rab

Your site is broken.

<?php /* safe_sql($p) ** ** Argument type ** - String ** - Array ** ** Return value ** - String if string was passed ** - Array if array was passed */ function safe_sql($params) { $safe = array(); if( is_array($params) ) { foreach( $params as $p ) { $safe[] = safe_sql($p); } } else { if( get_magic_quotes_gpc() ) { $params = stripslashes($params); } $safe = "'".mysql_real_escape_string($params)."'"; } return $safe; } $safe = safe_sql("Bad input ' hax "); $_GET = safe_sql($_GET); // Get is now SQL safe, ( not recommended, sanitize individual values ) Try that out, you need to wrap your values in quotes.

<?php error_reporting(E_ALL ^ E_NOTICE); // Put this up here require_once("class_http.php"); // MySQL Connection $link = mysql_connect('mysql6.******.com', '*****', '*****') || die('Could not connect: ' . mysql_error()); mysql_select_db('dcremax') || die('Could not select database'); // IMO, i only put the query in a variable if it's not going to be a constant $result = mysql_query("SELECT * FROM Listings") || die(mysql_error()); $num = mysql_numrows($result); for($i=0; $i<$num; $i++) { $reo = mysql_result($result,$i,"reo"); $h = new http(); $h->dir = "/home/foo/bar/"; if( !$h->fetch("http://metrolistmls.com/cgi-bin/GetOneR.cfm?County=SA&iRow=0&nJL=7&MLSNum=".$reo) ) { echo "<h2>There is a problem with the http request!</h2>"; echo $h->log; exit(); } // Grab all the info if( preg_match_all("@http://mlsmedia\.metrolistmls\.com/bigphoto/(\d+)/(.*?)\.(jpg|png|jpeg|gif)@i", $h->body, $pictures) ) $pic = $pictures[0]; if( preg_match('@<td class="PageTitle" colspan="3" align="center"><b>(.*?)</b></td>@i', $h->body, $street) ) $street = $street[1]; if( preg_match('@<td align="center" class="PageTitle" width="534"><b> (\$\s*.*?)</b></td>@i', $h->body, $price) ) $price = $price[1]; // ... more and more ... if(trim($pic) == "") $pic = "../images/nophoto1b_small.jpg"; if( !empty(trim($price) ) { $sql = sprintf("INSERT INTO listings ". "(`streetaddress`, `city`, `price`, `squarefeet`, `bed`, `Fbath`, `Hbath`, `reo`, `agent`, `pic`) VALUES ". "('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", mysql_real_escape_string($street), mysql_real_escape_string($city), mysql_real_escape_string($price), mysql_real_escape_string($squarefeet), mysql_real_escape_string($bed), mysql_real_escape_string($fbath), mysql_real_escape_string($hbath), mysql_real_escape_string($reo), mysql_real_escape_string($agent), mysql_real_escape_string($pic)); mysql_query($sql) || die(mysql_error()); } } mysql_close($link); ?> Finish the information extracting.

Implement a CAPTCHA system, http://www.captcha.net/.

<?php $loan_id = (int)$_GET['loan_id']; $sql = mysql_query("SELECT upfc FROM Loans WHERE loan_id = '$loan_id'"); if( !$sql ) die(mysql_error()); while($row = mysql_fetch_assoc($sql)) { if( $row[upfc] == 0 ) $file_name = $loan_id . "point1"; else $file_name = $loan_id . "point2"; } ?> Untested.[/code]

<?php $langs = 2; // Increase this if you get more languages $default_lang = 1; // Default language function GetSentence($ValueID) { global $langs, $default_lang; $_SESSION['lang'] = (int)$_SESSION['lang']; if( $_SESSION['lang'] > $langs || $_SESSION['lang'] < 0 ) $_SESSION['lang'] = $default_lang; $ValueID = (int)$ValueID; $query="SELECT L{$_SESSION['lang']} as Lsentence FROM lang WHERE id='$ValueID'"; $result=mysql_query($query); if( !$result ) return False; $line=mysql_fetch_object($result); return $line->Lsentence; } // ... later on $sentence = GetSentence(10); if( $sentence !== False ) { // No error, continue } ?> Untested, give it a try

include "lib/functions.php"; That?

case 'DATE': Need quotes

check the manual, mysql_connect() takes 3 arguments.

Change echo "PN: " . $pageNumber . " CR: " . $comments_remaining . " CS: " . $comment_Start; to echo "PN: " . $pageNumber . " CR: " . $comments_remaining . " CS: " . $comment_start; Just a quick look over...

Where is $option defined? Do you mean $choice? Also make it if ($value == $option) { echo ' checked'; } You had a '; at the end brace

Just include the user's config file in the database config one. <?PHP //------ Paramaters to change ------// include "/path/to/$user/config.php"; //-------- ------------- --------------// //tables that are used by the objects $users_table = $dbprefix."users"; $statistic_table = $dbprefix."statistic . /* ** ... */

Move it to one path, then use that path to copy the file to other paths.

function test1($b='Nothing?'){ echo $b; } function test(){ $b = "foo"; test1($b); } test(); Or function test1(){ global $b; echo $b; } function test(){ global $b; $b = "foo"; test1(); } test(); // nadda

Please elaborate...