OkBoy

Is Active a string field in the DB? If it isn't, you don't need the quotes and I am pretty sure it will crash if you put them there.

That should work perfectly! Any luck?

Either remove your nots or make the OR and AND. //if the user has not logged in, redirect them to the login page if ((!is_authed_user()) || (!is_authed_admin())) { header('Location: login.php'); } What you are saying is IF a user is not logged in OR user is not an admin, redirect to login page. One of those will always be true if the user is not an admin, hence the redirect. What you want to say is IF a user is not logged in AND user is not an admin, redirect to the login page.

Sorry, posted in wrong thread. Mods, feel free to delete.

Should be a server setting to disallow directory viewing or something like that. Depends on what webserver you are using. Is it Apache or something else?

Near impossible is a good way to put it, yeah. Just remember since it is a one-way hash you can't get the values from it. All you can do is one way hash the values you have and see if the two values are equal. You might end up doing something like storing user name in plain text and a one-way hash of the password in the cookie. Then when the user visits the site, you grab the username and hashed password from the cookie, lookup the user in your DB and hash the password you have for that user and see if it matches what is in the cookie. If it does match, you can be relatively sure the user is who they say they are, if not they aren't.

Encrypt your cookie. You can't really trust a cookie since it lives on the client. Especially for something like "valid_user". Can you move it to a session? All you can do is try to make it harder for someone to mess with the cookie data. Encrypting the cookie is probably your best bet, though I am kinda new and PHP might have something else that you can do this easily.

Isn't that just the basic sort command? Something like: $sxml = new SimpleXMLElement(file_get_contents($xmlfile)); sort($sxml); $i = 0; $options = '<option value="" selected>'; while (isset($sxml->specialty[$i])) { $attribs = $sxml->specialty[$i]->attributes(); $options .= sprintf('<option value="%d">%s</option>', $attribs['tid'], $attribs['name']) . "\n"; $i++; } Pretty sure by default sort goes alphabetically.

I'm not sure what you mean "select them". The easiest thing would be in your first foreach to do something like: if (strpos($lists,"pink" > 0) echo $lists And then do something similar for the second loop. I am sorta new to this too, but the strpos would be a way to check for the substring within the string, yeah?

Could also do something like: if ($userlevel >="2"){ echo "|| <a href=\"add_news.php\">Add News </a>"; echo "|| <a href=\"edit_news.php?newsid=$myrow[newsid]\">Edit </a>"; echo "|| <a href=\"delete_news.php?newsid=$myrow[newsid]\">Delete </a><br><br>"; } Just make sure your higher level accounts do get all the rights of lower level accounts and you are set!