premiso

The above should work without any modification...why it is not sending the error I do not know. Are you sure there is no output before the header tag is called?

Why not just do a str_replace and replace feed:// with http:// ??

Untested. I re-created the function to accept a new parameter "alpha" which will return either an alphabetized list or non-alpahbetized list. <?php function cScanDir($dir, $alpha=false){ if($handle = opendir($dir)){ while(false !==($file=readdir($handle))){ if($file !="."&&$file !="..") $file_temp['name']=$file; $file=$dir.'/'.$file; $file_temp['type']=(is_dir($file) ? 'Folder' : fileType($file)); $file_temp['time']=date("d/m/Y - G:i:s", filectime($file)); $file_temp['size']=round((filesize($file)/(filesize($file)>1048576 ? 1048576 : (filesize($file)> 1024 ? 1024 : 1))),2).''.(filesize($file)>1048576 ? 'mb':(filesize($file)>1024 ? 'kb': (filesize($file)== 0 ? "" :'b'))); //i did some change some things as i thought they were bugs. $files[$file]=$file_temp; unset($file_temp); } closedir($handle); } if ($alpha) { sort($files); // will sort the files by name. // if you want to main regular index recreate the array. foreach ($files as $file) { $newFiles[] = $file; } } return ($alpha)?$newFiles:$files; //###########I CHANGED THIS VARIABLE###########// } ?> Should work like you want it to, untested.

They return what is expected the timestamp. try this: $daystillupload = time() - strtotime($lastuploaddate); // just use time echo date('Y-m-d', $daystillupload); // use date here for displaying.

And edit to the above test data: /* my test data insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test1', 'test1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-1', 'test1-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-2', 'test1-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-1', 'test2-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test2', 'test2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-2', 'test2-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('6', 'Test2-2-2', 'test2-2-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('6', 'Test2-2-1', 'test2-2-1', '0'); */

Why not just count the password string with strlen then str_repeat whatever character you want with how long the password string is?

I will not develop the whole system. But since I needed a script to do categories for myself here is a basic usage script. This will get categories in a table in an array in the order specified. <?php /* * My attempt at a category script. */ /* create table categories ( catid INT(11) NOT NULL auto_increment, parentid INT(11) NOT NULL default '0', catname varchar(50) NOT NULL, catseoname varchar(50) NOT NULL, disporder INT(3) NOT NULL default '0', primary key(catid) ); */ mysql_connect("localhost", "root", ""); mysql_select_db("cat"); /* my test data insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test1', 'test1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-1', 'test1-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-2', 'test1-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-1', 'test2-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test2', 'test2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-2', 'test2-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('7', 'Test2-2-2', 'test2-2-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('7', 'Test2-2-1', 'test2-2-1', '0'); */ function retrieveCategoryList() { $query = mysql_query("SELECT catid, parentid, catname, catseoname, disporder FROM categories WHERE parentid = 0 ORDER BY disporder, catname"); while ($row = mysql_fetch_assoc($query)) { $catArray[$row['catname']]['id'] = $row['catid']; $catArray[$row['catname']]['parentid'] = $row['parentid']; $catArray[$row['catname']]['catseoname'] = $row['catseoname']; $catArray[$row['catname']]['disporder'] = $row['disporder']; $catArray[$row['catname']]['subcats'] = fetchSubCat($row['catid']); } return $catArray; } // recursive function fetchSubCat($parentid) { $query = mysql_query("SELECT catid, parentid, catname, catseoname, disporder FROM categories WHERE parentid = " . $parentid . " ORDER BY disporder, catname"); $numRows = mysql_num_rows($query); $catArray = "none"; if ($numRows > 0) { $catArray=array(); while ($row = mysql_fetch_assoc($query)) { $catArray[$row['catname']]['id'] = $row['catid']; $catArray[$row['catname']]['parentid'] = $row['parentid']; $catArray[$row['catname']]['catseoname'] = $row['catseoname']; $catArray[$row['catname']]['disporder'] = $row['disporder']; $catArray[$row['catname']]['subcats'] = fetchSubCat($row['catid']); } } return $catArray; } ?> You will need to figure out how to use this to add more categories/edit/ get a category etc. Like I said it is very basic but hopefully it will help you on your way.

Bigger flaw. The tag is still viewable in the html. A bot using CURL can easily read the html, extract the form fields and post straight back. Doesnt matter about javascript. Use a proper captcha image to stop bots. Not javascript or CSS, etc Get one from http://www.phpclasses.org We want the HTML read, since bots will read the HTML and not the displayed page they will fill out that id field and we check if that field is filled out we do not add the data. The image works, but it is also flawed in that some bots can decipher the image. The biggest problem I have with images is they are so annoying to the users. The above works 99% of the time without annoying the crap out of your users. But yes, if a human does view that form they can determine which fields to send back and bypass that security. If the above does not stop most spam or one spammer is bugging you, implement the captcha image. Simple as that, I would at least give the above a go for a few months and see how it holds up before I implement the image technique.

I think you have to reference it by an index. Not 100% sure. http://ca3.php.net/manual/en/faq.html.php#faq.html.select-multiple A tidbit of information. Here is an example of using JS to reference that type of input http://www.kirupa.com/forum/showthread.php?t=282632

Weird man, I must have just made that up. Could have sworn but all manuals back to 3.x show it is allowed. Weirdness. Anyhow I bet you query is throwing an error due to the id. If you are not going to use a column, do not define, especially an auto_increment column. IE: mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); But that could also be only part of it, I would definitely run the above and see if one of the strings has a single ' or other characters mysql does not do well without them being escaped.

Responding just because. If you really wanted to make that to where 99% of spam bots cannot detect it I would suggest using something like this: <script type="text/javascript"> <!-- function reCaptcha(name) { var recap = document.getElementById(name); recap.style.display = "none"; } // --> </script> <body onload="reCaptcha('inf');"> <input type="text" name="inf" id="inf" size="10" /> That should fool the majority of the bots since they would have to look through the javascript to find that code and see what it executes. And if you put that javascript into a file and include that file, it makes it that much harder cause they would have to parse the whole page to figure out that input box is getting hidden. Anyhow I found the above very very effective. The only flaw is if the user does not have javascript enabled they will see that field.

I think what you would need is implode. <?php foreach ($_POST as $key => $val) { if (stristr($key, "question") !== false) { $questions[$key] = implode("", $val); } } print_r($questions); ?> I think that is what you are getting at.

That was my fault, I forgot to add method inside the form tag. Replace the above with this: <?php if (isset($_POST['sub']) && (isset($_POST['wholeNum']) && is_numeric($_POST['wholeNum']))) { $wholeNum = (int) $_POST['wholeNum']; // this makes sure the number is whole. could also check for decimal point $calculated = $wholeNum * .80; echo $wholeNum . " times .80 is equaled to " . $calculated . "<br /><br /> Try again?"; } ?> <form action="index.php" method="post"> Input Whole Number: <input type="text" name="wholeNum" /> <input type="submit" name="sub" value="Calculate" /> </form> That way it posts the data and not "gets"

Try running this: mysql_query("INSERT INTO events(id,pic,title,date,time,about,picip,publish,pdate) VALUES('','$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); But I can already tell you, the "date" column is a reserved column name and is throwing the error. I would suggest renaming that, and possible the time column. For a temp fix this would work: mysql_query("INSERT INTO events(`id`,`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('','$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); Backticks (`) around the column names will take the columns literally and not as a function thus not throwing the error.

Not with how your logic is. If that is how you want it I would change the for loop to this: //loop through image array to see if we are already using it for ($a=0; $a<count($imagelist); $a++) { $imagetocheck = $imagelist[$a]; if ($imagetocheck != $thisimage) { //if not, add the image to the array $imagelist[] = $thisimage; //modify image display $imagedisplay .= " <img src='images/people/$thisimage'>"; break; // insert break to kick out of the for. } } $canuse = true; That will yield your desired result and not create an infinite loop.

$genres = "'" . implode("', '", $_POST['genres']) . "'"; Try that, after I tested it, I noticed it neglected the first and last single quotes. That should work.

Works even better if your clan name list is in an array. $clanname = array("Zenith", "Exodus", "Paradon"); $clans = "'" . implode("', '", $clanname) . "'"; $result = mysql_query("SELECT * FROM members WHERE Clan IN(" . $clans . ") ORDER BY Level DESC,Members ASC"); Pretty fancy stuff =) EDIT: A different way to do the above $clanname = array("Zenith", "Exodus", "Paradon"); $clans = implode("', '", $clanname); $result = mysql_query("SELECT * FROM members WHERE Clan IN('" . $clans . "') ORDER BY Level DESC,Members ASC"); // note the added single quotes inside the in That also works well, just thought of it so figured I would also post it. Without the singlequotes MySQL would throw an error.

if ( strstr($_SERVER['HTTP_USER_AGENT'], "Googlebot" ) == true ){ // condition (1) That if is techincally wrong. SInce strstr can return 0 it could be a false positive. (I think thats the right word) if ( strstr($_SERVER['HTTP_USER_AGENT'], "Googlebot" ) !== FALSE ){ // condition (1) That should produce the right result for that part. If that is the problem, I do not know. Just saw that it was wrong =).

It seems like your for inside the while exists without ever setting canuse to true. Thus creating the endless loop, I would check your logic at that point and go on from there.

One file called "index.php" and that will work like a champ.

Are you sure the form is being processed first? I would honestly do a check before implode: if (isset($_POST['genres']) && is_array($_POST['genres'])) { $genres = implode("','", $_POST['genres']); }elseif (isset($_POST['genres'])) { echo 'Genres was not an array for some reason. }else { echo 'Genres was not passed in through post.'; }

No. They are all named genre. <input type = 'checkbox' name = 'genre' value='whatever'> <input type = 'checkbox' name = 'genre' value='whatever'> So, name them : <input type = 'checkbox' name = 'genres[]' value='whatever'> <input type = 'checkbox' name = 'genres[]' value='whatever'> Do I need numbers in the boxes like: <input type = 'checkbox' name = 'genres[0]' value='whatever'> <input type = 'checkbox' name = 'genres[1]' value='whatever'> No you do not need numbers in the boxes.

Either the IN operator or the OR operator. IE: $result = mysql_query("SELECT * FROM members WHERE Clan='Zenith' OR Clan='something' OR Clan='somethingelse'ORDER BY Level DESC,Members ASC"); OR $result = mysql_query("SELECT * FROM members WHERE Clan IN('Zenith', 'something', 'somethingelse') ORDER BY Level DESC,Members ASC");

http://phpsec.org/projects/guide/1.html Google "Register_globals security risk" for more information.

<?php if (isset($_POST['sub']) && (isset($_POST['wholeNum']) && is_numeric($_POST['wholeNum']))) { $wholeNum = (int) $_POST['wholeNum']; // this makes sure the number is whole. could also check for decimal point $calculated = $wholeNum * .80; echo $wholeNum . " times .80 is equaled to " . $calculated . "<br /><br /> Try again?"; } ?> <form action="index.php"> Input Whole Number: <input type="text" name="wholeNum" /> <input type="submit" name="sub" value="Calculate" /> </form> Should do the trick.