esahp

Yeah, I know about that. I spent a few days trying to get that right, and so far so good. My question is can I do either of these two things with htaccess: 1) Can I make it so certain rules inside the HTACCESS apply to a specificed directory (no more no less)? OR 2) Can I make it so the entire HTACCESS applies to a certain directory (no more no less)? * Sorry if that was blunt, trying to make it clear :)

How would I restrict the entire HTACCESS file (or just certain rules *in* it), to the directory it's in? For example: /home/blah/public_html/.htaccess - works in /home/blah/public_html but does not work in /home/blah/public_html/boo My HTACCESS consists of: [code] RewriteEngine on RewriteRule ^id/([^/\.]+)/?$ index.php?id=$1 [/code]

bump [b]again[/b] I tried without encoding it and it's still not decrypting right.

bump

SOLVED, no thanks to the [s]great[/s] folks at phpfreaks.

Got it working.

I'm not quite sure how to do this or exactly how to explain it. There is a peice of code I want dynamically placed around a certin menu item when that menu item is clicked. The layout is setup where the navigation looks like tabs at the top, and <li id="first" class="active"></li> will make that tab look like its the 'active' one. I have the navigation in nav.php which is included with include();. I'd like for the tab I click on to appear active on that page. Hope I've made this clear enough.. [i]nav.php[/i] [code] <li id="first" class="active"><a href="index.php">Main</a></li> <li><a href="staff.php">Staff/Servers</a></li> <li><a href="tos.php">TOS</a></li> <li><a href="aup.php">AUP</a></li> <li><a href="#">Link</a></li> <li><a href="#">Link</a></li> [/code]

I'm looking to keep the information in my database unreadable to the human eye. Pref. using a long password to 'decrypt' it and make it viewable to the admins in the admin panel. I know of some encryption methods that can do this such as Blowfish. However, I'm not sure where to go about using encryption in this manner with PHP. Basically: Someone signs up > data is encrypted with a password and inserted into the mysql database > an admin logs into the admin panel and goes to the Pending page > the data is selected from the database, decrypted, and displayed. I already have it working in plain text, so it's just the matter of sticking encryption on it.

Actually, with the power of ctrl+v it was quite easy :P I noticed you have mysql_real_escape_string(); whereas I have mysql_escape_string(). From the looks of the php manual mysql_real_escape_string(); is better. Is that true?

Thankyou for giving me a straight answer.

That still didn't answer my question. First post: "Is there anything further I can do? Or is what I already have done it." Also, quoting my second post "I was told I didn't need addslashes(); if I had both mysql_escape_string(); and strip_tags();" is this true that I don't need addslashes(); if I have both of the following, or do I still need to include it somewhere? And whats the deal with magic_quotes_gpc?

I was told I didn't need addslashes(); if I had both mysql_escape_string(); and strip_tags();

I have a signup form, and the data on it will get inserted into a MySQL database. Now as far as I know I've taken the proper steps in the following code to prevent SQL, javascript, and html source injections. Is there anything further I can do? Or is what I already have done it. I have the signup form action go to another page, and the contents of said page are: [code] <?   $firstname = mysql_escape_string(strip_tags($_POST['firstname']));   $lastname = mysql_escape_string(strip_tags($_POST['lastname']));   $email = mysql_escape_string(strip_tags($_POST['email']));   $phonenumber = mysql_escape_string(strip_tags($_POST['phonenumber']));   $homeaddress = mysql_escape_string(strip_tags($_POST['homeaddress']));   $citystate = mysql_escape_string(strip_tags($_POST['citystate']));   $country = mysql_escape_string(strip_tags($_POST['country']));   $domainname = mysql_escape_string(strip_tags($_POST['domainname']));   $username = mysql_escape_string(strip_tags($_POST['username']));   $password1 = mysql_escape_string(strip_tags($_POST['password1']));   $password2 = mysql_escape_string(strip_tags($_POST['password2']));   $rules = mysql_escape_string(strip_tags($_POST['rules']));   $legalinfo = mysql_escape_string(strip_tags($_POST['legalinfo']));   $age = mysql_escape_string(strip_tags($_POST['age']));   $sitedetails = mysql_escape_string(strip_tags($_POST['sitedetails']));   $aboutus = mysql_escape_string(strip_tags($_POST['aboutus']));   if ($firstname == "") { $errors .= "First Name field was left blank.<br />"; }   if ($lastname == "") { $errors .= "Last Name field was left blank.<br />"; }   if ($email == "") { $errors .= "Email Address field was left blank.<br />"; }   if ($phonenumber == "") { $errors .= "Phone Number field was left blank.<br />"; }   if ($homeaddress == "") { $errors .= "Home Address Field was left blank.<br />"; }   if ($citystate == "") { $errors .= "City&State field was left blank.<br />"; }   if ($country == "") { $errors .= "Country field was left blank.<br />"; }   if ($domainname == "") { $errors .= "Your Domain field was left blank.<br />"; }   if ($username == "") { $errors .= "Desired Username field was left blank.<br />"; }   if (($password1 == "") || ($password2 == "") || ($password1 != $password2)) { $errors .= "Password fields were left blank or do not match.<br />"; }   if ($rules == "") { $errors .= "You didn't agree to the rules.<br />"; }   if ($legalinfo == "") { $errors .= "You didnt agree to the legal information.<br />"; }   if ($age == "") { $errors .= "You didnt state you were over the age of 18.<br />"; }   if ($sitedetails == "") { $errors .= "Site Details field was left blank.<br />"; }   if ($aboutus == "") { $errors .= "About Us field was left blank.<br />"; }   if (isset($errors)) {     echo $errors;   }   else {     // SQL Query stuff here     echo "Works!";   } ?> [/code]

bump Please help..

I don't understand how to tell the rows apart. I've added a new part in the table for the Accept/Reject button, and the buttons themselves, I just have no clue how to make the buttons update the row that it sits on. [code] <?PHP   include "db.php";   $query = "SELECT `fname`, `lname`, `email`, `phone`, `address`, `citystate`, `country`, `domain`, `username`, `password`, `rules`, `legal`, `atleast18`, `details`, `aboutus`, `ip` FROM users WHERE `status` = '1'";   $result = mysql_query($query) or die('Query failed: ' . mysql_error());   echo "<table border='1'>";   echo "<tr><th>Full Name</th><th>Last Name</th><th>Email</th><th>Phone</th><th>Address</th><th>City/State</th><th>Country</th><th>Domain</th><th>Username</th><th>Password</th><th>Rules</th><th>Legal</th><th>18?</th><th>Details</th><th>About us?</th><th>IP</th><th>A/R</th></tr>";   while ($data = mysql_fetch_array($result)) {     echo "<tr><td>";     echo $data['fname'];     echo "</td><td>";     echo $data['lname'];     echo "</td><td>";     echo $data['email'];     echo "</td><td>";     echo $data['phone'];     echo "</td><td>";     echo $data['address'];     echo "</td><td>";     echo $data['citystate'];     echo "</td><td>";     echo $data['country'];     echo "</td><td>";     echo $data['domain'];     echo "</td><td>";     echo $data['username'];     echo "</td><td>";     echo $data['password'];     echo "</td><td>";     echo $data['rules'];     echo "</td><td>";     echo $data['legal'];     echo "</td><td>";     echo $data['atleast18'];     echo "</td><td>";     echo $data['details'];     echo "</td><td>";     echo $data['aboutus'];     echo "</td><td>";     echo $data['ip'];     echo "</td><td>";     echo "<form action=\"blah.php\" method=\"post\"><input type=\"submit\" value=\"A\">";     echo "<input type=\"submit\" value=\"R\"></form>";     echo "</td></tr>";   }   echo "</table>";   mysql_free_result($result);   mysql_close($mlink); ?> [/code]