phpSensei

Etrader, the script can't guess what to include, you to tell it to include based on certain predefined values.. otheriwse the only thing you can do is include($q);

1. I see, I was taken under the impression that users are posting the articles. 2. I could have sworn I read someone mentioning Addslashes and Stripslashes, when displaying it you use stripslashes yes, but since your using Mysqli I presume take a look here: http://us.php.net/mysqli_prepare 4. I am saying if you are using utf-8 characters in your articles, take a look at the utf-8 sampler.

Even before this link this should have signal some warnings... http://w3fools.com/

or did you mean this <?php $q = $_GET['q']; function arr($word){ switch($word){ case 'something1': include('array1.php'); break; case 'something2': include('array2.php'); break; } } arr($q); ?>

OP you ment like this? <?php function arr($word){ foreach($files as $file){ include($file); } } $files = array('array1.php','$array2.php','array3.php'); arr($files); ?>

$_REQUEST can hold many levels of data, including cookies sessions post get. I would chose $_POST explicitly here,because its safer to know where your data is coming from, Mail can be a cookie from the user for all we know, thats not where your problems lie here though. Tname of the Email field isn't Mail its Email change $_POST['mail'] to $_POST['email'] <input name="email" type="text" style="width: 290px; height: 30px; padding: 2px; border: 1px solid #c0c0c0;" placeholder="Your email" />

The error is simple 'no database selected', your selecting either a non-existant database name or you havn't called the mysql_select_db

this line . $row['LastName']"</td>"; Is missing a '.' try <?php mysql_select_db("my_db", $con); $result = mysql_query("SELECT * FROM Persons"); echo "<table border='1'><tr><th>Name</th></tr>"; while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<td>" . $row['FirstName'] . ' ' . $row['LastName']. "</td>"; echo "</tr>"; } echo "</table>"; mysql_close($con); ?>

Inserting pure HTML code can be a real security issue DoubleDee, I suggest using BBCODES instead. Its not that Mysql doesn't like holding data with Single/Double Quotes, its during the Query that it can be a problem since it breaks the sql, which leads to Mysql Injections, which is why we use mysql_real_escape_string. If you properly escape your data, you don't need StripSlashes... Also if your site is running UTF-8, then make sure your fields are tf8_unicode collate and htmlspecialchars for the value which supports an option called charset

If your question is always "Is Fire Hot or Cold" then by-passing this 'anti-spamming' system if you so call it won't be very hard. If you would like to have the errors display on top of the contact form, you will need to leave the form's action to empty, to it sends the HTTP POST vars to itself. example <?php if(isset($_POST['Submit'])){ $answer = trim(strtolower($_POST['answer'])); if(empty($username)){ print "Please enter your username"; }elseif($answer != "hot"){ print "Wrong Answer!"; }else{ header("location:somepage.php"); exit(); } } ?> <form method="Post" action=""> <input type="text" name="answer" id="answer" /> <input type="Submit" name="Submit" value="Submit" /> </form>

You need to clean up your code and do things properly, using conditional statements to check wether the sql went through or not, otherwise output an error or something.. or even, to debug your code, add the die(mysql_error()); $result2 = mysql_query($sql2) or die(mysql_error());

HAHA, this is me when I was little guys, shows my passion dont you think?

Sorry I can't let this slip. OP, are you serious? Your "fraustrated" because PHPfreaks likes to keep a solid user base and prevent spam? Any other board not taking the same security measures must really suck to be around because we rarely see any spamming going around here. edit: In all 4 (almost 5) years of being on this site, I have seen 1 spam post. We are the largest forum for a reason, because we are damn awsome.

Thorpe good read, I personally love Python because I am more comfortable with the language's paradigm, however thats a another big problem I have noticed in the past few year... a community of poor programmers. PHP has gained the popular title of "Find a client, goto a help forum, make quick cash". Nobody wants to even flip through a paragraph of PHP anymore. I love how Python forces you to learn the basics of object oriented programming...Its the heart of the language.I have been coding in PHP since 2006 and in python for 2-3 years, I can say there's a big difference in their programmers. edit: However I am sticking by this community no matter what, going to help out in the PHP coding section, don't get me wrong here, I just don't plan on having a bright future with PHP itself. I have lost much hope recently.. Python can do pretty much anything PHP can, also I always create dll's/libraries in C++, and import them into Python, I understand the toolbox terminology.

What don't you understand about PHP code Help ? I don't see any code, any attempt at what you have tried to do.. atleast a function or an if statement man...

Hello, So its been on my mind lately wether I should develop web based applications in PHP or try Python. After having a read over here (I know it seems PHP is better in some ways): http://wiki.python.org/moin/PythonVsPhp And I know what you might think... it may be a biased opinion, but the functionality and facts are listed there that you will find in many other places. edit: View the comparison in the link. There's alot of Retorts in here, but in comparison to the language itself I am very much comfortable with Python than PHP. In my opinion, they are just as powerful as eachother.

I have my brain wrapped out Sub-Classing recently...] thats the only reason i would see to call a parent's constructor, if your using a framework or had build your own... class Application(Frame): def __init__(self, master=None): Frame.__init__(self, master,height=2) # create a grid self.grid() self.createWidgets() self.grid_propagate() def createWidgets(self): return(0) app = Application() app.master.title("User Input") app.mainloop()

Can you show some code on what you have done so far?

you need to use mysql_real_escape_string on the variable which you are passing to the LIKE statement. This is protection against mysql injections, adding a Single quote will break the query...

haha, less coding more eating man

Have you figured it out?

You mean like this? [gallery id="345" size="large"]

I don't see any other way, if someone knows enlighten me also..

Your queries seem to be fine. change this line $result = mysql_query($sql); to $result = mysql_query($sql) or die(mysql_error()); Give the exact error output.