ginerjm

Your problem is that you are using php vars as column names and those vars do not contain names but rather values. If you had displayed the error message from MySQL in your die clause you would have gotten a clue.

If I'm understanding you: <select id="gallery" name="gallery" required> <?php while($option = mysqli_fetch_assoc($query)) { echo "<option value='{$option['gallery']}'>{$option['gallery']}</option>"; } ?> </select>

Obviously your include is not able to include what you want. That said - what are you doing with that explode??? You are trying to split your scriptname on the occurrence of that huge argument? Really? Try echoing out some of the arguments in your script to be sure they are what you think they are. I think you will find they are not so that should help you debug it.

NO. Your last statement is fraught with confusion about terms. Have you not done ANY reading to try and get on board with html, php or how client and server communicate? An HTML form can return its input values (from the input tags) via either the $_POST or $_GET array. This array is read in the PHP script and the values are then used in the PHP logic to do what you want to do with them. POST is not an attribute except in the html form tag itself. You php code will grab that input and yes - you can then use it in the select string.

What I Mean Is - Read some and try and learn a bit. It will help you learn. Start with the php manual and read about how you are NOT SUPPOSED TO USE MYSQL anymore. Click here: http://php.net/manual/en/function.mysql-query.php

Stop right here. Start over with either mysqli_* functions or the PDO functions. Do Not User MySQL_* functions. Read the manual!!! Have you done any research of your own in your attempt to become a programmer? It would behoove you to do so.

You have to realize that FIRST you have to send the html form (with the dropdowns and perhaps a submit) to the client and then wait. When the form and input is submitted back to your script you have to CHECK to see what's going on. Are you just supposed to send the html form again or are you supposed to process some input from the previously sent form? A good way to do that is to test for the existence of your submit button's value in the $_POST array. Once you have the input grab it into your vars and then build your query and run it and then process the results of that and do whatever you want to do with it. I highly recommend you turn on error checking - see my signature. Your code should look like this: - if post array does NOT have submit button value build output form, output it, and exit if post array does have submit button value grab the inputs do your query process the query results build your output output it exit

In other words - if you are TRULY using $_SESSION vars then they are NOT on your page so you are NOT seeing them.

Then you know what the problem is!! Either the two username vars don't match OR the two password vars don't match. Why don't you echo them out so that you can see what they look like and see if they are what you expect? That's called debugging.

This code looks fine. Although you are displaying the dropdowns and then doing a query to get some data that you then display below them. Are you getting error messages still from the above EXACT code? Do you have error checking turned on?

I gave you two possible reasons. Have you debugged them?

I don't see any output going to a csv file. I see a form wrapped around a table that has two dropdowns in it. But I don't see what you do with that input (?) or what you do to create this csv file.

What's not to understand? If you are setting it in your script and then attempting to read it a few lines later you're not going to see it. Cookies are set but not read by the script until the script is re-loaded.

Is it possible that your password is actually being escaped and therefore doesn't match the hashed db password? FYI - it is better to hash your incoming password and then do your query to match on both username and the hashed password (meaning you only store a hashed password) and then check if you got 1 row instead of just checking for username. Actually that could also be your problem if you have multiple uses of a single 'username' value.

Actually if you remove that silly first line that does nothing and add a semi to the last line it works just fine for me.

Why don't you put a "real" body text in there and see what happens?

True dat. So it sounds like you will have to assign a new session id when a user logs in which would then make that browser session separate from any other brower session that client is then running. Not the session cookie name as I understand it - simply get a new session id.

I would think that any 'open source file manager' (?) would provide access to (again) 'a subset of folders' and NOT the public_html folder where the manager itself might reside as well as any other application files. Pardon my asking but you do realize the significance of the 'public_html' folder?

My bad. I read different cookies for different instances of the app across folders. Of course now I ask the question - won't multiple users have different sessions anyway? Whats the concern about sessions?

No - that is itself a cookie that directs your session to the session data. Read the manual on cookies.

Well you should have unique names for each one. Perhaps include the 'site' name in the cookie name?

As I pointed out earlier this statement needed quotes initially. And it can be written easier like this: $strSQL = "select * from books where author = '$aa' and publisher = '$bb' and yearpublished = '$cc' and genre = '$dd' "; PS - it is not recommended to select *. One should only select those fields (columns) that are necessary.

Why not use the cookie parm that designates the folder that it will be accessible from?

Show us your latest query statement (in code and properly posted here) and we'll debug it.

You must like being cryptic. So - did you just reveal a second table or additional fields in the first table? Maybe you could start over and use more real words to describe your situation?