Learning PHP.. yay me.

[Hituro]

And if you want to forcefully expire a cookie (like when you log out) you set the expiry time to the past, to force the browser to clear it

[BigThinker]

Thanks! Cleared a lot up. This time, I set up cookies correctly so now I don't have to sign in every time. :-)

[BigThinker]

I need to test the sign up and activation.

This guide tells me what to do to set up the php.ini file:

http://roshanbh.com.np/2007/12/sendi...vironment.html

But I am super confused. What does it mean when it says to use my ISP?

[Hituro]

Are you running from a windows installation, or from a hosted server? If you are using a hosted server you don't want to be messing with the mail configuration. Use PEAR:Mail instead of the built in one

[BigThinker]

I'm using a windows installation, I think. WAMP is the program.

[BigThinker]

What is easier?

Instead of using this to include characters, how do I make it so I can exclude the few characters? The goal is for the person to change the 'about me' but I don't want them to just stick to letters, spaces, commas and periods, so I think it would be silly to go through the keyboard and add all the other symbols..

Code:

if(preg_replace( '/[^A-Z0-9,. !@#$%^&*()-_+=]/i', '', $about ) == $about)

[righteousfail]

If you just want to exclude a few characters, you could just use strtr() to substitute the characters you don't want for blank strings. You could also substitute them for html codes so the characters display on the page but don't interfere with the code.

[BigThinker]

Okay thanks!

I can't think of any characters that should be excluded except the apostrophes and quotes for mysql injection reasons so I just put in extra security using htmlspecialchars, mysql_real_escape_string and addslashes.

and of course adding stripslashes when reading back the table info.

[Hituro]

Instead of using preg_replace() to remove the characters you don't want, why not use preg_match() to check that it only contains the characters you do want?

[BigThinker]

I decided not to do either because there's no reason to limit a user's about me to certain characters. I use the three mysql injection precautions in my last post. :-)