Daukan

use string_replace again str_replace('"', '', $website);

Rewrite the link to http://www.flash-portal.org/fpslay/codedfp/po/?link=somewhere.com and use curl to open the link And use $_GET to process the link

Are you including the page in your page or using frames? Anyway I might be wrong but I think you may have to rewrite all the links on the page that you are opening to go through your proxy.

It works for me. I put my own option in for testing and echoed the query and it was there. You should really use mysql_real_escape_string on post, get or cookies values.

I didn't test it but it should work <?php $_SESSION['favs'][] = $property_id; foreach($_SESSION['favs'] as $key=>$val) { echo $val; } ?>

Totally possible. Just give the each button a different name <?php if(isset($_POST['submit1']) ) { //email it } else if(isset($_POST['submit2']) ) { //display for printing } ?>

I'm not exactly sure what you are asking but this how you would make an array with a session var <?php $property_id = $_GET['property_id']; // makes a numerical keyed array called property_ids $_SESSION['property_ids'][] = $property_id; //uses the property id as the key $_SESSION[$property_id] = $favs; ?> BTW session_register is depreciated. Use use $_SESSION = $value; to set a session var

I think its your html You start a new form for each input and even the submit. Put everything inside one form tag. The submit will only submit the form its contained in.

<?php $query = " SELECT * FROM `table' WHERE `name` LIKE '%$findme%'"; ?> That searches the whole field for any part of $findme If you want to find a word starting with $find just use the fist % <?php $query = " SELECT * FROM `table' WHERE `name` LIKE '%$findme'"; ?> I don't how fancy your searches need to be but thats the basic way to do searches, unless you need to search TEXT fields, that uses a different approach

Make a hidden form field with the total. Then access it thru the post vals

You have to run mysql_real_escape_string() after you serialize.

maybe change your query to just get all with point > 0 $query = "select * from user WHERE `Points`>0 ORDER BY `Points` DESC";

You can't set a function/method argument to a variable protected function createImage($inputtedWidth = $this->MAX_WIDTH, $inputtedHeight = $this->MAX_HEIGHT) { correct protected function createImage($inputtedWidth = 'text', $inputtedHeight = 5){

Plus when you have a lot of if's and else's you can put a comment on the closing bracket especially if the closing bracket is way down the page. <?php if($i = 1) { //do stuff }//end if($i =1) ?>

That looks right as long as all the vars are set

You are missing a culy bracket. Add one more at the end of the script. The first if isn't closed. } } } ?> To } } } } ?>

Try using the session var. Your other server might have register globals on SELECT * FROM members WHERE emailaddress='".$_SESSION['emailaddress']."'

change this $query = "SELECT * FROM link WHERE lid ='$rij ['poll_ant']'"; To $query = "SELECT * FROM link WHERE lid ='".$rij['poll_ant']."'";

I don't think its necessary. If your really paranoid you can change the session var every page change/refresh but even that is overkill most of the time.

If you are putting a string into a database and don't accept html <?php $value = mysql_real_escape_string(strip_tags(trim($_POST['value']) ) ); ?> How you validate and sanitize really depends on what, where and how you are using the data. If you don't accept html you might want to tell the user <?php if(strip_tags($_POST['value']) != $_POST['value']) { echo 'error message'; //redisplay form exit(); } ?> Yes validate drop down, checkboxs anything from post, get, cookie or request data. If you have a radio form you could use an array to validate <?php $good_radio_input = array('yes','no', 'maybe so'); if(!in_array($_POST['value']) ) { //do error handling } ?>

This doesn't look right $_POST['picorder'.$i] Maybe this? $_POST['picorder'][$i]

You have post data in the url. Its possible they could run arbitrary code or at the very least enter characters that could cause internal server errors $contents = "http://www.gma.asssoft.org/Ids/".$_POST['usr'].".txt"; $contents2 = "http://www.gma.asssoft.org/IdPass/".$_POST['pass'].".txt";

You should do some validation and sanitation on the post data if you are going to use it in a file path.

If the query is inside a function you might have to pass $conn1 var to it.

if($id == '0'){die'Not found';} To if($id == '0'){die('Not found')}