSS. You'd pass the type var through the URL: http://craighooghiem.com/goodwills/final/inventory.php?order=type&ordertype=DESC&type=Cars (Or something) .. Then you retrieve the value in the PHP with $_GET['type'].

To keep things simple you could try changing this: $sSql = $vehicles->SQL(); To this: $sSql = ($_GET['type']) ? $vehicles->SQL() . " WHERE type = '" . mysql_real_escape_string($_GET['type']) . "'" : $vehicles->SQL(); (Not tested obviously!) There's a few ways you can do it though...

Urf.. ugly. Here's the SQL though: // Table level SQL function SqlSelect() { // Select return "SELECT * FROM `vehicles`"; } You could check if the 'type=' var has been passed through the URL, if it has, amend the SQL with 'WHERE type = ...' Make sense?

$rebuild = true; include($maps[$i]); Then check the value of $rebuild within the included file...

You'll probs struggle to find it as your code appears OO. If you can, search the code base for the '$vehicles->SQL()' method (try searching for function SQL) - that will contain the SQL you need to alter.

This is just basic SQL... SELECT * FROM something WHERE type = 'Car' You can pass a value through the URL like you said and collect it with $_GET: inventory.php?type=car $type = $_GET['type']; You just need to look through the code and find where the SQL is currently and edit that. Perhaps be best off reading a couple of tutorials first to be honest!

Here's a site I created quite a while ago, I've posted before but just curious to find out what the general opnion is? It's under going some maintenance so now's a good time if anyone has any ideas to improve it a bit. http://minimerc.co.uk Thanks Adam

I imagine you'd need to change the JavaScript, specifically this line, to the Australian co-ordinates: map.setCenter(new GLatLng(1.3714, 103.8861), 13);

Could you give a realistic example of what the input would look like? I was thinking something along the lines of this may work... $str = "strtoupper('test string');"; $str = preg_replace('/([a-zA-Z_][\w]+\([^\)]+\);)/', "<?php $1 ?>", $str); eval($str); But that would require PHP functions without PHP tags around them, just in a string. (Not tested!)

Ahh of course!

Yeah - obviously you can't count on the user to enter the data correctly. If you look at his original regular expression it looks like he's tried to put in that flexibility but being unsuccessful.

Again need to see the code. No reason why it would do that ordinarily.

Have a bash at it and if you get stuck, get the help here...

Well you now have an array containing all of the functions captured. What have you tried so far?

Also if the browser does block the session cookie, normally it's passed through the URL instead.