AaronClifford

We are having the exact same issue with a large project we are working on at the moment, we've tried all sorts with the non-included files (such as AJAX/Form Submission) and not really found a solution that was worth spending a huge amount of time on, aslong as your code is clean and you clean all the data coming in you should be OK. We have a database stored session system that provides a level of cover against actioning the scripts but at the end of the day you'll struggle to completly stop direct access. On the other hand any files that you include within your script can be protected by defining a value, like something below: In your top level files: define("IN_SCRIPT", 1); Then in any files that are included: if(!defined("IN_SCRIPT")) { die("You are not allowed to run this file directly."); } This won't work for any client side scripts such as ajax calls though.

I personally wouldn't mix it up all up like this but the above should work, you didn't have a line break between the two cars.

As far as I'm aware you don't need to specify the path like that, take a look at the check sheet for installation. http://pear.php.net/manual/en/installation.checking.php

Yep as Ch0cur3r has said the below will work (removed the whitespace after END_OF_BLOCK. <html> <?php session_start(); if(isset($_POST['submit'])){ if (isset($_SESSION['email'])) { $uid=$_SESSION['uid']; $con=mysql_connect("localhost","root","")or die(mysql_error()); mysql_select_db("regis")or die(mysql_error()); $add1=$_POST['add1']; $add2=$_POST['add2']; $city=$_POST['city']; $state=$_POST['state']; $country=$_POST['country']; if (isset($_POST['set'])){ $sett=$_POST['set']; } //check if the default address is already set. $check = mysql_query("SELECT uid FROM address WHERE uid = '$uid' and sett='1' ") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the default already set, it gives an error if ($check2 != 0) { die('Sorry, the default is already set.would you like to change it'); $display_block=<<<END_OF_BLOCK <form action="update.php" method="POST"> <h2>Would you like to change your default address</h2> yes:<input type="radio" name="update" value="1"><br/> No:<input type="radio" name="update" value="0"><br/> <input type="submit" value="submit" name="submit"> </form> END_OF_BLOCK; } else if($check2 == 0){ mysql_query("INSERT INTO address (uid, add1, add2, city, state, country ,sett ) VALUES ('$uid', '$add1','$add2' ,'$city' ,'$state' ,'$country' , '$sett' )") or die(mysql_error()); echo "Your address get saved in our Database"; echo "<br/>"; } } } ?> <a href="logout.php">logout</a><br/> <a href="add_address.php">Would you like to add another address</a><br/> <a href="default.html">Next Page</a> </html>

Yeah that makes sense actually, I'll have a little rewrite this evening.

I'm 100% sure that someone can do it better than this, but if it helps you on your way then all good. <?php $data = array(); $newData = array(); $fourZeroFourItems = array(); $articleItems = array(); $articleCount = 0; $fourZeroFourCount = 0; $data = explode("\r",file_get_contents("logs.txt")); // Get Total Amount Of Rows $total = count($data); // Data Not Needed $notNeeded = array(' --','[',']','GET ',' HTTP/1.0'); // Remove Unwanted Values foreach ($data as $item) { $item = str_replace($notNeeded,NULL,$item); $newData[] = $item; } // Split Up Data foreach ($newData as $item) { // Split Up Data $splitData = explode(" ",$item); // Build Bandwith Array $bandwidthItems[] = $splitData[5]; // Build Article Count $articles = strpos($splitData[3],"articles/"); if ($articles !== false) { $articleCount++; $articleItems[] = $splitData[3]; } // Build 404 pages $fourzerofour = strpos($splitData[4],"404"); if ($fourzerofour !== false) { $fourzerofourCount++; $fourzerofourItems[] = $splitData[4]; } } // Output Data print_r($bandwidthItems); //All Bandwidth Values echo array_sum($bandwidthItems); // Bandwidth echo $articleCount; // Total Number Of Articles print_r($articleItems); // Output All Article Items echo $fourZeroFourCount; // Total Number Of Articles print_r($fourZeroFourItems) // Output All Article Items ?>

No worries glad I could help!

Ah sorry what is the id field name for `shp_products`, replace the product_id with the id field from `shp_products`

Is the list of pages static, or dynamically pulled from some where?

Try: echo '<td><a href="addtobasket.php?acion&id='.$row['product_id'].'">Select Item</a></td>';

It may be something to do with your character set. Is it set to the below? <meta charset="utf-8">

Or alternatively you can set it to be 100% (at any browser size) with: html{ background: url('bgimage.jpg') no-repeat center center; min-height:100%; background-size:cover; } body{ min-height:100%; }

By the looks of it your setting the $_SESSION['prod_id'] in the while loop out putting your data. I'm guessing based on the limited code but this line: echo '<td><a href="addtobasket.php?acion&id=1">Select Item</a></td>'; Should be: echo '<td><a href="addtobasket.php?acion&id={$row['product_id']}">Select Item</a></td>'; However I'm not sure what "acion" is? Then in addtobasket.php it should be: $sql = "INSERT INTO `shp_order_items`(`product_id`, `user_id`) VALUES ('{$_GET['id']}' , '{$_SESSION['user_id']}')"; I'm sort of guessing based on the above code, but in theory it should work.

If you are looking to long poll, I'd consider taking a look at node.js it could be just what you are looking for. It's not reliant on JQuery. We are using it on a project that is in development at the moment to provide the user with live notifications; It's reduced load massively as we no longer need to keep checking for new data, we can just feed the user the new data as it becomes available. I've also just googled "node.js long polling" and found this tutorial on long polling in node.js that may be of use.