CroNiX

If you leave the form action totally off (not just blank) it will also submit to itself. <form method="post">

progress probably needs quotes...it's a string, correct? $progressupdate = DB::getInstance()->insert(progress, array(

Hard to tell exactly without seeing an example of your array.

It looks like it should work, if your first example works. What's not working about it? Do you close the </select> tag after the options are created in the loop?

By having the onclick code executed again when after the new dom elements are retrieved. It would be best to turn that into a function so you don't have to repeat the same code 2x.

It looks like in the onComplete event of this: $('div#stream').delay( 500 ).load(location.href + " #stream"); You'd have to retrigger all of this so that the onClick event gets assigned to the new DOM elements you are adding: $('.likestatusclass').click(function(x){ var lb = $(this).attr('id'); $.post('../action/likestatus.php',{statusid:lb},function(l){ alert(l) alert(lb) }); });

This answer assumes you are using javascript/ajax to retrieve data and display it. Let's say you assign a click event to an anchor. Clicking on the anchor sends an ajax request to the server and then display some HTML that was retrieved. That new HTML is now IN THE DOM (or you wouldn't see it). However, the javascript click event that was assigned BEFORE the new HTML was retrieved knows nothing about that new HTML since it wasn't present when the page was loaded and the js originally assigned, therefore the HTML couldn't have been assigned any js function. So the js has to be reapplied to the new elements so it can bind the events to them. Hope that makes some sense.

In addition to the 2 unnecessary php open tags, you have unclosed quotes in some variables, and some missing semicolons at the end of statements.

Upload File File gets saved in filesystem (files go on filesystem, data goes in database) Save path to file (including filename) in database along with the user ID of the person who can access it When a user is on system, check database using their ID and see if there are any files for them If so, provide link to user to download based on path saved in database User clicks link, system sends file Delete file and remove entry from database, if applicable.

On the page they are redirected to, do you start the session at the top of the code? Anywhere session is used it needs session_start() at the top of the page, and your authentication system is using sessions.

That would really depend on how your shopping cart/app is layed out. I only gave you an example for multiple colors to keep it short as it would apply to most of the other shoe metadata you described

A short example: Shoes: -ID -Name Colors: -ID -Name Shoe_colors -ID -Shoe_ID -Color_id so let's say you had: Shoes: ID = 1, Name = 'Nike Free' Colors ID = 1, Name = 'Grey' ID = 2, Name = 'Yellow' Shoe_colors: ID = 1, Shoe_id = 1, Color_id = 1 ID = 2, Shoe_id = 1, Color_id = 2 So you have Nike Free available in Grey and Yellow You'd use a JOIN to get all data in a single query

This is a problem with databases that aren't normalized. There shouldn't be any comma separated values in a single column really. Ideally you'd have a table that stored the colors with a reference ID back to whatever is using it.

however, I don't see you using session_start() at the beginning of any of those pages

But it would be much better to not use inline javascript anyway. I'd give your span a special class, and then create a click event using that. <span class="specialClass" id="my-id">some span</span> <span class="specialClass" id="different-id">some other span</span> $('.specialClass').click(function(e){ var id = $(this).attr('id'); alert(id); });

Your function has no clue what "this" is. you'd need to pass "this" to your function.

Yes, that's appropriate especially if you are redirecting.

strip it down to the basics and test. Can you send a regular email like with: mail('abcd@abcd.com', 'test email subject', 'test email body', 'FROM: root@your_server.tld'); root@your_server.tld should be your actual domain. If it's not it most likely will be rejected by the receiving server as the domains won't match.

Depends, are you submitting the form using GET or POST? Your earlier code indicated $_POST but now you are trying to access $_GET

Well, I'd be concerned about a site that didn't use, or enforce, SSL on a login page or any other page with sensitive information. It means it's not being encrypted and the data can be sniffed by any of the number of servers that the request is being passed through (it doesn't just go from your PC straight to the end site...it usually passes through many servers on the way).

Is this a site you are creating or some other site you are visiting? If it's one you are creating, you should check if SSL is enabled and if not, redirect to the SSL version of the page (https://) You can google "php detect ssl" for some ways how

What do you mean, "no warning"?? You shouldn't get a warning. If you do something is set up wrong, or the cert is self-signed or invalid.

How many different email providers have you tried sending email to, like to gmail, yahoo, some other ISP? Each one will have their own criteria for spam filters, etc. Some might go through immediately, some might get delayed. It could also have to do with the reputation of the IP that you are sending the email from (host).

You are running everything through htmlentities() and mysql_real_escape_string() twice for each value. Once when you retrieve from $_POST and the other in your payrollData() function. Why? Just do it once, and you should only run through mysql_real_escape_string() when you are actually going to insert them in the db since it potentially alters the value.

Well this isn't going to work: while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $coy = $row['company']; } if(strcmp($coy, $company) == 0){ $coy will always = the very last entry of the result since you are overwriting the value $coy on each loop, so you are only comparing one item here instead of all of them from the result. You'd probably want to be making $coy an array and putting the values in it, and then checking to see if the new value is in_array() (not strcmp()). There is also no use in adding 0 to a column. That doesn't change a value so why do it? It just takes up unnecessary resources. Only increment the column by one if the provider is new (doesn't exist in the array) while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { //put existing values into an array $coy[] = $row['company']; } //Check to see if this is a new entry (so it wouldn't be in the array if it was new) if ( ! in_array($company, $coy)) { //run query to increment counter by 1 }