Adam

Yeah it's a joke. There's a notice on the page:

English.. Are you "that bastard dialect of the Queen's English commonly referred to as "US English""?

Yeah, fair enough I'll eat my words there. The attitude you seemed to give off before though is that you've taken what code you could and now want someone to show you how to take the rest. If you reread your original post look at it from that perspective, things like; "I've also found my way into his css to build the buttons" and "This is what I have so far for the Hide entered and Hide all not interested" (with their exact code following) - it can give off that impression. ---- I would suggest scrapping the mark-up you have and writing it completely from scratch. Use the other website only as a guide if you get stuck on certain areas, such as how they bind events to each set of buttons, handle the AJAX, etc. You'll benefit far more from trying to do it yourself as opposed to figuring out how to do it following someone else's idea. There's no correct as such way of doing it. Personally I would have a simple table storing the post ID, user ID and a boolean value for like. Use a left join to pull in the data as you render the posts for a user, so you can decide how to draw the buttons based on the like column; 1 being like obviously, 0 dislike and null for not chosen. Use AJAX to update/insert the table as the user chooses. As for hiding/showing posts, you can assign a shared class name to the post's wrapper DIV based on whether they like it or not. Using jQuery you can then target those that are liked or disliked extremely easily: $('.likeGroup').hide(); $('.dislikeGroup').hide();

Do you see the copyright message in the footer of that site?

No, not "take" - build something through examination of something else. You're not doing that though, you have quite literally just taken their HTML, CSS and images, and have no idea what to do past there. You've already nicked their rating system. My point wasn't supposed to be helpful to you, it was highlight the fact that we're not here to help people rip off someone else's work.

How are they not able to post spam through an AJAX request?

You're outputting an image! The response PHP is sending back is "this is an image" - all of it. You can't include extra output otherwise the image data would be corrupt. You need to include a separate PHP file that handles generating only the image, but through the form of an image tag: <img src="php-script-to-generate-image.php"/>

Variables between single-quotes are not parsed. Concatenate the value: [...] onclick="getLoggedInUser(' . $user . ') " [...] Although unless $user is numeric, you're going to get a parse error in your JavaScript as you don't have quotes around the parameter value. If that's the case try: [...] onclick="getLoggedInUser(\'' . $user . '\') " [...] Ain't pretty, but neither's inline JS

This isn't "reverse engineering". You're just ripping their client-side code and have got stuck when it comes to actually working something out.

??

http://www.google.co.uk/search?q=how+does+facebook+prevent+spam

If you're using jQuery or another framework, you can pretty safely rely on this method of detecting AJAX requests. If you're not using a framework, you can still include the header in your own script and use it. As mentioned though, you can't safely restrict access to pages if not from an AJAX request, because essentially there's no difference in the request, only that one was scripted. Your code should have the neccesary security checks to prevent any kind of abuse; time-outs, user validation, etc. You're approaching security from the wrong angle.

Sure. error_reporting(-1); This is basically setting the type of errors PHP will complain about; FATAL, WARNING, NOTICE, etc. The type is included in every message you receive. -1 sets it to all, which unlike E_ALL includes STRICT types. You can read a short description of what each type means in the manual. error_reporting(E_ERROR | E_WARNING | E_PARSE); As this is production, we don't want to fill the logs with uneccesary information about undefined indexes and such, that *should* have all been solved during development; so we only set the three more substantial type of errors. The pipe characters between each constant are bitwise operators - these are fairly complex to explain within a forum post, so if you want to learn more have a read in the manual. ini_set('display_errors', 1); ini_set('display_errors', 0); ini_set overrides a setting within your php.ini file for the current request. "display_errors" decides whether to display errors within the output. If 0, they're obviously not, but (by default) they will still be logged within the error log. That means within a production environment you can hide errors from users, but still have a historical log of errors to detemine what happened.

Development: error_reporting(-1); ini_set('display_errors', 1); Production: error_reporting(E_ERROR | E_WARNING | E_PARSE); ini_set('display_errors', 0);

This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=342389.0

Funny read.. http://www.addedbytes.com/blog/if-php-were-british

Yes. You can also use mysql_db_query. There's a number of different ways of doing it, just don't create multiple connections. jcbones makes a good point also. Supressing the errors is like turning a blind eye to a leaky pipe. Learn about error reporting and displaying errors. On a production system you should still allow more serious errors to be reported (added to the log), but not displayed in the browser for users to see.

You can't repeat the same ID for multiple elements -- IDs are supposed to be unique. The start() method uses an each statement, so assign each element a shared class name and use that in the selector.

Actually, I just did a test and that's not the case. The problem the other day was with retaining the document's selection after a link is clicked - this is different. I've tested with IE6 (don't have any later versions available to test with right now), Chrome13 and FF6. All work fine for me regardless. As the selectionStart and selectionEnd properties don't exist in IE until version 9, your IE8 will be using the range method which works fine ie IE6 ("the problem child") so I'm going to guess the issue is down to the implementation. Do you have this online to look at?

Ah, it's because you're using an anchor. Someone had this same problem the other day.. You need to use an image, styled text, etc. Something that doesn't take focus away from the textarea unlike an anchor.

Read the link I sent. Once you're familiar with how it works it's just a case of converting the image to base64 (base64_encode) and outputting it within that scheme. I've never tried to actually do that within a Word document, but I can't see why it wouldn't work.

You need to pass it the element's object, like in the examples I showed you. You can't pass just the ID unless you add the code to get the object from the ID, but then it kind of reduces the reusability of the function. As for it not working, can you provide the version of IE/FF and what text you're trying it with? I can't get it to trip up. Lastly, ignoring line-breaks is more about string manipulation really, you just need to test what's at the end of the value and reduce it accordingly. Have a bash and see what you can do.

While yes you could simply have echoed the session variable, you will later still need to retrieve the rest of the details for the user to see and edit. So you need to add the error / empty result set checks, and alter your query to return more of the columns.

You could also store base64 encoded data as the src, using the Data URI Scheme.

Normally I would try and give you clues first, but selection ranges are a bugger. I chucked this together instead... function focusEnd(element) { var length = element.value.length; if (!element.createTextRange) { element.focus(); element.selectionStart = length; element.selectionEnd = length; } else { var range = element.createTextRange(); range.moveStart('character', length); range.moveEnd('character', length); range.select(); } } Verified in IE6 / FF / Chrome.. Should do the trick. Just pass it the textarea's element object: focusEnd(document.getElementById('myTextarea')); focusEnd(document.myForm.myTextarea);