MadTechie

ok when they login store their user_id in a session, <?php session_start(); $_session['USERID'] = $USER_ID//<--pulled from database ?> don't ever hide details (for use) in a form.

session_start(); $_SESSION['var'] = "data"; echo $_SESSION['var']; so you could do this session_start(); $_SESSION['var'] = $_GET['data']; echo $_SESSION['var'];

welcome,

theirs a ton of errors here the last part fixed ( well kinda) if ($_POST['update']){ $sql= "update users set fullname='$fullname', aboutme='$aboutme' where id='{$_SESSION['id']}'"; mysql_query($sql) or die(mysql_error()); header(Refresh: 2); //<<--you have already send data to the page echo "Congratulations! Yout Profile is Updated<br>"; } else { header(Refresh: 2);//<<--you have already send data to the page echo "Your Profile didn't Update"; } ?> recommend a re-write

ok for testing function is_image($input){ switch($input){ case "image/gif": return true; break; case "image/jpeg": return true; break; case "image/png": //Added for allow return true; break; case "image/jpg": //Added for allow return true; break; default: die($input);// ADD THIS return false; // Not an image, or at least didnt match what you made available break; } } this should tell you whats going wrong

Basically what Barand said but also - <a href=index.php?p=forum&fid=$for['id']><? echo $for['name'] ?></a></br> Full code below <center> <script language="javascript"> function showMenu(id) { if(document.getElementById(id).style.visibility == "hidden") { document.getElementById(id).style.position = "static"; document.getElementById(id).style.visibility = "visible"; } else { document.getElementById(id).style.visibility = "hidden"; document.getElementById(id).style.position = "absolute"; document.getElementById(id).style.left = -100; document.getElementById(id).style.top = -100; } document.getElementById('mainTable').height = '100%'; } </script> <?php ob_start(); include("db.php"); ?> <link rel=stylesheet href=in.css> <?php $username = $_COOKIE['username']; $sql = MySql_Query("SELECT * FROM users WHERE username = '".$username."'"); $user = MySql_Fetch_Array($sql); ?> <center> <table border=1 bordercolor=#000000 cellpadding=0 cellspacing=0 width=90%> <th class=kop><a href=# onclick="showMenu('Earning')">Earning</a></th> <tr id=Earning> <td id=Earning> - <a href=index.php?p=uCrime target=game alt="Do Crimes In The Omen World">Crimes</a><br> - <a href=index.php?p=trade target=game alt="Make Trade & Deceive PPL ">Trading</a><br> - <a href=index.php?p=bank target=game alt="This is the Gangsta World newspaper.">Bank</a><br> </td> </tr> <th class=kop><a href=# onclick="showMenu('traveling')">Traveling</a></th> <tr id=traveling> <td id=traveling> - <a href=index.php?p=travel class=menu target=game>Travel</a><br> - <a href=index.php?p=vehicle class=menu target=game>Vehicles</a><br> </td> </tr> <th class=kop><a href=# onclick="showMenu('Gambling')">Gambling</a></th> <tr id=Gambling> <td id=gambling> - <a href=index.php?p=rps class=menu target=game>Rock, Paper, Scissors</a><br> - <a href=index.php?p=rr class=menu target=game>Russian Roulette</a><br> - <a href=index.php?p=slot class=menu target=game>Slot</a><br> - <a href=index.php?p=Dice class=menu target=game>Dice</a><br> - <a href=index.php?p=gan class=menu target=game>Guess Numbers</a><br> - <a href=index.php?p=lottery class=menu target=game>Lottery</a><br> </td> </tr> <th class=kop><a href=# onclick="showMenu('Forum')">Forum</a></th> <tr id=forum> <td id=forum> <?php if($this_user['crew'] != 0) { ?> - <a href=index.php?p=crewforum&fid=$user['crew'] class=menu target=_parent>Crew Forum</a><br> <?php } elseif($user['rank'] >= 99) { ?> - <a href=index.php?p=forum&fid=-1 class=menu target=game>Admin</a><br> <?php } $q = mysql_query("SELECT * FROM forum WHERE crew = 0"); $for = mysql_fetch_object($q) ?> - <a href=index.php?p=forum&fid=$for['id']><?php echo $for['name'] ?></a></br> </td> </tr> <?php if( !(safety($user['id'] == -1) && $user['safety'] == 1) ) { ?> <th class=kop><a href=# onclick="showMenu('war')">War</a></th> <tr id=War> <td id=War> - <a href=index.php?p=REW.list class=menu target=game>List Rewards</a><br> - <a href=index.php?p=REW.place class=menu target=game>Place Reward</a><br> - <a href=index.php?p=kill class=menu target=game>Murder</a><br> - <a href=index.php?p=safety class=menu target=game>Buy Out Safety</a><br> </td> </tr> <?php } ?> <th class=kop><a href=# onclick="showMenu('Crews')">Crews</a></th> <tr id=Crews> <td id=Crews> <?php if($this_user['rank'] >= 14 && $this_user['crew'] == 0) { ?> - <a href=index.php?p=CREW.start target=game>Start Crew</a><br> <?php } elseif($this_user['crewrights[0]'] == '1' && $this_user['crew'] != 0) { ?> - <a href=online.php target=game>Users online</a><br> <?php } ?> - <a href=paper.php target=game alt=>Gangsta World Daily</a><br> - <a href=donate.php target=game >Donations</a><br> - <a href=sponsors.php target=game >Sponsors</a><br> - <a href=edit.php target=game >Personal</a><br> - <a href=find.php target=game >Find user</a><br> - <a href=kill.php target=game >Kill</a><br> - <a href=attempts.php target=game>Attempts</a><br> - <a href=airport.php target=game >Airport</a><br> - <a href=cont.php target=game>Countries</a><br> - <a href=crew.php target=game>Crew</a><br> - <a href=shop.php target=game>Shop</a><br> - <a href=bullet.php target=game>Bulletfactory</a><Br> - <a href=jail.php target=game>Jail</a><br> </td> </tr> </table> EDIT replaced <? with <?php (looks cleaner)

erm. simplely they won't return false, and bumping like that is a pain, i sometimes wait a day before bumping atleast an hour but 3 hours works well as a different set of people are normally online

1. the POST doesn't put data on the URL 2. if you switched your need to update from $_POST to $_GET 3. Read up on sessions as your question doesn't relate correctly

heehee

<?php $row['title_en'] = "TEST"; $lang = 'en'; $var = $row['title_'.$lang]; echo $var;//workds fine!! ?>

<?php $query3 = mysql_query("SELECT datestamp, ID, Forename,Surname FROM a_users ")or die (mysql_error); // this can be ingnores as it works fine // //Also remove the following while testing - WHERE In_use='Y' AND Login='$new_id' $row3 = mysql_fetch_assoc($query3);// don't need this here session_unregister('first'); session_unregister('second'); while ($row3 = mysql_fetch_assoc($result3)) // the problem lies as it displays one row thats correct but doesnt show the others { $first = $row3['Forename']; $second = $row3['Surname']; $date_stamp =$row2['datestamp']; //<--Should be row3 $new_id = $row2['ID']; //<--Should be row3 list($year,$month,$day) = split("-",$date_stamp); $newdate = $day."/".$month."/".$year; echo "Date of Absence - ". $newdate." - ".$new_id." - ". $first." ".$second." <a href= 'test' >Save</a>"; } mysql_close();

lol i didn't spot the if($submit),

code looks ok $addnews =mysql_query("INSERT INTO guides (name,link) VALUES ('$name', '$link')") oe die(mysql_error());

FYI, I got 28 on both Barand

or use an address based system, you will have to post them their password, takes a few days and costs but... theirs no 100% way.. emails and ip checking work well, i also used cookies, so i knew what users used the same PC, again nothing is 100% the postal service was a joke, but i guess most people have fewer houses then email addresses lol

ooow hidden fields are useless, the only reason to use them is for making things "LOOK" tidy i suggect having an extra field on the form.. called old password, then have the system check the old password field with the current password (same as login) before doing anything else, just a quick fix but i am swamped

from the script supplied i can't see what your trying to do, please explain

add_slashes() doesn't stop SQL injection all you need is the multi-byte character for a single quote of that character set used in the database mysql_real_escape_string() (mysql_escape_string() for PHP versions before 4.3.0) is better but this was not always safe.. Link

also you may wanna check the results when 2 @'s are used

unless you mean mysql tables

do you mean update with out refresh ? if so AJAX or iframes if not what do you mean

isFounder() function isn't in the class defined as $session

OK this was just some pratice for me but i thought i'll post it this check the email is valid and get the alias and host as a note Anzeo is better (being simpler and quicker) this does check for a valid domain name (thats name, it doesn't mean it a valid email as the domain may not exist) <?php $email = "bob_the-Builder@our-house.com"; if (eregi('([A-Z0-9._%-]+)@([A-Z0-9.-]+\.[A-Z]{2,4})', $email, $regs)) { $EmailAlias = $regs[1]; $EmailHost= $regs[2]; } echo $EmailAlias; echo "<br />@<br />"; echo $EmailHost; ?>

This may help <?php define(AD_SERVER, "192.168.1.4"); define(AD_USER, "bob@testdomain.com"); define(AD_PASSWORD, "Passssss"); // Connect to the directory server. $ad = ldap_connect("ldap://" . AD_SERVER) or die("Couldn't connect to AD!"); ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ad, LDAP_OPT_REFERRALS, 0); // Bind to the directory server. $bd = ldap_bind($ad, AD_USER, AD_PASSWORD) or die("Couldn't bind to AD!"); $dn = "CN=Users,DC=testdomain,DC=com"; $attributes = array("displayname"); $filter = "(objectcategory=user)"; $result = ldap_search($ad, $dn, $filter, $attributes) or die("Search failed!"); $entries = ldap_get_entries($ad, $result); var_dump($entries); //<--may help ldap_unbind($ad);

is print_r ($_SESSION['productId']); line 14 of add_cart.php ? if so comment it out ie //print_r ($_SESSION['productId']);