Coreye

What exactly isn't working about it?

Try: $get = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $name . "'"); while ($row = mysql_fetch_assoc($get)) { /* get data */ $signature = $row['signature']; $posts = $row['post_count']; }

Full Path Disclosure: http://www.chataddict.netau.net/bbdemo.php?start=' Full Path Disclosure: http://www.chataddict.netau.net/bbdemo.php?start[] Use is_numeric.

What are the problems and what errors are you getting?

What's not inserting and do you get any errors?

For a fee you can advertise your services on SitePoint. Other freelance sites similar to http://www.getafreelancer.com are: http://www.odesk.com http://www.php-freelancers.com http://www.project4hire.com http://www.ifreelance.com Just a heads up... your portfolio looks broken.

What's the error? And strcasecamp isn't a PHP function. It should be: if (!strcasecmp($animal_name, "Duck") && !strcasecmp($animal_sound, "quack"))

I'm pretty sure that error means the cookie is empty. I just tested your code and it worked fine. I changed some parts to make it work. <?php $ftp_server = "ftp.mysite.com"; $ftp_user_name = "myusername"; $ftp_user_pass = "mypassword"; /* set up basic connection */ $conn_id = ftp_connect($ftp_server); /* login with username and password */ $login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass); /* check connection */ if ((!$conn_id) || (!$login_result)) { echo "FTP connection has failed!<br />"; echo "Attempted to connect to $ftp_server for user $ftp_user_name"; exit; } else { echo "Connected to $ftp_server, for user $ftp_user_name<br />"; } $test = "public_html/testing"; /* check if dir is available and close connection */ if(!@ftp_mkdir($conn_id, $test)) { ftp_close($conn_id); echo "<br />That directory already exists."; } else { @ftp_mkdir($conn_id, $test); ftp_close($conn_id); echo "<br />The directory has been created."; } ?>

Try: ftp_mkdir($conn_id, $_COOKIE['ID_my_site'], 0777);

He's not asking how to force users to login. He's asking how to use the function file_get_contents when a login is required.

You're missing the closing bracket for this else: echo "There is already a topic with this title!"; } else { $fetch = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); Try this: <?php $topic = $_POST['title']; $detail = $_POST['content']; $topic = strip_tags($topic); $detail = strip_tags($detail); $ownusername = $_SESSION["real_name"]; $time = time(); if ($mute == 1) { echo "<font color=red><b>You have been muted!</b></font><br /><br />"; } else { $query = mysql_query("SELECT * FROM `forum_question` ORDER BY `id` DESC LIMIT 40"); $info = mysql_fetch_object($query); if ($info->title == $topic) {// you allready had $topic set so why not just use that and make life easyer echo "There is already a topic with this title!"; } else { $fetch = mysql_fetch_object(mysql_query("SELECT * FROM `users` WHERE `username` = '" . $ownusername . "'")); $datetime = date("d/m/y h:i:s"); //create date time if ($title == $_POST['title']) { echo "You must add a title!"; } } }

This code works for me: <?php $to = "myemail@domain.com"; $name = "This is the name."; $email = "This is the email."; $comments = "This is a comment."; $subject = "Subject Test"; $headers = 'From: mysite@domain.com' . "\r\n" . 'Reply-To: mysite@domain.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $body = "Name: $name | E-mail: $email | Comments: $comments "; if (mail($to, $subject, $body, $headers)) { echo("sent"); } else { echo("failed"); } ?> Try the above code on a separate page and see if that works. If that works, then your variables are not being placed.

Are you 100% positive? Try: echo "Name: " . $name . " | E-mail: " . $email . " | Comments: " . $comments . "";

KEY is a reserved word for MySQL. $sql = "INSERT INTO `vids` (`sid`, `title`, `description`, `key`, `url`) VALUES ('" . $sid . "', '" . $_POST['title'] . "', '" . $_POST['description'] . "', '" . $key . "', '" . $_POST['url'] . "')"; mysql_query($sql) or die(mysql_error());

You have <?php list_pages();?> Like David says, that needs to be <?php echo list_pages();?>

Ignore the above post... try: <?php if ($_SESSION['username']) { echo "<form action='signature_changed.php' method='POST'> <div class='box'><h3>Update signature</h3> <input type='hidden' name='name' value='" . $_SESSION['username'] . "'> <textarea name='newsig' cols='20' rows='5'> </textarea><input type='submit' value='Change'></a> </div> </form>"; } else { die ("Narb."); } ?>

If you're still getting that error, you must not of updated the code. I just tried your code and it works fine with: <?php if ($_SESSION['username']) { echo "<form action='signature_changed.php' method='POST'> <div class='box'><h3>Update signature</h3> <input type='hidden' name='name' value='<?php echo '".$_SESSION['username']."'; ?>'> <textarea name='newsig' cols='20' rows='5'> </textarea><input type='submit' value='Change'></a> </div> </form>"; } else { die ("Narb."); } ?>

You had if ($login = true) and I changed it to if ($login == true) And yes, that should work with sessions.

Cross Site Scripting (XSS): http://www.thebuddyfolder.com/search.php?go=search&pageno=<h1>test

Try this: <?php $username = $_POST['username']; $password = $_POST['password']; $file = fopen("user.txt", "r"); /* Set login to false initially */ $login = false; /* Break out of loop if login becomes true OR EOF is encountered */ while(($login == false) && (!feof($file))) { $data = explode(":", fgets($file)); /* assume field 0 is username, field 1 is password */ if( ($data['0'] == $username) && ($data['1'] == $password)) { /* login is true, so will break out of loop after this iteration */ $login = true; } } if ($login == true) { echo 'hi there user'; } else { echo 'nope'; } fclose($file); ?>

Just the the title. Cross Site Scripting (XSS): You can submit ">code when creating a photo category.

Cross Site Scripting (XSS): You can submit "code in the user variable for profiles. http://www.thebuddyfolder.com/profile.php?user="><marquee><h1>test Cross Site Scripting (XSS): You can submit ">code when adding picture captions. http://www.thebuddyfolder.com/viewgallery.php?user=testing&cid=30&pid=34 SQL Error when sending PMs that include a '. You can view profiles don't exist: http://www.thebuddyfolder.com/profile.php?user=1gygahjgajhgu615gajhg The pagination for search doesn't work. It doesn't keep the search variable in the URL.

Try: <?php $displayEmailError = 'Email Must be Valid'; $displayAgeError = 'Age must be Valid'; $displayFirstError = 'First Name cant be Empty'; $displayLastError = 'Last Name cant be Empty'; if (!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)) { $displayEmailError = true; } if ($_POST['Age'] < 18 OR $_POST['Age'] > 67) { $displayAgeError = true; } if (empty($_POST['FirstName'])) { $displayFirstError = true; } if (empty($_POST['LastName'])) { $displayLastError = true; } if (!$displayEmailError && !$displayAgeError && !$displayFirstError && !$displayLastError) { save to database } ?>

I would check out mkdir and chmod.

$species = $_POST['species']; should also be $species = $_POST['Species'];