jcbones

The problem is in index.php BEFORE the "require()" that includes boot.php.

Nice find fastsol, although, I really don't like the way it is set up. A lot of redundant data input, which leads to great chances of data corruption.

Yes, Paypal has an API that handles everything. You send the total amount of the sale, along with the sale items, then the payer approves the sale. I haven't used the new API, as it has been a few years since I did paypal integration. I just looked over the API, and it seems to be more complex than it used to be (payments are now 3 step processes). So, yeah, have fun with that. Things to think about: Do you want Paypal to handle credit card info? If not, does your site have SSL? (it will need to). Anyway, start here http://https://developer.paypal.com/docs/integration/web/accept-paypal-payment/

I'm voting a no ban. I love to see people blow up because they can't follow directions.

Have you run the query in mysql console, or phpmyadmin or other interface, to see what it returns?

Did you read the post that Barand made, and you quoted? He gave you a script, called im_rotate.php, then he gave you TWO different image elements. One image element called the image, the other called the script.

You will never "have that skill", unless you first try and make that skill. Don't doubt yourself, push through that, know that you can. Follow the syntax, and it will all come together for you. http://https://dev.mysql.com/doc/refman/5.0/en/join.html PS. The reason you are only getting one row, is you are only asking for one row. You haven't ask for the rest from the resource.

You also have an error in your sql syntax. $query_image = "SELECT * FROM acc_images acc_ id='$id'"; Should be: $query_image = "SELECT * FROM acc_images WHERE acc_ id='$id'";

You cannot mix mysql functions with mysqli functions. They are two different libraries. You should be using mysqli, and NOT mysql.

These are all notices, and are being shown because the code is written, well, poorly. All of these are just notices that the script is trying to use variables/indexes that do not exist. The author did not check the variables before trying to use them. You have a few choices: A: ask the author to fix the script (recommended). B: fix the script yourself, by adding in some validation. C: suppress the notices through the php.ini and hope everything works fine (not recommended). Example $std = $option['std']; //this is one of the indexes listed in the notices. //a more proper way is to check if this index exists before using it. $std = !empty($option['std']) ? $option['std'] : null; //if the index 'std' in the $options array is not empty, then assign it to $std, otherwise assign 'null' to the variable $std.

Yes you can use 'and', it is just a lower precedence than &&. http://http://php.net/manual/en/language.operators.logical.php

The REQUEST_URI you are wanting is being populated via the $_SERVER superglobal. You can get it directly by calling $_SERVER['REQUEST_URI'] instead of trying to find it in a multidimensional array. As far as parsing it? Who knows, I have no idea what you are wanting out of it. I am going to guess that you want the uri query string parsed into an array. If so, this will give you that, NOTING however, that if the value is empty, the key will not be in the array. From your string given, this would be caller_zipcode, etc. Array held in $parsed_uri $pattern = '/(?<key>[a-zA-Z]+?)(?=\=[^&])\=(?<value>.[^&]+)/'; $string = $_SERVER['REQUEST_URI']; preg_match_all($pattern,$string,$matches); $count = count($matches[0]); for($i = 0; $i < $count; $i++) { $parsed_uri[$matches['key'][$i]] = $matches['value'][$i]; } unset($matches); echo '<pre>' . print_r($parsed_uri,true) . '</pre>';

To cancel a script if no form was submitted, this will do. Applies to scripts that do nothing but form processing. if($_SERVER['REQUEST_METHOD'] != 'POST') { exit(); }

You don't need to use exit(), unless you want the script to stop running. Otherwise, you are on the right track.

Of course you don't have to put all classes in one file. That is what include is for.

Dependency Injection is the terms you are looking for. class what { function __construct(ever $ever) { $this->ever = $ever; } public function DIme() { return $this->ever->me(); } } class ever { public function me() { return 'Method in class ever.'; } } $ever = new ever(); $what = new what($ever); echo $what->DIme();

You could use a foreach: foreach($ar as $file) { echo '<img src="test_files/' . $file . '" /><br />'; }

#continue from above *CHROMIUM AHHHHHH* process.php <?php //no whitespace, no BOM must come before this line. session_start(); //start the session. define('MYSITE' , $_SERVER['SERVER_NAME']); //define what our site is. $_SESSION['login'] = false; //we are NOT logged in. if($_SERVER['REQUEST_METHOD'] == 'POST') { //if a POST request has been made. $_POST = array_map('trim',$_POST); //trim the data. if(!empty($_POST['user']) && !empty($_POST['password'])) { //if the user and password are NOT empty. $users = ["User1" => "123", "User2" => "1234", "User3" => "1235"]; //list our users in array. if(isset($users[$_POST['user']]) && $users[$_POST['user']] == $_POST['password']) { //if the password matches for the user entered. $_SESSION['login'] = true; //log the user in. header('Location: http://' . MYSITE . '/login.php'); //send the user to panel.php exit(); //stop further execution of script. } else { //if the username and/or password is wrong. header('Location: http://' . MYSITE .'/error.php?reason=wp'); //send them to login_error.php with a reason code. exit(); //stop the script. } } header('Location: http://' . MYSITE . '/error.php?reason=nv'); //if the user or password was empty, send to login_error.php with reason code. exit(); //exit the script. } error.php <?php if(isset($_GET['reason'])) { //if there is a reason to be here (should be the only reason we are here). switch($_GET['reason']) { //run a switch. case 'nv': //if the reason is nv (not valid). $message = 'You must enter a username and a password.'; //set the message. break; //break the switch to keep it from going further. case 'wp': //wp (wrong password/username). $message = 'You entered a wrong username and/or password.'; break; } } //echo the message, redirect in 5 seconds. echo '<html><head><meta http-equiv="refresh" content="5;URL=login.php"></head><body><div>' . $message . '</div></body></html>';

FatesCall, here is something to play with, fully commented, and working. Maybe this will help you understand flow login.php <?php //No white space or BOM before this tag. session_start(); //start the sesson. if(isset($_SESSION['login']) && $_SESSION['login'] == true) { //if the session is set, and session login is set to true. echo 'Thank you for logging in!'; //tell them that they are logged in. $_SESSION['login'] = false; //for testing purposes, I then disable the login. } else { //if we haven't logged in, then show the form. ?><form method="post" id="login-form" name="login-form" action="process.php"><div class="login"> <input type="text" placeholder="username" name="user" required><br> <input type="password" placeholder="password" name="password" required><br> <input type="submit" name="login" id="login" value="login" /> </div></form> <?php } ?>

Most PHP files can be set to 640 with directories set at 755. PHP needs read/execute permission on directories in order to enter a directory, but it only needs to read a file. Only shell or binary scripts need to execute a file. Any file that is called by a user directly should be at least 644. If your directories are set to 755, and your included files are at least 640, you need to check the file owner/group to make sure it hasn't been changed.

I would suggest phpmailer anyway. E-mail requires everything to "be just right", and the libraries, that have been out a while, have it all figured out.

:user = placeholder for the prepared statement, it is exchanged by the database (If pdo is started properly) when the statement is executed. //Then bind the username to the query. $stmt->bindParam(':user', $_POST['user'], PDO::PARAM_STR); //send the 'user' index from post to the database on execute, so that the exchange of :user can happen. LIMIT 1 = "only return 1 row from the database", this should be redundant, because you shouldn't have more than 1 user with the same username. I'm not sure what you mean by key. The algorithm, the cost, or the salt? password_hash()

You show no search form, nor do you show what you are trying to search for. It would be near impossible to suggest a solution.

You could write a bash script, and call it with cron.

Now if you need to add client supplied parameters to the query, in a where clause, then the process is a little different. Also note, there is no error checking in this script. If something fails, you will have no way of handling it. Post back if you need more help. script.php <?php require_once 'config.php'; //this gets the database connection. $table = '<table cellspacing="3" cellpadding="3">'; //start our table, I usually hold the building in a variable, for output later. $query = "SELECT MachineName ,BedSizeX, Weight FROM machines"; //This is the query we send to mysql. $i = 0; //This is a control variable. //since we DON'T have client parameters to add to the query, we can use a standard query. foreach($pdo->query($query) as $row) { //since we use a standard query, you can call it in a foreach to get each row. if($i == 0) { //if our control hasn't been used. $keys = array_keys($row); //we get the column names. $table .= '<tr><th>' . implode('</th><th>',$keys) . '</th></tr>'; //and add them as table headers. ++$i; //then increment our control so that this block will not run again. } $table .= '<tr><td>' . implode('</td><td>',$row) . '</td></tr>'; //then we populate the fields of the table with our data. } $table .= '</table>'; //Then we end the table. //since our table is in a variable, we can now move it wherever we want on our page. echo $table;