flappy_warbucks

In the PHP code. manually specify an IP address from another country. So say for an example: somewhere in the code it will have: $ip = $_SERVER['REMOTE_ADDR']; You could change the code for testing to: // $ip = $_SERVER['REMOTE_ADDR']; $ip = "214.177.220.92"; // an IP address i just made up Geddit?

Phone them up and ask them? Seriously: log the IP address, and time they last clicked a link. (to save DB space, prob best as a flat file system unless you got a large database capacity). Then you can write a script to show when they last clicked a link. with a time limit of 5 minutes per click, that should be a reasonable indication of when they're online, and what page they're on.

As a side note: Read a book about PHP security and application design, and also touch up on your mysql. However, the query should be: "UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."', Gender='".$_POST[gender]."', Title='".$_POST[title]."', First_Name='".$_POST[firstname]."', Last_Name='".$_POST[surname]."', Address_Line_1='".$_POST[address1]."', Address_Line_2='".$_POST[address2]."', City='".$_POST[city]."', Postcode='".$_POST[postcode]."', Contact_No='".$_POST[contactno]."', Email='".$_POST[email]."', Additional_Comment='".$_POST[note]. "' where { ENTER YOUR CONDITIONS HERE (i.e. where username='". $_POST['username']. "') });" Also look into uses of mysql_real_escape_string() and add_slashes(). Putting data directly into a database query is asking for trouble.

It's times like this where google is your friend: http://www.marksanborn.net/php/calculating-ups-shipping-rate-with-php/ Not that you would take any notice in the google part, you're just interested in the link

If you read the error it tells you exactly what the problem is. LIB_PATH is not defined

OK, so one server connects to multible SQL servers correct? And you are worried that someone may gain access to the server. What you *could* do is set up the SQL servers so that they only accept incoming connections from your web server (and poss dev machine). this means the the SQL servers will actively deny requests from anything other then your server.

Read the error: that is where it is saying it's looking. That is where the script is. So: <?PHP defined('DS') ? null : define('DS', DIRECTORY_SEPARATOR); defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); require_once(SITE_ROOT.DS.'djsonrotation/includes/config.php'); require_once(SITE_ROOT.DS."djsonrotation/includes/functions.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/session.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/database.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/user.php"); ?> Try that.

This question really is subjective. Personally, i prefer: if($bal > 100) { echo "you have over 100 pounds; } else { echo "you have less than 100 pounds"; } I find that it makes reading the code easier. But not everyone agrees.

The code below works <html> <center> <form method="post" action=""> <b>Email</b><br><input type="text" name="email"/><br> <b>Password</b><br><input type="password" name="password"/><br> <input type="submit" name="submit" value="Login"/><br> </form> <?php if(isset($_POST['submit'])){ echo echo_post($_POST['email']); } function echo_post($postvar){ return $postvar; } ?> </center> </html> As my suspicions where confirmed when i tried the above code my on my server. Take the function out the conditional statement.

It looks like you're calling the function inside a conditional statement. Take the function out the conditional, and then try again.

It looks like you're calling the file using the domain path, and not the servers directory path. defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); defined('LIB_PATH') ? null : define('LIB_PATH', SITE_DOMAIN.DS.'includes'); defined('CSS_PATH') ? null : define('CSS_PATH', SITE_DOMAIN.DS.'css'); require_once(SITE_DOMAIN.DS.'config.php'); if you look, you can see that the require_once function is trying to call "http://localhost/djsonrotation/config.php" when you really need it to call the file relative to the hard drive location, and not relative to the domain location. I would change that to: defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); defined('LIB_PATH') ? null : define('LIB_PATH', SITE_DOMAIN.DS.'includes'); defined('CSS_PATH') ? null : define('CSS_PATH', SITE_DOMAIN.DS.'css'); require_once(SITE_ROOT.DS.'includes/config.php');

How about: if you invite them through an email: do a one time key (MD5 hash of something and something else) per email, and then void that key when it's been clicked through? Just a thought.

worthless post by WebStyles. Coolness! worthless post by AyKay47, about a worthless post by WebStyles. Coolness! the chain can go on forever. If all the posters posted all the time. It could be an infinite loop!

Add ... order by {column name } desc at the end of the query.

You could put a cookie on the machine (one that does not expire) and then use that. the only problem that would present is if someone cleared out their cache, then they could then, again, gain access. IP address, is not reliable due to some ISP's issuing dynamic IP addresses. Meaning the IP address is only reliable for 24hrs(ish). I'd be tempted to look into ways of getting the computers MAC address using Java (not javascript) or flash. That (to me) would be the only sure fire way of keeping them out.