Gazan

Hey, just got a simple question. Do you need to use mysql_real_escape_string everytime you exchange data within the database, or is it only when you put into the database? Thanks

You pretty much answered the question.. Sorry, bad at explaining. Thanks alot.

I want to make it possible for me to view my guests/users activity on my site using session. The problem is, i have to time it out so they arent staying on the same page according to the session, forever. I need to timeout the session, and after that, i need to update the activity database IF the session with the IP is timed out. How do i do that? Another question, i want to create a mysql search function. on tutorials i've read that you've got to use the LIKE statement in the sql query, but that only results in a complete match of the input, and the result.. Like, i wan't to make it possible for people to type the first three letters of a username, and then the db retrieves the results that matches the request.. Such as, searching for "ph" will give the results "php". Do i have to explode the results and then.. whoa? Thanks

Yeah, but problem is .. during the install i wan't to write the db name, db pass and db host TO the config.inc.file with a php script. I wan't to store value into the variables..

Last question. How would i retrieve the info (db name, pass, user, host) in the .inc.php file from a php file that contains mysql_connect("$dbname, bla bla bla...");

argh, alright. Thanks alot.

and how would i write the $_POST/$_REQUEST details into the .inc.php file?

Alright, thanks for that Also got another question.. If you wan't to create a CMS with an install file. How do you insert the input from the person who's going to set it up as the main mysql_connect details? you store the information in, what?

I can't seem to find it, woudl you link me?

Hey there. Alright, i'm a PHP programmer who needs a lesson or two in programming SAFELY (so hackers can't injure). I've got loads of experience doing PHP scripts such as news system and all that.. But i never found out how to really code safely, so hackers can't get around my systems and such. Does anybody have links og anything to tutorials og walk-troughs that explains safe php coding, or can anybody give me some tips on how to code safely? Thanks

Alright, i'm making a news system atm. I want to take out like 5 lines of a 10 line news post. I'd like to show 5 first lines, og the totalt 10 lines on the main page, and then you can click and view the entire post. but the question is, how do i pick out the 5 first lines from the database ? many thanks

And how would i echo it in a php code?

Hey guys, How would i create a function to show how many topics there excists in my topic table ? Like, if there is.. 10 topics, then it shows "10"

Figured it out, thanks a lot!

Could you explain a little further? I'm not that experienced (;

Alright I'm working on creating my own php forum now, but i got stuck during the show topic page. I'd like to do a while to show the replies, and in the while i would like to show the users profile avatars. $query = mysql_query("SELECT * FROM replies WHERE topic_id = '".$topicid."'"); while($row = mysql_fetch_assoc($query)) { $replierid = $row['replier_id']; $reply = $row['message']; $replierdate = $row['replier_date']; echo " <table align=center width=420 cellspacing=0 cellpadding=0> <tr> <td align=left>"; $query = mysql_query("SELECT * FROM users WHERE id = '".$replierid"'"); $row = mysql_fetch_assoc($query); $repliername = $row['username']; echo $repliername; echo "<br>"; Can you tell me why that doesn't work ? What im trying to do is to select the user information, in the while. Is that just not possible? - if so, how do i do it then? Thanks!