davidannis

http://oswd.org has open source web designs but it seems it is no longer being updated. Not as nice as the themeforest themes, but they are free.

Can you add the line print_r($row) ; echo '<br />'; immediately after the <?php This will allow you to see what is in the row to see if there is a price there. I suspect it is blank. Does the price show elsewhere in your system? Did this ever work? Thanks, David

oops, sorry. I left the semi-colon off of the end of that line. You also need to replace the 'email' in that line with the name of the field that is submitted in your form (I never looked) and the e-mail address in the line above with your e-mail address.

I am very intrigued by the Website Critique and Beta Test Your Stuff forums. They look like incredibly valuable resources. I have two separate questions about those forums: 1. I have a website that I am working on which is not really ready for a critique, but I just made a design decision, with which I am a bit uncomfortable. It will take a lot of time to undo if I need to change it later. Would it be poor form to ask for a critique of just that decision before the site is ready for prime time? I can just suck it up and take the risk if not doing so would be a breach of etiquette. 2. I really love the idea of having a wider group of people for beta testing. Some of the sites I'm working on are sites that anybody on this board could easily actually use (a set of SEO tools for example) but others are pretty specialized (software to assist in selling a business). If I ask for people to test the business sale website, will I get any takers and if so will the testers data be close enough to real data to make the test valid? Thanks, David

You should make the from be from yourself as Jessica said so that you never have an issue with the SMTP accepting the message. Here's how: $headers = 'From: [email protected]' . "\r\n" . 'Reply-To: ' .$_REQUEST['email'] "\r\n" mail($to_addr, $_REQUEST['subject'], $mail_body, $headers); the directions are here: http://php.net/manual/en/function.mail.php

Barand's solution is more elegant. I recreated a function that already exists.

I think you want to use the foreach to loop through the values of CheckboxGroup1 $mail_body.= 'Choices: '; $cbg1=$_REQUEST['CheckboxGroup1']; //just cause I don't like looping through a nested array foreach ($cbg1 as $value){ $mail_body.=$value." ";// spaces so the choices don't run together } You may also want to sanitize the input with htmlspecialchars() before you mail it to yourself.

The idea of htmlspecialcharacters is that if you store something in your database that will be displayed in another users browser (let's say user A puts in a job description and user B reads it) you don't want the data to contain something like <script src="http://malware.com/infect.php" /> Sanitizing with htmlspecialchars will convert it to <script.... htmspcialchars won't protect against sql injection attacks. As AyKay47 said use mysqli_real_escape string for that.

I'm not understanding the question but I know that you need a <form action="somethingToDoWithTheInput.php" method="POST"> before the input and a submit and /form after it. If you wnat to prepopulate the input you need to do something like: <input type="text" name="member_id" value="<?php echo $mydata['name'];?>" id="member_id"> Does that help? David

note that when I append there is a period before the equal sign (it's hard to see but it is there).

You need to build the query in pieces and then connect them: if($_GET['categories'] == 'rockandpop') { $query = "SELECT * FROM searchacts WHERE category='Rock and Pop'"; } if($_GET['categories'] == 'tributebands') { $query = "SELECT * FROM searchacts WHERE category='Tribute Bands'"; } // if we have a category we start the select by filtering just that category; // then we add to it if it alread exists if(isset($_GET['sort'])) { if($_GET['sort'] == 'PriceLow') { if ($query==''){ $query = "SELECT * FROM searchacts ORDER BY price ASC"; }else { $query.= " ORDER BY price ASC"; // Adds this to the end of the query } } elseif($_GET['sort'] == 'PriceHigh') { if ($query==''){ $query = "SELECT * FROM searchacts ORDER BY price DESC"; }else{ $query .= " ORDER BY price DESC"; } Your code will get hard to manage with so many ifs, but I understand you're just learning. Nonetheless may I suggest looking at switch / case in the php manual.

Did you edit lines 5 and 6 in send_form_email.php?

You need to be a bit more specific about where you are getting the error.

Christian, I think I disagree with your first comment. We're talking about passing the total number of correct and incorrect answers on a quiz for second graders who are wroking on problems like 6 X 7 = 42. Seeing the number they've got right before the final score is not a revelation given that the program reports each problem as correct or incorrect as they submit it. Presumably they can count so they already know how many they have right. As far as changing their score, if any of them find the hidden fields and cheat then they really need to be working on more difficult material. I asked my seven year old who has mastered squares, cubes, nth roots, and imaginary numbers and who has spent a lot of time learning php with me to try cheating and he couldn't figure out how to crack it.

$state=Array (.5,.3,.7); foreach ($state as $key => $value) { echo $key." "; foreach ($state as $key1 => $value1){ $diff= $value-$value1; echo $diff." "; } echo "<br />\n"; } You'll need to add a bit of formatting but it seems to work as a nested loop.

It works for me using Zend CE on a mac. Try adding lines to initialize $correct and $wrong BEFORE you set them from $_POST $correct=0; $wrong=0;

if(!$_POST['password2'] || !$_POST['password3'])// need to check password 4 here too { $err[] = 'All fields are required.'; header("Location: http://127.0.0.1/");// you need to do something witht he error message or they just get redirected and don't know why. exit;} } //ok - all fields are here $row = mysql_fetch_assoc(mysql_query("SELECT * FROM playerdata WHERE user='{$_POST['logusername']}' AND password='".sha1($_POST['password2'])."'")); // see that they were right about existing password // you can check affected rows as you did above if ($_POST['password3']==$_POST['password4']){ see that both new passwords match $query="UPDATE playerdata SET password='".sha1($_POST['password3'])."' WHERE USER=//...update the password (finish this query and then execute it. }else{ $err[]='error new passwords don't match'; } // [size=4][b]Change Pass Ends Here[/b][/size] (No idea what to do now) I would also suggest salting the passwords (adding some characters to the begining and end before using the sha1 on them.

fenway, Can you suggest a good tool for me. It might save me a lot of time.

No need for a session variable, just pass it back in a hidden field: <html> <head> <title>Second Grade Math quiz</title> </head> <body id="body"> <div id="wrapper"> <div id="header">Mutiple:</div> <div id="quizbox"> <?php $value1 = rand (1,10); $value2 = rand (1,20); ?> <?php if(isset($_POST['input1a']) && isset($_POST['input2a']) && isset($_POST['answer'])) { $result = $_POST['answer']; $input1a = $_POST['input1a']; $input2a = $_POST['input2a']; $correct = $_POST['correct']; $wrong = $_POST['wrong']; if (!empty($input1a) && !empty ($input2a) && !empty($result)) { //echo '<span class="success">Success! '; } if ($result == $input1a * $input2a) { print($input1a . ' x ' . $input2a . ' = ' . '<span class="correct">' . $result . '</span>' . '<br />Correct!'); $correct ++; } else { print($input1a . ' x ' . $input2a . ' = ' . '<span class="incorrect">' . $result . '</span>' . '<br />Wrong!<br /> The correct answer was: ' . '<span class="correct">' . $input1a * $input2a . '</span>'); $wrong ++; } } ?> <form action="mathq.php" method="post"> <?php if ($_POST['s']!='Submit and Score') {?> <input type="text" name="input1a" value="<?php echo $value1; ?>" class="value" /> <input type="text" value="x" class="equa" /> <input type="text" name="input2a" value="<?php echo $value2; ?>" class="value" /> <input type="text" value="=" class="equa" /> <input id="answer" type="text" name="answer" value="" class="answer" /><br /><br /> <input type="hidden" name="correct" value="<?php echo $correct;?>" /> <input type="hidden" name="wrong" value="<?php echo $wrong;?>" /> <input type="submit" value="Submit answer" class="submit"> <input type="submit" value="Submit and Score" name="s"> <INPUT TYPE="RESET" VALUE="Clear all fields of this form"> <?php } else {echo "Some html here so it looks good <br /> You got $correct correct and $wrong wrong";}?> </form> </div> </div> </body> </html>

I was going to make the code allow you to input the value of $row['email'] that it pulls from the database and put the code up someplace where you could execute it and in doing so I noticed that there is another issue: in my else: else { $addemail .= E-mail Address: There is a misplaced quote. I tshould be: { $addemail .=' E-mail Address: <input type="text" style="background:#f00" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" /><img src="images/email_error.png" width="16" height="16" hspace="4" alt="E-mail Error" />'; so, the mismatched curly braces may just be an artifact of where you started and ended your copy. The missing open quote may be the real culprit. Anyway, it is up now try these two links to see how it works: http://businesssellertoolbox.com/temp/[email protected]&emailerror=1 http://businesssellertoolbox.com/temp/[email protected]&emailerror= Posted code is: <?php //Add E-mail Address //$sql6 = "SELECT email FROM carts WHERE cartid='".$cart."'"; //$result6 = mysql_query($sql6); $emailaddress = ''; $row6['email']=$_GET['email']; $emailerror=$_GET['emailerror']; $addemail .= ' <form method="post" action="cart2.php" name="emailform"> '; if ($emailerror =='') $addemail .= ' E-mail Address: <input type="text" style="background:#cfc" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" />'; else { $addemail .=' E-mail Address: <input type="text" style="background:#f00" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" /><img src="images/email_error.png" width="16" height="16" hspace="4" alt="E-mail Error" />'; } $addemail .= ' <input type="image" name="Add E-mail Address" alt="Add E-mail Address" src="images/confirmemail.gif" style="vertical-align:middle" /> </form> '; echo $addemail; ?> the lines: $row6['email']=$_GET['email']; $emailerror=$_GET['emailerror']; just take the variables from the url If you still don't understand PM me and I'll try to explain over Skype.

My edit, if I remember correctly, was just to replace a = in the if (which would make things equal) to a == which checks for equality so I am not sure why that kills the search and replace. Anyway, I tried to find the error. It appears that you have an extra } in your code. Each open curly brace { should be paired with exactly one close curly brace } Since your original post contains one more close than open I'm not sure which one is extra, but I would bet it is one of the last two. Hope that helps. David

Of course, Christian is right - mast height or number of wheels doesn't fit into a single table. I wasn't thinking clearly there. However, I still thinnk that car length, boat length, and vehicle length shoudl be generalized to vehicle lenght. Appologies for the poorly thought out post.

I have coded a couple of applications and for logging in users, I do the following: ask the user for a username create a password salt and encrypt the password store the username and encrypted password in a database e-mail the user his password on a login page, ask the user for his username/password pair salt and encrypt the password provided by the user compare the encrypted password value to the one stored in my database if the encrypted value matches I do a session_start() and store the user_id in a session variable. on every page I do session_start() and check the session variable for the user_id if the user_id is not found redirect to the login page if it is give them access to whatever they should have access to. Now, I have inheritted a program that I did not write and it handles authentication using the PEAR:Auth module. I had a user complain that he was being repeatedly redirected tot he login page. I could not replicate his problem and closing and re-opening his browser solved the problem on his end, but I'm assuming he's not insane so I am tempted to rip out the existing PEAR:Auth methodology of tracking users and replace it with what I am used to. However, PEAR:Auth must do more than php sessions or nobody would use it so I worry that if I replace it I will eaither be making things less secure or losing some functionality. Try as I might, I can't see what I'd lose by replacing PEAR with something simpler. What am I missing? What does PEAR:Auth give me that php sessions doesn't? Thanks, David

Change: $addemail .= ' E-mail Address: <input type="text" style="background:#cfc" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" />'; if ( $emailerror != '' ) { $addemail .= '<img src="images/email_error.png" width="16" height="16" hspace="4" alt="E-mail Error" />'; } $addemail .= ' <input type="image" name="Add E-mail Address" alt="Add E-mail Address" src="images/confirmemail.gif" style="vertical-align:middle" /> to: if ($emailerror =='') $addemail .= ' E-mail Address: <input type="text" style="background:#cfc" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" />'; else { $addemail .= E-mail Address: <input type="text" style="background:#f00" "border-color": "#0c0" name="email" value="'.$row6['email'].'" size="19" /><input type="hidden" name="cartid" value="'.$cart.'" />'<img src="images/email_error.png" width="16" height="16" hspace="4" alt="E-mail Error" />'; } $addemail .= ' <input type="image" name="Add E-mail Address" alt="Add E-mail Address" src="images/confirmemail.gif" style="vertical-align:middle" /> I think that will work.

It seems to me you could keep it in a single table with fewer columns if you think of your data a bit differently. Example: Column Object Type Number of Baths Length Records Car 0 9 RV 1 30 Boat 2 120 No reason to think of car length, boat length, and rv length as different types of data unless I misunderstand.