Zane

you should never have to store a password in a cookie or even a session. The password should go straight to MD5() and then to a database to stay. You could store the username or user ID in a cookie along with the remember me variable which should just be a boolean. Most always the variable should be true no matter what (because no one is going to need a cookie to not be "remembered.") You'd also need a new field in your user table...signifying if they're still logged in or not. I would make this field a varchar to keep a copy of the session id from whence they clicked "remember me". You might also want a table for your session logs...(if you don't prefer sending them to an apache log file). In the session log, you should have a session id and a user id for every session....and maybe a field for "logged in" (boolean). Then when you are displaying your login table. Add conditions to check -if the cookie is expired or not -grab the session id and user id from the cookie -search the sessions table for that session id ...for a match -compare the user id in that resulting row with the cookie's user id -check the same session table to see if they are "logged in" still. -consider them logged in -un "login" the old session -edit the cookie accordingly -do it all over again. I think that's the jist of it....I may have left out a detail or two, but that's my idea of it all. Someone will probably cut me up on security issues soon enough anyway, so there's definitely more to it.

hobby

-don't use short tags -what is $dl_count_show1neilsodfrobak again? -have you tried using $dl_count_show1neilsodfrobak in place of $dl_count? - use CODE TAGS(#) next time

if you can see PHP code in View Source.....PHP is not installed correctly...well....at all technically

I don't see the point in this mod..if this were installed then there would be code tags galore.  If you so mentioned a word of "code"...you would be code tagged. Just the way you did KingPhillip [quote][nobbc]A simple check to see if there are code tags (<?php, <html>, etc) outside of [code] or [php] tags,[/nobbc][/quote] If the mod worked logically it would do this [quote]A simple check to see if there are code tags ([code]<?php, <html>, etc[/code]) outside of [nobbc][code] or [php] tags,[/nobbc][/quote] or this [quote]A simple check to see if there are code tags[nobbc] ([code]<?php[/code], [code]<html>, etc[/code]) outside of [code] or [php] tags,[/code][/nobbc][/quote] something like that

you could just explode by colon list($table, $column) = explode(":","table:column"); echo $table; echo $column;

By always do you mean you get it EVERYTIME no matter what, even if the field is blank. because according to your code...error is only set to one when the username passes the test...of validation also...it might help on your preg_match if you took away the dollar sign...there's really no need for it. I'm sure if you change you code to this though, your problem will be solved if(!check_field1($Fname)) { $error = 1;

also you might want to take the number out of quotes...since it is in fact a number and not a string SET Money = Money - $bid[amount] and your associative index syntax is bad too...should be $bid['amount'] so in conclusion UPDATE player SET Money = Money - {$bid['amount']} WHERE id = {$bid['bidderid']} UPDATE player SET Money = Money + {$bid['amount']} WHERE id = {$bid['bidderid']} and the curly braces are there to avoid excess concatenation

first of all....wrong forum...(I'll move it) second of all...your Money field has to be a numeric data type and third...you need to change your query just a bit this SET Money - '$bid[amount]' should be SET Money = Money - '$bid[amount]'

Yes, we all play poker together on Wednesday nights and talk about PHP. Just kidding.

what error?....a permission error? look at chmod

the less lines the better

echo"

of course if you do that __construct($dir = false, $count = false) then you'll have to change your function around accordingly...or you'll get a totally different error for when you try to access a directory. something like.... error accessing directory because it is false I would set a small line like if($dir === false) $this->directory = "your/directory/path"; within your function

Well they're already talking about bringing this into development this summer. The PowerMAT. It was on Attack of the Show. This is for real. And if it takes off, the technology could be incorporating into architecture (building, devices, etc) I've always wondered if this was possible but was skeptical since it would somehow involve a lot of radiation. But I'm not much of a scientologist to argue the aspects of all this electromagnetism and what not. Nevertheless, I think this is awesome and can't wait to try this out. Watch the video, the video explains better than the article. here's an awesome example. Of course the host dude is half retarded or something. PowerMAT presentation

I never thought the day would come when I could hang my flat screen on the wall, NOT plug it into an outlet and it be powered up. This is amazing, I can't wait to try this out! http://blog.wired.com/gadgets/2009/02/wireless-charge.html I don't like the commercialized aspect of it...the PowerMAT bullshit with the sleeves and matching base and all that. But I do enjoy the idea of having houses built to suit this technology. For instance having an entire table dedicated to power or a wall.

really drisate's approach is a better method...and the most common...I was just pointing out another function. for gits and shiggles. but the reason it's only showing the last one is because you aren't concatenating this $display= $word; needs to be $display .= $word; note the period in front of the equals sign......that's a concat operator

my badd should be foreach(str_word_count($search, 1) as $word)

remember to mark as solved

the 11 stands for the max number of digits....but either way....if you have an 11 digit length and you enter 99999999999 ... it will not work you may get an out of range error...and you will ONLY get the maximum value for that numeric type for your value.....in this case 2147483647

you didn't use code tags

pardon me for being nitpicky but try changing all that completely You should always avoid looping a select statement....whenever possible. Besides SELECT * FROM `people` WHERE `id` = {$i} LIMIT 0, 30 is only going to return ONE row anyway so why limit with a range to 30 Another note if($row = should be while($row = That's the only loop you need.....to loop through your results $query = "SELECT * FROM `people` WHERE `id` IN (1,2,3,4)"; $result = mysql_query($query); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { if ($row['id'] == 2) echo $row['id'] . " "; } ?>

mod_rewrite

http://dev.mysql.com/doc/refman/5.0/en/numeric-types.html Straight from the MySQL manual It's pretty straight forward....if you think you're gonna need numbers up in the billions then use a BIGINT IF you think you won't need numbers past 127 then stick with tinyint. It's all about what you need...not what's the rule.

Well you second option to this fiasco here is to waste resources trying to be secure. You can strip the email of the domain.....PING it and throw an error if the domain is not valid. You can check the main part of the domain for verification.. i.e the dot com area. Make sure it's a valid ICANN suffix. (.com, .net, .biz .tv ...etc, etc etc) You could make the user type their email several times so they don't just type random characters...with an @ symbol Either way though....unless you have them confirm by a link that they received the email....there is no way to tell if the email is real.