oni-kun

Caught it same time as you, I noticed it when I looked again.

I wasn't aware you were running a Windows server. Simply change it to a backslash, such as "..\shop\" and it should work! <?php $row = $_POST ['Chooserow']; $path1 = "\..\shop\Item\Description\"; $path2 = "\..\shop\Item\Price\"; $path3 = "\..\shop\Item\Brochures\"; $path4 = "\..\shop\Item\Images\"; EDIT: "\SpecialsAdmin../shop/", you need another slash at the beginning than to make it valid. Such as my code up there.

Use regular expressions to only allow a-zA-Z-_ etc. characters to be used. MySQL_real_escape will happen when the user creates the password, AND logs in later on. So there is nothing 'changed' since it escapes it each time it's entered/created.

Depends where "./shop/Item/Description/" is. But lets say it were root still. You'd use this: $path1 = "../shop/Item/Description/"; //Two dots = recurse one directory, out of admin to www then to /shop/... Or you can use an absolute path "domain.com/ship/item/description" But I assume you're going relative to preserve a cert..

You can use the function get_headers to easily get the headers and just find and parse the line "[2] => Server: (Apache or IIS)" To warn you, headers require 1-10 seconds to be grabbed, usually per domain. It may not be a viable solution for your problem.

eBay has an API I believe that can accomplish this, I don't believe it will be possible (without a looot of writing) otherwise.

Just an example, It's not going to be easy if you don't know the basics atleast.. http://www.phpclasses.org/browse/package/3138.html There's a php torrent parser, you may need to sign up to download it but that site is useful. You can use an example there, it should have all you need.

You would look at preg_match or substr to accomplish extracting data, assuming it's plaintext. You can apply it like this: $torrent_file = file_get_contents('./torrents/example.torrent'); preg_match("/seeds/", $torrent_file); //Just an example If there are delimiters you can use explode which may be easier as it'll put it into an array..

Not a single of my WAMP servers are configured to use short tags by default. Try switching them to "<?php". This is all I can see so far, and would explain the comment being echo'd atleast. (where is the comment btw? I don't see it in what you displayed, that should be relevant code.)

Any site listed on any search engine, has had their bot on their site at one point. If you see a security risk (such as bot listing hidden pages like /admin/) than you can simply use robots.txt to disallow access to certain areas. Virtually all (non-malicious) bots use robots.txt, other than that there is virtually no security risk, especially with search bots that are known.

They're bots for search engines, Them being included as a user allows them to spider your site more effectively, helping your search rank. Some bots register themselves or you can give them authentication etc, but some forums just list the guest bot as that, even if it's not actually a user.

First, I'm not sure what "-1" is for your error reporting, set it to error_reporting(E_ALL); and maybe it'll help? What is not returning? You should tell us what you're trying to do and give us the relevant code and errors.

Etc. Is this a php thing that detects a bot viewing the site and some how knows the name of the bot (or in this case the owner of the bot?) ... how is it done in php - is it php that is doing this kind of detection ? $_SERVER and preg_replace should do 'er! Here's some example code: $agent = getenv("HTTP_USER_AGENT"); $botname = ""; if (preg_match("/GOOGLE/i", $agent)) { $botname = "Google [bot]"; } elseif(preg_match("/ASK/i", $agent)) { $botname = "Ask Jeeves [bot]"; } elseif(preg_match("/MSNBOT/i", $agent)) { $botname = "MSN Search [bot]"; } etc. You can modify it to your needs, such as using that as an IF to remove all entries of the bots. (if you were wanting to do something with them)

He claimed to be of other language, so it might be an acronym he forgot to translate. I don't think you'd translate 'lol'.

Oh! The $id was not in <?php tags. I guess it was just a simple mistake, atleast we helped him with other things.

$date is a variable, so you must use double quotations: //insert data $insert = mysql_query("INSERT INTO News SET title='$title', body='$body', date=$date ") or die(mysql_error()); EDDIT: Nevermind, didn't see the first problem.

What does BF mean? I'm not so aware as it's not a common acrynom.

What is it that you exactly need help with? This is a PHP help forum. Pleas use code tags around your code as well, and show us the relevant code you actually need help constructing, functions etc.

Why are you echoing the row of 'datetime', when you're deleting a forum_questions row in your SQL statement?

You first need to explain your script and what it does, and how paypal will POST/GET the data to it or vice versa.

This is an IE problem with HTML, nonetheless you should change the code to this. Lets say you have the following PHP code: <style>@import('<?php echo $CSSDOCUMENT; ?>')</style> Or similar offending code. Remove it and place this in your <head> sections, wherever the template/head allows you to. <LINK href="<?php echo $CSSDOCUMENT; ?>" rel="stylesheet" type="text/css"> Easy enough, and much more compatible. This is a PHP help forum, so there's some code. If you need help placing it just ask.

Than from what we see, Nothing is wrong. You are not showing us all your code, we cannot tell the problem.

You would simply create a session, disallowing any use not logged in (within the session with the authenticated password you can pull from the database), than it will disallow access to members.php.. if ($_SESSION['loggedin'] == false) { echo "You must first log in to view this page!"; } else { echo "Welcome ".$_SESSION['username']." to the members area!" } Simple example, and you can set the session in login.php etc. redirecting to members.php. IF you want it to remain HTML, than you'll need to write a long script to parse a .htpassword from that.. but that's more HTTP than php.

This should work, I've done similar things. Try adding: error_reporting(E_ALL); After the <?php tag and tell us if you get any errors.

Well really as long as you check mimetypes, place the file in a random secure location (watching for collision and make 100% sure your headers force download and not running on anything on the download area, than it should be okay. If you wish to allow multiple files to be uploaded, you should make 100% sure the loops are solid, as a slight error could mean anything from injection to multi-stream attacks. <?php $allowedExtensions = array("txt","csv","htm","html","xml", "css","doc","xls","rtf","ppt","pdf","swf","flv","avi", "wmv","mov","jpg","jpeg","gif","png"); foreach ($_FILES as $file) { if ($file['tmp_name'] > '') { if (!in_array(end(explode(".", strtolower($file['name']))), $allowedExtensions)) { die($file['name'].' is an invalid file type!<br/>'. '<a href="javascript:history.go(-1);">'. '<&lt Go Back</a>'); } } } ?>