flappy_warbucks

In the PHP code. manually specify an IP address from another country. So say for an example: somewhere in the code it will have: $ip = $_SERVER['REMOTE_ADDR']; You could change the code for testing to: // $ip = $_SERVER['REMOTE_ADDR']; $ip = "214.177.220.92"; // an IP address i just made up Geddit?

Phone them up and ask them? Seriously: log the IP address, and time they last clicked a link. (to save DB space, prob best as a flat file system unless you got a large database capacity). Then you can write a script to show when they last clicked a link. with a time limit of 5 minutes per click, that should be a reasonable indication of when they're online, and what page they're on.

As a side note: Read a book about PHP security and application design, and also touch up on your mysql. However, the query should be: "UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."', Gender='".$_POST[gender]."', Title='".$_POST[title]."', First_Name='".$_POST[firstname]."', Last_Name='".$_POST[surname]."', Address_Line_1='".$_POST[address1]."', Address_Line_2='".$_POST[address2]."', City='".$_POST[city]."', Postcode='".$_POST[postcode]."', Contact_No='".$_POST[contactno]."', Email='".$_POST[email]."', Additional_Comment='".$_POST[note]. "' where { ENTER YOUR CONDITIONS HERE (i.e. where username='". $_POST['username']. "') });" Also look into uses of mysql_real_escape_string() and add_slashes(). Putting data directly into a database query is asking for trouble.

It's times like this where google is your friend: http://www.marksanborn.net/php/calculating-ups-shipping-rate-with-php/ Not that you would take any notice in the google part, you're just interested in the link

If you read the error it tells you exactly what the problem is. LIB_PATH is not defined

OK, so one server connects to multible SQL servers correct? And you are worried that someone may gain access to the server. What you *could* do is set up the SQL servers so that they only accept incoming connections from your web server (and poss dev machine). this means the the SQL servers will actively deny requests from anything other then your server.

Read the error: that is where it is saying it's looking. That is where the script is. So: <?PHP defined('DS') ? null : define('DS', DIRECTORY_SEPARATOR); defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); require_once(SITE_ROOT.DS.'djsonrotation/includes/config.php'); require_once(SITE_ROOT.DS."djsonrotation/includes/functions.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/session.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/database.php"); require_once(SITE_ROOT.DS."djsonrotation/includes/user.php"); ?> Try that.

This question really is subjective. Personally, i prefer: if($bal > 100) { echo "you have over 100 pounds; } else { echo "you have less than 100 pounds"; } I find that it makes reading the code easier. But not everyone agrees.

The code below works <html> <center> <form method="post" action=""> <b>Email</b><br><input type="text" name="email"/><br> <b>Password</b><br><input type="password" name="password"/><br> <input type="submit" name="submit" value="Login"/><br> </form> <?php if(isset($_POST['submit'])){ echo echo_post($_POST['email']); } function echo_post($postvar){ return $postvar; } ?> </center> </html> As my suspicions where confirmed when i tried the above code my on my server. Take the function out the conditional statement.

It looks like you're calling the function inside a conditional statement. Take the function out the conditional, and then try again.

It looks like you're calling the file using the domain path, and not the servers directory path. defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); defined('LIB_PATH') ? null : define('LIB_PATH', SITE_DOMAIN.DS.'includes'); defined('CSS_PATH') ? null : define('CSS_PATH', SITE_DOMAIN.DS.'css'); require_once(SITE_DOMAIN.DS.'config.php'); if you look, you can see that the require_once function is trying to call "http://localhost/djsonrotation/config.php" when you really need it to call the file relative to the hard drive location, and not relative to the domain location. I would change that to: defined('SITE_DOMAIN') ? null : define('SITE_DOMAIN', 'http://localhost/djsonrotation'); defined('SITE_ROOT') ? null : define('SITE_ROOT', $_SERVER['DOCUMENT_ROOT']); defined('LIB_PATH') ? null : define('LIB_PATH', SITE_DOMAIN.DS.'includes'); defined('CSS_PATH') ? null : define('CSS_PATH', SITE_DOMAIN.DS.'css'); require_once(SITE_ROOT.DS.'includes/config.php');

How about: if you invite them through an email: do a one time key (MD5 hash of something and something else) per email, and then void that key when it's been clicked through? Just a thought.

worthless post by WebStyles. Coolness! worthless post by AyKay47, about a worthless post by WebStyles. Coolness! the chain can go on forever. If all the posters posted all the time. It could be an infinite loop!

Add ... order by {column name } desc at the end of the query.

You could put a cookie on the machine (one that does not expire) and then use that. the only problem that would present is if someone cleared out their cache, then they could then, again, gain access. IP address, is not reliable due to some ISP's issuing dynamic IP addresses. Meaning the IP address is only reliable for 24hrs(ish). I'd be tempted to look into ways of getting the computers MAC address using Java (not javascript) or flash. That (to me) would be the only sure fire way of keeping them out.

Well, yes. But that's because it's the same mail server. (or clustered in the same batch) If you're not happy with mail() then write your own mail script and quit bitchin. Yea, read a book on Networking. And then come back when you have a clue.

$styles = array("stylesheet1.css","stylesheet2.css","stylesheet3.css"); echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"". $styles[rand(0,sizeof($styles)-1)]. "\" />"; // you minus 1 die to the cound being three, but the element count only going up to two.

Is that a different stylesheet based on Browser, or a random stylesheet to mix things up a tad? Both will require a different approach.

Could we see the code you're using?

In the database, put a column in the user table that holds the time of their last action. Put some code in with the session class that checks to see if they're logged in, and get that to update the time in the database everytime they do something (i.e. click a link) for example: session_start(); if (isset($_SESSION['user'])) { $query = "update users set tolc=\"". time(). "\" where user=\"". $_SESSION['user']. "\";"; // run that query. } You can then write another piece of code that, when you're pulling users from the database, you can get it to ignore users which have been idle for about 10/15 minutes. Nothing. If a user is using a different browser over the same session instance, then i'd start hashing the browser string in with an MD5'd session key. But as it's two separate users, then just leave it.

You would need javascript for that. <script type="text/javascript"> function timeMsg() { var t=setTimeout("alertMsg()",3000); // 3000 microsecond = 3 seconds. } function alertMsg() { alert("Hello"); // after 3 seconds, this alert dialog will be displayed. You could get rid of this, and have the script do whatever you need it to do. } </script>

OK. So where is your code?

Session never worked? i fail to see how: session_start(); $_SESSION['tmp'] = $data; can fail when you call it on the next page like: session_start(); $data = $_SESSION['tmp']; that does work. (despite me not testing it at all)

I would not use $_GET for that. It would be to easy to trip the site up. try: <?php switch($_GET['via']) { case "security_question": // call a function that would handle this form security_question_form(); break; case "previous_password": // call a function that would handle this other form previous_password_form(); break; default: // incase someone tries to tweek the address bar vars. the software won't go tit's up, it will default to this: go_default_option(); } And then put all your HTML in separate functions. It will make maintaining the code much easier.

Yes, it is very much possible. (http://php.net/manual/en/ref.ftp.php) and 2 seconds on google, threw up this: https://encrypted.google.com/#hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=9&gs_id=y&xhr=t&q=php+ftp+script&tok=1eYsHBmvRPeBeYP9toAU2A&pf=p&sclient=psy&source=hp&pbx=1&oq=php+ftp+s&aq=0&aqi=g5&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.r_cp.&fp=58935e0d63e81eca&biw=1680&bih=959 Enjoy