SamT_

That would require AJAX. Do your validations with some external ajax.php or something like that which would send messages back to the form page before finally submitting to your update database page.

Remove the quotes around $memberID in your query and be sure to cast it as an int when you create it, i.e. $memberID = (int) $_SESSION['SESS_MEMBER_ID'];

Are you getting any error messages from your PHP page? The query looks correct and you confirmed it by running it in phpMyAdmin. This sounds like a problem with your PHP, paste it here in tags and remove your password from mysql_connect().

Use the command: mysql -u vikingde_lapalm -p vikingde_lapalm It will prompt you for a password, enter the MySQL password you use in the script. If you are successful, then your credentials are correct.

Change your connect.php to this: <?php $connect = mysql_connect("localhost","my_DB_name","my_password") or die ("mysql_error"); mysql_select_db("airfield_data") or die(mysql_error()); You do not need any HTML here because this is not the script that is outputting anything. include(), require(), include_once(), require_once() does nothing more than copy-paste the code from the included/required file into the file where the include or require was called. By calling the connect.php now, you're producing invalid HTML. When you're not outputing anything (i.e. creating a PHP for inclusion ONLY), you can omit your ending php tag ( ?> ). Once you start getting into headers (like cookies), this will save you a lot of headache later on. While this is probably not the problem (in terms of a white page), it will help you down the road when you see HTML and wondering why you have excess HTML. In process.php, before <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> Add the following: <?php error_reporting(E_ALL); ?> Give us the error that comes up.

On a new line after "<?php", add the following: error_reporting(E_ALL); Refresh the page and see if any errors come up.

Be sure to select your article text from the database. The code below will cut off the message after the first 255 characters. $piece = substr($article_content, 0, 255)

Post the code that connects to the database (but be sure to remove your password prior to posting).

Not tested, but... $buffer = preg_replace("#\<a href=\"([^\"]*)\"#", '<a href="$1" style="color: rgb(0, 0, 0)"', $buffer); Basically, you're finding the opening a tag then replacing it with a new one with color in it. As long as all your links have the href attribute first, it should work on all if them, even with titles.

echo preg_replace("#\@([a-z0-9\_]+)#i", '<a href="http://www.twitter.com/$1">@$1</a>', $text); You can replace the twitter.com with anything, such as your function that generates the URL.

Session fixation is caused by an attacker gaining access to Session ID and either placing it in a cookie or URL. Due to the nature of sessions (i.e. some piece of data always has to be in control of the user), we can eliminate reasonable risk by taking certain precautions, but we cannot eliminate it completely. PHP sessions are vulnerable to session fixation, so you need to add some checking. Just because you disable the SID being passed through the URL doesn't mean you are completely protected. What I do is create a fingerprint, md5() the IP address (or partial if you're doing partial validation), User agent string, and some random salt unknown to the user. Store this fingerprint in a session var and check it against the fingerprint generated at the next visit. If they do not match, kill the session, generate a new ID, and set everything to default (for a guest browsing). Now, enough with my security rant, regarding your question about logging in and cookies disabled, is the SID being passed in the URL? If it isn't, then either your code is doing it's job or you've not actually disabled cookies.

Code is working (pic), my guess is GD is not enabled or something. I am not seeing any picture in either of your posts, could you just copy-paste your error message?

First, change your form to this: <select name="budget" id="budget"> <option selected="selected">Please Choose One</option> <option value="3.50">up to 500 Euros</option> <option value="5.00">500 to 1000 Euros</option> <option value="4.50">1000 to 1500 Euros</option> <option value="5.00">1500 to 3000 Euros</option> <option value="5.50">3000 to 5000 Euros</option> <option value="6.00">Over 5000</option> <option value="4.00>No Budget Set Yet</option> </select> We simply added the value="" so we have a nice clean value to give to the php script. Now, we get to input it. $budget = (float) $_POST['budget']; $price = in_array($budget, array(3.50, 4.00, 4.50, 5.00, 5.50, 6.00)) ? $budget : 4.00; Note that this code will sanitize your data and ensure you have a good value. It will default to 4.00 (which to my understanding means no budget set), but you can set it to anything you want, or even refuse to enter this in the database if they give a bad value.

If I understand correctly, you have ids in it's own column for both of the tables. What I would do is create a new array called $ids which you will fill up during the query result above. Then implode() that array using a a comma delimiter so you can then do WHERE id IN($imploded_ary).

It looks correct from just seeing it, have you tried accessing it from "example.com/hospital/Alabama.html"? Google will access and index those URLs just fine, what Google probably is lacking would be links to this URL. If you have a search box that a user must actively put a word in, then Google wont pick it up as it crawls your page passively - only picking up links which you place yourself. The easiest way to fix the issue with it not being indexed is simply to put links to search states. Have a sidebar that says "Hospitals by state" and have a list of the states linking to the appropriate search query.