MDCode

If you're using htaccess to forbid certain or only allow some ips, it would result from that (would explain the access denied error).

First of all, why get help with php in an html section (I know you said it's wrong section). It shouldn't even be in php section because you're not even attempting at it so I assume you're offering payment. In which case you can refer to the freelance section. Second, unless your sever is configured to do it, php will not work in a .html file. If you wish to not pay, look into the mail() function of php. It's VERY simple.

You need to do it after you define $user_name Move the query and the if num to after you define user_name ($user_name = mysql_real_escape_string($_POST['user_name']); in your case)

Error code 4 means that there was no file uploaded A full list can be found at http://php.net/manua...load.errors.php If you wish to change it simply do: $code=$_POST['ICODE']; $descp=$_POST['DESCR']; $rate=$_POST['RATE']; $image=$_FILES["IMAGE"]["name"]; if($_FILES["IMAGE"]["error"] > 0) { // create a list of errors here if($_FILES["IMAGE"]["error"] == "4") { echo "Please select a file."; } } else { echo "File Uploaded"; echo $image; }

You said that was the problem before *facepalm* Ok try this... $code=$_POST['ICODE']; $descp=$_POST['DESCR']; $rate=$_POST['RATE']; $image=$_FILES["IMAGE"]["name"]; if($_FILES["IMAGE"]["error"] > 0) { echo "Error: " . $_FILES["IMAGE"]["error"] . "<br />"; } else { if(!isset($_FILES["IMAGE"]["name"])) { echo '<p>Please select a file</p>'; } else { echo "File Uploaded"; echo $image; }

Not sure. $image will always be set because you're giving it a value. You can first try checking if the form was submitted. Then give it a value and it should work

You're recalling the $image variable inside the $_FILES. Change if(!isset($_FILES[$image])) to if(!isset($_FILES["IMAGE"]))

Change that to $image = $_FILES["IMAGE"]["name"];

The name of the file itself example: name --> picture.jpg <-- name

You cant simply post an image. You use $_FILES["IMAGE"]["name"] You also do not want to upload files to a database, use a directory

The information needs to be supplied before it can be checked so yes it would be after.

You're using a and img tags? I'm not too sure that would work...why not just enter the image name as they are doing in the example they provided

It's quite simple really. Here's an example <?php // Build the query and get your result $query = "SELECT * FROM `table` WHERE `username` = '$user_name'"; $result = mysql_query($query); // $num will get the amount of users with the same username in the table $num = mysql_num_rows($result); // If $num does not equal 0 (there is a match in the database) return an error if($num != "0") { echo "That username already exists"; $error = "1"; } ?>

<?php if($_POST['allow_dupes'] == "0") { $allow_dupes = 1; } else { $allow_dupes = 0; } ?>

echo mysql_error(); Add this after your query and $res and post the message that shows

There is no java anywhere on the page. You are also not using php anywhere inside the javascript. There is no way to help unless you reveal the functions you're using

Yes I just removed all the filtering and age check etc. for purposes of keeping it short you can add in your filtering the way you had it. But where you're checking for the age just change if($dob >= $sixteen) { $error = "Age Error"; } to: if($dob >= $sixteen) { echo "Age Error"; $error = "1"; } And make sure it's before you check if $error == "0"

Well, you could do something like: <?php if (isset($_POST['submitted'])) { // Set errors equal to 0 $error = "0"; if (empty($_POST['user_name'])) { // Change error to 1 so that the user will not be registered echo 'Please Enter a username<br />'; $error = "1"; } else { $user_name = mysql_real_escape_string($_POST['user_name']); } if (empty($_POST['password'])) { // Change error to 1 so that the user will not be registered echo 'Please enter a password<br />'; $error = "1"; } else { $password = mysql_real_escape_string($_POST['password']); } if (empty($_POST['first_name'])) { // Change error to 1 so that the user will not be registered echo 'Please enter a first name<br />'; $error = "1"; } else { $first_name = mysql_real_escape_string($_POST['first_name']); } // If there were no errors if($error == "0") { $query = "insert into user(user_name,password,first_name,last_name,day,month,year)values('$user_name','$password','$first_name','$last_name','$day','$month','$year')"; $res = mysql_query($query); // want to filter everything that gets echoed to avoid javascript issues echo "Sign up successful - Thank you $first_name <br/>"; echo "Your details are as follows:<br/><br/>"; echo "<strong>Username:</strong> $user_name:<br/>"; echo "<strong>First name:</strong> $first_name:<br/>"; echo "<strong>Last name:</strong> $last_name:<br/>"; echo "<strong>Password:</strong> <i>[Hidden]</i>:<br/>"; echo "<strong>Date of Birth:</strong> $day / $month / $year:<br/>"; } } ?> md5 is a hashing method (somewhat insecure as there are websites that store md5 hashes to look up) Salting and hashing is combining the password with a secret password that only you should know then hashing it

<?php if (isset($_POST['submitted'])) { // not sure what the point of this is so I changed it to blank $error = ""; if (empty($_POST['user_name'])) { $error = 'Please Enter a username';} else {$user_name = mysql_real_escape_string($_POST['user_name']);} if (empty($_POST['password'])) { $error = 'Please enter a password';} // SALT AND HASH PASSWORDS else {$password = mysql_real_escape_string($_POST['password']);} if (empty($_POST['first_name'])) { $error = 'Please enter a first name';} else {$first_name = mysql_real_escape_string($_POST['first_name']);} $last_name = mysql_real_escape_string($_POST['last_name']); $day = mysql_real_escape_string($_POST['day']); $month = mysql_real_escape_string($_POST['month']); $year = mysql_real_escape_string($_POST['year']); $date = getDate(); $tday = $date["mday"]; $tmon = $date["mon"]; $tyea = $date["year"]; $sixteen = (($tyea - 16)*10000) + ($tmon*100) + $tday; $dd = $_POST["dob_day"]; $mm = $_POST["dob_month"]; $yy = $_POST["year"]; $dob = ($yy*10000) + ($mm*100) + $dd; if ($dob >= $sixteen) { $error = "Age Error"; } if (empty($error)) { // YOU NEVER EVER!!! want to submit passwords in plain text. $query = "insert into user(user_name,password,first_name,last_name,day,month,year)values('$user_name','$password','$first_name','$last_name','$day','$month','$year')"; $res = mysql_query($query); // want to filter everything that gets echoed to avoid javascript issues echo "Sign up successful - Thank you $first_name <br/>"; echo "Your details are as follows:<br/><br/>"; echo "<strong>Username:</strong> $user_name:<br/>"; echo "<strong>First name:</strong> $first_name:<br/>"; echo "<strong>Last name:</strong> $last_name:<br/>"; echo "<strong>Password:</strong> <i>[Hidden]</i>:<br/>"; echo "<strong>Date of Birth:</strong> $day / $month / $year:<br/>"; } else { // Output errors here echo $error; } } //header('location:signup_success.php'); ?> A few things. ^^ This should work. You're still showing database connection details in your commenting. You NEVER want to submit passwords in plain text (look into salting and hashing them). And your header that is commented out will not work because you are echoing information before it.

The php variables worked in javascript. The buttons however did not. Sorry for the confusion

Tested on my site and variables do work. Javascript is not my strong point; perhaps someone with more experience can help you

I do not believe php variables work with javascript. You're also not closing your div tag.

Remove your database connection details. Also go change them now. As for your error, I see no where that you are printing said errors?

So...you want help to create an illegal program? But oh wait, you'll pay for it?!? lol

Ok. Do you have a question?