laffin

U forgot to mention you do have error reporting on, and php probably sent error messages when you called your function, as undefined variables. which is a simple fix, just define the variables before sending it to your function $sessionid=$FBemail=$FBVisitCount=null; sessionstart ($sessionid, $FBemail, $FBVisitCount) ; function sessionstart ($sessionid, $FBemail, $FBVisitCount) when using sessions, you cant send any display code (this includes error reporting) so its good practice not to use functions to start a session but use session_start immediately in the script. <?php session_start(); this way, you can avoid the error reporting sending display code

From my understanding session_register main difference is it automatically starts session_start. but reading the manual further, you will also notice its a bad idea to intermix $_SESSION and session_register, since session_register is deprecated, its best to use $_SESSION and other built in functions. such as <?php session_start(); if(!is_set($_SESSION['myusername'])) { header("location:main_login.php"); } ?> using isset to detect session variables existance is better than testing the variable for empty, as you dont generate a php warning error (Index not found). I've always used $_SESSIONS, just as habit. isset($_SESSION[x]) is equivalent to session_is_registered unset($_SESSION[x]) is equivalent to session_unregister unset($_SESSION) is equivalent to session_destroy (but the session id remains the same). but as long as you check variables in the $_SESSION against other variables, you can design a pretty secure system.

Yes, thats how you would use to display it (whether in text box or on the page). But if its actual html content, you want to avoid htmlentities, as that will convert charcters into an equivalent metacharacter; i.e: & becomes &, < becomes < etc so it really depends on the use of the field that dictates what functions to use.

yes, but php doesnt know that session_start - used before any display code, so php can get a cookie from the client with their session id, if cookie doesnt exist, it creates a new one. sessions are defaulted to expire once the client closes their browser, but you can change the expiry period, for say 7 days. so even if they close their browser, they can return to a page without physically login.

" " " = php parsing error, as php had no way of knowing which " is the end quote. " \" " = correct definition of a double quoted string having a double quote within the string. it does take some time getting used to the \ character within strings (a bit harder to read in my opinion) backslashes also used for many metacharacters \n \t \b for example

is this, cli an app. that is meant to continually run? it runs until a user request to exit? Does this task you need done, required only when its running?

Ah, A single use token. Yeah this could be done, OP: Single use tokens are a key string usually generated by a hash function, like md5. this key is than imbedded in your javascript, and also added to a database. When the javascript retrieves a page, it also sends this key. the key is verified against the db and removed if found. and you can regenerate a new token, and send it back with your api function I think that is pretty secure method, when not using username/password. very well done jl

I tried that, with this simple script: <?php $title = 'Jornal O Estado de SP em href="http://domain.com/tag/pdf/" class="st_tag internal_tag" rel="tag" title="Posts tagged with pdf">PDF, Sábado, 23 de href="http://domain.com/tag/janeiro/" class="st_tag internal_tag" rel="tag" title="Posts tagged with janeiro">Janeiro de 2010 href="http://domain.com/tag/pdf/" class="st_tag internal_tag" rel="tag" title="Posts tagged with pdf">PDF | href="http://domain.com/tag/brazil/" class="st_tag internal_tag" rel="tag" title="Posts tagged with brazil">Brazil | 84 href="http://domain.com/tag/pages/" class="st_tag internal_tag" rel="tag" title="Posts tagged with pages">Pages | 32 MB'; echo $title=preg_replace('/href=".*?"/','',$title); ?> And it worked as expected

I would have to agree with iPixel, sending username/passwords over a uri is pretty simple in just memorizing the uri, in order to use the account elsewhere. I would take some information, from user records, browser info, ip, and maybe other data to create a md5 token, store this in the user record for lookup. and also store this into a cookie. so you can lookup the cookie in the user records

but that can be faked easily, by someone just looking at the javascript code. which they would do to see how your function operates. As with any source code, once its out in the open, it just takes a dedicated person to find a way around it.

on any record that uses mysql_real_escape_string, yes.

There is no extra ')', but its a misuse of the isset function, but line 4 does have a problem, no beginning curly brace after the if statement

You can run background apps in windows, however. There are tools similar to *nix cron on windows as well. But if you can avoid running a background app with an intrepretive language, do so. as an interpretive language, you need the scripting engine, and php is kinda large. anyways, when your talking about running a task at specific intervals or background tasks, you rule out a lot of os's, as each os may use something different. so you usually end up writing stub files to handle each one.

I think you need to understand what expressions and conditionals are. you can think of if/else statements as true/false if(true) { ..code ... } else { ... code ... } [/code Now, if you note the trim function and what it does, and return. [quote]trim — Strip whitespace (or other characters) from the beginning and end of a string[/quote] Now ask yourself, can this be used in a true/false statement? Not a chance. so your object is making this into a true/false expression. now take a look at this function: [quote]empty — Determine whether a variable is empty[/quote] remember, you can combine/nest functions to get your desired result

than I wud look closely how the password md5 generated results are, add some debugging code however with the usage of header() function, u may opt for creating a debug.log file

something to know about checkboxes: they dont return a name/value pair if not checked. So biggest problem with your current form is that you will have no idea which checkboxes belong to which category easiest solution, putting the id in the name as: <td align='center'><input type='checkbox' name='read[8]' id='read[]' value='1'></td> this way you can use foreach($array,$key=>$val), to retrive the id value stored as the array index value

$title=preg_replace('/href=".*?"/','',$title);

Just a thought... if u use sessions, you can store the session id in the user record. since php maintains the sessions, (and you can have it expire after a certain amount of time) u just need to compare a session id and whats stored in the user record. but of course, you will need another variable in the session, to know if this is a new session or an ongoing session.

add the 's' modifier to your preg_match statement, the s modifier will interpret \n newlines as whitespaces. example preg_match('/pattern/s',$subject,$matches);

nope, you are looking at htconf directives. htaccess is post processing of the htconf directives.

although str_replace, and preg are much preferred, there is also eval, since your string is php compliant, all you need to do assign the variables first create a simple eval statement <?php $str='The comfortable seating, wide $automatic doors in the middle for entry, exit at the front, advanced passenger information $system and $facilities for the physically $challenged came in for praise. The stop switches at the posts in the bus for the $commuters to request for halt and the LCD destination boards in Malayalam and English drew appreciation.'; $automatic = 'pull'; $system = 'nintendo console'; $facilities = 'porta-potty'; $challenged = 'impaired'; $commuters = 'passengers'; eval("\$str = \"$str\";"); echo $str; ?>

Only problem with that is if they dont log out, and try and come back say 2-3 days later. u would have to cleanup the login_flags periodically. so you have to give a lil more thought to this.

echo array(1,2,3,4); will just output: Array as echo has no knowledge of handling anything besides ints/strings so you need a routine to handle the array and convert to int/string echo implode(' ',array(1,2,3,4);

google: ajax username availability

but ya can use the trenary operator. However, u have no routine to display an array,