atrum

You have to escape the semi-colon I think. So put a backslash before the semi-colon

You're missing a bunch of semi-colons at the end of your statements. Every php statement must end with a > ; <

Can you describe in more detail about what you are trying to accomplish?

why not just do this? array ( [0] => "http://mysite.com/filse/file.php" [1] => "http://mysite.com/files/file2.php" [2] => "http://mysite.com/files/file3.php" )

This is about the most simple way I can think to explain this. <?php function add_tax ($amount) { $total = $amount * 1.09; return $total; } ?> Given the example you provided above. $total = $amount * 1.09 Lets say the $amount = 7 $total = 7 * 1.09 $total now = 7.63 return $total return when used in a function like the above poster stated makes the function = what was returned. So now add_tax (7) is equal to 7.63 Here is a another way you could use that function. $num = add_tax(7); $num2 = add_tax(2); $total = $num * $num2; echo add_tax($total); The above is just a useless example, but it illustrates a bit more on how it works.

My advise is look up jquery ajax.post http://api.jquery.com/jQuery.post/ and php-json. http://www.php.net/manual/en/book.json.php Made my life easy for those types of issues.

Thank you for clearing that up for me.

I'll keep this short. I am making a registration class. I want to have a way to sanitize the input. I am wondering which is the best route to take on the object model. Should I make some method(s) inside of the registration class to sanitize the input, or should I create a separate class specifically for sanitation purposes? Which is better from a best practices stand point?

The header runs before die, and tries to redirect to the URL. So die never runs. Also header will assume the hostname if a url is not specified. So something like this header("Location: /?p=UCP"); Should work just fine. but header("Location: ./?p=UCP"); Won't work.

Good to know, thanks for the help.

I have been trying to better understand how php works on a more in depth level, and recently I have been tinkering with arrays. Using print_r() I have been studying the $GLOBAL array, and I found something I can't seem to find an explanation for. In my $GLOBALS array there are variables I have set in a configuration file, but never actually made into globals. Take the following code, and its output for example. echo "<pre>"; echo print_r($GLOBALS); echo "</pre>"; The output: Array ( [GLOBALS] => Array *RECURSION* [_POST] => Array ( ) [_GET] => Array ( ) [_COOKIE] => Array ( [phpSESSID] => fai4rtfgdt6o6iaihh62d0pa15 ) [_FILES] => Array ( ) [_SERVER] => Array ( [HTTP_HOST] => DOMAIN [HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5 [HTTP_ACCEPT_ENCODING] => gzip,deflate [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7 [HTTP_KEEP_ALIVE] => 115 [HTTP_CONNECTION] => keep-alive [HTTP_REFERER] => http://DOMAIN/test.php [HTTP_COOKIE] => PHPSESSID=fai4rtfgdt6o6iaihh62d0pa15 [HTTP_CACHE_CONTROL] => max-age=0 [CONTENT_TYPE] => application/x-www-form-urlencoded [CONTENT_LENGTH] => 67 [PATH] => /sbin:/usr/sbin:/bin:/usr/bin [sERVER_SIGNATURE] => [sERVER_SOFTWARE] => Apache [sERVER_NAME] => DOMAIN [sERVER_ADDR] => IPADDRESS [sERVER_PORT] => 80 [REMOTE_ADDR] => 198.65.168.24 [DOCUMENT_ROOT] => /home/USER/www/DOMAIN [sERVER_ADMIN] => webmaster@DOMAIN [sCRIPT_FILENAME] => /home/USER/www/DOMAIN/test.php [REMOTE_PORT] => 43272 [GATEWAY_INTERFACE] => CGI/1.1 [sERVER_PROTOCOL] => HTTP/1.1 [REQUEST_METHOD] => POST [QUERY_STRING] => [REQUEST_URI] => /test.php [sCRIPT_NAME] => /test.php [php_SELF] => /test.php [REQUEST_TIME] => 1286050077 ) [date] => October 2, 2010 [db_date] => 10/02/2010 [error] => Array ( ) ) 1 The 3 items at the bottom. [date] => October 2, 2010 [db_date] => 10/02/2010 [error] => Array Were set inside of a php config file. My question is, how did they end up in the $GLOBALS array?

So I am aware that there are many ways to skin a cat as the saying goes, and I am trying to decide what is the recommended way to verify that a form was submitted. Take for example a simple form, a few fields, some buttons, etc, etc..... Now when a user submits that form, I want to verify on the php end that the form was submitted. I can use isset or empty, and im sure many other ways. What do you prefer/ recommend when verifying form submissions?

Thanks for the feed back.

Hello everybody, I still consider my self a greenhorn when it comes to website design. This is my first real attempt at a css design. Note:: I have designed this site to work best in FireFox, I am already aware of certain display problems in IE and Chrome. So please view in FF. URL:: http://tools.exiled-alliance.com/dev/ Let the feedback flow, and please be brutally honest.

Never mind, the iframe did it. I took the iframe I had out, and problem fixed. Jquery here I come.

So I have just run into a strange thing with my site. http://tools.exiled-alliance.com/dev/ When you go to that site in firefox 3.6.8 and submit the form, then refresh the page which causes a repost. When the warning comes up saying you are about to resubmit the information, The footer on my site just vanishes. If you click ok or cancel the footer comes back. This doesn't happen in IE. Can anyone confirm if they have the same thing happen?

hmmm, well the only thing that sticks out for me is that normally I don't put quotes around the table. So try changing. SELECT * FROM `users` <- to -> SELECT * FROM users

Well the first thing that comes to mind, are you sanitizing all the input?

Let's see your code.

Well, I could encrypt it, but the data needs to be human readable. Is there a way to assign a public / private key pair to each user so that only that user can decrypt the information?

I am currently developing a php web app that is pretty much like quickbooks. I intend this tool to be used by the public, so security is a big deal. I am implementing a feature that will allow users to upload a CVS file from their bank, or other financial institution to the server that gets parsed, split, and entered into a table on a database. Other than using SSL, what other ways can I ensure that the data uploaded is secure. How secure do you think financial information needs to be? Just so I am clear, the information is all transaction and balance related. Nothing along the lines of account number or even what bank they use is stored. Think of it like a big online check balance book.

K I can already do that, I've built db registration, authentication with sessions. Built my own functions to carry out various tasks, and i've done email activation, plus forgot password email plus token verification. whats next? What I have written above is the farthest I have gotten, and I have done it a few different ways so that I am familiar with the process. I guess what I am after here is the next step. What should I try to program that would build on what I already know?

Sorry if this is the wrong forum, I have feeling this will get moved to misc. I have been programing in php in my spare time, and I have a firm grasp on all the basics. I am trying to get a feel for where I stand in terms of experience in php. I have tried the test available at w3shools.com for php, and I score a 100% in 2.09 minutes. That test however never changes it's questions, it is always the same 20. Can anyone recommend a quiz I can take that is more in depth, or maybe a list of projects I can use to grade my self in php ability?

Hello all, I am looking for some feed back on getting my navigation script a little cleaner. My goal is to try and keep my site as dynamic as possible with out redundant code. So here are the important bits. Site: http://tools.exiled-alliance.com/vpsexpert.new/ Common config: config.php Master page: index.php Navigation Script: inc.redirect.php Ok, here is the setup. On the Master page, I want this to be a staging area for site content. The content is control from the Navigation script that is included in the content area on the Master page. The Common Config page houses frequently used $vars At the moment only the register, login, and master page are done to the point that I can display them effectively. Now that you have an idea of how I am setup, here is what I need advice on. I am looking for any suggestions or maybe some pointers on how I can do this better, or just cleaner. Here is how the redirect works in pseudo code. if:$page isset { check if . or / exists in the $page var if so then include error page else begin switch statement for $directory case dir1: case dir2: ect ect if $directory matches a case : then include $path = $page / $directory. if the $path does not exist, then include error page. } if page is not set, then include $path = $directory / $homepage. Sorry if that pseudo code is horribly formatted. Here is the actual redirect code. <?php /*Declare GET vars*/ $page = $_GET['pg']; //Page var $folder = $_GET['act']; //Directory Var if($page) //if page var is not nothing { if(!strpos($page,".")||!strpos($page,"/")) //Check for any . or / in the page var. { switch($folder) //Begin switch statement. Check what value $folder contains. { case admin: $path = $admin_root. "/" .$page. ".php"; break; case cpan: $path = $member_root. "/" .$page. ".php"; break; default: $path = $doc_root. "/" .$page. ".php"; } if(file_exists($path)) //If the path exists { include($path); //Display path. } else { include($lib_root. "/errors/inc.404.php"); //Page not found error. } } else { $ip = getenv("REMOTE_ADDR"); //Get the visitors ip address echo "<h2>WARNING!</h2>Hacking will not be tolerated, <br />Your IP ::".$ip.":: has been logged<br />"; exit; //Stop the script from continuing. } } else { $path = $inc_root. "/" .$homepage; if(file_exists($path)) //If the path exists. { include($path); //Display path. } else { include($lib_root. "/errors/inc.404.php"); //Page not found error. } } ?> Also, here is the config file just in case you need to reference something from it. <?php $domain_root = "http://tools.exiled-alliance.com/vpsexpert.new"; /*Domain Root*/ $doc_root = $_SERVER['DOCUMENT_ROOT'] ."/vpsexpert.new"; /*Root of VPSexpert*/ $lib_root = $doc_root ."/lib"; /*Library Root*/ $inc_root = $doc_root ."/lib/inc"; /*Includes Root*/ $admin_root = $doc_root ."/admin"; /*Admin Root*/ $member_root = $doc_root ."/membership"; /*Member Root*/ /*General Config*/ $date = date("F j, Y"); //todays date. $homepage = "inc.stats.php"; //Default Home Page. /*Basic Authentication Check*/ ?> Please be aware that this site is a work in progress, and some parts are not done, but the important pieces for this post are there. I look forward to your replies. Thanks, Atrum, Novice php Programer

Sorry, I posted that one in a rush. I was thinking of keeping the errors in a separate file, that I could throw into an array, and then use a switch to pull the right error from the array and display it on the default master page. I want to keep my application as "pretty" as I can so that no errors on plain white screens will happen.