mac_gyver

use an array for each check box. the array name is purpose of the check box and the array index is something that IDentifies who the check box is for, such as a user id - name='admin[1]' name='suspended[1]' name='admin[2]' name='suspended[2]' name='admin[3]' name='suspended[3]' the "checked" boxes will be the index values in the arrays. loop though the submitted arrays or use array_keys to extract the index values.

you would want to store random generated values in an array, use array_unique to remove duplicates and keep generating them until you have 50000 unique values or just generate a larger incrementing series, two to three times the needed number of values, shuffle the result and use the first 50000 of them. trying to insert the values into the database as they are generated, ignoring duplicates using a unique key and keeping a count of how many values have been inserted would take a very long time to run using a query inside of a loop. once you have the 50000 unique values in an array, insert them as many at a time as you can using a multivalue insert query.

try this - SOUNDEX(column) = SOUNDEX('$user_value')

change your database table column to an integer datatype. it's a character type now and that's how strings sort/order themselves.

the actual query statement that is inserting your email value probably has a space in it before the variable name. i was going to mention the output buffering in your previous thread as it cause nothing but problems. the only time you should use output buffering is if you want to buffer output. by using it and outputting php error messages or the messages your code produces, then unconditionally redirecting, you won't see any of that output and in the case of one of the messages your code produces, you should not be redirecting in those cases anyway. you should not use ob_start and you should organize the logic on your page so that all the php code that decides what to do on the page (the business logic) comes first before you try to output any of the html on the page.

i would store the ip, username, and datetime of each failed login attempt (one row for each attempt) so that you will know the timing (how old they are and how close together they are) of each attempt. you could eventually add logic to detect attempts too close together that are from a bot script and "hard" (without an automatic reset) lockout an ip/username combination. to "soft" (with an automatic reset) lockout an ip/username combination you would get a count x of the rows in the last y amount of time. this "soft" lockout method would allow new attempts from an ip address as the datetime of the stored attempts "age" and become older than the y amount of time. you would probably want to have a backup "hard" lockout for this method to detect when someone is making a large number of attempts that are slow enough to not trigger a "soft" lockout at all or if there have been a number of "soft" lockouts triggered. if you want to only "hard" lockout an ip/username combination, just get a total count of the rows (not looking at the datetime). if it's over x, consider the ip/username combination locked out. a "hard" lockout would require some administrative action to clear it, such as an actual administrator on the site to unlock the ip/username combination or perhaps send an email to the actual user when an ip/username lockout occurs that would both alert him that this is happening to his account and if it is the actual user that got locked out to provide him with a reset link in the email.

your page is being requested two times. it's not going to index.php directly. the first time it is requested $_GET['mode'] is set and it runs the code you expect it to. the code then redirects to that same page with $_GET['success'] set. that causes it to skip the if() logic and goto the else part where you have a redirect to index.php.

there's a whole section in the documentation with different methods of encrypting the information, using only the price stored in your paypal account for each item, or of confirming that the actual submitted purchase matches the selected items - https://www.x.com/developers/paypal/documentation-tools/paypal-payments-standard/integration-guide/encryptedwebpayments#id08A3I0MK05Z

when recover.php redirects using - header('Location: recover.php?success'); it goes to that same page and the only get parameter that is set will be $_GET['success']. the first if() statement is false, it's testing $_GET['mode'], and the code goes to the else part. your code is doing exactly what it is written to do. what do you want to happen?

1) you should bind each input variable/value to its placeholder. this allows you to specify the correct data type for type checking. all data put into the pdo ->execute() statement is treated as a string. 2) you should not open and close a database connection inside of a loop (never do this) and you should not run a query inside of a loop. you also cannot use placeholders for table (and column) names. only literal data (numbers, strings) can use placeholders in a prepared query. running a prepared query (mysqli or pdo) in a loop takes almost the same amount of time as running a non-prepared query in a loop (the time to prepare most queries is small compared to the time to run the query.) so with a prepared query or not, it is usually best to make one query to operate on all the data at once. to make one delete query operate on all the id's, the where term needs to be WHERE id in(?,?,?,...). there must be a placeholder for each id value. you can make the list of place holders to put into the query by counting the number of id's and you would run a pdo stmt bindValue statement inside of a loop to bind each id value to its placeholder after you prepare the query.

one of the original purposes of php was to be a "Forms Interpreter" FI. there's probably 2,000,000 examples of php code that checks submitted form data posted all over the place on the Internet for you to find.

what result are you trying to achieve? comparing them using what condition or rule?

your form processing code isn't testing if there is any data in any of the variables and it isn't even testing if a form was submitted. for each piece of submitted data you need to define what is an acceptable value and if it is required or if it can be empty. for required fields, at a minimum, you need to trim the data value and if it is empty, don't even run the code for the database query.

your Postcode table should have an id (auto increment) column. you would just submit the id value and query the database table at any point where you need all the other information related to that submitted id. also your current use of the suburb as the submitted value is not unique. an auto increment id would be unique.

you are multiplying $mypassword * 12. as long as $mypassword doesn't start with a number, that multiplication will produce a zero value as will an empty $mypassword and the hash of that will always be the same. if you used the same logic when you inserted the row in to the user table, the hash stored in the user table corresponds to a zero value and leaving the password field empty will match it. why are you multiplying a string by a number?

lol, you should have never used the password() function for your user's passwords. there is now an old_password() mysql function that you can use and it should return values that match what you have stored in the database table. i would also recommend the following - 1) add two new columns to your database table to hold a new hash value and a unique random salt per user. 2) when anyone successfully logs in, take the entered password, apply a new salted-hash algorithm of your choice to the password and store the new hash value and random salt string in the database table. 3) if any one tries to log in and the new columns already hold values for them, use the new columns to log in the user. 4a) at some point your active users will be switched over to use the new hash/salt columns. email all the users who haven't logged in yet to do so with a deadline date or they will need to specifically request a password reset to log in after that date. 4b) on the date you have determined remove the old password column and any code that is using the password() or old_password() function. make backups of your database and code before making any functional changes and test the changes off-line before putting them onto a iive server.

you are binding the month as though it is an integer. it is apparently the month abbreviation, a string. the internal conversion of those mismatched data types is probably causing all the month values to be matched. make sure you are treating data as the correct type.

but does it produce the result you expect for different sets of data?

test code that implements the suggestion i made - <?php $String = '48.010918880032534,-102.27871447619208,48.007298546092386,-102.27871873313035,48.007300404087175,-102.28410804755288,48.007302263082124,-102.28949736197535,48.007304121076913,-102.29488670439923,48.007305979071589,-102.30027601882199,48.010925506717513,-102.30027931864152,48.014545007363211,-102.30028259146059,48.018163867996407,-102.3002842242235,48.023143739025727,-102.30028731751861,48.023143709229146,-102.29967535036019,48.023140964347476,-102.29489150234963,48.023137856666608,-102.28949565918271,48.023137825974516,-102.28890660889158,48.023135053987971,-102.28409987201547,48.023131946306933,-102.2787040848512,48.018158490915084,-102.27870810340568,48.014539184972818,-102.27871024825487,48.010918880032534,-102.27871447619208'; $Exp = explode(',',$String); if(is_array($Exp)){ $C = 1; foreach($Exp as $Exp2){ if(!empty($Exp2)){ if($Exp2 > 0){ $latitude[] = $Exp2; } else { $longitude[] = $Exp2; } } } } $m['maxlat'] = max($latitude); $m['minlat'] = min($latitude); $m['maxlong'] = max($longitude); $m['minlong'] = min($longitude); // the prefect corners $c[1] = array($m['minlat'],$m['minlong']); $c[2] = array($m['maxlat'],$m['maxlong']); $c[3] = array($m['minlat'],$m['maxlong']); $c[4] = array($m['maxlat'],$m['minlong']); function distance($lat1, $lon1, $lat2, $lon2, $unit) { $theta = $lon1 - $lon2; $dist = sin(deg2rad($lat1)) * sin(deg2rad($lat2)) + cos(deg2rad($lat1)) * cos(deg2rad($lat2)) * cos(deg2rad($theta)); $dist = acos($dist); $dist = rad2deg($dist); $miles = $dist * 60 * 1.1515; $unit = strtoupper($unit); if ($unit == "K") { return ($miles * 1.609344); } else if ($unit == "N") { return ($miles * 0.8684); } else { return $miles; } } foreach($c as $corner=>$arr){ foreach($latitude as $key=>$lat){ $dist = abs(distance($arr[0],$arr[1],$lat,$longitude[$key], "M")); $result[$corner]["$dist"][] = array($lat,$longitude[$key]); } ksort($result[$corner]); } echo "The four corners found are:<br>"; foreach($result as $arr){ $first = array_shift($arr); echo $first[0][0] .' '. $first[0][1] . '<br>'; }

exactly what i was going to write. without a state-able rule, there's no way to write any code to do it. how does this sound - form the prefect rectangle using the min/max x/y values then find the distance between those 4 "prefect" corners and the actual points and the closest point to each of the "perfect" corner points is the corner point you are trying to find?

it's probably for consistency purposes. you can use the same line of code to fetch the next element from the array no matter how rows are in the array being operated on.

it might help if you state what it is you are trying to accomplish, rather than stating what you are doing that doesn't produce the result you want. what i think you are trying to do is use a search radius and add/subtract that radius to the starting point's lat/longitude to quick find all the points within that bounding square, then to actually calculate the distance from the starting point to those quick find points to remove any that are outside the search radius.

an issue that stands out is that you are using number_format() on values, not just for display purposes, but that those formatted numbers are being used in the calculations. when you end up with a number with a comma 1000's separator in it, only the leading number before the comma will be used in the calculations. you should only use number_format() right before you display a value and only to produce the displayed output. the original variable needs to contain the unformatted value.

for drop-down select menus output selected="selected" inside the <option > tag you want to be selected.

as a continuation of the above reply, the link i posted is the same information as the link awjudd posted in his last reply. using this method will shorted your code from about 13 lines to 3 lines. your original code needed to do what pbs posted, but in order to use $stmt->num_rows you need to store the result using $stmt->store_result() first. the $stmt->get_result() in the code posted by awjudd returns a mysqli_result that you need to fetch the row from before you can access the count value.