mac_gyver

please, don't try to store data into a database table like it is a spreadsheet. each data item should be stored in a separate row in the table. your table should have columns for KODARTIKULLI, KODNIVELCMIMI, and CMIMI. next, you don't have to try to select data (which you are not actually fetching and storing the count into a php variable in your code) to determine if you are going to insert a new row or update an existing row. there's a single query that does that - INSERT ... ON DUPLICATE KEY UPDATE ... the KODARTIKULLI and KODNIVELCMIMI columns would be defined as a composite unique index to both enforce one row per combination of those values and to allow this query to work. you should be using a prepared query in any case, but using one when running a query inside of a loop will result in the most efficient operation (saves some time in the parsing and planning of the sql statement). the query would be prepared once, before the start of your loop, with place-holders in the sql statement for the data, then the data would be supplied to the sql query statement when you execute the query inside of the loop. unfortunately, the php mysqli extension is not the best choice to do this. if you can you should switch to use the php PDO extension. in short, all the code and queries you have shown can be replaced with just a few lines of code and one sql query statement.

putting the error settings in your file won't help with php syntax errors in the same file because the code never runs to cause the settings to take effect. you need to put these settings into the php.ini on your development system, which may require restarting your web server to get the changes to take effect. BTW - the currency symbol should not be stored with the price (hint as to where at least one error is at). it is a display property and should be handled when you display the price, not when you store the price.

vague comments about not having any luck with something don't tell us anything useful. there are varying levels of luck and unless we know what your standard is, we don't know what result you are getting. communicate exactly what is happening and if it's not blatantly obvious what's wrong with the result, tell us what's wrong with the result and what result you expected. do you have php's error_reporting set to E_ALL and display_errors set to ON (preferably in the php.ini on your development system) so that php would help you by reporting and displaying all the errors it detects? by default, you cannot use a URL with file_get_contents(), and there would be a php error alerting you to this issue.

how do you know the email is not being sent? what exact symptom, error, or output are you getting from your code and what output did you expect? where in the posted code are you echoing the message at? how do you know that the $email isn't somehow satisfying the mail() function. there are many levels of satisfaction and unless we know your standard, we are left guessing what that statement means. short-answer: were are not there with you and don't know what you saw when you ran your code. the information you supply must concisely communicate what did happened, what should have happened, and for the case of echoing things in the code, post that code, not some other code.

since you didn't address each of the points/questions i ask, it's not going to be possible to directly help you, since we only see the information that you post. these are some more points, from your last thread - i'm betting your posted code is either not being executed due to conditional statement(s) around it being false or it is being executed and is producing output, but you are not seeing it due to this combination of coding and php's stupid output buffering setting. if you want exact and direct help with what your code is doing, you will need to post all of it, so that we aren't guessing about what it may be doing.

are your form fields within a valid post method <form></form>? is your html valid? if it's not, the form fields could be broken and not be considered by the browser to be form fields. what exact post data is being submitted? do you have php's error_reporting set to E_ALL and display_errors set to ON (in the php.ini on your development system) so that php would help you by reporting and displaying all the errors it detects? is the posted code the complete file? it's missing at least two closing } that would producing a php syntax error. lastly, in addition to the questionable statements and logic being used, to provide an audit-trail for the transactions, which also helps in debugging program operation, you should not just add/subtract amounts in a database table field. you should store each plus or minus transaction as a row in a table. to get the current total, you would just SUM() up the values for any user.

web servers and browsers are stateless. they don't know anything about any http request before or after the current one. when you refresh the page, it is requested again and it starts over and operates on any current data it is told to use. the $scope.comments array, that's hard-coded now, should instead be retrieved or dynamically built from the stored data on the server. by appending/pushing the submitted data to the $scope.comments array in the client, you have duplicated data on the client and on the server and can have the data out of synchronization if the server side code doesn't validate and store the data. data should only be stored in one place. next, this line - $json = file_put_contents('names.json', file_get_contents('php://input'), FILE_APPEND); isn't doing what you think. file_put_contents() returns an integer that's the number of bytes written to the file (or a false value if the file_put_contents() failed), so, while this will append the submitted data to names.json, the $json variable isn't either the submitted data or the entire contents of names.json. the reason you are getting php errors from the code is because $json, and then $data, isn't the submitted data. btw - don't use @ error suppressors in your code. they just hide problems, while still leaving your code nonfunctional. your task as a programmer is to find and fix problems, not hide them. this would be a good point to mention separation of concerns. i don't know from your program logic what you expect $json to hold, but if you separate the different concerns in your code, it would be clear to you and us what you are trying to do. saving data due to a form submission/post request is a separate concern from retrieving data to output it. your server side post method form processing code should detect that a post method form was submitted, input and validate the submitted data, then if there are no validation errors, use the submitted data. for what your application is doing, using the submitted data would mean to store it persistently on the server. you can display/dump the data for debugging purposes, but that is not the primary concern of the post method form processing code. if you then want to retrieve some or all of the the stored data and output it, this is a separate concern from the post method form processing and the code to do this should be a separate independent section in your file.

i would add to the above, those two database tables are required even in the case of a session based cart. at the point where the cart is finalized and converted to an order, you have to move the data from the session into the database tables so that you have a record of the order.

you need to decide if you are going to use a session or a database table for the cart. there are advantages and disadvantages to both, the main ones being - session based cart - 1) simpler sql queries - easier for someone just starting out 2) if the cart gets 'abandoned' it is deleted when the browser is closed database based cart - 1) requires more knowledge of sql queries, but uses overall less code and queries 2) if the cart gets 'abandoned' you must periodically clean up the entries in the database table. for a first time project, using a session to hold the cart will be the easiest to understand, design, and write code for. and once you simplify the data being stored in the cart (my item #2), the code to add/delete items in the cart is very simple. the code you have posted for payment.php is very badly written and either came directly or indirectly from code at w3schools. this code can be greatly simplified, just by using an array to hold the errors. it is a huge security risk to input and store credit card numbers on your site. if you are doing this for real, and you have a merchant account that you process credit cards through, they will have a list of security requirements you must meet for them to allow you to keep your account with them if you want to input and store credit card numbers. instead, you would transfer the visitor to the merchant's online payment gateway and the only place the credit card information would be input and used is on the merchant's site. the merchant's site would send your site payment confirmation information. no. this refers to the code with the - "SELECT MAX(paymentID) as paymentIDVal FROM usercheckout" query. actually, the PDO extension is simpler and more consistent then the mysqli extension. the reason for recommending that you store the user's id in the session variable is so the code is general purpose and any queries are slightly faster. you don't have to do this, but if you ever allow a user to change his username, you will have to also change the value in the session variable to avoid logging the user out. on any page that you want to display user information, you would query for it using the user_id, rather than the username that you are doing now. the most straight forward implementation would be to have two tables - 1) orders - order_id (auto-increment) - assigns an id to the order/cart user_id - the user's id date_time_created - the data/time the order/cart was created - also used when cleaning up abandoned carts. status - the order status. initially, the status value would indicate this is a pending order, i.e. just a cart with items in it. when the cart is converted to an actual order, the status would be updated with a value that indicates this. when the payment is verified, the status would be updated to again. other columns unique to each order 2) order_items - id (auto-increment) - assigns an id to the items in the order/cart order_id - from the orders table - identifies all the items that are part of the same order item_id - the item id from your product/item table (note: if you will have different types of items, they should all be in the same table with a category column.) quantity - quantity of the item status - status of the item (this would be things like back-ordered, shipped) when the visitor adds an item to the cart, if there isn't a record for the user's id with a status = cart in the orders table, a new one is inserted, the last insert id would be retrieved and stored in a session variable. this assigns an order_id for this cart. you would use this order_id when inserting rows in the order_items table. if you update the quantity or delete the item from the cart, you would runs queries on the order_items table.

your query is failing, because you are listing the wrong number of inputs in the type string for the bind_param() statement. this would either be throwing a (php?) error at the bind_param() statement or a mysql error at the execute() statement. you need to ALWAYS detect and handle statement errors. the easiest way of detecting and handling database statement errors is to use exceptions. to enable exceptions for the php msyqli extension, add the following two lines before you make the database connection - $driver = new mysqli_driver(); // note the $driver variable name used here is separate from and not related to any variable your code may be using $driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; // MYSQLI_REPORT_ALL <-- w/index checking; w/o index checking --> MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; then, php will catch the exception when there is an error and if you have php's error_reporting set to E_ALL and display_errors set to ON, php will display the actual cause of the error and some back-trace information.

from your statement, it's not entirely clear what sort of problem you need help with. however, in looking at the code, what you have now isn't going to work. you have a session based cart at one point and a database based cart at another. programming requires that you have a clear definition of what you are trying to accomplish and what the data is going to be, before you write any code. some overall suggestions - 1) any action that modifies data should use a post method form. your 'delete from cart' should use a post method form. 2) simplify your cart definition. if you use the item id as the cart's array index and the quantity as the value, all the code will be simplified. you should pass the minimum of information through a form, since you must validate all the submitted form data. the item name and price is known on the server. passing it through the form and storing it in the cart is just more work and more code you have to write and test. 3) if the cart is empty, you should output a message stating so. at the point where you are trying to display the cart or inputting the customer information during checkout, if the cart is empty, display a message stating so. don't leave the visitor guessing why the page isn't doing anything. 4) you have a <form></form> that you have put href/links into. that makes no sense, just output the navigation links. 5) aside from your payment.php code using a database based cart, which is not where the myorder.php code is storing the cart, this code looks like a w3schools copy/paste fail. all those variables you wrote out is not how to do this. you would use an array to hold the validation errors and also serve as the error flag. if the array is empty, there are no errors. if it's not empty, there are errors. 6) you should also not input or store the credit card number, even if this is just a programming class exercise. 7) you cannot (successfully) retrieve the MAX() column value from a database table and use it. multiple rows could have been inserted due to concurrent visitors and you can get the wrong value. to get the correct auto-increment id value following an INSERT query, use the last insert id property/method for the php database extension you are using. for the mysqli extension, it would be the mysqli::$insert_id property. this test_input() function is nonsense from the web. please DON'T copy code you find on the web. actually learn how to validate input data and safely supply it as input to sql query statements. to safely supply data as input to sql query statements, you should use a prepared query, which the php mysqli extension doesn't do very well. if you can, witch to use the php PDO extension. 9) since the visitor must be logged in to display the cart, your code should require the visitor to be logged in to add or delete items to/from the cart. the add to cart and delete from cart form processing code should only be executed if the visitor is logged in. i would store the user's id, not the user's first name, in the session variable to indicate who the visitor is.

here's a much easier way of doing this. get the main table's last insert id, like you are doing now, and as you loop over the uploaded files, for each successful one (your code isn't actually testing the ['error'] element to know if the file uploaded without any error), simply insert a new row containing the main table's last insert id into whatever $table3 is. get the last insert id from this table and use that as the destination file name for the move_uploaded_file() statement. this assigns a unique id (filename) for each image. if you are storing information about each image, such as original file name, description, ... you would store it in the correct row in this table. to 'edit' the file information, you need to handle each possibility - 1) no change, i.e. keep the existing image. you would display the existing file (thumbnail), original name, description, and use the image id (filename) as the type='file' form field name's array index value, which will become the $key value in the php code. i would use a different form field name for existing images (such as 'existing_files'), from the form field name for new images (currently it's 'files'). if no new file is uploaded (there's a specific error value, which is where checking the ['error'] element comes in), you would do nothing for the particular image. 2) replace an existing image. in this case you would select a new image in the browser and upload it. the ['error'] element would indicate a successful uploaded image. you would get the existing id (filename) from the $key value, and after making sure it corresponds to the current main table data being edited, you would simply use the id (filename) in the move_uploaded_file() statement to replace the image, leaving everything else as is. 3) delete an existing image. you would have a checkbox as you have theorized. the checkbox name would be an array with the array index value being the id (filename). for any checkboxes that are checked, you would get the array index value and after making sure it corresponds to the current main table data being edited, delete the corresponding image file and the row in $table3. 4) add image(s). this would use your existing code. by using a different form field name for existing files and for new files, the 'edit' code and the 'insert' code would operate on their own set of form fields. this will simplify your existing database code, making it easier to update it to current best practices and standards.

the primary id column should be an auto-increment integer. it should not be a character data type.

an auto-increment column needs to be an integer data type.

you can either add that term as an entry in the $and_terms array or create and use a 'view' on your database table.

there is a limit to the amount of data in one row. for what you have described, you would store each data item in its own row, with phone_id, config_id, and value columns. to retrieve the set of data for any phone, you would just query for the rows having that phone's id value. the phones and configuration names would be defined in other tables, giving the phone_id and config_id to use in the configuration storage table.

it would be helpful if you define what the work-flow (steps) is (are) before you try to write code. it will also help us if you tell us what the work-flow is supposed to be. something like - 1) connect to device, 2) retrieve user and attendance data, 3) display data in forms, 4) submit form, 5) store submitted data into database table. are you displaying the data as part of the learning/debugging process and you want to 'automatically' insert the data into the database tables OR are you trying to display the data in a form and you will manually submit the form to cause the data to be inserted into the database tables? next, you need to separate the different concerns in your code. any form processing code should be near the top of your file and come before you output any html to the page. the form processing code would come before the <!DOCTYPE tag. all the form processing code would be grouped together. to display the page, your code is retrieving user and attendance data from the time-clock. the code to retrieve this data and store it in php variables should be grouped together and come before you start outputting the html document. you would then simply loop over this data when you output the html document. if you are outputting the data in a form, perhaps to allow it to be verified and edited by a manager, you would need to output it using form fields, in a valid form. there are currently no <form...> tag(s) and no data-input form fields in your code. your attendance data output doesn't even have a <table> tag, no <tr></tr> <td></td> tags and no echo statements for the data.

you would produce the correct ALTER TABLE or CREATE TABLE query and execute it, provided that you can even create a database user on your hosting that has permission to alter/create a database table. however, everything you are asking points to a bad design. you shouldn't be dynamically creating tables/adding columns. 400 fields/columns in one table would be highly unusual and in it self indicates the data isn't being properly normalized (databases are not spreadsheets and trying to use them as one results in a lot of complicated code and queries to accomplish even simple tasks.) care to share some relevant information about what you are doing and a sample of the columns/fields you intend to dynamically add to a table?

^^^ then you should have posted the original code that didn't have the include statement commented out. by posting adulterated code, you wasted everyone's time making off topic attempts at helping you. the help you get is only as good as the information you supply.

if you would post those exact errors w/line numbers, someone COULD help you with what's causing them, because the magic 8 ball we resort to using when someone doesn't think it's necessary to share specific information they have about a problem doesn't show us what you are seeing in front of you.. it's likely they are not exactly the same errors/line numbers as what you posted at the top of this thread.

what sort of error or problem are you having with this query? if you remove all the (), which don't appear to be doing anything, it looks like it should work.

this code is not good and it's not safe. afaik, the XMLHttpRequest() object is not universal between browsers. if you are going to use ajax, you must either take into account all the likely browsers or you need to use a library like jquery to do this for you. before you can ajax, you must be able to html. your form and your form processing code must work properly before you can add ajax to it. your page should also work of someone has javascript disabled. once you get your form and form processing code to work, adding ajax is as simple as adding an event listener tied to an id or class in the form tag, prevent the default form action, serialize the form data (which takes a single statement to operate on all the successful form fields), submit the data, and handle the response. next, because anyone or anything can submit data to your form processing code, it must enforce security. your form processing code needs to detect that a post method form has been submitted, validate the input data, safely produce the message body, and any email address you put into a mail header must be validated to insure it contains only one properly formatted email address to prevent mail header injection. lastly, emails being sent from a form submission on a web site are NOT being sent from the email address that someone entered in the form. the emails are being sent from the web hosting mail server or a third-party mail server. the From: email address must either be hosted at the sending mail server or there must be an SPF record at the domain in the From: email address that says the sending mail server is authorized to send email for that domain.

this error has probably been occurring for some time, but because your code/site isn't using the imagick extension, and you haven't had the php error_reporting/display_errors setting set to report all errors, it hasn't been shown. this error, while it should be fixed, isn't relevant to the immediate problem. if the form field names and values are showing up in the browser address bar, it's because the JavaScript isn't submitting the form and the browser is (the <form tag doesn't have a method attribute, so the default get method is being used.) if the code worked before, what exactly have you changed in it?

Nooooooooo...... this code is logically incorrect and if you are using this same basic code for the email version, it is not secure. the point of a captcha is to prevent non-human submissions from working or unnecessarily using server resources. the current code, if there is no captcha field in the submitted data sets $validQuery = true; and merrily runs the rest of the code. only if there is a captcha field in the submitted data and its value matches the expected value should the rest of the the form processing code run. you should not have any other statements before you have verified the captcha. your form processing code, regardless of what it finally does with the submitted form data, must first test if a post method form was submitted. next, only checkbox and radiobuttons in a form are 'optional' and may not exist in the submitted form data. by using an isset() test for a field that is 'required' makes that field 'optional'. if you need (that still hasn't been determined, since you should find and fix what's causing the slow email operation) to convert from sending an email to recording the submitted data, all you should do is take the same information you have now that's going into the email and (securely) insert that into the database table, along with recording the date/time of the submission, perhaps other things like the visitor's ip address..., and a status field, that would be used to control if the record has been send in the summery email. there's no need for all the rest of logic you have shown. all you are doing is changing what happens with the submitted form data. next, to implement the cron based sending of a summery email, you would just find the records in the table that have a status that says they have not been sent, retrieve the data, produce the summery email, and if sending is successful, change the status to indicate they have been sent. you could also have a field in the table that you update with the send date/time.

wouldn't that mean exactly what your comment in the code states - where is the 'id' in the URL coming from? wouldn't the edit link that you are producing on one page and code using a value from that link on another page need to use the same name for the GET parameter? after you get (pun not intended) the names to match, is there actually an id value in the link? and this is the problem with you just wanting the code to work and wanting someone else to tell you why it doesn't, you are not involved with, looking at, following, and getting what the relationship is between the different pieces of code in the process.