PHP - Php Instant Messenger

I created had created a website between me and a couple friends. On the website I made an Ajax\Javascript\Php Instant Messenger. It works fine for something small. Each user has a contact list and currently I am saving each individual conversation between each user into an Sql table { senderId, RecieverId, Message } and reading it back. Now I know its no problem for something small but obviously it leaves security risks and sends too many requests to the server. Any of you guys have any alternative Idea's for this messenger? I don't necessary need to save the conversations, I'm simply using that method to send and receive them. I have a buddy who does his messenger through J.S sockets but I would like to keep to php if possible. Any comments or suggestions would be much appreciated. 



Uploaded with ImageShack.us

Hi all,

Experimenting with this instant search buzz only I cant seem to replicate the function!
I think my PHP may be cocking up but Ive been staring for too long to see anything.

Could anybody take a quick glance and see if they can see anything?

Code: [Select]
<?php
if(!empty($_GET['q'])) {
    search();
}

function search() {
    $con = mysql_connect('localhost','login', 'pass');
    mysql_select_db('db', $con);

    $q = htmlspecialchars($_GET['q'],ENT_QUOTES);

    $sql = mysql_query("
        SELECT
            post_title as post
        FROM wp_posts
        WHERE post_title LIKE '%{$q}%' OR post_title LIKE '%{$q}%'
        ");

    
    $results=array();
    while($v = mysql_fetch_object($sql)){
        $results[] = array(
          'title'=>$v->title,
          'post'=>$v->post
        );
    }

  
    echo json_encode($results);
}
?>

This topic has been moved to JavaScript Help.

http://www.phpfreaks.com/forums/index.php?topic=343375.0

hi guys

i made a ranking for my league,
u can choose different rankings in multiple games and gamemodes

http://www.acidleague.com/League/ffarankings.php

now u have a select menu for the game, and then the gamemode
the select of the mode, contains all the modes for all games

what i want is, u fist select the game, and then u instantly get a dropdown with the modes correspondeding to that game

how do i even start with this?

my select menus are built like this

[php]   $types=mysql_query("SELECT id,name FROM ffa_types");
   while(list($id,$name)=mysql_fetch_row($types)){if ($id == $typeholder)
                        {
                        $typelist.="<option selected value='$id'>$name</option>\n";   
                        }
                     else
                        {
                        $typelist.="<option value='$id'>$name</option>\n";
                        }}
   $games=mysql_query("SELECT id,name FROM ffa_games");
   while(list($id,$name)=mysql_fetch_row($games)){if ($id == $gameholder)
                        {
                        $gamelist.="<option selected value='$id'>$name</option>\n";   
                        }
                     else
                        {
                        $gamelist.="<option value='$id'>$name</option>\n";
                        }
                        }


<form action='ffagamerankings.php' method='post'>
         <select name='game'><option>Choose Game ...</option>$gamelist</select>
         <select name='type'><option>Choose GameType ...</option>$typelist</select>

         <input type='submit' value='Ranks' />[php]

Trying to make it so people need a active session in order to access the page after the log in page and if they dont then it redirects them back to the log in page.
My session works fine. I tested and made sure.
it saves the user_id lets me display the page

but how do I keep someone from simply going to the webpage with out loging in?
Just a simple if statment checking if lastactive is empty or not? is that secure?

Code: [Select]
<?php include_once("connect.php");


if(isset($_SESSION['user_id'])) {
 // Login OK, update last active
 
 $sql = "UPDATE users SET lastactive=NOW() WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'";
 mysql_query($sql);
 
}else{
   header("Location: index.php");
     exit();
 }
?>