ialsoagree

Which implies that mine don't interact with each other, which is not the case?

How do you differentiate between monthly and annual items? Can you modify your SQL statement to group them that way (SQL is probably going to be much more efficient at grouping the data then PHP is).

aba hit it on the head. When you write functions, you're writing OO programming (at least, you have the methodology of OO). You're removing a chunk of your procedural PHP and placing it in a function that can be called from anywhere whenever it's needed without being rewritten in its entirety. True OO programming (that is, using objects) involves "collecting" similar functions and variables and placing them into a class where they're all together. I tend to use quite a few classes to handle tasks including sessions, validating user input, processing HTML (including writing HTML to the browser), interacting with the database (including creating logs of errors and webpage use) as abazoskib suggests. As you write functions for a PHP program, see if some of the functions seem to have a common purpose (IE. you have 2-3 functions that are meant to validate user inputted data) - it's probably a good time to make a class for it! This is how I got started writing classes, and once I got started I found it easy to find new methods that I could add to my classes. I even sometimes have parameters or methods in my functions that are there "just in case" I need them at some point while programming (for example, my database class records the last query run on the database and has since I've written - only a month or two in development have I ever used it for debugging, was glad I had it even though I haven't used it before or since).

I haven't actually run a test, I think it would depend on the XML format, but in general I think the XML should be faster because it doesn't involve communication between PHP and the DB. However, I generally try to tell myself "keep it simple stupid" when it comes to programming. Why use XML when you could just as easily create a txt file with a list of image URLs separated by a spacer? You could explode the string into an array and choose a random index in the array. Would probably be much faster than parsing an XML file (once again, haven't tested to confirm).

Thanks for the suggestion. I also thought about saving the functions to variables, and then setting the variables to 0 when a user shouldn't have access to them. But in the end I realized that for my problem, all this work just doesn't make a lot of sense. It's better for me to just write all that javascript out that a page could possibly need and let the server deal with any problems. Buttons and links that call those javascripts are hidden/removed when they can't be used, so if an error occurs and one of them isn't hidden or removed it's better the process go through and the webpage automatically log it (and if someone tries to abuse the system, that can also be logged). Thanks again though, appreciate the response.

I don't know if this is your problem but your PHP isn't written well <?php $con=mysql_connect('127.0.0.1','root','root'); // DO THE FOLLOWING ONLY ON SUCCESSFUL DATABASE CONNECTION if($con){ echo "Connection Successfuly \n"; } // DO THE FOLLOWING EVEN IF THERE IS NO DATABASE CONNECTION $db=mysql_select_db('Ajax',$con); $sql="SELECT * FROM `users` WHERE `user` ='".$_GET['user']."'"; $r=mysql_query($sql); $result=mysql_num_rows($r); echo( $result); ?> See the problem? You check if $con successfully connected, but even if it didn't, you still try to run a query. Also, I hope you realize that your $db variable is a boolean. mysql_select_db returns a boolean that represents whether or not it worked (TRUE if it worked, FALSE otherwise). Also, you're concatenating your variable to a string that's being parsed for variables: $sql="SELECT * FROM `users` WHERE `user` ='".$_GET['user']."'"; Because you use double quotes, PHP is searching the string for variables (parsing the string). But you remove your variable from the string (".$_GET['user'].") so there's nothing for PHP to find! You should do this instead: $sql="SELECT * FROM `users` WHERE `user` ='$_GET[user]'"; You also aren't escaping the user input! This makes it easy for a malicious user to inject SQL into your form that your database will then process!

It seems a better solution is just going to be to output all the javascript to the user (regardless of whether or not it should be accessible) and let the server do all the error checking. In thinking through the problem, this should not only save me work, but save the program work instead of trying to have it control what javascript is and isn't available at any given time.

$_SESSION is related to session handling in PHP. $_POST (along with $_GET) is related to user inputted data. These are good places to start learning. If you want specific details about session handling or about using user inputted data (user inputted data should probably be something you look into first) you can google tutorials related to it, here's a few: http://www.phpf1.com/tutorial/php-form.html http://myphpform.com/ http://www.thesitewizard.com/archive/feedbackphp.shtml

You've declared each of your check boxes with the attribute name="job". This means that each check box is going to overwrite the setting of the one before it (because PHP only makes one 'job' index, not one for each check box). There's a few solutions, but they all start with changing the name= attribute. If you're comfortable with arrays and the for each loop, you could change the attribute to name="job[]" which tells PHP to make an array with each of the job check box values saved separately. Or you could just name then different things (like job1, job2, job3).

Personally, I think learning PHP is very incremental. What you "must know" is dependent on what you already know. If you don't know proper syntax, for example, you really don't need to know what a for each loop is, or how to define a new class. Getting your syntax down pat is more important. On the other hand, if you're comfortable with PHP but aren't familiar with good use of classes and developing OO code, then that's where you need to be headed. If you're familiar with syntax and you have basic programming methodology (knowledge of how to break problems down into "yes or no" questions, and what order to put those questions in) then you should probably be focusing on security. There's certainly other important things to learn, like database interaction (if you don't already know it) and optimizing code, but IMO both of those are secondary to good knowledge of security. You shouldn't be messing around with databases or be worrying about if your code is efficient if the pages you develop are easily manipulated by a malicious user.

I want to be able to dynamically control access to different sections of javascript after AJAX responses. While not necessary for security (since checking is done server side anyway) I want to be able to remove/make different parts of javascript available to a user based on their AJAX actions on a single page. For example, if a user logs in (they log in through AJAX) I want certain pieces of javascript to become available to them. If they then log out (also through AJAX) I want to then disable that javascript. Is it possible to have this type of dynamic control over what javascript the browser can execute without reloading the page (IE. can I use javascript to write/delete other javascript?). My original thought was to include an external javascript file and have it reload after each AJAX response. The external javascript file would be written by PHP dynamically and only contain what javascript the user should have access to. But this doesn't appear to be a solution (or if it is, I'm not sure how to implement it). Any suggestions would be appreciated.

Nice catches cags! <? $height=(int)$_POST['height']; $restitution=(float)$_POST['restitution']; $distance = $height; $bounces = 0; while($height > 10) { $height = $height * $restitution; $distance += $height*2; $bounces++; } echo 'bounces: '.$bounces.'<br/>'; echo 'distance: '.$distance; ?>

Actually, this will cause it only to measure the "down" vertical distance. If you need to get the total vertical distance traveled: <? $height=(int)$_POST['height']; $restitution=(int)$_POST['restitution']; $distance = height; $bounces = 0; while($height > 10) { $height = $height * $restitution; $distance += $height*2; $bounces++; } echo 'bounces: '.$bounces.'<br/>'; echo 'distance: '.$distance; ?> The fix for the 0 problem is above.

For more information on single quotes and double quotes and how PHP processes them: http://php.net/manual/en/language.types.string.php

I'm not sure if this is the problem but try changing $count=file_get_contents($myFile); to $count=(int)file_get_contents($myFile);

Change this: <form method='post' action=''> to <form method='post' action=''> Then change your PHP to this: <? $height=(int)$_POST['num1']; $restitution=(int)$_POST['num2']; $bounces = 0; while($height > 10) { $height = $height * $restitution; $bounces++; } echo $bounces; ?>

You're not telling PHP to report an error if the file type is wrong: if ($type == 'application/vnd.xmind.workbook') { This if statement doesn't have an else statement, so if the file type is wrong, PHP doesn't do anything.

mysql_real_escape_string is used when you're storing something in a MySQL database. This command escapes quotes so that they can't be used as an SQL injection attack. It's not used to output data to the browser, it's specifically for data that's going to be put into a MySQL database. Therefor: <input name="brand" type="text" value="<?php echo mysql_real_escape_string(urldecode(stripslashes($_GET["brand"]))); ?>" /> should be <input name="brand" type="text" value="<?php echo urldecode(stripslashes($_GET["brand"])); ?>" />

You can't, your post might be useful to others if they have a similar problem so it's nice to have them around in case people search for a problem like yours.

Just wanted to make the original poster aware, the corrections people have posted are right and should be used. However, your original problem was related to the way you included an array into a string: $query = "DELETE FROM $Cur WHERE $pk = $_POST["pk"] "; To break it down, you have your string opening with a double quote: "DELETE FROM $Cur WHERE $pk = $_POST[" Then you abruptly end your string in the middle of declaring an array! You can't use a double quote to refer to the array index because this tells PHP to stop the current string, not to search for an array index as a string. Instead, you should address the index using single quotes: $query = "DELETE FROM $Cur WHERE $pk = $_POST['pk'] "; Also, it's worth pointing out that anytime you use double quotes, you're telling PHP to parse the string for variables and classes. So $_POST["pk"] tells PHP that inside this index reference you've included a PHP variable or class that you want PHP to parse. However, you actually haven't included a PHP variable or class, so you're wasting processing cycles because PHP has to parse a string that doesn't have any PHP in it. A reference to that index should look like $_POST['pk'] - the single quotes tell PHP not to parse the string and use it as is.

Perhaps I'm misunderstanding the problem, but isn't "$height = pow($height, $restitution);" incorrect? After all, if you're initial height is 100 centimeters, and based on the coefficient in his problem (new height = old height * coefficient), your line will give a result of 25.119 centimeters after 1 bounce. But by the definition of his problem (new height = 100 * 0.7) the new height should be 70 centimeters. "$height = pow($height, $restitution);" should be "$height = $height * $restitution;" ?

I don't have any problems with AJAX and sessions. AJAX sends the exact same HTTP request as a regular webpage load including cookies etc. so using start_session() gets you access to the user's session just as it would a regular HTTP request.

You have a form element set up the following way? <input name="file" type="file" /> Also try... echo $_FILES['file']['error']; Need to see some code to provide much more help then that.

$strtotime = '11:59pm third Sunday '.date('F Y'); if (time() <= strtotime($strtotime)) { // before 3rd Sunday of the month } else { // after 3rd Sunday of the month }

"index2" and "index3" is not defined as a variable, see correction below: <?php foreach( $Data as $index => $arraydata){ foreach( $Data[$index] as $index2 => $arraydata2){ foreach( $Data[$index] as $index3 => $arraydata3){ if($index3!=$index2) { if ($Data[$index][$index2]["Name"] == $Data[$index][$index3]["Name"]){ //THIS IS PROBLEM LINE echo "same name!"; } } } } //... ?> By the way, this also works (if you didn't realize you're creating multiple arrays): <?php foreach( $Data as $index => $arraydata){ foreach( $arraydata as $index2 => $arraydata2){ foreach( $arraydata2 as $index3 => $arraydata3){ if($index3!=$index2) { if ($Data[$index][$index2]["Name"] == $Data[$index][$index3]["Name"]){ //THIS IS PROBLEM LINE echo "same name!"; } } } } //... ?>