birbal

because it is possible to make fully functional website or application witihout JS but not without PHP... JS mainly used for user experiance (for commonly used website). so JS could be letssprioritize while learning things. though it could be interchangable with PHP depending upon the purpose of site or individuals goal though (like if you are making js game ). that is the order i learned those languages. personally, I prefer to learn in need to know basis.

best would be echo "var div = document.getElementById('subcat');"; for better readibilty. escaping makes it messy and harder to read.

it would be better to draw thw site and its layouts somewhere. people use papers or digital garphic software like photoshop or both for doing this. once you finalize the layout start coding it html and css. learning from HTML>CSS>PHP>MYSQL>JAVASCRIPT would be nice

Your syntaxis not right. you shoud add condition using conditional operators like and,or. if you want to match where email and pasword combo matches you have to include password in WHERE condition too. also 'password' should be $password if you want to insert password in db. for hashing you should use one of sha family or whirlpool, or blowfish, or rjindal family instead of md5.

that php function will only work in windows, also it will take screenshot of server not client. easiest way of doing this would be using canvas .

it will work as long server php has mysqli enabled and have newer mysql database engine 5.1 and later. php newer version instllation forom php.net have mysqli by default.

you should use timestamp to compare dates. first calculate the current day timestamp range. use mktime() to get timestamp certain date of 00 hour 00minutes 00 seconds (when day starts) and now get timestamp of $row_rsReleaseQue['duedate']. if current timestamp is greater than the DB timsetamp, then due date has not come yet.if current timestam less than DB timstamp either due date is today or due dat has been passed. to check if it is due date or due date passed, substract current timestamp and DB timestamp if it is greater than 86400 due date has passed else today is duedate

putin it outside webroot will work too. which means by any means it is not accessible to public but accessible to php. .htaccess files need to parse on each request thus it affect little bit on performance. It is always recomened if ithere is option for alternative of .htaccess should use that (like if you have access to httpd.conf it is better to set there rather than .htaccess.. similarly, in this case where there is option for doing the same job without .htaccess. i would choose that.

products are fetched from database. shoping cart use session to store the information of the selected product. they holds reference to the product objects. when you buy the products it fetches the products again from the shoping cart ad take certain action like buying,billing etc.

<?phpclass baf{ private $foo='bar'; }$obj=new baf();$obj->get();$prop=new ReflectionProperty('baf','foo');$prop->setAccessible(true);echo $prop->getValue($obj); //prints out private property. same way workswith protected ptoperty?> yes, you can use it when property is not accessible on the fly. setAccessible() is not static method of properties it is method of ReflectionProperty. we use ReflectionProperty on class property to set or get access to them.

also printing out the success message wil not ensure that updates is successfull. it will display it anyway. you have to use mysql_affected_rows() to get actual number of rows it updated. and display succes message when the condition met. http://php.net/mysql_affected_rows

what is it suppose to do? you can remove this part. simply updating the column where both email and password match will work. now when you use that, it takes all user from DB an keep looping thorugh untill it reaches last user. at thattime it keep it overwriting $email and lastly it has the value of last user. where as $password remains same as you inserted through the form. so both is not being the same to match the combo.

wwhich function? i am not sure what you mean. it could work but it is wise to not mixup both api and mysql resource. as both are different db engine it would be possible that internal database resource would not be exact same for both mysql_*() is for previous mysql engine. and later one is after mysql 5.1. mysql is obsolete now use mysqli or pdo.

mysql_query() cant execute mutiple query at once. there is mysqli::multi_query() for that. check the manualhttp://php.net/mysqli.multi_query

in showimage.php you will print the image content which is binary data (jpeg,png,gif). when you send appropiate header with that content, browser will treat it like image and render it. wha happends when you use img tag is browser call that php page and render the image as it would do with image extensiion file.

it is php page which can generate image and serve it with appropiate headers

you can bound callback function onclick event for each div. and in callback function do different jobs according to your needs.

ajax is nothing but Javascript. so as you use javascript pages same can goes with ajax.

if it does not meet the criteria of forum rules and guideline moderators lock them down.

session will destroy when you close the browser. usually you cant use same session from two different browser. as by default session workked with session cookie and cookies are very much browser specific.

either use .htaccess to prevent direct file accessing. or put your image outside webroot and fetch those images using readfile() or any image manipulation library (depending upon your needs) and serve with appropiate header when certain condition met.

you can change the scope only inside the callback function using http://php.net/manual/en/reflectionproperty.setaccessible.php reflection.

no, it is not right way.it will be like if(isset($_GET['expand']) && $_GET['expand']=='all')

clientside js cant access local file. though some modern browser supports "file api which can get file size.https://developer.mozilla.org/en-US/docs/Using_files_from_web_applications

http://owasp.org it has many information regarding vulnability,threats in web application.people also hack the web server itself rather than hacking your application. but there is not much you can do unless you are managing your sever ownself. apache security:https://www.google.c...iw=1024&bih=413 there is also some youtube videos on this.