lightningstrike

Your question makes absolutely no sense. Also your HTML makes no sense. All of your elements have the name "names". That means that only one of their values is passed. Perhaps your looking for an array. //list of elements $elements = array(1=>"username" 2=>"email", 3=>"name", 4=>"country" ); //print the list print "<table>"; foreach($elements as $key=>$value){ print "<tr> <tr> <b>" . ucfirst($value) . ": </b> <input type=\"text\" name=\"" . $value . "\"> </td> </tr>" } print "</table>";

You open the code for the comment form and add it. If it has documentation then read that and act. If you made it yourself you can probably figure it out on your own.

$result is simply a result identifier you need to fetch the actual data. $array = mysql_fetch_array($result); $firstname = $array["user_fname"];

Create a flood limit. E.g. 10 seconds between each post. Create a database table posting_flood_log storing the user's ip, and timestamp $iplong = sprintf("%u",ip2long($_SERVER["REMOTE_ADDR"])); //ip long format $time = time(); //UNIX timestamp (in seconds) Then when they attempt to add a new reply/topic it checks against the database to see if they have their ip stored if not allow them to post and record the data. If they are already in the table make sure their last post was 10+ seconds ago then update the timestamp. If not, ignore everything and redirect them.

Perhaps you should echo the query back. Perhaps you are attempting to order by a non-existent column in your table.

$query = "SELECT * FROM files WHERE category_id = 5 ORDER BY views DESC LIMIT 0, 1"; $result = mysql_query($query) or die (mysql_error()); $count = mysql_num_rows($result); $row = mysql_fetch_assoc($result); $images = "<img src =\"thumbnails/". $row['filename'] .png."\" ... />"; echo $images;

Store the session data serialized in a database table with the session id. Then redirect the user to the secure page with the session id e.g <https://www.domain.com/regen.php?PHPSESSID=832h2bdssdfadfd> regen.php renames the session id to a random value to avoid session fixation and stores it in a secure cookie and redirects them once again to another secure page where they can continue browsing. I'm assuming thats the kind of thing your looking for.

I would reccomend reading the manual for it. http://www.php.net/pdf

Ahh I see. Sorry can't help you out. There is no simple way of doing it without writing text, I believe.

Yes I believe it can be done. header('Content-Type: image/jpeg'); $wm = imagecreatefromjpeg('watermark.jpg'); //get dimensions $h = imagesy($wm); $w = imagesx($wm); //load image to be watermarked $image = imagecreatefromjpeg('image.jpg'); $offset = 10; $x = imagesx($image) - ($w+$offset); $y = imagesy($image) - ($h+$offset); //merges them imagecopymerge($image, $wm, $x, $y, 0, 0, $w, $h, 100); imagejpeg($image); //clear memory imagedestroy($image); imagedestroy($wm); Not sure if that works too well, haven't tested it out. But a little fiddling around should make it alright.

I recommend storing the ip they register with as a Unsigned Long Value as well as the most recent login IP as a long as well. e.g. //long ip unsigned $ip = sprintf("%u",ip2long($_SERVER["REMOTE_ADDR"])); Also the users gender, country, email address, member group or access level (permission to use different functions), registration date as a timestamp (use time function). Perhaps you might want their Given/First Name for reasons of addressing them etc.

Ouch NEVER use register_globals. $Array["regno"] = addslashes(trim($_POST["Array[regno]"])); Better yet <input name="regno" type="text" id="regno" class="formbox" size="16"><BR> $Array["regno"] = addslashes(trim($_POST["regno"]));

Exactly. It's invalid because $Array["regno"] has no value. Double check where the data is coming from.

Use print $Query; to see what your code is actually outputting. I have a feeling the array key may have invalid data.

I recommend a third-party paid piece of software built for handling this type of thing such as Ioncube or Zend's encoder which handle the code through their own loading software. Otherwise you would be looking at a potentially easy script to bypass.

First of all Avoid a very ANNOYING title. Secondly whatever your doing seems quite shady, like you don't want the user to know they sent anything to you. Nonetheless read about mailing at php.net/mail and redirection through headers at php.net/header Here is some code you could potentially use at your own risk. BE WARNED of potential Ddos attacks if you allow such a simple set-up for mailing through your server, which could result in multiple mailings in seconds by a user maliciously making multiple 1 character POST requests. <?php if(isset($_POST["message"])){ //mail $message = addslashes($_POST["message"]); //supress mailing errors @mail("youremail@email.com","Subject",$message); //redirect header("Location: post.php"); }else{ print " <form name=\"text\" action=\"" . htmlentities($_SERVER["PHP_SELF"]) . "\" method=\"POST\"> <textarea name=\"message\"> </textarea> </form> "; } ?>

Read about cron jobs on UNIX/Linux or Scheduled Tasks on a Windows server. And issue a query similar to the one above.

Save the data as a timestamp usually //get timestamp in seconds and store in database $timestamp = time(); //load timestamp from database then //code to print date according to timestamp's value $date = date("M-d-Y",$timestamp);

$result = pow(5,3);

$limit = 5; $query = "SELECT * FROM table ORDER BY id DESC LIMIT $limit"; $result = mysql_query($query) or die("ERROR " . mysql_error()); That should work.

Yes, that would probably be memcache kicking in on the second page. However do you crawl other databases and store the links in a database beforehand. Or do you crawl only when the user types the keywords in?

First of all wrong forum use php code forum. beta test your stuff is for functional products that can be linked to for SQL injection, XSS, CSRF, and other vulnerability and functional testing. Secondly the code is poorly written. AVOID $_REQUEST which allows GET, POST, and COOKIE a real security threat. <?php if (empty($_POST["userName"])) { print " <form method=\"post\" action=\"one page form.php\"> Please enter your name : <input type = \"text\" name = \"userName\"> <input type = \"submit\"> </form>"; }else{ $userName = $_POST["userName"]; print "<h3>Hi there, $userName!</h3>"; } ?>

function get_val($val){ GLOBAL $$val; return (isset($$val)) ? $$val : ""; } $var = get_val("_POST['varname']"); perhaps this? (untested);

Obviously not. You need to CHMOD through cpanel, ftp, shell. I assume ftp is probably what your looking for.

Not possible, make one user for all three. The only other solution is to use all three users to find the database for each one.