ucffool

If you just want the query string to be PASSED ON (they go to /home?something=else and it redirects to home.html?something=else), just add the following flag at the end of the rule: [QSA] For instance: RewriteRule ^/product/([0-9]*)/? /product.php?product_id=$1 [QSA] Maybe I'm just not understanding your question.

It's the little things (also, use <?php in your code so it is color coded): Original: <?php include("dbase.incl.php"); $Title=$_POST['Title']; $Author=$_POST['Author']; $EMail=$_POST['EMail']; $Type_id=$_POST['Type']; $Func_id=$_POST['Func']; $Cost_id=$_POST['Cost']; $Rating_id=$_POST['Rate']; $Description=$_POST['Description']; mysql_connect($hostname,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query1 = "SELECT author.Author, author.Author_id FROM author WHERE Author='$Author'"; $result1=mysql_query($query1); $num=mysql_num_rows($result1); if ($num =(0)) { $query2 = "INSERT INTO author.Author, author.EMail VALUES ('$Author', '$EMail')"; mysql_query($query2); $query3 = "SELECT author.Author_id FROM author WHERE Author = '$Author'"; $result2=mysql_query($query3); $Author_id=mysql_result($result2,1,'Author_id'); } else { $Author_id=mysql_result($result1,1,'Author_id'); // ** This was where it was ** } $query4 = "INSERT INTO items VALUES ('','$Title','$Cost_id','$Type_id','$Func_id','$Rating_id','$Author_id','$Description')"; mysql_query($query4); mysql_close(); ?> Fixed: <?php include("dbase.incl.php"); $Title=$_POST['Title']; $Author=$_POST['Author']; $EMail=$_POST['EMail']; $Type_id=$_POST['Type']; $Func_id=$_POST['Func']; $Cost_id=$_POST['Cost']; $Rating_id=$_POST['Rate']; $Description=$_POST['Description']; mysql_connect($hostname,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query1 = "SELECT author.Author, author.Author_id FROM author WHERE Author='$Author'"; $result1=mysql_query($query1); $num=mysql_num_rows($result1); if ($num == 0) { // <--- fixed $query2 = "INSERT INTO author.Author, author.EMail VALUES ('$Author', '$EMail')"; mysql_query($query2); $query3 = "SELECT author.Author_id FROM author WHERE Author = '$Author'"; $result2=mysql_query($query3); $Author_id=mysql_result($result2,1,'Author_id'); } else { $Author_id=mysql_result($result1,1,'Author_id'); // ** This was where it was ** } $query4 = "INSERT INTO items VALUES ('','$Title','$Cost_id','$Type_id','$Func_id','$Rating_id','$Author_id','$Description')"; mysql_query($query4); mysql_close(); ?> Also, remember that mysql_result(resource,row,column), where column can be the column heading or a number. Example from my book: <?php //nametable: |pkey| name | // |----|------| // Row 0: | 3 | Mark | // Row 1: | 2 | John | $result = mysql_query("SELECT * FROM nametable"); var_dump( mysql_result($result, 0) ); var_dump( mysql_result($result, 1) );?> string(1) "3" string(1) "2" <?php var_dump( mysql_result($result, 0, 1) ); var_dump( mysql_result($result, 1, 'name') ); string(4) "Mark" string(4) "John" ?>[/code]

You are doing: $content = addslashes($content); Yet not doing stripslashes() before outputting it. Not sure if that's your only issue, but it's a start.

Maybe you should check out: http://www.phpfreaks.com/forums/index.php/board,8.0.html

<?php $sql = "SELECT col1,col2,col3,t2agent,COUNT(t2agent) as total FROM data WHERE MONTH(`tdate`) = '$month' GROUP BY t2agent ORDER BY total DESC"; ?>

I think this is your issue: if ( $num != 0 & password == $md5pass) { Should be: if ( $num != 0 && password == $md5pass) {

You can setup another divider besides a forward slash (fake folders). You could have the url be something like: variablename~value/events.html The key is something unique. How you build your URL is your choice, just need to make the mod_rewrite understand it.

For a fun idea, why don't you build a script to capture the user agent, parse it for the operating system, and check it against your database. In one table you have the user agent and its 'general' category (windows2000 for instance). In another table, you have a list of every user agent operating system parse. If it is found in the second table, check the first and save the info. If it is NOT in the second table, save it in the second table with a flag column set to 1. Then, once a week, process the flagged agents and categorize them manually. You'll be collecting them and generating the list as you go. Kinda sounds like fun (but I'm twisted).

I would also add a query string variable on the 'read more' link like ?disp=all Then on the same page you can alter the code from Jabop: <?php $string='asdfasdfasdfasdfadfasdfasdfadfadfadfasdfadfadfasdfadfadfsdfsdfsdfafasdsdfsdfsdfsdfdf'; $disp = $_GET['disp']; if (strlen($string)>130 && !$disp=='full') { echo substr($string, 0, 130) . ' read more omg click here'; } else { echo $string; } ?>

Wait wait wait! No moving on just yet Have you got an index on the username column on your users table? You shouldn't need to break the table up like that to get adequate performance. You may also need indexes on other values if you do frequent lookups by those values. Just to clarify, he is referring to mysql indexing. Here is an indepth article on it: http://www.informit.com/articles/article.aspx?p=377652

If you also have a low number of visitors, that causes issues as well (besides the extra overhead). See if your webhost (I use dreamhost, they can do this) supports cronjobs. These are scheduled actions, such as running a php file. You could have that run daily or hourly, and make a specific file that will run the checks and email processing. I use it to do maintenance on a cache, uploads, and old items on one of my sites. There are more complex methods, but this is the simplest approach.

You can use a form to get the file upload, then save the file contents temporarily, read the file (file_get_contents) into a variable which you can dump into the mysql database. Finally, delete the temporary file. Here is some info on file uploads in php: http://www.w3schools.com/PHP/php_file_upload.asp

Try displaying all errors on the page and see if you get anything new: error_reporting(E_ALL); ini_set('display_errors', '1');

As Ken said, you can go in and out of html and php and not lose out on anything. So if you have: <?php $world = 'World!'; ?> <html> <p>Hello World!</p> <p>Hello <?php echo $world; ?></p> It will work perfectly fine.

Use output buffering. ob_start(); // generate the data $output = ob_get_contents(); ob_end_flush(); // Send the output to the page // later in the page, just echo $output.

what you want to look into is javascript form validation. Check these forums and google and there are a lot of examples.

being admin will be accessed a lot less than the other pages, its okay that it is higher. for main pages, I would see what you could cache to reduce the queries and allow for a faster experience as multiple users start accessing the site at the same time. You really should never say, "Is this a good threshold that the user can tolerate?" Instead, you should always be saying, "What can I do to make this faster for everyone?"

hashing (md5 or sha1) a password before placing it in a cookie is a good thing, however since that is transferred all the time, and there are databases out there building a reverse md5 dictionary attack, it would be best to salt the password before hashing it, then transfer that. This would make sure that even if someone had the hash, they would not have the password and it would be harder to do a dictionary attack against because of the randomized salt. Ok, now for an example I use: $salt = substr(md5(uniqid(mt_rand())),4); // Gets these highly random first 4 characters $password = 'userpassword'; $hash = md5($salt.$password); // Store $hash and $salt in the user database. //To verify the password, you query for the salt, then perform the $hash and compare it to the stored value.

Though I haven't implemented it, I really liked this article on a PHP login system with admin features: http://www.evolt.org/PHP-Login-System-with-Admin-Features I've had it bookmarked for a while, and I remember searching a long time before I found something that I liked for learning, adapting, and using.

Could you simply just do that query and then process the results for what you want? Or is it that your query will be astronomically large with the extra items? Secondarily, if there is something unique about the entries that start with a quote or numbers, you could add an extra column to the table like 'type' and then make your WHERE class also check this 'type' category for a match as well as your viewable='Y'.

Anna Millers is currently working. Your last rewrite is the issue: RewriteRule ^([a-z0-9+A-Z]+)$ result.php?cuisine=$1 [nc] It should be: RewriteRule ^([a-z0-9+A-Z&'_-]+)$ result.php?cuisine=$1 [nc]

What does the HTML source of your ECHO show?

That sounds like great progress, welcome and good work!

Reading too many threads at once, my bad. <prepares to be caned>

Two things: 1) What is the format of 'check_date2' ? 2) change this line to: if ($whencheck < time()) my guess is that #1 is not giving the date and time, just date (causing you issues).