DeanWhitehouse

If you want help with this , i have a AJAX chatbox http://dracopangaia.awardspace.com/shoutbox/shoutbox.php Feel free to PM me for help. If not just look into the source code, as you can view the JS that way.

@akitchin , i have found a site that can crack it in a few hours using brute force. If you want improved security you could write your own encryption.

But md5's can be cracked, so if they do get hold they can crack it

what do you want to know?

i have

Unless you want to ccess the page every 24 hours and send it.

what you said doesnt make sense, please reliterate.

md5 is one way hashing. to hash do md5($_POST['pass']); and on the login do the same , you will need to hash it and then compare.

are you sure it has any new lines in the bit you are displaying?

The function works fine. Try echo nl2br($CF);

add error_reporting(E_ALL); to the top of the code and show the updated code.

is there a question?

You cant send the header once something has been printed to the page. Rethink the page logic, instead of if(!isset why not if(isset If you dont want to do that , add ob_start(); to the top of the page

I think you should be using SSL scripts aswell. And maybe also look into companys that have secure databases to store the numbers.

when you echo it out, do this echo nl2br($textarea);

Try the PHP Freaks one , as i recomended

have u tried PHP freaks one.

I would look at the w3school tutorial on it , as it may be better and more secure. And to do what you want add if(!mailcheck('$email')) { ?> <script type="javascript"> alert("Invalid"); </script> <?php } else { //mail }

going on that i would recomend this header.php <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head> <meta name="<?php echo $meta_name;?>" content="<?php echo $content;?>"> <title><?php echo $title;?></title> <link href="ss.css" rel="stylesheet" type="text/css" /> <body> then index.php <?php $meta_name = "Meta Name"; $content= "content"; $title = "Page title"; require_once 'header.php'; ?>

If you want to use JS , why not make a form checking function to check the whole form on submit , and then it will return true if it all is good.

No, although you can host it locally and then let them upload , which is the same. If i am wrong please say.

JS can be disabled use PHP.

can you atleast try , instead of expecting us just to add it for you

any toher security tips?

the code tags here. So will htmlentities not run the code but print it , like this <?php echo "this"; ?> it isnt run , just printed