Alex

Call mysql_close() after $id = mysql_insert_id();

No, it's not the same content, completely different. If you try to get the contents of that page you get: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii"> <title>Download xml.xml</title> <script type="text/javascript" language="JavaScript"><!-- function docountdown(){ s_div = document.getElementById("dldiv"); count = count - 1; if (count > 0){ s_div.innerHTML = "Your request to download xml.xml is being processed.<"+"p>Please Wait... ("+count+" seconds remaining)<"+"/p>"; setTimeout("docountdown();", 1000); } else { s_div.innerHTML = "Your file is ready for download.<"+"p><"+"a href=\"/gr/xml.xml?\">Click here to Download File<"+"/a><"+"/p>"; } } var count = 60; window.onload = docountdown; --></script> </head> <body> <div align="center"> <script type="text/javascript"><!-- google_ad_client = "pub-2927823587298693"; google_alternate_color = "FFFFFF"; google_ad_width = 468; google_ad_height = 60; google_ad_format = "468x60_as"; google_ad_channel =""; google_color_border = "336699"; google_color_bg = "FFFFFF"; google_color_link = "0000FF"; google_color_url = "008000"; google_color_text = "000000"; //--></script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> <br /><br /> <table border="0" width="500"> <tr> <td> <fieldset style="padding: 2"> <legend>Download xml.xml</legend> <br /> <div id="dldiv"> Your request to download xml.xml is being processed.<p>Please Wait...</p> </div> <br /> </fieldset> <p> </td> </tr> </table> <script type="text/javascript"><!-- google_ad_client = "pub-2927823587298693"; google_alternate_color = "FFFFFF"; google_ad_width = 468; google_ad_height = 60; google_ad_format = "468x60_as"; google_ad_channel =""; google_color_border = "336699"; google_color_bg = "FFFFFF"; google_color_link = "0000FF"; google_color_url = "008000"; google_color_text = "000000"; //--></script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> </div> </body> </html>

Definitely not one of the most useful features in PHP, but it can come in handy sometimes, especially when you plan on distributing your code.

That won't work because http://fr33.ulmb.com/gr/xml.xml prompts you for a 60 second wait before downloading the file, so you'll be getting the contents of that page, not the actual xml file.

The point of escaping data isn't really to find out who's trying to hack your website and ban them. It's to protect just in case, someone might typo a < or something, that's no reason to ban them. You could create a black-list of things to ban people based on (like <meta..) that would give a better indication that they were trying to post something malicious, but I don't even think that's necessary. As long as you're correctly escaping user input someone trying to post a meta refresh is no more harmful than someone spamming, which some moderation will solve.

You're obviously having a problem getting the contents of the file. Check to see if $myXML contains the contents of the file you expect it does.

If someone tries to post "Hope you feel better & get well soon" you'd take that as an attack on your website?

Use date_default_timezone_set. Btw, you don't need to use time() as the second parameter in date(), if the second parameter is omitted it defaults to that anyway.

Well, no that's not how you would do it. It doesn't matter though, it would extremely unfair to ban a user for posting something that would be converted to an htmlentity by htmlentities().. If someone posts &, <, >, ', ", (or anything else from this list) you would ban them? Doesn't seem very fair to me.

Uploading the xml file to a remote local myself and testing this it worked fine: $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'http://website.com/somefile.xml'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $myXML = curl_exec ($curl); curl_close($curl); $sxml = simplexml_load_string($myXML); list($node) = $sxml->xpath('/playlist/trackList/track/location'); header("Location: $node"); I suggest you put error_reporting(E_ALL); at the top of your page and post back any errors.

htmlentities() doesn't convert commas..

That won't display the information that the OP is asking for.

htmlentities

Can you post the actual link to the website so I can try this myself?

As with many standards in programming (especially with OOP) interfaces aren't totally for you, they're for other programmers that might use your code. It's a good way to insure that an object will maintain certain methods.

Yes, except for use simplexml_load_string() inside of simplexml_load_file() now that you should have the contents of the XML file in $myXML.

That is not a multidimensional array. Neither $myArray["name"] nor $myArray["value"] is an array. Edit: Perhaps you meant something like this: $myArray = Array( 'name' => Array("SomeValue"), 'value' => Array("AnotherValue") ); array_push($myArray['name'], 'Added Name'); array_push($myArray['value'], 'Added Value'); echo "<pre>" . print_r($myArray, true) . "</pre>"; Output: Array ( [name] => Array ( [0] => SomeValue [1] => Added Name ) [value] => Array ( [0] => AnotherValue [1] => Added Value ) )

Here's an example: $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'WEBSITE URL HERE'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $myXML = curl_exec ($curl); curl_close($curl); // .. The rest of your code

Lol, I forgot about that too.. I was pretty sure there was something like that, I went to test it and I must've typed it in wrong.

That's not my code.. You tried to add an unnecessary endforeach; to my code and put it in the wrong place which is what was making it not work. <?php foreach($_GET as $key => $val) $vars[] = "$key=$val"; echo implode('&', $vars);

It shouldn't do that. Are you sure you're not echoing out the first variable previously? Or have it twice in your url?..

Alternatively you could use httpquerystring. foreach($_GET as $key => $val) $vars[] = "$key=$val"; echo implode('&', $vars);

I thought you wanted to compare the $csv string to the indexes of the array. Try something like this: $arr = explode(', ', $csv); foreach($row as $key => $value) { echo '<select size="5" name="'.$key.'">'; $c = 0; foreach($subcats as $index1 => $value1) { echo '<option value="'.$index1.'"', $index1==$arr[$c] ? ' selected="selected"' : null ,'>'.$value1[1].'</option>'; $c++; } $c = 0; echo '</select>'; }

This is done using mod_rewrite. Here's a decent tutorial on it, http://articles.sitepoint.com/article/guide-url-rewriting

if($csv == implode(', ',array_keys($subcats))) { // ... } implode array_keys