nafetski

Just because they can be disabled doesn't mean that they're not useful! If I'm writing an open source PHP library, you bet your ass I don't use short tags (tho it's pretty likely in that case I'm not escaping HTML either)

Well, the fact that his link points to an asp page isn't a horrible issue...as far as the .asp script is concerned a GET variable is a GET variable (tho it's a bit strange that he's going from PHP => ASP, it's not unheard of) POST is in no way more secure than GET...you can see the POST data in an http request clear as day, the only difference is it doesn't show up in the address bar.

It's weird, I hate php short tags by themselves - but I love using them in views and such. <?= $var ?> seems a lot prettier to me than <?php echo $var ?> (while in the context of a view) What drives me most insane tho, is when people echo out long strings of html inside php. Seems to be the most error prone way of doing things!

Well, one thing I learned early on is if something is working in some browsers (and not others) the issue is never your PHP code. You can drive yourself THINKING that it is, but it's not...the issue you're having is how the browsers are handling malformed HTML, and that's solved easiest by validating your html! At first glace, the thing that sticks out is <input name=\"checkbox[]\" type=\"checkbox\" id=\"checkbox[]\" value=\"$ID\"> If that is how they are being sent to the browser, it's going to choke . I would do it like this <?php foreach ($data as $row): ?> <input name="checkbox[]" type="checkbox" value="<?= $row['ID'] ?>"> <?php endforeach; ?> Make sure you don't have escaped quotes \" being sent to the browser, and ID's with html have to be UNIQUE. id="checkbox[]" means nothing to the browser, it's just going to start choking

Totally agree, it just seems to be the term that beginners use to describe what they want when hashing..hence the quotes.

Redirects are pretty simple in PHP - it should work no matter what kind of project it is. However, you haven't supplied us with enough information. I have no idea what is contained inside of redirect.php

Well, you can't really...it's the foundation of how the web works. You can't *hide* parts of your URL and still expect it to work when it hits the server...everything that is sent is out in the open (when it comes to URL's). Some common ways people get around this is by #1 - Sending a hash (md5, sha1, something). This is a one way "encryption" so you have to also store the hash as a relation somewhere in your database (so you can do a lookup) #2 - base64encode. Converts the string into base64, then you use base64decode when it hits the server. This doesn't mean the user can't run base64decode themselves (they can), so its' not secure. It's just a way to make things a bit more difficult. #3 - Pass a user ID, or some other data that wouldn't make sense to the general public. (but there is a relation in your DB)

A couple things... First, I really like using PHP's glob() function. Great tutorial on how it works can be found at http://net.tutsplus.com/tutorials/php/quick-tip-loop-through-folders-with-phps-glob/ It looks like you are counting prematurely. change while($file = readdir($handler)){ if($file != "." && $file != ".."){ $this->get_images_in_dir[] = $file; $count_images = count($this->get_images_in_dir); for($i = 0; $i<$count_images; $i++){ if(substr(strrchr($this->get_images_in_dir[$i],'.'),1)=="jpg"){ //echo "<img src='".get_template_directory_uri().'/images/headerimages/'.$this->get_images_in_dir[$i]."' width='100' height='100' />"; return $this->return_images_got = $this->get_images_in_dir[$i]; } } } } To while($file = readdir($handler)) { if($file != "." && $file != "..") { $this->get_images_in_dir[] = $file; } } $count_images = count($this->get_images_in_dir); for($i = 0; $i<$count_images; $i++) { if(substr(strrchr($this->get_images_in_dir[$i],'.'),1)=="jpg") { //echo "<img src='".get_template_directory_uri().'/images/headerimages/'.$this->get_images_in_dir[$i]."' width='100' height='100' />"; return $this->return_images_got = $this->get_images_in_dir[$i]; } }

You will do a curl request to their API (you'll need an API key) and they return a JSON response with all sorts of data in it. Including the filepath of the image. At that point you can just json_encode the response, and respond with something like <img src="<?= $theimagepaththeygaveyou?>"/>

You will want to look at the following settings in php.ini upload_max_filesize post_max_size max_execution_time You definitely shouldn't have to read the entire file into PHP before serving it. Just setting the appropiate headers should do the job, then let apache handle delivering the file.

It's easy enough. For your image, you'll want to have it wrapped with a container that has relative positioning (or have the image be a background image) Then you can listen for click inside that area. Then look into the jquery function offset(). It takes the offset of that element, so you could find out what the coordinates are. At that point you could just insert dom elements with absolute positioning based off that coordinate.

With any of the mysql aggregate functions (SUM, AVG, etc) you'll need to have a GROUP BY clause

Ajax will be a clean way of doing it, but depending on your skill level you might want to keep it bread & butter php. Nothing would stop you from doing a page refresh on search, and displaying the results that way. Tho if you ARE going the ajax route, jQuery UI's autocomplete widget rocks

Like many things in PHP error handling (and the output) can be done so many ways there isn't an exact "right" answer. Since this topic is more about theory than handling a specific problem, what I post is definitely open for debate. I remember very clearly when I wanted to start doing things the "right" way - and proper error handling seemed like the most logical place to start. The well goes deeper than that - and here are a few pieces of advice that might help you from a lot of trial & error that I went through. First off...if you're starting down that road of becoming a "real" PHP developer, I'd highly recommend using a framework. I personally love Kohana (and can support the questions very well but really I can't stress enough to use ANY object oriented PHP framework (Kohana, Lithium, CakePHP, Symfony...or countless others). That doesn't really answer your question tho. The real question is "How do I handle errors?!" Well, since you're writing object oriented PHP, the right answer is....have a validation class / use exceptions. First line of defense...REAL validation The best investment you'll make as a developer is having a centralized system for validating/sanitizing user input ... then using THAT interface for 100% of user interaction. If you're using a validation class, you can store those errors / messages / logic away from your application logic. Second line of defense...Exceptions Here is a great article that might help http://www.devshed.com/c/a/PHP/Exception-Handling-in-PHP/

Unfortunately those error messages are a bit vague. When you're debugging - can you pinpoint at which line of code is throwing the error?