dougjohnson

I think you need to add: $result = mysql_query($sql); after the INSERT.

Is the PHP script you are running on your PC or the remote server? The error is telling you that the user "localusername" does not have permission to use the "SELECT" command. If the script is running on the remote server, do you have a user set up on your local PC with permissions to execute your statement?

You are "Connecting" to a database right? You can't use mysql_real_escape_string without first connecting to a db. Sorry if missed something but I didn't see a connection.

Yes I agree. look into javascript and maybe innerHtml. Depending on how you want to display the total price.

Then do any "echoing" inside the contact.php include.

We use a custom script we wrote for this purpose. It's fairly simple. You do run the risk of looking like spam when you send out mass mailings like this. We run our own server, but in your case I would check with your host and see what their rules are on this.

We use this tool to create our dynamic PDFs: http://www.easysw.com/htmldoc/ There is a passthru command you can use within your php script to create the pdf's from a php created html file.

Set the checked attribute to yes or no. CHECKBOX="YES"

All radio buttons can be "unchecked". With radio buttons I don't think you use checked=. You just use CHECKED. If there is no CHECKED in the input tag, the radio button will be unchecked. <input type="radio" name="accountActivation" id="no" value="no" <? if (isset($register_errors)) { if (($_POST['accountActivation']) == "no") { echo "checked"; } } ?> " />

I think you need to add a file name to your <form action='' tag?

You need to make sure the "directory" you are uploading to has the correct permissions set. In this case, you need to be able to "write" files to your uploads directory. So, right click the directory "on the server", click properties, and set the permissions for the "website" user. Or you could use chmod.

Do you have rights on the server to create files at the upload location?

We use this product: http://www.easysw.com/htmldoc/

You could use "explode". $variable = "John Doe"; $explodedvariable = explode(" ",$variable); $fullname = trim($explodedvariable[0] . " " . $explodedvariable[1]);

I think your link needs to pass the appropriate "ID" to the second page? Where does $_SESSION['id'] get it's value?

One way to do this would be to search for a match for the username. If a match exists, UPDATE. If a match does not exist, INSERT. $usernamematch = "Carbon"; $result = $connection->prepare("SELECT username FROM tablename WHERE username = ?"); $result->bind_param("s", $username); $result->execute(); $result->bind_result($usernamefound); while ($row = $result->fetch()) { } if ($usernamefound != "") { } else { }

You could use table rows and columns? <table> <? select and while statement here ?> <tr> <td> <? echo data here ?> </td> <td> <? echo data here ?> </td> </tr> <? end while ?> </table>

Why not make "sort by" links at the top of each column - housenum, address1, address2, postcode. Clicking on the "sort by" links would sort by the column data. Or, I may have not understood your question?

Here's an example. It includes 3 files: js/formprocessing.js 01ajax_process.php 01ajax_process.php Hope this helps. Set this example up on your server. Play around with it until you understand how it works. This doesn't include a database but the idea is the same. Below is the HTML form page: <html> <head> <title>Form Posts with Ajax</title> <script type="text/javascript" src="js/formprocessing.js"></script> </head> <body> <form> Top: <input name="sortorder" type="radio" value="top"> Bottom: <input name="sortorder" type="radio" value="bottom"><br> Text One*: <input type="text" name="textOne" title="required"><br> Text Two: <input type="text" name="textTwo" title="required"><br> <select name="mySelect"> <option value="selectedOne">Select One</option> <option value="selectedTwo">Select Two</option> </select><br> <input type="button" value=" go " onClick="sendRequest(this.form, '01ajax_process.php')"> </form> <div id="results" /> </body> </html> Below is the js/formprocessing.js file: // JavaScript Document ////////////////////////////////////////////////////////////////////// ///// DO NOT CHANGE BELOW ///////////////////////////////////////////// var req = createXMLHttpRequest(); //// /// function createXMLHttpRequest() { /// var ua; /// if(window.XMLHttpRequest) { /// try { /// ua = new XMLHttpRequest(); /// } catch(e) { /// ua = false; /// } /// } else if(window.ActiveXObject) { /// try { /// ua = new ActiveXObject("Microsoft.XMLHTTP"); /// } catch(e) { /// ua = false; /// } /// } /// return ua; /// } /// /// function sendRequest(frm, file) { /// var rnd982g = Math.random(); /// var str = ""; /// if(str = getForm(frm)) { /// req.open('GET', file+'?'+str+'&rnd982g='+rnd982g); /// req.onreadystatechange = handleResponse; /// req.send(null); /// } /// return false; /// } /// /// function handleResponse() { /// if(req.readyState == 4) { /// var response = req.responseText; /// document.getElementById("results").innerHTML = response; /// } /// } //// ///// DO NOT CHANGE ABOVE ///////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// function getForm(fobj) { var str = ""; var ft = ""; var fv = ""; var fn = ""; var els = ""; for(var i = 0;i < fobj.elements.length;i++) { els = fobj.elements[i]; ft = els.title; fv = els.value; fn = els.name; switch(els.type) { case "text": if(fn == "email") { if(fv != "") { var filter=/^.+@.+\..{2,3}$/; if (!filter.test(fv)) { alert("Please input a valid email address!"); testresults=false; els.select(); return false; } } } if (fn == "date1" || fn == "date2") { if(fv != "") { re = /^(\d{1,2})\/(\d{1,2})\/(\d{4})$/; if(regs = fv.match(re)) { if(regs[1] < 1 || regs[1] > 12) { alert("Invalid value for day: " + regs[1]); els.select(); return false; } if(regs[2] < 1 || regs[2] > 31) { alert("Invalid value for month: " + regs[2]); els.select(); return false; } if(regs[3] < 1959 || regs[3] > (new Date()).getFullYear() + 1) { var maxyear = new Date().getFullYear() + 1; alert("Invalid value for year: " + regs[3] + " - must be between 1959 and " + maxyear); els.select(); return false; } } else { alert("Invalid " + fn + " format: " + fv + " (mm/dd/yyyy)"); els.select(); return false; } } } case "hidden": case "password": case "textarea": // is it a required field? if(encodeURI(ft) == "required" && encodeURI(fv).length < 1) { alert('\''+fn+'\' is a required field, please complete.'); els.focus(); return false; } str += fn + "=" + encodeURI(fv) + "&"; break; case "checkbox": case "radio": if(els.checked) str += fn + "=" + encodeURI(fv) + "&"; break; case "select-one": str += fn + "=" + els.options[els.selectedIndex].value + "&"; break; } // switch } // for str = str.substr(0,(str.length - 1)); return str; } Below is the 01ajax_process.php file: <?php if(isset($_GET['rnd982g'])) { foreach($_GET as $fieldname => $value) { if($fieldname == "rnd982g") { // ignore this random number // only used to prevent browser caching } else { if ($fieldname == "sortorder") { $sortorder = stripslashes(htmlentities($value)); } if ($fieldname == "textOne") { $textOne = stripslashes(htmlentities($value)); } if ($fieldname == "textTwo") { $textTwo = stripslashes(htmlentities($value)); } if ($fieldname == "email") { $email = stripslashes(htmlentities($value)); } if ($fieldname == "date1") { $date1 = stripslashes(htmlentities($value)); } if ($fieldname == "date2") { $date2 = stripslashes(htmlentities($value)); } if ($fieldname == "mySelect") { $mySelect = stripslashes(htmlentities($value)); } } } echo "sortorder($sortorder)<br>"; echo "textOne($textOne)<br>"; echo "textTwo($textTwo)<br>"; echo "email($email)<br>"; echo "date1($date1)<br>"; echo "date2($date2)<br>"; echo "mySelect($mySelect)<br>"; } ?>

$ipaddress = $_SERVER['REMOTE_ADDR']; Also, you probably want to hash the password before inserting it into the db.

You could put the logged in userid in a session variable? Or just pass the userid as a hidden value in the POST? Other than that I'm not sure what you're having trouble with.

You are doing yourself a big favor by starting PHP using OOP. I've been a PHP programmer for 10 years and still can't get my head around the Object Oriented way of doing things. Part of the problem is the "can't teach an old dog new tricks" issue. It will help you big time starting with OOP!!! Good luck.

The following link is an great article on file upload security: (read the .jpg image header comment injection paragraph) http://www.acunetix.com/websitesecurity/upload-forms-threat.htm

The clearDefault() function above should be: function clearDefault(el) { if (el.defaultValue==el.value) el.value = "" }

Although I don't know how they did the fade-out, (ajax?) this may work: <html> <head> <script type="text/javascript"> function changeColor(color) { document.getElementById('x').style.color=color; } function clearDefault(el) { el.value = "" } </script> </head> <body> <form> <input id="x" onmousedown="changeColor('red')" onkeydown="clearDefault(this)" type="text" value="field text" size="20"> </form> </body> </html>