Mchl

It's impossible to have 'else' without having 'if' first.

I don't really feel competent enough to explain it in full detail, so I'll need to refer you to http://en.wikipedia.org/wiki/Salt_%28cryptography%29 perhaps the most important sentence in this article is:

If the database was compromised, chances are that the offender has access to your script as well. Never rely on that. Adding a username to password will obviously make it harder to 'crack', but a long randomly generated salt is a better solution. You can still combine the two.

Keep it simple <?php $salt = "%YNbev346$#2@#bYBU%#m573v5N^U*"; //generated by randomly bashing head on the keyboard $password = "mary"; //supplied by user $hashedPassword = md5($password.$salt);

Then pick on random. Seriously, we know nothing about your requirements, expectations or skills. Giving you any suggestions without this information would be just as useless as giving you a random name.

I believe you want WHERE (status = 1 OR status = 2) AND eid = '$posteid'

Yes it is. Is 5 * 2 + 3 same as 5 * (2 + 3) ?

Just check if the largest value in array is greater than 0. <?php if(max($combatStatsArray['health']) <= 0) { $_SESSION['combatStatus']="victory"; //All the monsters are DEAD! so we win! }

That's how it should be. Slashes are needed for MySQL to know it has to treat the following character as a regular character, not a sepcial one. Once data is in database, there's no point in having slashes with it.

While you're at it could you please write functions that: - turn all letters in a string to lowercase - find maximum number among any number of variables - sort array values - turn PHP array into JSON string I need these ASAP

This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=312770.0

No, it is not possible either in MySQL, or in any other SQL falvor that I know of.

http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#sysvar_lower_case_file_system http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#sysvar_lower_case_table_names Sorry, that's what Windows does for you.

If you need to add a new column to your table each month, something is seriously wrong with your database design. Database is not a spreadsheet. Please read this: http://dev.mysql.com/tech-resources/articles/intro-to-normalization.html

This topic has been moved to Installation in Windows. http://www.phpfreaks.com/forums/index.php?topic=312716.0

Also you need to consider what applications it is not secure for. It surely is no longer secure for signing douments (or files in general) since as it has been noted, it's currently fairly easy to create a file that with different content will result in same hash. On the other hand we have md5 used to 'encrypt' (notice the quotes) passwords in the database. If a third party actually has access to hashed passwords, it means your site has been already compromised, and this encryption is only to protect your users' data (since people tend to use one password for all their sites). That's why we use salting to make it difficult to find original password from the hash using rainbow tables. Even if offender will find a string resulting in same md5 hash, other sites usually will use different salt/salting method, so this information will be useless. [added] Of course there is no harm (on contrary) in using stronger hashing functions. Just don't get too far (and SHA512 is going to far IMHO)

I will argue that for storing passwords in database a well salted MD5 hash is more than enough.

you might want to use json_encode to convert PHP array to a JS array.

The one that suits your needs best.

As far as I remember both Outlook and Blackberry (through Google Sync with Google Calendar) should be able to import formats like .ical and similar.

PHP is a programming language not an application (rich or any other), so the short answer is: no, it wouldn't.

I assume you store the date and time of each post on your forum. When user tries to submit a new post check the date of latest post by this user, and if it's not CURDATE(), reset your counter.

Why did you put LAST_INSERT_ID() into your query? Is there another INSERT query being run before it? What is this table's structure?

'Profiling' is the key word here. It's the process if finding bottlenecks in your application. Unfortunately it is not an easy task, and if you personally have little experience with programming/database management, it might be aboe your capabilities. You can ask the company that developed it, what guarantee they give that better server will improve situation (and for how long) and act basing upon this.

Maybe It could be your server hardware, server software, database design, database queries, application design... and so on and so forth. Hard to tell anything without additional details.