schilly

<?php $result = mysql_query("SELECT * FROM news WHERE id = '{$_GET[id]}'"); $num = mysql_num_rows($result); $row = mysql_fetch_assoc($result); ?> I'd echo your query to make sure the id is getting inserted.

<?php $pass = "true"; function check_perms($file, $perm,&$pass) { if (substr(decoct(fileperms("$file")),2) == $perm) { return "<div class=\"container\" style=\"color: #008000; font-weight:bold;\">Pass</div>"; } else { $pass = "false"; return "<div class=\"container\" style=\"color: #D00000; font-weight:bold;\">Fail</div>"; } } $backups = check_perms('../backups/', '777',$pass); $downloads_uploads = check_perms('../downloads/uploads/', '777'$pass); $images_uploads = check_perms('../images/uploads/', '777',$pass); $images_banners = check_perms('../images/banners/', '777',$pass); $include_config = check_perms('../includes/config.php', '666',$pass); $languages = check_perms('../languages/', '777',$pass); $modules = check_perms('../modules/', '777',$pass); $templates = check_perms('../templates/', '777',$pass); if ($pass == 'true') { $input_button = "<input type=\"submit\" id=\"submit\" value=\"{$LANG.submit_button}" name="submit\" />"; } else { $input_button = "<input type=\"submit\" id=\"submit\" value=\"{$LANG.submit_button}" name="submit\" disabled=\"disabled\" />"; } ?> try that

or declare a global variable. what are you trying to do?

did you connect to the database? mysql_connect?

did you connect to the database?

you need to pass by reference. a variable created inside a function is localized to that function. http://php.net/language.references.pass

check through your history and see if you have the admin login page cached then login and delete whatever you posted. if you can't get to it try: http://phpnuke.org/

monkey.gif is an example. change it to your file. i just tested it on my server and works fine.

you should be able to use any file in that example

hmmm weird. try this example from php.net: <?php $file = 'monkey.gif'; if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); exit; } ?>

you could set a width to height ratio the pic would have to conform to before allowing the upload. maybe no greater than 1:2 but you'd have to test it. to only allow images check the $_FILES['image']['type'] data for 'image/gif', 'image/jpeg' and 'image/pjpeg'. other file types: http://en.wikipedia.org/wiki/Internet_media_type

You might add this in: header("Content-Transfer-Encoding: Binary"); as per this example: http://www.higherpass.com/php/Tutorials/File-Download-Security/

you could try $_SERVER['HTTP_REFERER'] and see what that outputs. Not sure how else to get it otherwise.

yup. use the full path for your folder links and images.

i dont see anything in there about open, save or cancel.

link external image: <img src='http://externalimage.com/image.jpg'> for your stylesheet link just use the full path: http://www.yourdomain.com/template.css hope this is what you meant.

<?php if (@$_SESSION['auth'] != "yes") { echo "Please Login."; } else { $security_code = rand(); $name = @$_SESSION['logname']; $_SESSION['security']=$security_code; $_SESSION['post_check']=rand(); $host = "localhost"; $user = "NOT SHOWN"; $pass = "NOT SHOWN"; $base = "wizll_forumzmembers"; $cxn = mysqli_connect($host,$user,$pass,$base) or die ("Connection failed"); $sql = "SELECT * FROM posts ORDER BY position"; $result = mysqli_query($cxn,$sql) or die ("Query failed"); $post_count = 0; while($row = mysqli_fetch_array($result)) { echo '<table width="100%" border="1">'; echo '<tr><td width="20%">'; echo "<center>"; echo $row['user']; echo "</center>"; echo '</td><td width="80%">'; echo "Subject: "; echo $row['subject']; echo '</td></tr><tr><td>'; echo "<center>"; if ($row['rank'] == 10) { echo '<img src="pictures/buttons/admin.png" alt="">'; } if ($row['rank'] == 9) { echo '<img src="pictures/buttons/admin.png" alt="">'; } if ($row['rank'] == { echo '<img src="pictures/buttons/mod.png" alt="">'; } $num_posts = $row['posts']; echo "<br>Posts:$num_posts"; echo "</center>"; echo "</td><td>"; $post_put = nl2br($row['post']); echo '<div id="post' . $post_count . '">'; echo $post_put; echo '</div>'; echo "</td></tr><tr><td>"; echo "Posted: "; echo $row['post_time']; echo "</td><td>"; // make is so when you click edit/quote it will edit/quote that post, not the last post on that page //fn deleted echo '<img src="pictures/buttons/quote.png" alt="" onclick="quote(' . $post_count . ')"><img src="pictures/buttons/PM.png" alt="">'; $name_3 = @$_SESSION['logname']; if ($row['user'] == $name_3) { //make it so it deletes the old post you are editing echo '<script type="text/javascript" language="javascript">'; echo 'function edit() { var old_post = "'; echo $row['post']; echo '"; var MyElement = document.getElementById("post"); MyElement.value = old_post; var override = "'; $override = "true"; $position_override = $row['position']; echo $override; echo '"; var position_override = "'; echo $position_override; echo '"; var MyElement = document.getElementById("override"); MyElement.value = override; var MyElement = document.getElementById("position_override"); MyElement.value = position_override; } </script>'; echo '<img src="pictures/buttons/edit.png" alt="" onclick="edit()">'; } echo "</td></tr>"; echo "</table>"; echo "<br>"; $post_count++; } echo '<br /> <form action="posted.php" method="post"> Quick Post: <br> Subject: <input type="textbox" name="post_subject" value=""><br> <img src="pictures/buttons/img.png" alt="" onclick="img()"> <img src="/forumz/pictures/buttons/smiley.png" name="smilies_show" id="smilies_show" onclick="show_buttons(smilies);"> <img src="pictures/buttons/code.png" alt="" onclick="code()"> <img src="pictures/buttons/url.png" alt="" onclick="link()"><br /> <textarea rows="9" name="post_box" id="post_box" cols="90"></textarea> <br /> <input type="hidden" name="security_code" value="'; echo $security_code; echo '" /> <input type="hidden" name="override" id="override" value=""><input type="hidden" name="position_override" id="position_override" value=""><input type="submit" value="Post" /> </form> <form action="post.php" method="post"> <input type="submit" value="Go Advanced" />'; } ?> Ok added count variable to <div id='post#'> and also past the count variable into the onClick call for the quote function. That should put you on the right track. Your edit fn will probably need the same thing done to it.

your quote fn is still in that while loop. i would do something like this out of your while loop with the rest of your js fns. function quote(quote_id){ var post; post = document.getElementById('post' + quote_id); post = '[quote]' + post + '[\quote]'; document.getElementById.InnerHTML = post; } then use a counter in your while loop and append the number to the div tag post ie. <div id='post1'>. now all you do is just pass that number into the quotes fn. hope that helps

my js isn't that great but i think you are declaring your quote fn numerous times so when you actually call it, it only uses the last one. make one fn and just pass in the quote string.

something like this should work i think <?php $sql = "SELECT name, username,total_questions, incorrect_resp, num_correct, centacor_results.date FROM centacor_roster, centacor_log LEFT JOIN _results USING (log_id) WHERE centacor_roster.user_id = centacor_log.user_id AND centacor_roster.user_id > 0 AND username='$username' ORDER BY name, date"; ?>

so just add a where into your query that matches the username from the form.

do you have some unique identifier for each person taking the test? do you collect any personal info or is it anonymous? could always validate based on email, session id, random string, etc.

yup i understand what you're trying to do. just move the FAQ <li> to under the "programmes & costs" <ul> and delete the Beautiful Oceans <li>

create a script to check the user agent then decide whether to load or not load content?

just edit the html?