premiso

[quote author=PlagueInfected link=topic=251312.msg1179170#msg1179170 date=1241706383] thanks guys, i rushed into it before reading. haven't been here in a while and im still new to programming. so if i was to use the ob_start() where would i put it or even insert in it, i never used it [/quote] It would have to be before the output as well. So the first item on your page. [code=php:0]<?php ob_start(); ?> <div id="unload"> <?php

Your input system is double escaping. As ken mentioned stripslashes will solve this. But if you post anything with slashes they tend to get removed. I would fix your database entry part as you are either addslashes to the data (which is wrong btw) or you are mysql_real_escape_string (which is what you should use) but while Magic Quotes are turned on, which would cause a double escape as well. If Magic Quotes are on I would suggest turning them off and that should prevent the double escaping without any code modification. However, if you do use addslashes I would suggest using the mysql function instead, as it escapes just for the mysql DB and will catch items that addslashes will not.

header reading that will help as well. You cannot make a header call after output (the <div) has been sent to the browser. Simple as that. All header/session_start etc calls must be before output. The ob_start is just a bandaid for the real issue. You should not make any output till after the script runs as a rule of thumb.

1: Well first thing is first. If your server supports PHP rename all your .html files to .php. This will make the transition easier. If you are for SEO ranking, I would setup a .htaccess that does a 301 redirect from the old .html files to the new .php to keep your ranking and let the spiders/bots know to update. After that you are basically going to be doing more or less templating. Where you have your index.php file which includes your main header, footer and content files. The header and footer files will most likely be static. However, the content file you can make PHP driven with a database if you would like. So instead of having to manually update the file, you could use a PHP-Admin system to update it. You can use MySQL, which would be the preferred method, but depending on how much time you want to spend, you can also just read that file in with file_get_contents and write back the update content to it with fopen and fwrite. 2: Google/PHP.net are both great places to start. Even some of the links mentioned above. But you may want to look for a "Simple CMS (Content Management System)" as that is essentially what you want and I know there are tons of them out there. It is just finding the right one for you. It all depends on how advanced you want this and how much time you want to spend. The CMS would be the easier way to go as it is already coded you just have to learn how to use it and implement it with your current site. Hope that helps, best of luck!

What changed? Did you upgrade your server, did your host do an upgrade? Did you add any code recently? Post your current code for the index.php, as we cannot help you without seeing current code.

Ok, let's start out by "How" the form is not working. It looks like you pulled in a 3rd party app to utilize this. That is fine, however, I do not know how this form gets submitted, so if you setup your form properly. Might I ask, why did you go for a 3rd party app to handle this instead of just using the mail function?

Hence why shared hosting is bad. It takes on user on your host to make every site hosted there insecure, if the shared hosting does not set up their server right.

Put it outside of the document root and call it from there. So if your server path is: /home/user/www/index.php (where index.php is visible) Put the xml files in /home/user/xml/xmlfiles.xml Then just include the files that way. I am not sure if flash can do that, but it should not have a problem with it.

mikesta, please revise your code. r3po, please use this instead: if (isset($_GET['page']) && file_exists($_GET['page'] . ".html")){ include("../" . $_GET['page'].".html"); } else { //show content on coupons.php } Or an even better approach: $allowedIncludes = array("Ames", "Borrock", "Acme"); if (isset($_GET['page']) && in_array($_GET['page'], $allowedIncludes)) { include("../" . $_GET['page'].".html"); }else { } Doing it without either one of those test opens up your site to be exploited, and exploited very easily/maliciously and without you even knowing until you learn that your site files have been modified. Setting up those simple checks will make sure that someone does not include a remote url to get processed/executed by your script and give them access. Edit: The "../" in the include part takes you up one directory.

It makes sense in my mind. So my signature will just have to bug you. My mind it goes: Some people just cannot figure stuff out. Such as they cannot work out how to code in PHP. It is just not possible due to lack of motivation or lack of knowledge. But for everything else that they "can" figure out, google will them figure it out. It is just all a play on words and how it is worded.

I understand that, but unfortunately flash applications depend on the machine how (quickly) they run. On a brand new machine the time will be different than on an older machine. Since it really depends on the client and the cache size etc. Then there is the time it takes to send the flash data on the server end to PHP, which can also be variable depending on the server load. (At least it would make sense on that). How to solve your issue, I have no clue. As there can be so many variables with the flash end. I mean even PHP scripts run randomly depend on the server load. I can refresh a page of mine that just echo's out "Test" and one time it could take .00004 seconds and the next it takes .00003 seconds. Granted we are talking about micro seconds, but the same will apply. If the time varies each time the script is ran, perhaps you can grab the highest amount of seconds on average it takes to run and the lowest. Use that for validation basis. I do not think, with Flash and PHP, you could get much more accurate. But I am no Flash expert. That just makes logical sense to me.

Unfortunately PHP/HTML does not have a way for you to upload entire folders. You have to choose it file by file. However, Java, has this functionality. Java Uploader Since, you are a developer/photographer, I bet you can get the java uploader to work. But what you need to do after the files are uploaded is run a script to import the names/file locations into the database. To do this you need some knowledge of PHP and how to use a function like glob and knowledge of MySQL so how to run/execute the query for each file. If you do not know how to do this, sorry, I am not for coding it for you, you can post in the freelance section and offer to pay someone to implement it for you. Or you can try reading up on PHP and MySQL and coding it yourself. Hope that at least gets you on the right track.

Why not give it a 5 second lead way and see if that works. So on the flash side, add 5 seconds. Then on the php side check that the time is within 5 seconds of the current time. As far as knowing how long it takes, you simply echo out the time php has minus the time that was received by flash. But I doubt this will be 100% consistent each time, so a 2-5 second lead way may solve that.

Use glob to echo all the filenames as a sql insert statement. Then ftp the 500 pictures to the server and run the generated sql insert statements to add them to the DB, as I take it this is a one time deal, it can be that simple.

Sound like a javascript issue to me. Are you sure you have the right javascript included in that file? Have you tried to debug the javascript?

Please do not bump after an hour. Perhaps if you took care and posted this in the MySQL forum you would of had your questioned answered by the MySQL gurus who tend to only browse that forum. Moving to MySQL forum. Edit: Sorry about the bump remarks, long day. Still the same goes, take care to choose the right forum for the topic. That is most likely why this has gone unanswered like it has.

Set a timestamp when you set the cookie in the database. If that timestamp is past the date, delete it. This can be done using a Cron job for *nix or Scheduled tasks for Windows.

Does it work? If it works it is probably correct.

lol I also remember the iPhone (granted it is not a PC) was hacked within like 8 hours of released with a massive bug in it. Anyhow, I still feel that Mac is not largely targeted due to the majority of companies that use Windows to power their server. Whether it is a small company that uses Windows 2003/2008 or a major server. Knowing how to exploit that could be useful to a hacker, especially if everyone on their network is using the same version of windows thus making it easier to create a worm to bog down network traffic to hide their tracks. That is just how I see it. Size does matter because there is potentially more valuable information stored on PC's with Windows installed vs a Mac.

mysql_result Fetches the first column from the first row.

He was a bit confused [on] cud. I was explaining that I thought only cows chewed cud, to help clarify his confusion.

Then we are in agreeableness.

I figured someone would point out something to make me eat my words. But all the same, I still think Mac is more secure due to the limited hardware it will work on. As far as I know Mac's only work with their hardware unless you hack your PC to run a mac with some type of a converter. But at last, I have used Macs but I never dove into them enough to understand their security. I just cannot get over that stupid 1 button mouse. It annoys me. That and I did not know OS X was based off of BSD, which would explain the security portion. As far as my statement, maybe it would be better worded that most Virus/Worm makers target Windows probably for the flaws in the code mostly, but because they just dislike Micro$oft and like to cause them havoc and pain to hopefully get users to switch to Linux (granted that is probably not true, but that is how I imagine it).

I thought only cows chewed cud. Weird.

Now let me ask you this, why in the world would you want to return all the records in a table when you only want one? If you are only expecting 1 record, adding the LIMIT 1 ensures this no matter what which should free up memory etc. I always use this practice especially with updates/deletion's if I only want to delete 1 record or update 1 record. Even if I want to validate a user I always LIMIT 1, granted my usernames are unique, but yea. It just makes sense that if you know you only want one record to LIMIT 1 so you do not waste memory/mysql resources.