TheBigRedStapler

Hi.. What if someone just made their own lil' socket script to *imitate* your vb6 program to get around your checking though... I think you'd better check in both programs for security reasons.. But anyhoo, Hows the script sending it's data? Port 80 socket connection? what? lol sorry if I'm a little confused. HTH

As has been said here, strip_tags() to remove the tags completely and htmlentities to replace dangerous characters with special html entities (E.g. &, etc)... HTH

I'm pretty sure MySQL has a sum() function.. http://www.tizag.com/mysqlTutorial/mysqlsum.php HTH

The easiest way IMO would be apache, but I'm sure it's possible to capture the error in PHP.. What's the code you've been trying and what are the errors your getting?

To make like a real session where the info will carry you'll prolly need to first get the data from POST or GET variables http://us2.php.net/manual/en/reserved.variables.post.php. Then you want to check that against a MySQL database and save it into session variables (if it matches the DB), and then make a script to check it like thorpe was saying. Check out the variables listed on the top left side of the page above, especially in your case $_POST, $_GET and $_SESSION. Remember also that you have to use a session_start() call at the TOP (or at least before output I think) of any page that you want to use sessions on. Here's some tutorials on this stuff.. http://www.w3schools.com/PHP/php_mysql_intro.asp -- MySQL Query Syntax Examples http://www.tizag.com/phpT/phpsessions.php -- PHP Sessions http://phpeasystep.com/phptu/6.html -- Login Page Example http://us.php.net/security.database.sql-injection -- About Security.. http://us2.php.net/mysql_real_escape_string -- More to do with security.. And remember to check out http://php.net... You can lookup any function you want and see how it works, the functions you'll need to use in conjunction with it AND examples- really neat stuff... Anyways HTH

Would this work? # not tested, don't have a server running or setup right now foreach ($_POST as $post) { foreach ($naughtyWord as $n => $v) { if (strpos($nw, $pos) !== false) { echo "You said $v in $n!"; } } HTH

Well, you could use a list of checkboxes to select which one you delete by giving each box a higher value than the last... If you don't like checkboxes and want buttons all in one form you can name each of the submit buttons the same but with different values and then use something like this.. <? if ($_POST['delete']) { mysql_query('delete from mytable where id = \''.$_POST['delete'].'\''); } ?> HTH

Are you sure the exec is working properly without error? exec("C:\\image_program\\snapshotter.exe -u ".$_SESSION['url']." -o 'c:/images/".$_SESSION['name']." -w 120 -h 120 a1 j1 s1"); ^^ Notice the missing half quote. That needs to have another half quote to even be right... exec("C:\\image_program\\snapshotter.exe -u ".$_SESSION['url']." -o 'c:/images/".$_SESSION['name']."' -w 120 -h 120 a1 j1 s1"); So maybe that's the problem and you just overlooked the typo... I don't see what else it could be since the string with the variable in it should be parsed by PHP before the string is even passed to exec I would think... As to the JS, yes, you should in theory be able to pass variables if you write the file containing it in PHP, but I don't think you need to here... Anyways HTH