ginerjm

Rather silly of you to post all that code and expect us to make sense of it. You hardly comment it at all. It's all a string of code with no clear breakdown of functions that accomplish things for you. Add a few go-to's and you've got what we used to call 'spaghetti code'. How about doing some work and isolating the part that you need the help with? AND - if this is a wordpress thing, why haven't you posted it in the CMS forum? PS - what is that second line supposed to be doing for you?

Show us your code and THEN we can help

Horning in on requinex's very helpful reply I offer this in case she doesn't respond soon: foreach($xml->gms->g as $games) { echo "Matchup:".$games['htn']," ",$games['hs']," vaersus ",$games['vtn']]," ",$games['vs']," on ",$games['d']," at ",$games['t'],"<br>"; }

I'm guessing that you didn't write this code and don't understand that is going on in it. Until you take the time and make the effort to learn what is going on here, you will never advance beyond your perceived level. It's pretty simple. When you do an insert query you specify in it what fields are to be posted/inserted and what values are to be put into each of those fields. So if you want to update 10 fields you need to provide 10 values. Looking at your sql statement as I said you have different numbers there. Fix it. Then when you have the query written correctly, carefully look at which of those values that you want to use substitute parameters for (the ? ones) and provide all of their values in the bind_param call. This will "join" those php values to the ? parts of the query, to put it simply. One could have just written the query without the ? and put the actual php vars in there instead, but that leads to sql injection problems and that is why you have a prepared query here. (Which is good!) You simply have to do the same kind of thing that you did above in fixing the query - align the stuff in the bind_param with the ? in the query statement. For every ? you have to supply a value for it in the bind_param. Also - add a check of these steps to be sure they are working. If you look up the functions in the manual you will see that you will get a value of False if something goes wrong. So after the prepare call add this: if (!$stmt) { echo "Problem doing Prepare"; exit(); } When you do the bind_param call do it like this: if (!$stmt->bind_param(.....)) { echo "Problem binding params"); exit(); } That's the best I'm going to do for you here. The fixes are so simple that my doing them will NOT help you. I've tried to explain what is going on and tell you what you have to do. Now you have to do it in order to learn and improve your knowledge for your next effort. Good luck. Talk later.

This is the code you posted: $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."users (user_name,password,email,activation_token,last_activation_request,lost_password_request, active,title,sign_up_stamp,last_sign_in_stamp) VALUES (?,?,?,?,?,'".time()."','0',?,'New Member','".time()."','0')"); $stmt->bind_param("ssssi", $this->username, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active); Your query has 10 fields to be inserted but 11 values. That alone is a problem. Then your bind has only 5 values being bound to that query, yet the query is expecting 6. You need to balance all of this out. Have at it!

The line with the error is binding 5 parms to your query, which you didn't show us. I went thru your class code and found the 131 line and then found that the query has 6 ? chars in it, meaning you have to supply 6 values to the bind-param call. Supply the missing parm in your bind call. PS - it's always a good idea to CHECK the results of things to be sure they worked. If you had wrapped the bind call in an if statement you would have detected this problem.

Actually your prepare failed hence your $stmt is invalid. You have 6 parms in your query but are only binding 5

Post the relevant code please

That message usually means that the object your are referencing does not exist. Is your $stmt variable in scope? Did you connect and select db actually work, ie, did you check the results of each call?

So you use a query to get the data. Then you use explode to create the array, splitting it up on space chars. then you sort the array using sort() and then array_unique. Try it and let's see what problems crop up.

So are we any closer to a total solution?

The error message says unexpected { at line 100. That is because the line above doesn't have a ) at its end, thus making the { unexpected. My bad.

You're missing a right paren

So - the question is: Have you re-stored the username and password using the same hashing code since you found out that you had to do that? BTW - after your query runs you should check if you got a result before you do those two fetches. Makes no sense to try and retrieve something before you know if it exists.

Why even bother to display it after the cutoff date/time? Also - you need to re-check your date/time when the form is submitted to be sure that the edit button wasn't just sitting on a client screen when the cutoff time passed.

Assuming that your current location is 'outside' of the web-accessible tree, then that will be safe from attacks using http. Won't help if your site password is compromised and someone uses ftp to browse your site. Course - there are better experts at this facet - let's see what they say.

Why do a fetchcolumn at all? Check the result of the operation, don't waste time on a retrieval of one piece of data. Of course if your db does not support rowcount() then stick with what you have, but here is how I would write your code: <form action="useraccount.php" method="post"> <input type="text" name="username"/> <input type="submit" value="submit"/> </form> <?php $username = $_POST['username']; // you retrieve form data using the html's name= attribute $pdo = new PDO('mysql:host=myhost;dbname=mydb', 'user', 'pw'); // assign your query statement to a var so you can view it if you need to debug it $q = "SELECT * from TABLENAME where username='$username'"; if (!$pdo->query($q) { echo "Query failed - query is $q";// only do this during development - not in prod. exit(); } if ($pdo->rowcount()== 0) { echo "Sorry, that username does not exist in our database."; exit(); } // now get your results while ($row = $pdo->fetch_assoc(PDO::FETCH_ASSOC)) { echo $row['Player_Name']," ",$row['Time_Online']; } exit();

How about posting your current code?

Perhaps you should too. Re-think what you are asking for help with and then tell the next person what your perceived coding problem is and show them the code that 'doesn't work'. You certainly didn't do that with this post. Forums can only help those who can communicate (in respectable language) their problem(s). Good luck to you young man.

Hey - nice language. At least you know how to speak foul language and don't need help with that. Now put your brains to use and TELL US WHAT YOU EXPECT US TO DO FOR YOU! Or I could just go away instead of trying to help a guy who doesn't know how to ask or answer a question properly. Ball's in your court. Play it smart.

So?? The code you posted is certainly not "pre-made". Perhaps the call to that LS class method is "pre-made" but you're not showing us that so I'm assuming that you are not tampering with that. So - you have some code that YOU written to create and display an error message. And YOU needed to display it, so I showed you how to output it. Since YOU have added this new code and since YOU are trying to display it, why are YOU creating this new $msg as an array?

Oops. Forgot that you created $msg as an array. Why did you do that (as I asked before)? Change your $msg text to something more appropriate such as $msg = "my new message" and then you'll get the message. Unless you have some real reason for creating the $msg as an array.

Silly question perhaps. Are you seriously just asking us to tell you why "the message never appears"? Answer: because you never output it. Add this to your code: if ($msg <> '') { echo $msg; exit(); }

As I said - the code you posted does what it does. What is wrong with it? Nothing. Why do you think there is something wrong with it?

How are we supposed to help you with this smattering of code? This code will produce a value in $msg if the user or password is missing (not invalid). It will also give you a message if the LS method returns a false value. All of this based on the assumption that something named act_login in your form exists. What do you want US to do? You haven't given us anything to analyze for you. PS - Why are you storing your error message as an array anyway?