boen_robot

I mean "object oriented style". Look at the linked page. At the top of each example, you'll see "object oriented style" and "procedural style".Basically, "object oriented style" is that thing with "new" and "->" in it.

If you've changed trunk significantly while working on the branch, the merge may not be possible to do automatically.That's what the conflict resolution thing is about. Are you sure the whole file is the same in both revisions? Maybe it's just the beginning that's the same in both. And either way, you should have the option to explicitly chose one file or the other (or choose different portions from both files), and thus resolve the conflict.

Switch all MySQL functions to the MySQLi equivalents. I'd also advise you to use the object API, although using functions is OK too.Look at mysqli_real_escape_string()'s manual page for examples.

The file name itself holds the session ID. The file contains the session data.

Oh, I see.In the future, please try to make it a habit to use the forum as a last resort rather than a first resort. Especially when you know from the start that "this question doesn´t belong here".<< Locked >>

Yes... not with Apache per se, but with a tool in Apache... but browsers won't recognize the certificate.For browsers to recognize your own certificate, you'd have to make clients download the certificate, and import it as a "root certification authority".

I'd leave them... and also email them, telling them why, so that hopefully they can fix their problem for future customers' sake.

So... if you've already chosen... why are you looking for suggestions again?

Exactly.They shoud've made sure to isolate each premium user from the others on their server, but they didn't - every premium user has/had access to all users on their server, and the only special thing the hacker did was to abuse that power to affect your site (and I assume others too).The only thing you could've done is to not use that server. Well... strictly speaking, you could've also raised concern to the xtgem staff, but unless you were a premium user, I don't think they would've taken you seriously.

What's wrong with something like if ($_SESSION['loginattempt'] > 5) { //[1] IF TRIES > 5 CHECKS SECURITY CODE//CHECK IF THE ROW2 IS CORRECT ELSE SAYS WRONG CODE if ($rows_check2 != 1) { //[2] <-- CHECKS CODE //[2] <-- CODE = WRONG echo "<p id='red'>Security code was invalid. Try <a href='login.php'>again</a>!</p>"; } //[2] <-- CLOSES CODE CHECK} else { //[1] <-- SESSION Loginattempt <= 5 //LOGIN SCRIPT HERE --- } //[1] <-- CLOSES LOGIN SCRIPT

When you want to keep some stuff... no. If you want to completely clean the bookstore element, you could just use replaceChild over the element itself, i.e. xmlDocument.replaceChild(documentElement.cloneNode(false), documentElement);

First stop, there was no need to post in different sections of the forum. Everyone can see all of them. I've removed the others.Anyway... for your problem... look at sessions.

Hey everyone, look at the bright side - this time, he fixed the problem from the first time you replied. Celebrate that as the progress that it is. No need to remind Eduard of the remaining road ahead.<< Locked >>

Really?!?Wow. You just made my day.

Maybe. Maybe not. Depends on what you're trying to do, what are your priorities, and how closely does the framework of choice already align with that.Every framework has a "breaking point", beyond which you'd have to "hack" on it (as in "override its foundations"), perhaps using a different framework (although that's rare; developers typically hack with their own framework). Errr.... that's nothing like what I had in mind. And as mentioned, there are testing frameworks, the leading one of which is PHPUnit.What I'm talking about is that tools for automated testing, such as PHPUnit, are geared towards testing PHP code. That's fine, except that a web site is also client side (HTML, CSS and JavaScript...) code, some of which is generated by PHP, but is not PHP itself.A PHP framework is a collection of PHP code, and as such, it is typically tested by PHPUnit. The client side code that a good PHP framework produces on its own is minimal, if at all existent, and as such is mostly reliable.There are also testing frameworks for JavaScript too, but they also account only for JavaScript itself, not for how JavaScript interacts with HTML, CSS and PHP.Or to put this in another way - testing frameworks, in general, account for ensuring a piece of code "works", not that other pieces of code that use it would work.

You're missing a dot around before the "$" in '$6$rounds=5000$'$salt If you don't see anything in the logs, this can only mean you either haven't configured it, or haven't specified error_reporting to "E_ALL" in php.ini.

You need to set the session cookie to expire with the session data itself. Otherwise, it expires when the browser closes.You can set cookie parameters with the session_set_cookie_params functions. You must call this function before session_start(), so that session_start() could then set the cookie using those params.Since the cookie is only set if not already present, you can call this function only upon login. Most sites have a "remember me" option, so that the login page also checks if this option is checked before adjusting the session cookie.

You didn't get a word of what they were saying, did you? :mellow:Please stop thanking people before you solve your problem. Or am I being "pre"-judiced, and unlike previous times, this time you did solve your problem?

Well, in fairness, testing an app (as in a web site) isn't exactly trivial for automation.Then again, that also illustrates another benefit of relying on a framework - the framework can be (and if you've picked a good framework - is) tested with automated tests (typically PHPUnit), so that you can at least not worry about the framework being unstable.

You've abstracted your code well... but that means that now, you need to dig deeper to find the issue.Remove all code, except the top line, try that, and if it works, repeat this process by adding a brach/function call, and retesting until you get forcefully terminated again. At that point, repeat the same process for the last branch/function that you added.

SHA-512 is supported, but not with a sha512() function. It's supported with the crypt() and hash() functions.

Google "JavaScript minifier"

There are various PHP wrappers, most of which around the PDF extension, which in turn uses PDFLib. It's not included in PHP, and in fact, if you wanted that, you'd have to compile it yourself, as there's no binaries available.Although that's the fastest extension, there are libraries out there that simply don't use it, and can work without a specific PHP extensions. I'm talking about libraries such as FPDF.

Last I checked, there's no "sha512" function in PHP, so that's why you get 500. Calling an undefined function is a fatal error, and your server is configured to display a 500 error page on fatal errors.To be sure (or to make debugging of similar issues easier), you'd have to enable error logging at some location of your choice, and check them next time you see the 500 error page.

The error log doesn't seem to say anything that you didn't already knew - the script takes too long (above 120 seconds), so it's terminated forcefully.Apparently, you haven't reduced its time. Perhaps you have an infinite loop somewhere in your code?What's the code of the page that triggers this error? I mean the one at the "action" attribute on your post update form.