oni-kun

It works for me. Why not var_dump $uri and see what's missing?

I set print so it'd show you it works. This should work (on my previous example), replace the respective print line with this: $uri = urldecode($uri);

For one you have two ampersands.

urldecode A browser would output URL encoded (escaped) characters for compatibility. $uri = 'clans%26action%3Dclanregister%26clanID%3D325'; print urldecode($uri);

Turn error display_errors on, and set error reporting to E_ALL and it should tell you.

for ($i=201;$i<=300;$i+=2) { print "$i \n"; } I'm interested on a site like that as well, Upon googling I coudln't find much more than large *SQL relating projects, It'd be fun to brush up.

Would you be able to live without minesweeper an solitaire? I think not.

${"line$i"};

Oh god, another? I've seen domains going for 19.99, but $45?

Macs come with.. 8 programs installed by default? Not even open office? And what is stuffit expander I don't get it.

It outputs newlines, thus this will work: print nl2br(print_r($_REQUEST, 1)); Anything more fancy than that in a programmers perspective is pointless.

Oh really now?

system an hdparm or fdisk result? Why do you wish to do that?

If the object is more a 'resource', which you cannot store in a session. A solution is to copy all relevant data to a 'normal' array or object, or if you're able to, you can also serialize it.

You could also write it as: echo "<td>{$arr['title']},{$arr['year']},{$arr['rating']}</td><br />"; If you want to keep it nice and simple within a string.

No one will delete your account, it is wasteful. If you do not wish to recieve help from others, and have others write the code for you, look into the freelancing forum or else-sites. No one said you have to stay. If you want a wise ass remark, That code takes seconds to convert into PHP, why should you if you cannot act properly towards helpful advice?

htmlentities .. May help.

Powerful? I could mimick the function entirely in <12 lines. It's relying on a predefined security measure, such as Magic quotes, It's pointless.

No it doesn't. If he wants to practise proper security, then he should do it himself. Use htmlspecialchars() on the $_POST query, as you're allowing HTML/JS (thus what we call XSS) on the server, this obviously doesn't matter in this test, but in production there can be major security flaws and problems down the road. Here are a few functions to look into: htmlspecialchars strip_tags mysql_real_escape_string (when working with DB transactions)

http://roecomputer.com/stevie4/test2/hiUser.php?userName<script%20language="javascript">alert('Hey%20There!')</script>&header=2 Who the hell is teaching you PHP? If that's homework, You've got a lot to do. Filter_var, I wonder why that function exists.. doesn't do much.

The server shouldn't have special access to one's computer, It can't be done

Have yo not heard of search and replace? I was going to mention grep/sed, but I thought I'd get lashed.

I still fail to see a real scenario in which this would be needed.

Change ) && !empty($strFilename) { --> ) && !empty($strFilename)) { There was a missing bracket. Are you daft?