ginerjm

Try this: <?php session_start(); // ALWAYS TURN ON ERROR CHECKING DURING DEVELOPMENT!!! error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); //*********************** //Make connection mysql_connect('localhost', 'root', 'test'); // select db mysql_select_db('testdatabase'); $sql = "SELECT * FROM employees"; $records = mysql_query($sql); // You should really check the result of the query call to be sure it ran if (!$records) { echo "Error in query - query is $sql"; exit(); } $data = '<table width="600" border="1" cellpadding="1" cellspacing="1">'; $data .= '<tr>'; $data .= '<th>ID</th><th>First name</th><th>Surname</th><th>Age</th>'; $data .= '</tr>'; // PHP IS CASE-SENSITIVE Change this to $Employee!!! // ALSO - JUST NOTICED that you have an 's' here and not later. Remove it from 'employees' while($employees=mysql_fetch_assoc($records)) { $data .= "<tr>"; $data .= "<td>".$Employee['ID']."</td>"; $data .= "<td>".$Employee['First name']."</td>"; $data .= "<td>".$Employee['Surname']."</td>"; $data .= "<td>".$Employee['Age']."</td>"; $data .= "</tr>"; } echo "<html><head><title>Employee Data</title></head>"; echo "<body>"; echo $data; echo "</body></html>"; exit(); Note my comments in your code. PS - you REALLY should NOT be using the MySQL_* functions. They are far out-dated and deprecated -meaning that PHP will drop them soon. Read the manual on PDO if your server supports it or use the mysqlI functions if not.

Whatever does that mean?

What is the error message? That would help us.

Following the tutorial is no excuse for not addressing the errors you are clearly seeing. You are going to get those errors if you blindly go trying to capture input values that don't exist yet. You need to do some checking to see if you have any input yet or if this is the initial execution of this script. Also - where is this apparent "input" coming from? Another script that should precede this one? Is that script actually sending input via a GET or should you be receiving a POST array? If you don't understand this then you need to do some reading on how data is handled by a browser and delivered to a php script. It would be a good learning experience regardless.

You thought of php error reporting but you didn't do it right. Try turning it ON, not off. See my signature.

I will let you learn from experience. That means do as I said: Try It! And then look up the things you don't know in the manual - you know, the official PHP online manual that everyone has access to. Look that up too! You'll never learn anything if you don't experiment.

if www is your web root then all of those folders except / are "web-accessible" Now - if you had this / /var/ /var/www/ /var/www/html/someAccessibleDirectory/ /var/www/someDirectoryUndertheRoot/ /var/php /var/php/inc /var/php/scripts All of the /var/php folders are NOT web-accessible and that is where you would store things you described. Same with the /var folder obviously.

Under the document root is still in the web-accessible tree. If you don't want a browser to see or hack into something with http you put it outside the web tree.

You might try and post in a js or jq forum. This is a php one.

I disagree. Typically files not meant for public viewing would NOT be placed under the document root. That's how you keep them from being viewed with a browser and a hijacked form

Your php is not that bad. It's your English and HTML that needs work! Your html is horrific! Absolutely no rhyme nor reason for why you are writing what you have! - you have a series of heading tags with input elements embedded in them. - you have label tags with no labels in them - you have buried your input tags inside your label tags - you are using outdated styling in your html that really needs to be in CSS - you have an anchor tag with no visible text to indicate that it exists. - you have th tags that end with a td tag And more!

Why would you apply a function to your hashed password value? Makes no sense.

Try this: <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); if (isset($_POST{'username'])) { $username = $_POST['username']; echo "You entered: $username"; exit(); } ?> <html> <head> <title> Basic Form </title> </head> <body> <form name="form1" method="POST" action="basicForm.php"> <input type="text" name="username" value="username"> <input type="submit" name="submit" value="Submit"> </form> </body> </html> - Fixed the name= error- Organized your code to keep html separate from your php - added error checking

What defines a 'valid' domain name? It's simply a string with periods in it.

Do you have php error checking turned on (my sign.)? It might tell you that your header was rejected. An echo of the url is not going to do anything for you.

Why would you add the error checking code AFTER your db efforts???? The whole point of turning it on is to catch Any and All errors that could occur. Move those lines to the top right after your 'session_start()' command. Do you get the "added issue" message after the insert succeeds?? You should

Nah - the quotes are alright. I really wish the OP was listening and could post the things we've asked for. To that list I'd like to add "show us an echo of your query statement before you try and run it".

As maxdd points out - that is probably why your query is failing. Seeing the query method code could help us to see why he is not getting an error reported. OP - show us the top of your code where you enabled error checking too.

I would say you are not recognizing the query failure. What does your query method look like?

Could we see all the code involved with this specific insert? Assume the connection is working and the select, show us the query that you built, then the prepare(?) and the query execution and how you check the results and how you retrieve the results. Be sure php error checking is turned on too. (in my sign.)

If you are using a standard CSS file for the body of your page you should simply include your header & footer CSS code in there as well. Your hdr and ftr HTML code should be what you are trying to include here.

Would you mind telling us exactly what we are supposed to be looking for? Page looks clean to me.

I agree with Psycho - it does remove the security concern because you can then use a prepare query. My logic would work just as well to select the output fields instead of the query fields.

Create a 'preferences' screen where you show a checkbox for each column that people may choose to view. Behind that screen your php script will grab those checks and store them under their id with multiple rows to contain each checkbox value. Ex.: [id][col_id] user1 1 user1 2 user1 5 user1 8 user1 9 user1 10 user1 13 Here 'user1' wants to see columns 1,2,5,8,9,10 & 13. In your display script you will look up the preferences for 'user1' and then build a query string using the above choices as well as another table that links col_id to column names of your table. Ex.: [col_id][col_name][col_label] 1 colname1 Col 1 2 colname2 Col 2 3 colname3 My Column 4 colname4 This Column ... ... You have the query result of the user's preferences and you can include the above column info with that query (join) and then you loop through the results and build a query string. Ex. $qry = ""; while($row = $results->fetch()) { if ($qry=='') $qry .= "select ".$row['col_name']"; else $qry .= ",".$row['col_name']"; } $qry .= "from (tblname) order by xyz where xyz"; Hope this makes sense - it is very OTT. (off the top).

Post the code? Uh, what code are you going to try and learn and do this complex thing with? PHP? JS? JQ? It's all very doable but if you haven't programmed AT ALL in your life, you have a long road ahead of you. You might want to start with the simple stuff. There's a lot to learn about writing good, working, secure and safe code.