premiso

How are you checking the cookie was created? Remember that to check it the page has to reload after the cookie has been set. Other than that, I have no clue how/why it is not working. Maybe your browser is set not to accept cookies? I do not know. And a note, if you want the cookie valid for everything just use the "/" path and it should show for the whole server. Thinking even more about it, using mod_rewrite you should set it to "/" and not "/page2" as that is not a real folder so the cookie will most likely not be recognized.

http://www.aeonity.com/frost/php-setcookie-localhost-apache Take a look at that and see if it works.

http://snipplr.com/view/2223/get-number-of-days-between-two-dates/ First result of googling "Days between dates php"

setcookie("time",$time, time()+3600*24, "/", "localhost"); Try that.

private $items; To set the initial value set it in the constructor. EDIT: Just read more of the OP. Yea, your server must be using PHP4, it needs upgraded for that code to work as PFMaBiSmAd said.

Sessions are safe on their own, unless you decide to print them out. Since the session file is stored on the server, it cannot really be snooped or looked at unless your server is compromised. Shared hosting, you are not really safe. There are precautions you can take, but I do not know them. For further explanations, please elaborate.

CONFIG_password = '$pass2'; OR CONFIG_password = "\$pass2"; Use single quotes or escape the $.

lol at least you gave an example I guess I could have been nice and done that too lol.

Without seeing code, you are not going to get much help. Are you instantiating the class? Or just including the class?

Either explode it at / or use parse_url to rebuild it. <?php $url = "http://www.forums1.com/index.php"; $url = parse_url($url); $url = $url['scheme'] . "://" . $url['host'] . "/"; ?> Should work.

parse_url would help ya. If you would explain exactly what you are trying to do, that might get you a better answer.

Stop this IE BS, switch to Firefox now! Especially IE6, only people who use that are the government, cause they are always 5 years behind everyone else! IE6 is dead, get used to it!

That code is correct. No errors with it. Anything from here on is mis-match between the DB and the form. We cannot help you with that part.

http://dev.mysql.com/doc/refman/5.1/en/date-and-time-functions.html#function_datediff That may be useful.

A work around would be this: <?php $sql = "SELECT * FROM test WHERE DATE(start) <= DATE_ADD( CURDATE(), INTERVAL+1 DAY) AND DATE(end) >= DATE_ADD( CURDATE(), INTERVAL +1 DAY) ORDER BY start DESC"; $query = mysql_query($sql); while($row = mysql_fetch_assoc($query)) { $start = explode(" ", $row['start']); $start = explode("-", $start[1]); $end = explode("-", $row['end']); $end = explode("-", $end[1]); $start = $start[2] . "/" . $start[1] . "/" . $start[0]; $end = $end[2] . "/" . $end[1] . "/" . $end[0]; $start = strtotime($start); $end = strtotime($end); $between = round( abs( $start - $end ) / 86400 ); echo date("d", $between) . " Days between"; } ?> I am not sure if that will work at all. I cannot remember if that is the syntax. Give it a try and see. If you can figure it out with MySQL, that would be the preferred method as it would be faster than strtotime which is extremely slow.

What value are the dates stored in MySQL? As a timestamp or as the yyy-mm-dd format? EDIT: http://dev.mysql.com/doc/refman/5.0/en/date-calculations.html Found that article that may help you.

Why not just do this: if (isset($_GET['passlocation'])) { mysql_query("UPDATE booking_schedule SET event_id_location_" . (int) $_GET['passlocation'] . " = '0' WHERE id = '" . (int) $_GET['id'] . "'"); } I would suggest doing data checks on the $_GET, but yea. In the one you posted, without the where, every row in that table would be set to 0.

SELECT *, DATE_SUB(`end`, `start`) as `dates_between` FROM ... I am not sure if that would work, but I guess it is worth a shot.

Thanks corbin. Yea, I tried the no-ip approach for allowing users like: GRANT ... username@'host.no-up.org'.... Which would not let me in, unfortunately. I may try that avenue more in-depth, because that would be a ton better than just using the %. As for the port, yea it is not the 3306, it is some absurd and random number. The username and password are at least 15 chars with a mixture of special etc. I am interested if I could ban an IP that tries to connect more than 5 times, that is not a bad idea. It may require a script to parse the log file to check, but that is also another good idea to do. Thanks for the info corbin.

Hey All, I had a question about MySQL Windows Security. I have read up on this and just wondering if anyone had any more insight on how to further secure it. I am running a MySQL on my host for a test database for me and 1 other person. We will be using the same account just so our data is consistent and up-to date. To do this I had to open the MySQL port (I of course changed this port to be non-default). I have removed the root user and only have 1 user account, unfortunately neither me or the other person have static IPs so I had to set the host to %. The account password is pretty beefed up about 15 characters with a mixture of letters numbers and special chars as is the username. I think this should be sufficient, but would like to know of any other secrets out there that might help. Any input is appreciated and I thank you for replying! EDIT: Also I have my router setup to not ping back on the default ports.

How are you entering the username/password into the db? Are you md5 the password you enter into the DB?

if (($card %2) == 0) { echo "Card is even"; }else { echo "Card is odd"; } Should tell you whether it is odd or even. The % is the modulus operator, if you want to read up on that.

<?php session_start(); if (isset($_POST['Login'])) { $server = "*****"; $db_username = "*****"; $db_password = "*****"; $db_name = "*****"; $db = mysql_connect($server, $db_username, $db_password) or die("Connection to database failed, perhaps the service is down !!"); mysql_select_db($db_name,$db) or die("Database name not available !!"); // lets filter the post data: array_walk_recursive($_POST, 'mysql_real_escape_string'); $username=$_POST['username']; $md5_password=md5($_POST['password']); // Encrypt password with md5() function. // Construct and run query. $result=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$md5_password' LIMIT 1"); $result=mysql_num_rows($result); if($result > 0){ $_SESSION['username'] = $_POST['userame']; // session_register is depreciated header("location: index.php"); // Re-direct to main.php }else { // else is just fine here $message="--- Incorrect Username or Password ---"; echo"$message"; } } ?> Forgot the capitol "L" in login. Try that and see if it passes the username test.

Is your login page the index.php? If so that is why it does it, you can set an if $_SESSION['username'] isset display this message "You are already loggedin" to test to see if that is the case.

Sorry I didn't word it as best as I could, it's a bit tricky to explain. But basically yes I need the pos=dm to be added to the pagination links if the user is on players.php?pos=dm so it will look like players.php?page=3&pos=dm if they click on page 3. Another example is if they are on players.php?type=5 then to go onto page 3 it should look like players.php?page=3&type=5 Thanks It really is not all that hard to do, as long as you know the different types of get data that can be used, type, and pos are one already. So here is a script that will do that for both: <?php $maxPage = 5; $pageNum = 3; $extra = array(); $extra[] = isset($_GET['type'])?"type=" . $_GET['type']:""; $extra[] = isset($_GET['pos'])?"pos=" . $_GET['pos']:""; foreach ($extra as $key => $ex) if ($ex == "") unset($extra[$key]); $extra = implode("&", $extra); $extra = ($extra != "")?$extra . "&":''; $self = $_SERVER['PHP_SELF'] . "?" . $extra; $nav = ''; for($page = 1; $page <= $maxPage; $page++){ if ($page == $pageNum){ $nav .= " $page "; // no need to create a link to current page }else { $nav .= " <a href=\"{$self}page=$page\">$page</a> "; } } if ($pageNum > 1) { $page = $pageNum - 1; $prev = " <a href=\"{$self}page=$page\"><</a> "; $first = " <a href=\"{$self}page=1\"><<</a> "; }else { $prev = ' '; // we're on page one, don't print previous link $first = ' '; // nor the first page link } if ($pageNum < $maxPage) { $page = $pageNum + 1; $next = " <a href=\"{$self}page=$page\">></a> "; $last = " <a href=\"{$self}page=$maxPage\">>></a> "; } else { $next = ' '; // we're on the last page, don't print next link $last = ' '; // nor the last page link } // print the navigation link echo $first . $prev . $nav . $next . $last; ?> Not the cleanest but it works.