mac_gyver

you have a mysql_query in your code. you are trying to use a mysqli database connection. you should be using a mysqli_query. you are repeating code for your mysqli database connection in each function. that will lead to typo and other errors. you should be creating one database connection per page and passing it into any function or class that needs it.

register_globals were turned off by default in 2002 having been superseded by the $_GET/POST... variables. there has been plenty of time for coders learn how and to stop writing new code that used them and to update any existing code. no one should be surprised or still have any affected code in 2013 when this depreciated feature was finally removed in php5.4.

you need to find out if this is what is causing the problem. is your code using $dir or $_GET['dir'] to access the value from the url?

the parameters on the url most likely don't work because your code in the requested file is dependent on register_globals and needs to be fixed to use $_GET['dir']

what you are asking is exactly what curl does. it requests pages exactly the same as a browser would. you would use it to submit post data to the form processing page. the same as a html form in a browser would have.

as a continuation of the above reply - a payment gateway method that requires you to put your account number and pin into the submitted data isn't intended to directly involve the visitor. it would be used where you securely accept the payment information on your site and you are securely submitting the payment information to the payment gateway. the only way that i can think of where you could redirect the visitor to the payment gateway after you have securely submitted your account number and pin would be if the payment gateway sent you back a transaction code and you caused the visitor to redirect to the payment gateway checkout page with that transaction code as part of the request.

what payment gateway are you trying to use? knowing what it is would get you help specific to it.

adding more fields to this code is more than just adding columns to the database table, adding input fields to the form, and adding statements to the code in devices.php. all the code in the device class must be modified to operate on the additional fields. you need to trace through the execution of the code all the way to the query statements. i have looked at the device class code some and it's too bad the author didn't make his code general purpose so that all he or you would need to do to add fields is to add them to the database table and define them in a configuration file. the author should have used __set()/__get() magic methods to allow all the classes to operate on any arbitrary list of properties and to have defined a list of the fields/properties and their data type in a configuration file. all the code would have used this definition instead of hard coding everything and all you would have needed to do to accomplish your task is to add your new fields to the database table and to the definition in a configuration file.

your form page has two separate forms. only the first one has a Member_ID field. the Member_ID isn't submitted with the second form. you need one form that has all the fields in it. all your form processing code should be inside the conditional if(){} statement - if(isset($_POST["Member_ID"])){ all the form processing code needs to be in here } you currently have the mysql_query() statement outside of and after the conditional statement.

your question is about the update not working, but does the create work? if create works, that means that you modified the code in the device() class CreateDevice method to deal with the new fields. you would need to also modify the code in the UpdateDevice method too.

pass your filters that determine what is displayed when you make a get request for a page as $_GET parameters in the url. that's what $_GET parameters are designed to do. this will allow someone to bookmark the page and return to the same point later or to share a link to the results or to even try different searches and can navigate back to any point as long as the visited pages are still in their browser history.

variables are called variables because what they hold can vary - "Something that varies or is prone to variation." this allows you to have and reuse one variable who's name indicates the purpose of the data in the variable, $sqlCommand in this case. the alternative would be a defined constant - "Something that is unchanging or invariable." then you would need to think of and keep track of different names for every defined constant you use in a program, but that makes more work when programming and actually uses more memory.

see the use of the ? place holders and bind_parm() in an insert query at this link http://www.php.net/manual/en/mysqli-stmt.execute.php

how do you know the page isn't being requested twice? Have you looked in the web server access log? added a session based counter to your code?

what does putting the following debugging code after the prepare() statement show - printf("Prepare failed: %s\n", $connection->error); i'm going to guess that the values you are inserting in the query are from a form?. why are you using a prepared statement, but still directly putting the data into the query. that bypasses what a prepared query is for. a prepared query should use placeholders for the data values and then supply the data when the query is executed.

if that worked when you tried it, then yes. you must use the same path and domain parameters when you use the setcookie to clear the cookie, or it will actaully be trying to clear a different cookie.

if your code has nothing in it to prevent it more than one request, the browser requesting the page two or more times can cause the symptom you are seeing. you are only seeing the output from the last time the page is requested.

your setcookie isn't setting the path or domain parameters, so if you are changing the path or subdomain in the url, then your cookie won't match and won't be sent by the browser.

does your code have any logic in it to detect and prevent the code from running multiple times or from running when your form hasn't been submitted at all or is that code inside of a file being included and it's being included more than once or in a loop?

is the filename of your php.ini just php.ini or is it php.ini.txt windows hides the extensions of known file types by default (hackers love this and you should turn the setting off) and if you used a windows editor to modify the file, it may have a .txt entension.

you need to determine which php.ini file is being loaded. create a php script with a phpinfo statement in it and browse to the php script. the Loaded Configuration File line is the php.ini that is being loaded. i'm pretty sure the command line version - development server of php will load the php.ini in the same folder where the php.exe file is at. if that that doesn't work, it should load the php.ini file it finds along the windows path statement, which should have the path to the php.exe file anyway.

your method doesn't add any extra security. the person most likely to be attempting to log in as someone else will be doing it from the same wired or wireless network as the actual person and would have the same ip address as the actual person. your method of using the sequential database id as the value in the cookie will allow someone to quickly cycle through a range of valid ids. depending on what your server side logic is checking, at best this will allow them to log out all your actual visitors and at worst it will let them eventually find any ids that correspond to the ip address and log in. the value you store in the cookie to identify someone must be a hard to guess value, like a session id is, which would not allow someone to simply cycle through a range of integers to come up with values to try.

your function code is fetching a row from the result set, but not doing anything with it, then trying to fetch and return the next row, but since there's likely only one matching row from the query in question, you are actually returning a false value to the calling code.

the only ways to supply values to a page are - imbedded in the url as hostname, path, or filename information or as $_GET, $_POST, $_FILES, $_COOKIE, or $_SESSION data. since you are generating a list of urls, you would need to pass some unique identifier as part of each url.

as a continuation of the above reply - i just duplicated your var_dump of the $_POST output. after hitting the submit button on the first row - array(11) { ["ddsub_sector_id"]=> string(0) "" ["tbtickersearch"]=> string(0) "" ["ddcurrency_id"]=> string(13) "None Selected" ["ddcountry_id"]=> string(13) "None Selected" ["tbenterticker"]=> string(0) "" ["tbenterlevel"]=> string(0) "" ["ddquote_convention_id"]=> string(13) "None Selected" ["ddbenchmark_id"]=> string(13) "None Selected" ["tbentermaturity"]=> string(0) "" ["bonddescription"]=> array(1) { [0]=> string(0) "" } ["issueid"]=> array(1) { [0]=> string(0) "" } } after hitting the submit button on the 2nd row - array(2) { ["bonddescription"]=> array(1) { [0]=> string(0) "" } ["issueid"]=> array(1) { [0]=> string(0) "" } } this is due to the mess of nested form tags. TAKE A LOOK AT THE URL IN YOUR BROWSER'S ADDRESS BAR when you submit the first and other row's forms. you will see that the first row submits to reduced_view_issues.php. the remainder of the rows submit to select_issue3.php you need to make sure that the html you produce is valid and it wouldn't hurt to learn some css so that you can clean up and reduce all the styling in the markup.