xeross

$step = isset($_GET['step']) ? (int) $_GET['step'] : 1; // Store data in session here if submit data switch($step) { case 1: case 2: ... require("folder/step_". $step . ".php"); break; } ofcourse you could also use a single if statement like: $step = isset($_GET['step']) ? (int) $_GET['step'] : 1; // Store data in session here if submit data if($step > 0 && $step < 5) require("folder/step_". $step . ".php"); Of course it's your choice what you use but 1 of these 2 might be more organized than the else-if example.

No need for disabling unless there's an exploit in your code.

However, what would be the proper place to make the calls to all the controllers, in the dispatcher ?

magic_quotes_gpc = Off This doesn't matter however but mikesta commented on it short_open_tag = On In general not good practice (As xml in files would break it when parsed) And as far as I know he had to find a leak in your site, it shouldn't be caused by your php.ini, it might prevent the exploit from working but it would still be present.

I would use a fall-through switch and save the steps in separate files to maintain some kind of structure.

You mean that you have multiple steps, and each step has a part of the form elements that need to be filled ?

Perhaps output buffering is turned on by default in the php.ini but I don't know if that would make it not work.

Controllers request data from the models, and handle this data accordingly (Possibly saving it for use in the view). Execute multiple controllers for navigation and whatnot and then make the template render everything.

I build this my own, so in some occasions something is worked out the wrong way like in this case the view class. If I got this right I should call controllers to get data and pass it to the view and then finally make that parse it once it got all the data (Navigation, page, etc.), just need to figure out a way to queue the controllers then, hmm.

Hmm, well the way it used to work was that the first $this->_view->display("template_name.tpl"); call would be processed and loaded into a variable and output in the content area of the master template. The way you are saying it would be that the controller or something would set what template it should use and once the controller finishes the template gets parsed with any data the controller stored. Now my view logic is obviously skewed but if I want to call 2 controllers I'd have to make a controller function to somehow load in the controllers and execute their members ?

passthru('/var/php/hash "' . $sanitized_variable . '"'); But you better make it 100% secure because if there's a leak here I'm sure it can be exploited pretty badly.

Well I'm using the .tpl extension but I'm not using smarty, just FYI. Also with use a template do you mean I should use a single master template, and put the logic result into a variable ? Also what if I would ever for some odd reason need to call 2 different controllers for 1 "page" how would I handle that (Has happened before).

You can use a regular expression to extract it.

Bump, I understand this is a big wall of text but it's hard to explain it in fewer words.

Ah ok, I didn't know that, time to edit my code

Checking for username individually from the password would be a possible security issue if the result is visible to the user, you could make a login script using ajax and some backend PHP however.

With pure PHP you would need to constantly refresh for it to count down, if you want a continuous one you would have to look into javascript as the previous poster suggested.

Also if the following is actual code it would also be part of your problem <?php require_once('http://www.my_site.com/auth.php'); ?> And yes the www problem might also be a valid one, make sure to check your urls.

I generally don't use typecasts, if something needs to be a number I tend to use is_numeric, and for more complex checks you could use regular expressions or readily available php functions like is_int, is_string, is_bool, etc. ~Xeross

As I'm new here, and hopefully will be of help let me introduce myself. I'm Stein van O. I'm 17 years old and live in the Netherlands. I'm completely autodidact when it comes to PHP/HTML/CSS/JS/AJAX/VB/C++/C#/Whatnot I've started learning to program when I was about 12 with the help of a friend and since then I've learned a great deal of the various programming languages available. I hope I will be able to assist young and old with their PHP problems, and I hope they can do the same for me. Regards, Xeross

I've been writing a CMS for a while now, and so far most of the time it fit the requirements (Tough lacking in some) however as time passes limitations have appeared, and as in my opinion one should make the code do what he wants and not do what the code dictates I have decided it needs a major/minor rewrite. Okay, so onto the problem, currently these 2 limitations have risen to the surface. [*]Outputting only the code in the designated template when a switch is activated [*]Specifying a title to be set in the application logic This can not be realized at the moment due to how the display logic is handled, here follows the general path any request follows: [*]Request arrives [*]The request gets parsed to get the data from it needed to initiate the application [*]Initialization code gets handled including connecting to the database and instantiating various classes [*]The header.tpl gets parsed into the buffer (Output buffering is enabled) [*]The main application logic gets called and the template that belongs to this application logic gets parsed into the buffer by the view class [*]After the main logic finished footer.tpl gets parsed into the buffer and then the buffer is sent to the user [*]Application cleans up and shuts down Now the bold step is one of the problems, as this means the main application logic can't set anything that's done in the header.tpl. You could say why not just wait with the header, well the header, footer, and really any template can have a call to another section of business logic (They call the dispatcher that basically gets called in step 1) including for example the navigation. Now the only thing I can think of at the moment is check if we're currently outputting the main application template through some kind of variable (And we'd have to somehow detect when we're launching the dispatcher from within the main template) and after that parse the header template and whatnot. However I don't have the slightest clue of how to handle this. Now another thing that could be done is a big rewrite of how it all works, however when I wrote this code this was the best way I could seem to write it, so if you have any philosophies or methods on how to handle this (While still keeping in line with the MVC pattern) I'd like to hear about it. Oh yes and finally, there's the issue of getting the title changes through when using ajax, but that's a different problem altogether which can be tackled after this problem. So if anyone that has read this post knows a way to solve my problems please leave a reply your input is greatly appreciated. Thank you for your time and attention, Xeross If anything is unclear after reading this post don't hesitate to ask for clarification, you can only help me to the fullest extend if you understand the problem