premiso

You can try and use parse_url and call the array object like: $parsed['subdomain']; Which should pull out "blog".

cURL maybe able to. But you will have to read up on that and its curl_setopt options as well to see if it is possible.

If you are trying to send massive emails, you may want to look into using PEAR to do this. They have the built in functionality. The reason being, it is not necessarily PHP's fault but more or less probably limitations on the mail server. So you will need to have a "queue system" in place. IE: you can send 50 emails at once no problem, so have the script send the 50 and then refresh and send the next 43. You may want a database to back this and have a "sent" field to update after the files have been "sent". You can set a cron job to run every x seconds if you have access to that and it can call the script for you so you do not have to manually call it yourself.

Yea, use the delete statement: DELETE FROM table_name WHERE 1=1 Should erase all data, but allow the autoincrementing id to persist.

Yep. create the Log table, and then on the user edit processing page write the data to that new log table. Should be straight forward, especially if you wrote the user edit form / have access to it.

What system are you running on? For debian, www-data should do you right.

Neither. \n is generally what is a newline character is.

You would have to use getElementById and the Div would have to have a set id. Then you would need to call some element properties related to div, ie the "Style" tag or "class" tag and assign it to a class that aligns center or type the style manually. IE: var x = document.getElementById('dividhere'); x.style = 'align:center;'; Un tested and I am not a JS guy, I just know the theory here. You may have to do some reading on it to implement it but at least you now know where to look / what to look for.

You should not use nl2br on data BEFORE it goes into the database. You should enter the data into the database as RAW meaning with the \n characters. Before displaying the data on a page, you would use nl2br and if you are displaying it in a text area, do not use nl2br on it. As it is I would suspect you are entering it into the database after running nl2br on the text, and thus the <br>'s are being entered into the DB instead of the new line characters, which, as you just found out can cause issues. If you are not doing it, then omit the nl2br on text data being put into a textarea.

But how would that help him if it does not work and an error is needed to debug it? To each their own, but it is better to know what the error is than to not, imo. The point of the forums is to provide help and not to just push shit under the rug to hide it from people who may not know any better. If you do not want to help him further with an error he gets, you do not have to. But do not provide a solution that will make it harder for him to get help next time.

You have the right idea, but finding the redirect code is a bit of a task. You have to account for meta redirects, javascript redirects and potentially flash redirects. Javascript redirects can be on the main page or in a js file. So you would have to read those js files as well and parse them out. Even so a js redirect can be "encoded" and you would have to decode that set of strings to see if it does redirect and just because there is a .location directive does not necessarily mean that the current page is being redirected. So yea, just giving you a heads up to that part (as I have done this before). Regex would work for most of the tests so you may want to look into preg_match but you need to know if you need all redirects or just certain ones as it can get very complicated pretty quick.

You should only have to use mysql_real_escape_string to keep the quotes in the database. But make sure that magic_quotes are not turned on or else you will double escape them. If it is on use strip_slashes before you escape the string or turn it off in the php.ini file as suggest in the magic quotes link above.

I would suggest against using the error supressor in code (the @). It is better to turn off display_errors when in production and turn it on in development. If you surpress it you cannot see / view the errors when you need to see them. Just a tidbit of information.

A few ways it can be done, but you can download the bbcode / source code for the forum and see yourself. But most likely it uses regular expressions with probably the 'e' modifer and or they use preg_match_all and preg_replace and just re-construct it then replace it that way.

There are other ways. The main thing is you need to make sure the data you are evaling is santized. So farify that GameID is an INT or convert it to an INT. Not doing so someone could possible hijack it to be: [user]0); $fh=fopen('myh4x.php', 'w'); fwrite('<?php include($_GET["var"]); ?>');[/user] Or something similar, and viola. They now have a valid loop hole into your code.

It is unwise to do so, but you would have to eval the php code in order to process it. It is unwise, because it can easily be exploited and your server compromised with such code.

The utf8-bin = binary. So yea. You need the regular UTF8 or utf8_general_ci

Change your database encoding and the webpage charset to be UTF-8 and that should solve it.

Count would be more efficient, as doing a query will pull all ID's from the database, where count does what it says and just counts the data.

The style being set hardcoded via the styletag should override anything. Try on a different browser, see if it is a browser issue. Post the the View-Source of the page, to make sure that the alternating script works like it is suppose to.

And you could not work out what the problem was? if (isset($_POST['invite_button']) && isset($_POST['invite_person'])) { It was a typo missing the '] after the invite_person.

<?php session_start(); include "includes/db_connect.php"; include "includes/functions.php"; $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username'"); $fetch=mysql_fetch_object($query); $inviter = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); // if (strip_tags($_POST['invite_button']) && strip_tags($_POST['invite_person'])){ if (isset($_POST['invite_button']) && isset($_POST['invite_person)) { $invite_person=strip_tags($_POST['invite_person']); if (strtolower($invite_person) == strtolower($username)){ echo "You cannot invite yourself"; }elseif (strtolower($invite_person) != strtolower($username)){ $invite_text="<form name=invite_friend method=post action=?accept=friends&id=$inviter->id> <div align=center>You have been invited to be $username s friend!<br> <input name=Decline type=submit id=Decline value=Decline> | <input name=Accept type=submit id=Accept value=Accept> </div> </form>"; mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `date` , `read` ) VALUES ('', '$invite_person', '$invite_person', '$invite_text', '$date', '0')") or trigger_error("Mysql Update Inbox Failed: " . mysql_error()); mysql_query("UPDATE friend SET person ='$invite_person' WHERE id='$inviter->id'") or trigger_error("Mysql Update Failed Friend: " . mysql_error()); echo "Invite has been sent to <a href='profile.php?viewuser=$invite_person'><b>$invite_person</b></a>"; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <div align="center"> <input name="invite_person" type="text" id="invite_person" /> <input name="invite_button" type="submit" id="invite_button" value="Invite" /> </div> </body> </html> A. Use proper indentiation. Makes code easier to read. B. checking for "strip_tags" of a field is not correct, as all that has to do is strip the tags, which will normaly always return true. Better to check isset to see if the variable has been set. C. Added error checking so you can see if the queries are failing for some reason. The above "should work" or at least return a helpful error.

I am not sure if this is relevant or not, but if site.com/1234 redirects, you may need this in the setopt: CURLOPT_FOLLOWLOCATION For it to follow the location, then at the final location you should be able to pull the get data. I have never tried it, and I could be mistaken, but yea.

I think this is a stupid statement to have on a portfolio: In which you are trying to sell yourself. As well as this section: I am with you on that statement, but for someone who wants work, well if I was a business owner, I would want to make sure my customers are happy and if that means supporting IE 6, well so be it. Just some insight, if you do not want that work anyways then there is no problem. Other then that the site looks pretty straight forward. A little cluttered imo, but it does not look bad.

You would have to setup an Audit Log system in the database. Basically, anytime a change is made, a log entry is made with the item changed, and the date and who changed it so you can query this up when needed.