Karlos2394

Read up on.. ob_start(); ob_flush();

<?php session_start(); if ($_SESSION['6_letters_code'] == $_POST['6_letters_code'] && !empty($_SESSION['6_letters_code'])) { $to = "[email protected]"; $email_subject = "This is the email subject"; $name = $_POST['name']; $email = $_POST['email']; $number = $_POST['number']; $message = $_POST['message']; $email_body = "Name " . $name . " . Email Address " . $email . " . Phone Number " . $number . ". Message: " . $message; mail($to, $email_subject, $email_body); die(header('Location: http://www.anglianpat.com/test/thankyou.html')); } else { die(header('Location: http://www.anglianpat.com/test/wrongcode.html')); } ?>

To be honest I haven't been in web development a long time, so I'm not sure, I was wondering if I was correctly using it, which would be an effective way to use the function. Obviously i'm not, could someone please show me a piece or snippet of code which I can understand how it's effective and secure by using session_id() please? Karlos.

Can anyone actually help?

Basically, I give each user a different session_id() when they login, and regenerates every 15 mins. However, I was wondering if I could use session_id() as a security measure. I'm not entirely sure if this is a good way to use it, or if i'm using some bits which aren't needed at all. // Function whichs uses session_id() function Delete() { global $db, $ir; // $db = Database class || $ir = query for getting users info. if (isset($_GET['Id'], $_GET['Auth'])) { if ($_GET['Id'] && $_GET['Auth'] == session_id() && session_id() == $ir['sId']) { $db->query("DELETE FROM `events` WHERE `evID`=".$_GET['Id']." AND `evUSER`=".$ir['userid']); $_SESSION['dResult'] = 'Event Deleted'; } else { Error('An error occured while deleting the selected event.'); } } else { Error('An error occured.'); } } // Link to function. echo '<a href="events.php?act=Delete&Id=',$r['evID'],'&Auth=',session_id(),'">Delete</a><br />';

Well I got it working in the end, PFMaBiSmAd put me on the right track, I started messing around with it and my final query worked. function get_rank($MyStat, $OStat) { global $db; $Query = $db->Execute(sprintf("SELECT COUNT(*) FROM `userstats` `us` LEFT JOIN `users` `u` ON `us`.`UserID`=`u`.`UserID` WHERE `us`.`%s` > '%d' AND `u`.`UserLevel`<>'0'", $OStat, $MyStat)); return mysql_result($Query, 0, 0) + 1; } Thanks Ace && PFMaBiSmAd

Hey! Well basically i'm using a free database class <?php /* Nyna's Database Class (Criminal Existence) Link To Actual File. http://criminalexistence.com/ceforums/index.php?topic=18421.msg83533#msg83533 Copyright (C) 2004-2008 Nyna <[email protected]> All Rights Reserved. */ class CDatabase { function CDatabase($Server, $Username, $Password, $Database) { $this->_link = @mysql_connect($Server, $Username, $Password); if (!is_resource($this->_link)) { echo 'Connection To MySQL Server Failed!'; exit; } if (!@mysql_select_db($Database, $this->_link)) { mysql_close($this->_link); echo 'Failed To Select Database'; exit; } } function AffectedRows() { return $this->_affected; } function ErrorMsg() { return $this->_error; } function ErrorNo() { return $this->_errno; } function &Execute($sql) { $rs = mysql_query($sql, $this->_link); if ($rs === FALSE) { return $this->RaiseError(); } $this->_affected = @mysql_affected_rows($this->_link); return $rs; } function FetchAll($sql) { $rs = &$this->Execute($sql); if (!is_resource($rs)) { return $rs; } $rows = array(); while ($row = mysql_fetch_assoc($rs)) { $rows[] = $row; } mysql_free_result($rs); return $rows; } function FetchOne($sql) { if (is_array($row = $this->FetchRow($sql))) { return array_shift(array_values($row)); } return $row; } function FetchRow($sql) { $rs = &$this->Execute($sql); if (!is_resource($rs)) { return $rs; } if (($rows = mysql_num_rows($rs)) === FALSE) { $row = $this->RaiseError(); } else if (!$rows) { $row = NULL; } else { $row = mysql_fetch_assoc($rs); } mysql_free_result($rs); return $row; } function &RaiseError() { static $false = FALSE; $this->_errno = mysql_errno($this->_link); $this->_error = mysql_error($this->_link); return $false; } } ?> Well I've got this function function get_rank($stat, $mykey) { global $ir, $UserID, $db; $q=$db->Execute("SELECT count(*) FROM userstats us LEFT JOIN users u ON us.UserID=u.UserID WHERE us.$mykey > $stat AND us.UserID != $UserID AND u.user_level != 0"); return mysql_result($q,0,0)+1; // Being Line 87 } What are the problems? Well.. I recieve this error: Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\wamp\www\Cursed (Lite)\ImPoRtAnT-StUfF\GFunc.php on line 87