premiso

I think the better question is, what is your ultimate goal with this process? Browsers choose not to display output buffer on their own and hold it to the end in an attempt to cache. Chrome is crazy with caching, I have not worked with FF5 much but I am sure it is heading that way as well. If you let us know what your goal is, I think we will be able to help more.

I am not sure why you have that "hack" in there, it does not do anything new that your prior if statements did already. <?php $query = "SELECT lock_date FROM users_logins_attempts WHERE users_id = '".$users_id."'"; $result = mysqli_query($dbc,$query) $row = mysqli_fetch_array($result); $lock_date = $row['lock_date']; // Find out if user is locked out of their account /* I believe the 0000 etc will be caught by the empty, but if you are nulling it, it may just be null, and that could be your issue */ if (!empty($lock_date) && strtotime($lock_date) >= time()) { $locked = true;/* User true / false makes it easier to work with */ // Account locked error $errors = true; $message = "Account is locked! Please try again later!"; $output = array('errorsExist' => $errors, 'message' => $message); } else { $locked = false; /* User true / false makes it easier to work with */ // Clear the lock $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'"; $result = mysqli_query($dbc,$query) or trigger_error('Unable to unlock user, query failed: ' . mysqli_error($dbc)); // Account locked error $errors = true; $message = "Account is unlocked. You may now try to log in again!"; $output = array('errorsExist' => $errors, 'message' => $message); } /* Why is this needed? The above two statements should take care of this. if(!$locked){ if ($lock_date != "0000-00-00 00:00:00") { $locked = false; // Clear the lock $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'"; $result = mysqli_query($dbc,$query); } }*/ ?> So I removed that, changed the $locked from being "yes"/"no" to true/false, easier to work with boolean values imo. Added an error trigger to the update query, which would make sure that is being checked. I added the empty check, I am not sure if this works properly with a 0'ed date, but that could be your problem if the field is nullable is that it is null'ed out and not just 0000's so that would alleviate that problem. Let me know if it works or not.

If you want to use the ID's in a query this will assist you further: $ids = array(); foreach ($items as $itemid => $item) { $qty[$item] = $qty[$item] + 1; $ids[] = $itemid; } $sql = "SELECT blah FROM blah WHERE id IN(" . implode(',', $ids) . ")"; implode will combine the array and allow for the IN operator (Which acts as an OR statement in MySQL) to select those id's from the database. [/code]

If I am reading this right all you have to do is this: foreach ($items as $itemid => $item) { $qty[$item] = $qty[$item] + 1; } Then the key would be under $itemid and you can use it how you want.

So you are saying that you actively installed the adodb php install set from ubuntu and restarted your webserver, then tried the connection? Without that module being setup / installed it will not work. Just checking as you did not really mention if you did do the install or not.

When you view your page via the http protocol you are seeing a page that has been generated by the server. So all you see is the "output" that the end user is suppose to see. If you view the source, all you see is the HTML generated by the server. When you include a file via the HTTP protocol, that is all you are essentially getting. So unless your server did not parse PHP, you are just including the end result HTML. When you do the include locally, the php file is not parsed, in other words the webserver is not generating the output for the end user, you get the raw code which include is able to interpret and actually include / use.

Did you do a: sudo apt-get install php5-adodb And after you do that, if the program is running on a webserver, restart the server. It should work.

Most likely, but as mabis said, if it is because too many open connections then they either have a limit of queries that can be ran, their mysql / php setup is kind of screwed up, or you are exceeding your limits with your hosts. You might look at a low end VPS provider, depending on your needs. I have a few from different sources. For that size of a site 512MB VPS would be good, or a 128MB if you can have the MySQL offloaded. But all that aside, I really do not see why this would be causing you havoc. The caching should fix that issue, you might also want to look into CloudFlare, although I heard some nasty rumors that Dubai is blocking Cloudflare for political reasons, might be something for you if you are willing to test the waters. I have had mixed results with it, so yea. I do not necessarily recommend it persay, but you might be intrigued by it.

require_once("http://mysite.com/includes/header.php"); Why are you including it from the URL? That will parse the page and deliver the end user content. Do this instead: require_once("/includes/header.php"); And see how that treats ya.

Your server is now IIS. As far as REQUEST_URI not being there, IIS probably omits it while apache gives it out. And googling confirmed that. You can see a hack of a fix here: http://davidwalsh.name/iis-php-server-request_uri which basically has this code for the fix: To find more information this is what I googled: http://www.google.com/search?aq=f&sourceid=chrome&ie=UTF-8&q=IIS+Request_URI

To fix ereg depreciate errors you generally just need to change it to it's preg counterpart and add delimiters, here is the part that needs to be fixed: if ( ereg( ']* class=[^>]+>', $commenter ) ) {$commenter = ereg_replace( '(]* class=[\'"]?)', '\\1url ' , $commenter ); } else { $commenter = ereg_replace( '(<a )/', '\\1class="url "' , $commenter );} And here it is fixed: if ( preg_match( '~]* class=[^>]+>~', $commenter ) ) {$commenter = preg_replace( '~(]* class=[\'"]?)~', '\\1url ' , $commenter ); } else { $commenter = preg_replace( '~(<a )/', '\\1class="url "~' , $commenter );} I chose to use the ~ as delimiters for not particular reason, that is just my preference.

I must be going cenial, I thought there was a duplicate, but upon closer inspection it is not. However these two queries: $result = mysql_query("SELECT * FROM $table WHERE PRODID='$id' AND display='1'"); $table_result = mysql_query("SELECT * FROM PRODID WHERE PRODID='$id'"); If they are both using the same $id, can probably be combined into 1 query using either joins or a union statement, depending on if they are actually two different tables or you want one to do the display = 1 and the other to not. As far as caching goes, well basically all you would do is store the built page in a "cache" folder. Upon page load, you can do a couple of things, either store the cache page id and last cache location / last cached time in the database and check that upon page load. If there is a cache at the location, then you just serve that page up using include. If it is there and your cache threshold has been reached you regenerate the page (using output buffering) and then save the output buffer into a file before echoing it, and that is your new cache and update the database with the last cache. That way, once the page has been generated you only have to do 1 query to check it. And if you want it to regenerate every 24 hours you just add in a check to verify the last time it was generated and update it. That would be a "simple" caching system which should do well for you. Hopefully it makes sense either or Let me know if it needs to be clarified a bit. If it does change, you can easily pull out

I am not really into going through all that and doing it for you. But I will give some pointers. I see multiple duplicate queries, if you are fetching the data twice, just fetch it once into an array and re-use that array. For this SQL: $desc_sql = mysql_query("SELECT * FROM sub_cat WHERE name='$sub_cat'"); Since you are pulling a list of subcats, you might be able to cache that and only regenerate if something changes. That would reduce your calls. You can even cache the products if needed (but that kind of defeats the point of having a SQL database). So look at your queries, if you see the same query, why run it twice? If the data is not going to be changing really often, cache it.

Goonies never say die.

If they are allowed via get variables: $cat = isset($_GET['cat'])?$_GET['cat']:''; Rinse and repeat for each time there, topic, title etc. Do that before you echo that line or somewhere near the top of the script.

You can delete it now. Where your issue is, is this part: foreach($_GET as $key=>$val) { $$key=$val; } foreach($_POST as $key=>$val) { $$key=$val; } That turns any POST/GET into a variable. This is just the same as register_globals. So yea, if you want to do this, put it at top, and any variables that you do not want to be able to be changed by this, make sure you intiialize that variable after that, to prevent hijacking.

I would post it as private to pastebin, then after you get it resolved remove the pastebin, as you should have access to do that (link the pastebin here).

If they can change it with a get variable, then something is wrong and my bet is that register_globals is turned on in the php.ini file, which is a huge security vulnerability. Changing that to off should fix it, but may also break your application. To fix it without doing that, initialize variables at the top of the script. IE: <?php $money = ""; $name = ""; /// your other code here $query="SELECT * FROM user WHERE name='$name'"; $result=mysql_query($query); $result=mysql_fetch_array($result); $name=$result["name"] $money=$result["money"]; Which should prevent the get variable from ever being used. If you need the name in a get variable change that line to this: $name = isset($_GET['name'])?mysql_real_esacpe_string($_GET['name']):''; But of course without seeing a bit more code, I am just working blindly.

Unfortunately, there is not. Unless you figure out a way to use Silverlight or something kinky like that to block people from jacking the file, then yea. But I do not even know if that would work. HTML 5 may have some security features to it, but there again I do not know if it would be possible and would probably require recoding the games. As of right now, I know of no ways to prevent this. You can make it harder, sure, by using javascript etc to serve the file. But in the end, the swf file has to be downloaded to the end user's computer one way or another.

Just because you are ignorant and cannot be arsed to understand what serizalization and unserialization of an object means does not mean I cannot be. And yes, I do fully understand what that statement means, as apparently does PFMaBiSmAd, or else he would not have posted it. So yea, if you do not know something, research it instead of being hand fed information, or try it for yourself and stop being lazy. It really is not hard to get another version of PHP running on a test box or VM or just be even installing it to a different folder. So yea. Thanks!

It doesn't matter what version he tested it with, the change log says 5.3.0 so 5.3.0 or above will work.

I don't think you could call it like $this->_title anyways, if the _title is a private property. You should be able to grab it with $this->title, depending on the framework. But I dunno what framework etc you are using, so yea.

Chances are your server is not setup to handle errors nicely. As such it throws a 500 error. What this generally means is that you have a syntax error in your code, which looking at the syntax highlighting you do. You could check the /var/log/apache2/error.log file and it will tell you where the error is for future reference. $manager = preg_replace('#[^A-Za-z0-9]#i',",$_POST["username"]); Should be: $manager = preg_replace('#[^A-Za-z0-9]#i',"," . $_POST["username"]); And that would at least resolve that syntax error.

Use the DateTime class and see if it will handle the conversion. Particularly, the CreateFromFormat function.

Are you sure you want to use POST and not GET?