Vermillion

Woops one thing. If I wanted to update the database with multiple different values, would I do something like this: "UPDATE members SET question = '$newquestion'" AND SET answer = '$answer' WHERE id = "$id" AND hash = '$hash'" ? Or can I only do: "UPDATE members SET question = '$newquestion'" SET answer = '$answer' WHERE id = "$id" AND hash = '$hash'

Yep, I have no idea of how to use cookies. I am even making my own forum, knowing how to use cookies. Basically, I have the loggin form that stores the user id, his name, and a unique user hash. <?php $_SESSION['login'] = $username; $_SESSION['id'] = $id; $_SESSION['hash'] = $hash; ?> I also want the cookie to expire after a month. Every tutorial I have read about this is confusing, so maybe if I do it with that I will understand cookies.

You use a foreach loop to loop through arrays. I don't see an array there, so probably you WILL be better using a for, while, or do-while loop. Although, you can just make an array there. <?php $var[0] = "Username"; $var[1] = "Password"; $var[3] = "Email"; //Start looping through each element of the array. foreach ($var as $key => $value){ echo "<div>".$value."</div>"; } ?> That will print: Username Password Email

You need to use a double comparison operator on the while statement. <?php while (list($name, $value) == each($HTTP_POST_VARS)) { echo "<input type=\"hidden\" value=\"$value\" name=\"$name\">\n"; } ?> Approach 2: On another note, you should post your code on code tags.

So I just keep using the AND clause? Okay, thanks al lot .

"SELECT * FROM access WHERE user_id = '$id', hash = '$hash' AND level = 8"; Like you can see, I want to "SELECT everything from access where the id is $id, the hash is $hash, and the level is 8", but that doesn't work. How would be the right way to do that?

Never mind. Solved it.

Can someone tell me what does it mean, and how can I fix the problem? I would post my two scripts, but they are actually very big, code-wise. If you really think you need them though, just ask me and I will post them.

Yeah people have recomended me that, but I am not quite sure it would work. Do I only store the name of the file without the extension?

On my forum, people will have the ability to upload avatars (obviously =P). The name of the file will be set to the ID of the user in the Database. The script looks like this. The $id variable is declared before this block of code: <fieldset style="width:720px;"> <legend>Upload Avatar</legend> <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <input type="file" name="avatar" /><input type="submit" value="Submit" /> </form><?php if($_FILES['avatar']['name']){ $maxfilesize = 25600; $_FILES['avatar']['name'] = $id; $avvy = $_FILES['avatar']['name']; $filename = $avvy; $path = "../../graphics/avatars/$filename"; echo $path; } else { echo " The file must not be larger than 75 x 75 pixels and no bigger than 25 KBs."; } ?> </fieldset> How can I check if a file exists? Also, I will allow both JPG/JPEG/ and GIF avatars. How can I go around to retrieve the extension of the file name? I'm sure I will need to know the whole file name if I want to check if it exists and then delete it.

Sure. My MSN is [email protected] I don't think you can pay me for a number of factors, starting on my age ... But I'm sure we can find something small you can do for me.

You may want to tell us what the problem of the script is, otherwise we don't know what kind of error we are looking for.

Well, there are many methods to do a validation system. Personally, I use custom class for that, but we can make a simple validation system without one: Suppose you have the following form: <form method="post" action=""> Username: <input type="text" name="username" /><br /> Password: <input type="password" name="pass" /><br /> Retype Password: <input type="password" name="pass2" /><br /> E-Mail: <input type="text" name="email" /> </form> Now you have this PHP Script: <?php $username = $_POST['username']; $pass = $_POST['pass']; $pass2 = $_POST['pass2']; $email = $_POST['email']; if(strlen($username) < 3){ // If the username has less than 3 characters, print an error message and leave the script after that. echo "Invalid username. It must have 3 characters or more."; return 0; } if(strlen($pass) < 6){ // If the password has less than 6 characters, print a error message and leave the script. echo "Your password must have 6 characters or more."; return 0; } if($pass != $pass2){ echo "The passwords did not match. Please try again."; return 0; } if(strlen($email) < 3){ // If the E-Mail has less than 3 scripts, print a message and leave the script. return 0; } if(!preg_replace("/^([a-zA-Z0-9._-])+@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)+/", $email){ // If the E-Mail does not have a "@" or dot at the end, print a message and leave the script. echo "Invalid E-Mail"; return 0; //If there were no errors, you can put all your database stuff here. ?> Obviously, this was made quickly and it is not reliable. With that script I don't even check for user input so SQL injection is something very easy to do. So probably you can fix the script and make it better. There are also many things I don't like from this script, so I would post my method, but it only works well for my custom forum. I'm sure you can modifty that though.

Don't worry about how much time you must spend, or what books you do. Like HeaDmiLe said, it is just practice. Personally, I am self taugh PHP programmer, I started to learn it last year, and I consider myself good at it (regardless of the stupif errors I make, heh ). Just read some tutorials. I learned from internet tutorials, then I just started practicing, and now I am making my own forum software to learn more. Doesn't matter what medium you use to learn. You just have to be interested. This is also a good community. This guys have helped me a lot. You also have PHP.net, and many other resources.

Ah okay, will consider it too. Thanks for the tip!

This is the second stupidiest mistake I have done so far on my site :/. Thanks a lot guys, much appreciated.

<?php mysql_connect($dbhost, $dbuser, $dbpass); mysql_select_db($dbactual); $query = "SELECT * FROM logs WHERE level = 8"; $result = mysql_query($query); $number = mysql_num_rows($result); $i = 0; echo "<table><tr>"; echo "<td><strong>Log ID</strong></td><td><strong>User</strong></td><td><strong>User Level</strong></td><td><strong>Date</strong></td><td><strong>Time</strong></td><td><strong>Action</strong></td></tr>"; while ($i < $number) { $id = mysql_result($result,$i,"id"); $user_id = mysql_result($result,$i,"user_id"); $level = mysql_result($result,$i,"level"); $date = mysql_result($result,$i,"date"); $time = mysql_result($result,$i,"time"); $action = mysql_result($result,$i,"action"); echo "<tr><td>$id</td><td>$user_id</td><td>$level</td><td>$date</td><td>$time</td><td>$action</td></tr>"; } echo "</table>"; ?> For some reason, that causes an infinite loop. The resource ID is #12, and $number is 3. I have $i set to 0, yet for some reason this is an infinite loop. Can someone help me find the problem?

Take a look at your first query: <?php "SELECT class, username FROM users WHERE id = '$_SESSION[id]'" ?> I have had the experience in which the script doesn't work when you pass a $_SESSION, $_GET, or $_POST variable directly into the query. Assign the $_SESSION value to a variable: <?php $id = $_SESSION['id'] $result = mysql_query("SELECT class, username FROM users WHERE id = '$id'"); ?>

... This is the worst error I have made so far in my life. Since it was online, and the link to logout was this one... http://localhost/vghack/logout/index.php It is obviously not going to work ! Haha, sorry for wasting your time guys...

<?php ini_set ("display_errors", "1"); error_reporting(E_ALL); session_start(); $_SESSION = array(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); header("location:".$_SERVER['HTTP_REFERER']); ?> Maybe I am not editing the code properly?

I don't send any cookies with my loggin script (not yet, anyways ;P), except the session cookies that I didn't know they were sent until I started having this problem. I still tried using that method though, and it still didn't work .

It seems this only happens while my site is hosted elsewhere and not on my localhost. <?php session_start(); session_destroy(); header("location:".$_SERVER['HTTP_REFERER']); ?> That's my logout script. Only 7 lines on the whole file. On my localhost, I can logout without problems. But while it is hosted (I'm using 0000webhost.net as my host, if that matters), I have to clean my Session Cookies (thanks Web Developer Toolbar ) to log out. Otherwise the page keeps reloading, but it doesn't log me out. This is the link to my site (on a freehost), so you can try out: http://vermillion.07x.net/vghack/index.php Help?

You want to do something similar to a C/C++ Cast type?

Heh, the name comes more from a child protector of a game, I also didn't know it was a color until I googled it =P.

Just saying that this is one of the best communities I have come across my whole life. I am part of many other forums, and I left many others as well, but this is indeed one that needs to be highlighted. Good job to the administration on making such a good and friendly help, to the moderators doing awesome jobs, and to the users that help everyone on everything. It is seriously one of the places where you can get quick replies, specially when you need coding help. Keep going!