ginerjm

What do you mean you have been able to do this with sessions? And why "of course only the administrator" in the following? You already said only the admin will be able to even do this. And how "permanent" do you want this selection to be? Permanent as in always? Permanent for the current session? Permanent for the current user? Very confusing statements overall.

I'm guessing that connect-db.php failed you. The var $db is not a pdo object yet. Do you handle errors in that connect-db module?

1 - I wonder why you suppress the outcome of your ini-set statements? What are you hiding from yourself / the user? If anything, during development you WANT to see if there is an unexpected outcome, no? 2 - this line: ini_set('upload_max_filesize', '1024000000000M'); is asking for an inordinately HUGE filesize. The M indicates megabytes already, so why so many zeros? Don't you just want ini_set('upload_max_filesize', '20M'); I wonder if #1 is preventing you from seeing an error message caused by #2?

Add an echo statement to ensure that the code you think is working truly is.

You need to put your fetch into a loop and then use the foreach to echo each column. while ($row = $dbh->fetch(PDO::FETCH_ASSOC)) { foreach ($row as $k=>$v) echo ...... }

And just how is this an "array prob"? At least you have improved your writing since your last post with this subject name. Don't have a clue what you are doing though. One hint - usually people come to the forums with code (as you did before) and a problem rather than simply posing some situation you want to have written for you. As a general rule people who simply beg for help and say please please please do not get any better help than those who write intelligent posts that provide code, concise error/problem descriptions and requests for understanding. From what little I can imagine re: your brief post, you seem to want to produce an html div for each record you get from your php code's query and that you want that div produced by javascript. This would imply that you are doing an ajax request so that the results can be handled by the JS code that made the request. For a person who seems to be in the early stages of a web development career(?) you are attempting to do some very complex programming as a starting point. Perhaps you might consider just making this a php only task and simplify your project.

I start every script with "session_start();' If you do that how do you have a problem setting a session var?

sory - tyred of reding yur bad writing. gud bye

It means that perhaps you are looking at the wrong section of code Do you have some other queries going on in this script? Put an echo before this query and after it and be sure that you are getting the error there. And show us the new code after you have made these changes (with the MySQL_error call too)

What a horrible attitude you have!! People are literally giving you step by step debugging advice and you are too much of an idiot to let them help you. And why don't you learn how to write full words instead of your jibberish misspelled words and abbreviations?

javascript perhaps?

$q = "select a.deals, b.deals, from customers a, deals b where a.admin_id = b.admin_id and a.deals = b.deals will get you the records where admin_id is the same and each of the columns named 'deals' is the same. If you need other fields you must add them to the query You must also run a query using this statement. Then - if the query results var is not false you can loop thru the results var and use the fields of each row to send an email. AND - you really should write this using mysqli or pdo since what you are using has been deprecated and will no longer work soon. OMG! I got lost trying to understand your needs and completely missed the idea of this needing a join. Please disregard my post as Psycho has it right!

Line 37 - bad query - selecting all fields from two tables? with no connection between them and no qualifier on the where fields. Is that what you want to do? Line 39 - you do a fetch but you have not done a query' Line 41 and all included lines will not be executed either. Don't see what this code has to do with your original proposition?

In checkin.php you have: if ($visits = $check_visits) { which will not do what you intend. Need == Also - I don't see where $visits is defined.

If your post is ALL of the code, then my original two statements still stand. If you have more Relevant code to include, please do so.

1 - your queries have errors in them 2 - you have to do more than just compose a query statement in order to read the data. You need to do some reading to get up to speed.

Can we see more of the code? Did you make an sql connection? The message - where did that come from? The message seems incomplete - it mentions a fetch, but your fetch command is commented out. Too sketchy to determine.

I do believe this last post adds to the confusion. The OP has already shown us that the stored password is encrypted and that the attempt to validate a user's credentials is trying to do so using an unencrypted search argument. This code replicates that same error. Simply hashing the user-supplied password (or two passwords?) and THEN doing the query will solve the OP's original question. From that point on there are many, many things that need to be addressed in order for this to be a safe and sound php script. Let's get thru the first problem before inundating her with more code that does not solve her question. Yes - it won't be safe but at least she can have something that works, even if it is not the right way, that she can then improve upon.

I have no idea what you are talking about. You asked about an error message - I deciphered it for you.

NO You are currently grabbing the input from the POST array, no? You are establishing two vars - username and password, no? You are then using them in a query to locate the correct login record, no? But you aren't finding it because you used a password value in the query that will never match the stored one since it isn't hashed. Right? Erroneously - you continue on and try and check the query results (which don't exist) against a just-hashed password value. Instead you need to take that hashing statement and DO IT before you try and do the query and THEN you will find a query result. There is no need to check the password after this since you found a match in the db and you can confirm the user's login. All you need to is ensure that the query runs and that the query results == 1 row. Program much?

Am I not writing English? I can't make this any clearer. You need to move that hash line above your query so that you will locate the record. Period.

This just proves my supposition. You are storing the pw in a hashed state. Good. But when you try to do a login, you go looking in the db for an un-hashed password. That fails (0 rows) and you send back the not found message. You enter the credentials again and the whole query and error msg process repeats, just like you said in your OP.

Yes it is but you have no matching record that I can see since you did a query looking for the unhashed password value which doesn't exist, no? If you query looking for the true typed-in username (which you should be sanitizing before putting into a query btw) and the true typed-in password (which needs to be sanitized and hashed) you won't find it. So it makes no sense to be doing a compare after that since there is nothing to compare.

You hash it and supply THAT value to the query.

The message is quite direct. It's telling you that the php install/config you are using does not allow includes (requires) specifying a url. You can only include files that are part your your filesystem, not from the web. If this module is truly something within your filesystem, then point to it that way, not as a url.