Scooby-Doo

hi Just another quicky...what is best way to tell google to leave certain pages alone, would it be through robots or can you do something in htaccess to stop googlebot indexing certain pages...or any other way??? Cheers

Thanks ignace Its not as thick as mud but still very muggy waters Will get their...to be honest my db does not hold massive amounts of data just makes and models of bikes..period..nothing that could bring down MI5/Pentagon. But I suppose its good practice to secure no matter how small/big the database and how important the site is to you. Thanks

Hi been reading up on security and getting a bit of brain freeze Which bits of the script do you need to secure, the impression I am getting is $_POST....or is it anything that starts with $_ that needs securing If so what is the quickest and best way to secure it And I am guessing $_SESSION will also need securing too Thanks for any help on this one

Thank you Psycho worked a treat....Just one more question, I have used your code so it includes() the selected pages..ie $inspection = isset($_POST['inspections']) ? $_POST['inspections'] : false; $delivery = isset($_POST['delivery']) ? $_POST['delivery'] : false; switch($inspection) { case 'basic.php': case 'platinum.php': case 'accident.php': include($inspection); break; default: include('basic.php'); } ?> <?php switch($delivery) { case 'delivery.php': case 'nodelivery.php': include($delivery); break; default: include('nodelivery.php'); } ?> Would it be difficult to put a value to each selection...for arguments sake if someone selected Platinum Inspection £10 with no delivery £0 it would calculate the two prices and place in a total inspection + delivery Hope that makes sense

I am struggling again, right do my best to explain got a dropdown with 3 selections..ie <form action="prices.php" method="post" name="prices"> <select name="dropdowns" class="selectionbox" value="options" id="selection"> <option value="ns" selected="selected">Please Select</option> <option value="selection1.php">Selection 1</option> <option value="selection2.php">Selection 2</option> <option value="selection3.php">Selection 3</option> </select> When the user clicks on the "Get Prices" button it will open prices.php....but on prices.php I want to have an include("selection1.php") or (selection2.php) etc depending on what the user selected in the drop down box. Now dont laugh at my code but I have done this but dont know how to make it just chose one at the minute it is just including both of them <?php $selection1 = isset($_POST['selection1']) ? $_POST["selection1"] : ""; $selection2 = isset($_POST['selection2']) ? $_POST["selection2"] : ""; if ($selection1); include ("selection1.php"); if ($selection2); include ("selection2.php"); ?> Any help much appreciated...and as you can probably see im new to php

Ok Thanks Kays will remove some of the php tags...thanks for the security warning, I will Yahoogle now to find out about it. Thanks again

Yeahhh..finally got it to work, this is the code for the quote page <?php include("conndb.php");?> <?php function get_model_by_id($id) { $query = "SELECT manufacturer FROM Manufacturer WHERE Manufacturer_id='".$id."'"; $res = mysql_query($query) or die("ERROR: ".mysql_error()." (in ".__FILE__." at line ".__LINE__.")"); $c = mysql_num_rows($res); if ($c != 1) { die ("ERROR: Model not found in get_model_by_id (".__FILE__." at line ".__LINE__.")"); } $row = mysql_fetch_assoc($res); $ret = $row['manufacturer']; return $ret; } function get_make_by_id($id) { $query = "SELECT model FROM Model WHERE Model_id='".$id."'"; $res = mysql_query($query) or die("ERROR: ".mysql_error()." (in ".__FILE__." at line ".__LINE__.")"); $c = mysql_num_rows($res); if ($c != 1) { die ("ERROR: Make not found in get_make_by_id (".__FILE__." at line ".__LINE__.")"); } $row = mysql_fetch_assoc($res); $ret = $row['model']; return $ret; } ?> <?php $title="Your Personal Online Quote"; $description="."; $keywords="."; include('header.php'); ?> <?php $Manufacturer_id = $_POST['model'];?> <?php $Model_id = $_POST['make'];?> <?php echo $Manufacturer = get_make_by_id($Manufacturer_id);?><br /> <?php echo $Model = get_model_by_id($Model_id);?><br /> <?php echo $_POST['inspection'];?><br /> <?php echo $_POST['delivery'];?><br /> <?php include("footer.php"); ?> Dont know if its right or wrong...but it works. And thanks Jamdog for your help on this one, I would still be scratching my head if left alone.

Thank you...now if I leave this code out it works with no errors but still displays id numbers <?php $make_id = $_POST['make']; ?> <?php $model_id = $_POST['model'];?> <?php $make_name = get_make_by_id($make_id);?> <?php $model_name = get_model_by_id($model_id);?> As soon as I put this code in it throws up errors ERROR: Make not found in get_make_by_id Is there any particular place these should go... I dont know if the auto populating php is causing any problems...which is this <?php function createoptions($table , $id , $field) { $sql = "select * from $table ORDER BY $field"; $res = mysql_query($sql) or die(mysql_error()); while ($a = mysql_fetch_assoc($res)) echo "<option value=\"{$a[$id]}\">$a[$field]</option>"; } ?> Really appreciate your help on this one

Please please can someone help me on this one

Thnaks Jamdog The error message is ERROR: Unknown column 'id' in 'where clause' (in C:\xampp\htdocs\website\quote.php at line 20) function get_make_by_id($id) { $query = "SELECT Manufacturer FROM manufacturer WHERE id='".$id."'"; $res = mysql_query($query) or die("ERROR: ".mysql_error()." (in ".__FILE__." at line ".__LINE__.")"); Like mentioned my column name is Manufacturer from the table called manufacturer and the only other column in their is Manufacturer_id Dont know if it makes any difference but Manufacturer and Models are in two different tables The columns in model are Model, Model_id, Manufacturer_id

Right the story so far and I am nearly pulling my hair out here. I have got two tables in the database table 1 name = "manufacturer", column names "Manufacturer_id", "Manufacturer" table 2 name = "model", column names "Model_id", "Manufacturer_id", "Model" The code that Jamdog has posted has now been changed to this function get_model_by_id($id) { $query = "SELECT Model FROM model WHERE id='".$id."'"; $res = mysql_query($query) or die("ERROR: ".mysql_error()." (in ".__FILE__." at line ".__LINE__.")"); $c = mysql_num_rows($res); if ($c != 1) { die ("ERROR: Model not found in get_model_by_id (".__FILE__." at line ".__LINE__.")"); } $row = mysql_fetch_assoc($res); $ret = $row['model']; return $ret; } function get_make_by_id($id) { $query = "SELECT Manufacturer FROM manufacturer WHERE id='".$id."'"; $res = mysql_query($query) or die("ERROR: ".mysql_error()." (in ".__FILE__." at line ".__LINE__.")"); $c = mysql_num_rows($res); if ($c != 1) { die ("ERROR: Make not found in get_make_by_id (".__FILE__." at line ".__LINE__.")"); } $row = mysql_fetch_assoc($res); $ret = $row['make']; return $ret; } When I run the page no faults occur...as soon as I put this code in $make_id = $_POST['make']; $model_id = $_POST['model']; $make_name = get_make_by_id($make_id); $model_name = get_model_by_id($model_id); No matter where I put the code it keeps giving errors Where am I going wrong??? Thanks

Sorry ignore my last post still getting a fault but I put the code in two places by mistake thats why I was getting the error These are the errors I am getting now Notice: Undefined variable: make_id in C:\xampp\htdocs\website\quote.php on line 55 Notice: Undefined variable: table in C:\xampp\htdocs\website\quote.php on line 18 ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id=''' at line 1 (in C:\xampp\htdocs\website\quote.php at line 19)

Thanks for that...but it doesnt work...can I just point out I have used the name "Make" on my form...in the Database it is down as "Manufacturer"...does that make a difference This is the error I am getting Fatal error: Cannot redeclare createoptions() (previously declared in C:\xampp\htdocs\website\quote.php:37) in C:\xampp\htdocs\website\header.php on line 11 This is the code on line 11 of the Header function createoptions($table , $id , $field) { $sql = "select * from $table ORDER BY $field"; $res = mysql_query($sql) or die(mysql_error()); while ($a = mysql_fetch_assoc($res)) echo "<option value=\"{$a[$id]}\">$a[$field]</option>"; } Thanks again for all your help on this one

Hi Kays thanks Yes all the input options have different values, just dont know how to go about changing the values so the php pull from the list of "Manufactuers" & "Models" and not "Manufacturer_id" & "Model_id" This is the code from the Make/Manufacturers selection box if it helps <select name="make" class="selectionbox" id="Manufacturer"> <option value="make" selected="selected">Select Make</option> <?php createoptions("Manufacturer", "Manufacturer_id", "Manufacturer"); ?> </select> If you need anymore code from anywhere let me know...and thanks in advance much much appreciated

Please can someone help with this one as its the last bit of the site I need to do... All i am stuck on now is the Make and Model "id's" from the database and not printing the text from the users selection..just a number...how do I get it to print/echpo the text selection Thanks