ManiacDan

you need to run all these user-submitted variables through mysql_real_escape_string to avoid SQL injection. Also, I wouldn't search based on price, it seems silly to have a user search for "2" and get back something that costs $82.50.

Two seconds on google produced this list of code beautifiers. Zend studio does very good auto-formatting. You should really be doing this yourself though. I do it by hand when I write.

Googling produced this company with a data recovery suite.

Ah-ha. The inside of your loop can still be condensed to 4-5 lines without this big chain of if/elseif.

Well if you answered the question I'd be able to help you. Go up and find the question. So far you're saying you have two lines and you only want one of them. "Just print one" is your answer unless you read and answer the last question.

No, sorry, you're still not making any sense at all. Explain it to me like I don't know what you're saying (which clearly none of us do). Look at your comments here: $value1 = 0.10 //Want this one to run into that IF to find the "$result" $value2 = 0.30 //Then this one to go in You want to run into a an if and then the other one to go in? What? Also, you echo one result twice, I don't know how you think they'll be different numbers.

No, it's just a pain in the ass for the dev. It's only necessary if you have complex formatting in your posts. Install or write a BBCode parser, there's a thread on it on the front page of the forum right now. Download and install something like FCKEditor. Pain in the ass and generally not worth it for article comments. Even PHPFreaks doesn't let normal users edit their posts after 30 seconds, all of the "edit" functionality is reserved for just us mods. It's only really necessary on discussion forums like this, you will often see people simply replying to themselves with corrections.

Nope, sorry, doesn't make sense. Show some starting inputs and their desired outputs. Right now you have some kind of calculation that appears to follow a pattern (except for the 2 examples I cited) but does random division beforehand and only works on one of the two variables you keep calling 'grades' but are named 'mod'

Why not attach this file of yours to this thread so we can look at it? Also, XSS attacks don't create files on your hard drive, so that's not the category of exploit you should be looking at.

"Bumping" your threads is actually against the rules of the forum. Explain the logic you're trying to implement here. Like Requinix, I think I can condense this to a couple of lines, but you have a random rule that breaks the pattern. Why does this block appear? elseif($intel_mod < 0.1){ $int_mod = 0.95; } Regardless, it's in the wrong spot, as is this one: elseif($intel_mod > 0.20){ $int_mod = 1.50; } Explain the "rule" you're trying to implement, and don't bump.

In fact, that line will always set $option_id equal to '' and then execute the IF condition regardless of the original value of $option_id.

Please read the responses, the experts here are worth a lot of money, you're getting thousands of dollars worth of professional help for free. I told you that you don't need quotes at all, and you added MORE quotes.

There is no "edit" form, there's just the one form. That's the problem. Make a reply to this page. Look at the address bar. The URL is: index.php?action=post;topic=354623.0 Type something and hit "preview". The URL doesn't change, a preview box just appears. (PHPFreaks does it in JS, btw, but the post method works the same way). You post back to yourself. If the submit button is "submit", submit the comment and take them wherever you normally take them. If the submit button is "preview", re-draw the comment form, but this time put a box above the textarea featuring the comment as they posted it. Let them preview as many times as they want before hitting submit.

Neither, which is why I mentioned neither in my post. Accept the post, immediately re-draw the page and put their post back in the edit box. No sessions, no db. Yes, the name is always "submit" and you change the VALUE. Never. People are stupid and never double check anything. that doesn't mean you're required to cater to them with an edit button, let them reply with spelling corrections.

imagegrabscreen only works on windows and it grabs the current screenshot that you see on your monitor. It does not load websites and render them. You will have to find a third party solution for this, PHP cannot do it by itself. You can attempt to: 1) Figure out how to pass URLs to firefox, then use imagegrabscreen to take screenshots of your entire desktop, which you will have to trim later. 2) See if you can exploit the rendering engine and plugins of firefox or chrome, the firefox plugin ScreenGrab might be useful to you.

Generally students are pretty good at breaking into systems, especially those which will email their parents to tell them the child is in trouble. If you don't have enough PHP/SQL skill to even start this project, you certainly don't have enough to make it secure from school children. I broke into my first school system when I was 11. That being said, if you still want to do this, get a real book. Learning based on free web tutorials isn't great. I recommend O'Reilly's "Web Database Programming with PHP & MySQL." It's at B&N or amazon.

So you want PHP to dynamically draw a speedometer and odometer based on two different database values? That's significantly harder, look into the GDImage extension.

Zane has a point about the query, the lower the level of obfuscation, the better. I didn't realize this was in the mysql section, otherwise I would have provided a MySQL response.

You can use regex for this: php > $ssn = '123456789'; php > echo preg_replace('/\d{5}(\d{4})/', '*****\\1', $ssn); *****6789

You're not understanding what I'm saying. You know what, back this up entirely. What are you GETTING and why is it wrong? What do you want to happen? We know what data is in the table, show what you want the output to be like.

I'm not blaming you, I'm telling you how data works. If you JOIN a table with one record to a table which has two records referencing table1's record, then the result will have two rows. That's how SQL works. You can either: 1) Do separate queries so you fetch the order in one and all the details in another. 2) Write your code so that it only prints the order once and then ignores it for the rest of the records which contain the details.

You don't need quotes around this variable at all. Escaped quotes are only supposed to be used inside of other quotes. They are necessary here: $string = "Dan says \"escaping your quotes is only necessary inside of strings\" because that's the kind of thing he says.";

Many sites don't let you edit the comments, so there's no requirement for you to do this at all. If you really believe you need to do a preview: 1) Accept the form submission. 2) If the submit button is named "submit," simply submit the form normally. 3) If the submit button is named "preview," re-draw the edit screen, 3.1) put the exact same content they posted BACK in the textarea 3.2) above the text area, draw what their comment will look like. If you must do edits, then you'll have to put an "edit" button on only the logged-in user's posts. When clicked, take them to the same page where they would post a NEW comment, except pre-fill the box with the comment they've already made. Make sure submitting this form doesn't make a NEW comment. "Preview" buttons are really only useful on sites like this with extensive markup that users might be unfamiliar with. The Patheos blogs have an in-line preview that shows you your own post in real time as you type it. Other sites like the gawker sites don't offer previews OR edit functionality. Sites like reddit and phpfreaks offer both.

Exception Handling is a completely different way of programming and handling errors. It's especially useful in Object Oriented programming.

AK's code is correct. You had parens instead of brackets, which would cause PHP to attempt to execute a function named after the $_POST array, but that would throw a fatal error. You're going about this wrong btw. Name all your checkboxes "catID[]". All of them, named JUST like that. Each of their VALUES needs to be the actual catID. Then, in your code, $_POST['catID'] will be an array of all the checked catIDs.