Cardale

awesome..thanks

I am trying to write to a document that is open doc format. Are there any libraries that help out with this specifically mailing labels?

Haha I found my problem. It would help if I added the value of the recursion to the return value. Ha. Thanks for your help though.

Not quite what I'm after. The userID changes based on the children found. We then find their children and count those as well. So each user found can have their own set of children and this can continue for 8 levels.

Here is another version that only displays the first level.... any help is appreciated. public function getBonusChildren($userID) { // retrieve all children of $parent $sql = 'SELECT userID FROM jos_backoffice_users WHERE parentID ="'. $userID .'";'; $stmt = conn::getInstance()->prepare($sql); $stmt->execute(); while($row = $stmt->fetchObject()) { $memStatus = checkUserMemStatus($row->userID); if($memStatus == true) { $memberCounter++; $this->getBonusChildren($row->userID); } } return $memberCounter; }

public function getBonusChildren($userID) { if($userID != NULL) { $sql = 'SELECT COUNT(*) AS count, userID FROM jos_backoffice_users WHERE parentID= ' . $userID . ';'; $stmt = conn::getInstance()->prepare($sql); $stmt->execute(); $obj = $stmt->fetchAll(PDO::FETCH_ASSOC); if(is_object($obj)) { $obj->count += $this->getBonusChildren($obj->userID); } } return $obj->count; } I get no error. It just always return null. How can I get this done?

I see. This prevents all forms of injection?

ahh...whats the point of that then? Is there any way to have it stay prepared for all user sessions? It is like loading program resources into memory much faster.

How many queries should I limit myself to preparing? Is there any overhead I should be worried about? Do the prepared queries only stay "prepared" for one session or does it stay prepared as long as the server hasn't restarted?

I have a news posting system I created and it works fine although I have issues with insertion errors. I have avoided using add slashes because I often post code and I don't want it to interfere with that. I would also like to be able to include html in my posts. I have been using the html encode function and then decoding it on the way out, but this isn't really the way I want to do it and I often get errors on insertion still. Any suggestions?

No you should also use salt on your passwords.

Whats the speed comparison with something like this? http://pear.php.net/manual/en/package.html.html-quickform.tutorial.php Seems kind of outrageous to me. You could use a function like this at the top of a header page instead of an MVC design pattern which is in my opinion over kill for a web application although the MVC pattern does make all the new graduates giddy with excitement because the first language they learned was Java and it is so object oriented. function SECURITY($debug){ if((count($_POST)!=0) || (count($_GET)!=0)){ if(count($_POST)!=0){ foreach($_POST as $key => $val){ $val = addslashes($val); $val = htmlspecialchars($val); $val = mysql_real_escape_string($val); $_POST[$key] = $val; if($debug==1){ echo "POST ARRAY - Field : $key Value: $val<br />"; } } return $_POST; }elseif(count($_GET)!=0){ foreach($_GET as $key => $val){ $val = addslashes($val); $val = htmlspecialchars($val); $val = mysql_real_escape_string($val); $_GET[$key] = $val; if($debug==1){ echo "GET ARRAY - Field : $key Value: $val<br />"; } } return $_GET; }else{ die("ERROR with the http phaser"); } } } You would also want to make sure no one could access any script individually.