meltingpoint

I like working with the site/structure/settings that are on the live site. That gives me the best and most accurate testing. If my local environment is not exactly like my live host- then there could be problems that I will not see. I actually do both at times. But prefer the live host testing.

Mr. Adam I agree. My point is that if he includes a global file that has session_start() at the top of every page, or if he simply puts session_start() at the top of each page.............then in any include() file that he adds to that page........he would not put session_start() at the top of that included page. Using his included file- dbinfo.php as an example which he stated he use session_start() again.

Mr. Adam- Yes. Create duplicates and name them index1.html etc... Then re-direct traffic to that page while you do testing on the true index.html. Once satisfied- remove the .htaccess and the other files or keep them for future testing. Sorry if that was not clear.

Mr. Adam- Consider a code where session_start() is at the begining of a page and then runs some code that produces some out put and continues along and also then includes() a file that has session_start() in it also. Won't that generate an error as technically- there was output to the browser or white space etc...

Then..............put session_start() at the beginning of the page that is calling include and not in the included file. Also..........session_start() must be the first thing at the top of the page. No other output such as html, error messages or anything else can precede it like <head>, or <title> etc.... With out seeing the entire page that you say you have started the session_start() on - it is not possible for us to trouble shoot. Same with the dbinfo.pphp.

Chrisj I would utilize .htaccess (if you are allowed to by your server) DirectoryIndex redirect. You can find it here: http://www.javascriptkit.com/howto/htaccess6.shtml Then when you are done testing- simply remove that line from the .htaccess

session_start() should only be at the top of the one page- the page that you are calling the include into. <?php session_start(); blahblahblah- code here include("../members/dbinfo.php"); blahblahblah- more code here ?> If you were to have session_start(); at the beginning of the page that you include- you would then be calling session_start() twice in one page. Hope that helps.

Chemical Bliss....... Good points. Thanks. Meltingpoint

I would also be interested if there is a company or legitimate individual out there (who is known by and recommended by this board) that would evaluate and or attempt to hack my website to see if it has vulnerabilities. Is there such a service?

I have a login system that uses a flat file database. The flat file is in a directory outside the public_html. My questions; 1- Is is still possible to hack into that file? Currently I do not encrypt the passwords as I have been told that having the file outside the public_html makes the file unavailable to the public. This allows me the advantage of sending the Username and Password to the user in an email if they forget there password or username. Otherwise- I would have to set up a more complicated method to allow them to change their password to re-gain access to the site. I have an SSL on the site also so I am not worried about packet sniffing. Thanks

Yes- it is made for small business. Similar to HR but customized to this particular business parameters. Flat file as it can be deployed with out complicated set up/maintenance. Flat file is more than sufficient. thanks- Andy

Sorry guys.......no offense to the board, but there seems to be a lot of interest in my database from the demographic I had designed it for. I don't want to divulge too much as it might cut my throat with someone coming out with a similar product -no one here mind you, but I just don't want a full disclosure on the WWW. That said- I was merely looking for a round about design pricing. Andy

If you look on google there are tons of "convert PPS to flash or video" programs. I bought iSpring and it works really well (one time purchase of program- no monthly fees). Cheers-

It is basically a directory for employees, business contacts, emergency contact numbers, important company numbers/contacts etc. Currently it is being kept on a roladex and printed and placed in two seperate 3-ring binders. This database brings all that together in one place allowing for instant access to edit contacts in stead of having to submit them to a secretary to update the word document, print it out and send back down stairs for use by others.

I have designed a web based database for my work. It has two main databases that are operated by a flat file system. It is made to run on the INTRANET. It has over 60 pages complete with log in system, multilevel users (permission to view, input, edit, delete) an admin panel and database back up. What the heck would be reasonable to charge for such a database? It is incredibly useful and others are asking how much it cost's so they can implement it at their work. It looks as if there are about 5 places so far that want it. I am an amateur- but it looks good, has been thoroughly tested and runs fine. In fact, I had created flat file database for work before and it has been running for three years without a problem. I never did charge for that one. I have a ton of time into this project. Any suggestions? Cheers- Andy

Your correct Ken- I hadn't seen a solution to the first half of displaying it either. I will complete it when I return from an errand. Cheers-

In most instances, as a security issue, I prefer that the session or login be terminated when the user closes the browser and walks way from the computer. Just another way of doing something.

Give this a whirl (tested and works for me- IF your text file contains only 1 message per line) <?php $record_count =1; // $openedfile =fopen("msg.txt", "r"); if(!$openedfile) { echo "Sorry- Could not open file"; exit; } // $hold[$record_count] = explode("|", trim(fgets($openedfile))); while(!feof($openedfile)) { $record_count++; $hold[$record_count] = explode("|", trim(fgets($openedfile))); } fclose($openedfile); //---------Now we can reverse the order of the array to display----------------------------- for ($i = 1; $i <= count($hold)-1; $i++) { $k = count($hold)-$i; // //-------------------------------Now declare variable to display------------------- // $element1 = $hold[$k][0]; if($k <= 100) { echo $element1; echo "<br>"; } } ?> So if your Text file looked like this; This is message #1 This is message #2 This is message #3 This is message #4 Then it will output exactly that but in reverse order (last post displayed first). This is message #4 This is message #3 This is message #2 This is message #1 ? Save. Save to what as it was already pulled from your saved .txt file.

In my case- no. It is a random occurrence. Some times it will happen all day long and sometimes you'll go a week or more and everything is fine.

While I will not be of much help---- I had the very same issue abut 2 months ago. In both firefox and IE it was recognizing the session after login, but then dropping it as the user went to the next page and making the person sign in again. Once signed in again, there was not a problem until the browser was closed. Then it would repeat itself. Complained to my server host and the put a php.ini file in my public_html but did not tell me the changes they made. Solved the problem for a while and now it is back. I believe it has something to do with the server's cache and random dumps triggered by an unknown process. I have tried everything and searched and searched for an answer. Looking on the net- we are not alone in this problem.

By way of example: First - find the SERVER['DOCUMENT_ROOT'] which should look something like; /home/yourserverspace/public_html/yourwebsite.com Create a folder abouve the public_html - myhiddenfolder $secure_path ='/home/yourserverspace/myhiddenfolder'; $yoursacredfile = $sec_path."/myxmlfile.txt"; No to have the script open the file- do like so; $openedfile =fopen("$yoursacredfile", "r"); Cheers-

If your host lets you- you could place it outside the public_html folder and then access it via the script. I have done this with flat files on my own website. The scripts can still read them via an absolute link while it is hidden and not accessible to the public. Hope that helps.

On a single value- it will return false if it does not match. Adding the loop causes it to evaluate to true. Odd. I was able to accomplish my task in another manner- see below. $openedfile = file($file2); $match = preg_grep("`\b$search`i", $openedfile); if(!$openedfile) { echo "<center><strong>File could not be opened- please notify the Administrator.</strong></canter>"; exit; } if(empty($match)) { echo "<tr>"; echo "<td class='td tc w200 ol14'>There were no matches to your query.</td>"; echo "</tr>"; } else { foreach($match as $key => $individual_match) { $matched[$key] = explode("|", $individual_match); $cat = $matched[$key][1]; $name = $matched[$key][2]; echo "<tr>"; echo "<td class='td tc w200 ol14'><a href=\"dcdataedit.php?dccat=$cat&dcrequest=$key\" target='_top'>View / Edit / Delete</a></td>"; echo "<td class='ff tc w200 fwb ol14'>$cat</td>"; echo "<td class='td tc w200 ol14'>$name</td>"; echo "</tr>"; } } echo "</table>"; While I would have preferred to compile a large array and then loop through it rather than read the entire database into file()- that is the only way to make it work keeping the keys associated to each array that matched. This was crucial to do due to choosing a file to view, edit or delete. I believe it will be ok as the entire size of the database will likely never exceed 5mb in size and it should not slow things significantly. Still interested in a solution to the loop if anyone figures it out. Thanks- Andy

Also just tired: for ($i = 1; $i <= count($hold)-1; $i++) { $k = count($hold)-$i; // if(in_array($search, $hold[$k]) == True); { echo "yes"; } } And everyone still evaluates to True! It seems that the if statement is not working inside the for loop.

I have used preg_grep on the whole array and preg_match on individual values and it still is the same. All get printed. Open to new ideas or whole new approach. Andy