markbett

check your sql tables and make sure your variables and everythig else match up to the table values etc... check for spelling errors as well

is that a better solution then reposting the data?

if i have a form that has multiple parts, what is best way to carry the information that was posted in page 1 through to page 3? should i just repost the posted data so on page 2 i post the new infomration collected along with all the old stuff i already collected?

the problem stopped when i changed this bit of code [code] //determien the event hosts name $sql = mysql_query("SELECT first_name, last_name FROM users WHERE id ='$event_host'") //id ='15'")// or die (mysql_error()); if(!$sql){          echo 'Error getting determining event host: '.               mysql_error();       } else { while($row = mysql_fetch_array($sql)){ stripslashes(extract($row)); $event_host = $first_name.' '.$last_name; } } [/code] it was originally set to a static host (id=15) but then i changed it so that it will show the name of the person who posted the event..... the problem is WHY is this piece of code changing the value of a session variable??

heres a solution... css use css and make <div>'s and put the correct data into the div and then using absolute positioning float the divs into the right location on top of the background image... css is very versitle this way see csszengarden.com for more info on CSS styling

why not just use a form to send the messages.... user submits the form, the script finds the recip then sends the message through the mailer directly to the user and nobody sees anyones email address? if you dont want to do that then create a table that has an index col a user id col and the email hash....  when a message is sent to the hash you look it up in the table and see which user id the hash is assigned to and through a sql join you replace the hash with the users real email address.

look in the PHP manual: Example 2. Using indexed arrays with preg_replace() <?php $string = 'The quick brown fox jumped over the lazy dog.'; $patterns[0] = '/quick/'; $patterns[1] = '/brown/'; $patterns[2] = '/fox/'; $replacements[2] = 'bear'; $replacements[1] = 'black'; $replacements[0] = 'slow'; echo preg_replace($patterns, $replacements, $string); ?> The above example will output: The bear black slow jumped over the lazy dog. By ksorting patterns and replacements, we should get what we wanted. <?php ksort($patterns); ksort($replacements); echo preg_replace($patterns, $replacements, $string); ?> The above example will output: The slow black bear jumped over the lazy dog.

it is, my layout file includes variables and session includes that apply for every page that is shown.... so if it has the layout it ran through the sessionstart()  additionally i event added that to the top of the layout file so it would be run twice to no avail.....  still happens...

my session variables arent staying set and i need some guidance as to where my problem lies. site: http://207.5.19.133/sbqa when logging in i set: [code]<?php include $_SERVER['DOCUMENT_ROOT'].         '/sbqa/layout2.php'; switch($_REQUEST['req']){   case "validate": //ensure they are not already logged in// if($_SESSION['login'] != TRUE){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']);     $validate = mysql_query("SELECT * FROM users                           WHERE username='$username'                           AND password = md5('$password')                           AND verified='1'  AND disabled='0'                           ") or die (mysql_error());                           if(mysql_num_rows($validate) == 1){       while($row = mysql_fetch_assoc($validate)){         $_SESSION['login'] = true;         $_SESSION['userid'] = $row['id'];         $_SESSION['first_name'] = $row['first_name'];         $_SESSION['last_name']  = $row['last_name'];         $_SESSION['email_address'] = $row['email_address'];[/code] i include session permissions which include: [code]<?php session_start(); session_name('SBQA'); header("Cache-control: private"); // Fix for IE [/code] the problem is that when i go to the page: http://207.5.19.133/sbqa/rsvp_manager.php?req=rsvp&event_id=43 the NAME in the login box changes from my name (as was set in the session earlier) to data from the event query..... is shouldnt because the code for that box is [code]  echo '- Welcome '.$_SESSION[first_name].'.[/code] what gives??

first put everythign in a FORM tag second give form elements names that correspond to what you need to pass to the db

*bump*

lol its me being stupid and writing it out as a function cause its 2am.... its not a function it should just be whatever value was selected from the dropdown menu.....

if you are using inline css then you just need to make sure the php engine parses the file... give it a php extension http://www.tizag.com/cssT/inline.php if you arent using inline css then you need to set your webserver to have php process css files.  if you want help doing that then talk to your sys admin

its not entirely clear what you are trying to do but perhaps you are looking to create dynamic dropdowns from variables in your db then take the value of the selection in the dropdown when the user submits and pass that into the sql query... so you would need to do $filter=value(dropdown1) $filter2=value(dropdown2) sql query= select blah from foo WHERE $filter = value and $filter2 = somethign else

then what you need to do is have PHP write the css file...... well i guess you could tell the webserver that CSS files should be processed by PHP by adding the css extension, then the php engine would go through nad parse that all out......

The mysql_select_db( ) function uses the @ to suppress the default error message the ordie that is listed is not well thought out as it returns what you surpressed....

lol dont put in the $ put the actual value you want but you shouldnt use a GET you should use a POST otherwise people will change their scores

lol your hosting service lied.... they do not have any ability to look at mail queues for Microsofts hotmail servers.... basically they didnt have an answer and wanted to dump your call what they should be able to provide you with is a mail log that will show if the mail server you are using was able to succesfully send a message to the hotmail mail server.  if they can show you a log saying that the message was successfully sent to hotmail and the hotmail server acknoledged it got it, then you will need to contact MS Hotmail Support and have them run a message track and see where teh message went on their end. Remember email does not have a garunteed delivery timeframe so it is possible for it to take over an hour to be sent...  just because its normally fast doesnt mean it always is

it sounds like perhaps what you need then is to do a sql join where you join the hotels to the region so that it will pull only hotels from that region and spit them out to you in a results array....

Ten Security Checks for PHP, Part 1 by Clancy Malcolm http://www.onlamp.com/pub/a/php/2003/03/20/php_security.html ======= http://uk2.php.net/mysql_real_escape_string Example 3. A "Best Practice" query Using mysql_real_escape_string() around each variable prevents SQL Injection. This example demonstrates the "best practice" method for querying a database, independent of the Magic Quotes setting. [code]<?php // Quote variable to make safe function quote_smart($value) {   // Stripslashes   if (get_magic_quotes_gpc()) {       $value = stripslashes($value);   }   // Quote if not a number or a numeric string   if (!is_numeric($value)) {       $value = "'" . mysql_real_escape_string($value) . "'";   }   return $value; } // Connect $link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')   OR die(mysql_error()); // Make a safe query $query = sprintf("SELECT * FROM users WHERE user=%s AND password=%s",           quote_smart($_POST['username']),           quote_smart($_POST['password'])); mysql_query($query); ?>[/code] The query will now execute correctly, and SQL Injection attacks will not work.

another soluion is to add an "expired" or "retired" field  the dropdown will only show values tha are not expired a user cannot delete a field but rather expire it... then when they get readded itwill check to see if it exists first, if so it will unexpire it otherwise it will add it.

no luck [code]switch($_REQUEST['req']){   case "validate": //ensure they are not already logged in// if($_SESSION['login'] != TRUE){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']);     $validate = mysql_query("SELECT * FROM users                           WHERE username='$username'                           AND password = md5('$password')                           AND verified='1'  AND disabled='0'                           ") or die (mysql_error());[/code]

never asked for fancy and free = quick and dirty... anyways its a starting point ... they can customize for their own needs

ohh i should clarify... when first logged in the session variables are returned corrently... as i nav to new pages and run other queries to set things in the DB etc, that is when things change and instead of calling me Mark is will call me "21" or "Manager" etc even though the session is still the same

alaas it shouldnt be able to: [code]case "validate": $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']);     $validate = mysql_query("SELECT * FROM users                           WHERE username='$username'                           AND password = md5('$password')                           AND verified='1'  AND disabled='0'                           ") or die (mysql_error());                             if(mysql_num_rows($validate) == 1){       while($row = mysql_fetch_assoc($validate)){         $_SESSION['login'] = true;         $_SESSION['userid'] = $row['id'];         $_SESSION['first_name'] = $row['first_name'];         $_SESSION['last_name']  = $row['last_name'];[/code] i could throw in a check to see if they are logged in already and tell it not to run but because its in a switch it shouldnt be able to run a second time..... and on top of that its within its own sql return so for it to run the second time it should have to rerun the query and return proper values...... grrr