noXstyle

Hi, Domain masking ain't the right term to use for sure. Well, you can if you change the link to a form and send the data using POST. In that case the url can be whatever you like since you're sending the mission critical data behind the curtains. Also that is one hell of a url since you send the product descriptions and stuff. Since you probably have the product data in database why not fetch it by only sending the product id? In that case you would only have to do: <a href="product.php?id=<?php echo $row['id']; ?>" class='productlink' rel="nofollow" ><?php echo $row['description']; ?></a> And you were concerned about SEO. In that case you might want to use use mod_rewrite to rewrite the urls to: product/product-name If you have unique product names you can fetch the product from database based on the name given. In real life it is rather poor implementation and i would suggest passing the id anyway. If you don't want the id to appear on url make a form and pass it via post. Hope I'm making any sense.

Oh sh*t, yeah sorry.. I was wrong here. To be honest, the idea of somebody storing security related data as included variables didn't even cross my mind. Thank you PFMaBiSmAd for straightening this out. I was going to run an escape loop through the post superglobal but couldn't be arsed to change the variable names.

Ok, so yea now you got it all wrong... Line: if (!mysql_query ($firstname && $lastname && $address && $state && $city)) { doesn't do anything. When you insert data you do mysql_query($sql). Also that checks if mysql_query() fails. And it does indeed without proper query. My suggestion to your code would be: <?php include('init.php'); foreach($_POST as $k=>$v) ${$k} = mysql_real_escape_string($v); if (!empty($firstname) && !empty($lastname) && !empty($address) && !empty($state) && !empty($city)) { $sql="INSERT INTO customers (first_name, last_name, address, state, city) VALUES('$firstname','$lastname','$address','$state','$city')"; if(!mysql_query($sql)) echo 'Error while inserting data to database'; else // no empty values and database insert was successful, output success message or something } else echo "You must fill the entire form!";

Ok, whats the problem here? I just get text saying '1 record added' when filling the form. Did you fix this already? And yeah, you might want to do the sql insert only if the form is filled. Also you could loop the $_POST variables instead of manually assigning them: foreach($_POST as $k=>$v) ${$k} = mysql_real_escape_string($v);

Update to my previous post: If you're still looking for the bolded price, the following code actually gets you the results: $goldPrice = (float)$html->find('#pricing_goldCurrent table tbody tr td', 1)->plaintext; And what comes to the server error: I was working with simple html dom with a server that had file_get_contents() disabled, so i had to replace the content loading mechanism. Obviously this is not the case since you can run regex on the content. The library is pain in the ass in a sense that it fills up the memory freakishly easily and as a result you just get a boring 500 internal server error. And the best solution i came up with is to debug step by step the freaking code. Fortunately clear() function frees up all unused stuff real nicely. The previous code i supplied caused some sort of loop and raised an error since it didn't return an object. This might be one of the reasons for server error. If you decide to stick with the library, try to var_dump the $html you loaded and see do you get anything out of it. If you do the code above will get the price for you. And yeah like CPD mentioned regex works too, but it tends to complicate things more than necessary. I was trying to make a case against regex and it's extensibility in this context but couldn't come up with anything. Fair enough.

Hmm... About the HTML markup: echo'<input type="hidden" name="id" value='.$id.'>'; Should be echo'<input type="hidden" name="id" value="'.$id.'">'; Also the last part is unnecessary on line: echo"<b>name:</b>".$record->name." <b>Price: </b>".$record->price.""; Should be: echo"<b>name:</b>".$record->name." <b>Price: </b>".$record->price; Make sure the form targets are correct. You show a form with action to home.php and give us error from shop.php. Which form targets to shop.php? Undefined index notice will get risen when you are trying to access array key that is not specified. In this instance you are posting data and trying to access id key, which was not present on the form you submitted. Just make sure you are submitting the right form to the right place and you should be golden.

Hi JohnS! Take a look at Simple HTML DOM parser. Basically you can get the gold value by using: $html = file_get_html('http://www.lbma.org.uk/pages/index.cfm?page_id=46&title=current_statistics'); $element = $html->find('#pricing_goldCurrent table tbody tr td')->children(1); $goldValue = (float)$element->plaintext; If that doesn't work try out descending from the div id 'pricing_goldCurrent'. Simple HTML DOM also has an adequate documentation to get you well on your way.

Check out simpleXML: http://php.net/manual/en/book.simplexml.php http://www.php.net/manual/en/simplexml.examples-basic.php Makes your job so much easier.

varchar is fine. Do a var_dump() on the price field and see what it outputs. One tip though: It is way more convenient to save a price (since you're dealing with prices) as a numeric value to database. And then when you get the data you would echo it like: echo 'price="' . $row['price'] . ' £" '; So my suggestion is you make the type of price field as FLOAT or DOUBLE and append the pound sign to the price while outputting the data. That way you can do calculations with the price if needed in the future without processing the fields with php.

Hi, Just to pitch in here: you don't necessarily need captcha to prevent spam. What I usually do is: 1. Give a random name (e.g. kifer32w39) to email field. Validate this field as email. 2. Create email field and hide it. When the form is submitted check that this field is not filled. If it is, don't submit the form. Pretty efficient against spam bots since most of them fill out most used email field names. Of course this doesn't eliminate manual spam, nor does captcha for that matter.

No. You save the pound sign as £ to database which is html entity equivalent to £. When you output the data from database the £ will automatically be converted to £.

Save the pound sign as £ to database. For example if you are saving input to database you would replace the pound sign like: $input = str_replace('£', '£', $input);

Hi. Can you try to be a bit more specific? Or try to express yourself a bit more clearly? The way I understood this is that you are trying to create a view counter for videos. Am I correct? Or are you trying to get the amount of views a specific person has viewed a single video? Anyway: what your code does it increments the counter each time the code block is executed. If you want to get the views for specific videos you should for example assign a video ID or something similar to the view array. $views = $_SESSION['views'][videoID']++; In that way it increments the counter for a specific video, when user views another video another video ID is being incremented. In case you want to get the total views, you should increment database view counts rather than session values. Hope this makes any sense.

True. Or you could just return the output of the number_format: // return number_format($shippingCost,2); //

hi, zend has neat validation libraries, so does CI and you can browse the code directly on github. c'mon now, it's not that hard to find a email validation function. but anyways, try: preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/", $e); Edit: hmm wait a sec, your regex is identical to mine. apart from the domain length... which email are you trying to validate? if you have a domain like .info your regex will return false since it accepts only 3 chars to the extension.