premiso

change return $output to echo $output;

<?php $string = "XBOX HARDWARE"; $string = preg_replace("/\s+/ ", "_", preg_replace("/[\/]/", "", strtolower($string))); echo $string; die(); ?> A revised version, should work

Show more code. Right there it does not look like you are inside of a class, it looks like you are in a function. You have to be inside of a class for that to work properly.

That is assuming register_globals is on...try this: <?php $find = isset($_REQUEST['find'])?trim($_REQUEST['find']):"zz"; if ($find == "a") { echo "<p>Regular customer.</p>"; } elseif ($find == "b") { echo "<p>Customer referred by TV advert.</p>"; } elseif ($find == "c") { echo "<p>Customer referred by phone directory.</p>"; } elseif ($find == "d") { echo "<p>Customer referred by word of mouth.</p>"; } else { echo "We do not know how this customer found us.</p>"; } ?>

Your not using the class definition...I would read up on OOP a bit more.

<?php $string = "COMPUTERS / HARDWARE"; $string = preg_replace("/[\/]/", "_", str_replace(" ", "", strtolower($string))); echo $string; die(); ?> Should work.

I would agree, but without him re-doing the script to use sessions instead, this should solve the problem until he decides to re-do it.

The issue is not the cookie but how you are setting it. setcookie Set it with all the values, domain (make sure it is either domain.com or www.domain.com) and a "/" for the directory. Doing that should set the cookie properly. You are only setting the time, value and name, nothing else. This can cause issues on some/most servers.

What is the current code? Logically if you select the completed surveys for that user and show only the ones NOT IN the completed_survey table then it should return correctly. If it doesn't check your logic.

$query = "select id, title, adlink from survey where id not in (select survey_id from completed_surveys WHERE member_id = '" . $member_id . "')" replace $member_id with whatever variable houses the current member_id.

Not if basename() is used, and i agree, but thats why filtering is needed.. While i agree that renaming can be a idea for security.. their are many options, but you must always keep in mind,. how is the system going to deal with these uploads ?? Yea I just read the first post and missed the basename in the reply. However, I would do a check to make sure that only numbers, (spaces maybe), periods and letters are allowed. As basename does not filter it, although it may not be a security deal it does some weird stuff when you cannot delete the file without going through the shell due to a ' etc. But that is just me I guess. I am pretty paranoid when it comes to file uploads.

CSS issue more than php... I believe the tag you are looking for is style="float: left;" style="float: right;" But I also believe that there will be a bit more intuitive than that, but yea since I am not CSS expert thats about all I can help with.

SELECT s.* FROM completed_surveys cs, surveys s WHERE cs.id != s.survey_id

nl2br luckily there is that nice function to do it for you.

Does the filename have to br a specific game? I am confused. The code I posted above will verify that the extension is .nes no matter the case. Is that not what you wanted? As far as verifying that the file is a true .nes and not just some text file I uploaded, you can check that octet stream, but yea. I am not sure how you would go about verifying that. EDIT: I noticed I used $type, instead of the $_FILES['userfile']['name'] use that instead of $type, sorry I had it set to $type for testing purposes.

Why not use the extension? //This is our limit file type condition if (!preg_match("/.*\.nes$/i", $type)) { echo "Only .NES files are allowed.<br>"; echo "<pre>"; print_r($_FILES); } Why not just check the filename?

<?php require("includes/connect.inc.php") ; require("includes/navbar.inc.php") ; echo '<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'><div id=\'content\'>'; $sql = "SELECT COUNT(*) FROM user WHERE username='".mysql_real_escape_string($_COOKIE['kurukouser'])."'"; $query = mysql_query($sql) or die(mysql_error()); $r = mysql_fetch_row($query); if($r[0] == 1){ $username = htmlentities($_COOKIE['kurukouser'],ENT_QUOTES,"utf-8"); echo '<center>'; $sql = "SELECT * FROM companion "; $result = mysql_query($sql); $companion = $_GET['companion']; if(!isset($companion)) { echo'Hey '.$username.' welcome to companion rocks, here you can choose what you want you companion to be during your journeys, <br />of course this is optional but the benefits can be great!' ; while($row=mysql_fetch_array($result)) { $cname = $row['name'] ; $cimage = $row['image'] ; echo'<br /><br />' ; echo'<img src="'.$cimage.'">' ; echo'<br />' ; echo $cname ; echo'<br />' ; echo'<a href="http://kurukolands.co.uk/companion.php?companion='.$cname.'">Take</a>' ; } }elseif(isset($companion)) { $sql = "SELECT * FROM companion" ; $result = mysql_query($sql) ; while($row=mysql_fetch_array($result)) { if($row['name'] == $companion) { $cimage = $row['image']; $cdescription = $row['description']; echo $companion; echo'<br /><br /><img src="'.$cimage.'">'; echo'<br /><br />'.$cdescription.''; echo'<form method="post" action="companion.php?companion='.$companion.'"><br />Name: <input type="text" name="name"><br /><input type="submit" name="submit" value="Submit">'; if($_POST['submit'] == 'Submit') { $name = $_POST['name'] ; $food = 0 ; $energy = 0 ; mysql_query("INSERT INTO usercompanion(username, companion, image, name, food, energy) VALUES ('$username', '$companion', '$cimage', '$name', '$food', '$energy')") ; echo'<br />You now have a new companion called, '.$name.''; } } } } }else{ echo 'Error: You must be logged in to view this page.'; } echo '</div></center>'; ?> There is your code properly indented. As to the problem, I guess I am confused on what you want...do you want to show the form after this is done processing so the person can keep adding records?

Use get data. The link would look like page.php?file=path/to/file/file.php Just be aware that that could be exploited to showing certain stuff you do not want shown.

It is the only way to really do it, so chances are yes it is.

1. No, I do not think there is a neater way. You could create your own function such as: <?php function strlenNoSpace($string) { return strlen(str_replace(" ", "", $string)); } ?> Then just use that function to count without spaces. 2. I do not think it is wise to put a url in the filename, mainly because it can cause issues with files etc. But you would need scandir to get the files. 3. Use sessions, you can send the filename with session than read that file or use file_get_contents to display it.

Very weird. I just tried it again with this: <?php $roll_no = $_POST['roll_no']; $roll_no = "hello 12343 hello$%#%s"; $string = $roll_no; $replace = "0"; $result = preg_replace("/[^\d]/",$replace, $string); $roll_no = $result; echo $result; die; ?> And it now yields what it was doing with s...before it would just display the whole string. I must have been doing a typo somewhere...

Hmm, not sure what is going on, but I get the same results as jnero when I run it with the s <?php $roll_no = $_POST['roll_no']; $roll_no = "hello 12343 hello$%#%"; $string = $roll_no; $replace = "0"; $result = preg_replace("/[^\ds]/",$replace, $string); $roll_no = $result; echo $result; die; ?> Result prints out 000000123430000000000 Maybe it is a server setting? I do not know...

I think this is more a javascript problem. You cannot do this with PHP since it is a PRE-process not a POST-process like JS is.

Well it depends. I always give my user the option to "remember me", of which I make a hash of their username and password and store in it for x number of days. Then if they close the browser and come back it checks for that session hash and then verifies it and re-logs in that user while re-populating the userdata in session. If the user does not check that box I assume they want their data cleared on browser close and let it be.

No, I do not like trying to cipher non-indented code. Sorry man, it requires too much of my brain power to go and indent it all then find the source of the issue etc, especially when it could easily just be a missing } etc which you have been found with proper indentation. I figure if you cannot take the 5 minutes to properly indent it for us, than yea I cannot take the 5 minutes to diagnose your problem. At least that is my perspective on it. EDIT: I am not meaning to be rude, sorry just read it and it seemed rude. I am just trying to help you get more help out of these forms, cause I know there are others who think along the same lines.