Lamez

I am working on timed session for my project. So they have X minuets per pages to indicate some activity before the systems logs them out. Here is how I am going about this: At the login function: set time limit, store session time in a session variable. In main.php (included on every page): check time with expiredTime() function if this returns false, then call the updateTime() function, else logout. Here are my functions: function startTime($min){ //Starts the time clock (TC), should only be used in the loginAdmin and updateTime functions. $min *= 60; if(!isset($_SESSION['~TC:Min']) || $_SESSION['~TC:Min'] != $min) $_SESSION['~TC:Min'] = $min; $_SESSION['~TC:Time'] = time() + $_SESSION['~TC:Min']; } function updateTime(){ startTime($_SESSION['~TC:Min']); //No need to do the same thing twice. Resets the clock per page. } function expriedTime(){//True if time has expired; false otherwise. return time() > $_SESSION['~TC:Time']; }

like so: if( md5($pass1) === md5($pass2)) echo "Match"; //or if the pass is already hash'd if( md5($pass) === $hashPass) echo "Match";

Ya, I would not trust those sites just based on the design. There are tons of HTML templates you can buy\get for free online, these will increase the credibility of your site. Take a look here: http://www.freelayouts.com/websites/html-templates

I was only 6. I was born in 1990.

http://wonder-tonic.com/geocitiesizer/index.php LOL.

I am not too sure what XSS vectors. I do know what cross-site scripting is though. How would I fix this? Also, did you take a peek at the product site. Is that secure as well? Thanks!

never mind, I forgot a '$' in the increment part of the for loop header.

I have no idea where the error is. Here is the compiler error: Here is line 336: for($i = 1; $i<$max; i++){ Here is the entire function: function getPageList($max){ $pageList = ""; for($i = 1; $i<$max; i++){ $pageList .= '<a href="?page='.$i.'">Page '.$i.'</a>'; if($i > 1 && $i != $max) $pageList .= ' | '; } return $pageList; }

joined in '08 of May. 17 then, 19 now. 20 this year.

http://www.google.com

I am working on a "product catalog", I need to make sure the login gate is secure. I also need to make sure there is no security holes. All I am going to tell you, is there is an admin with the username of james. Link to Test Site: http://www.hssz.net/sz/admin Product Site : http://www.hssz.net/sz/ Proof of Ownership: http://www.hssz.net/sz/phpfreaks.txt Post any problems! Thanks!

I include it twice because when $footer = true then shows the footer. I got to thinking though, I could include it once then write a function. what it really does is call the footer include file. I think the getHomeValue pulls content from the DB, can't remember.

This is how I do it: <?php $path = ""; $title = "Home"; include ($path."core/main.php"); echo "<b>".getHomeValue("title")."</b>"; echo "<HR>"; echo getHomeValue("content"); $footer = true; include ($path."core/main.php"); ?> I like it.

Ya, I was about to say, it has to be the query.

Are you getting the same error?

I now have some code revision. Thanks!

I could not agree more, I am curious now. I am now going to have to find out.

I am a bit curious. What is the difference between using mysql and mysqli? The difference between fetch_array and fetch_assoc?

I would think the compiler would have to, it has to have someway of detecting first, what kind of expression it is. Only seems logical at that point to evaluate it as a whole.

you are using mysqli_query, but when you call the array, you are using mysql_fetch_array(), try mysqli_fetch_array instead.

As that may be true, it still does not matter what order they are in. The expression is evaluated as a whole. true || false = true false || false = false false || true = true true || true = true I don't see why the order they are called matters.

did you see my corrected post? I made a mistake.

I don't think it matters since it is evaluated as a whole to single boolean.

<?php $f = mysqli_fetch_array($r);//corrected $_SESSION['user_id'] = $f['user_id']; ?> EDIT: OOPS $q should be $r

<?php if(empty($_GET['orgname']) || !isset($_GET['orgname'])) echo "Nothing Selected"; else echo $_GET['orgname']; ?>