mac_gyver

your original text file probably contains an extra new-line/blank-line at the end. you need to validate the data you are using to make sure the data is an expected value, type, format, ... i would trim() the $r value, which will remove white-space characters before/after any data, and only write the line to the output file if the trimmed data is not an empty string. note: you have a new-line on the end of each real line that you probably don't want to remove or if you do remove it, you will want to add back to the output when you write the line to the output file.

no one is questioning his knowledge. is anyone really reading WHAT they or anyone else is writing? you know, it takes me a long time to compose what i write. it probably took me close to an hour to write post #6 above. i review and revise what i write several times to get the statements to covey the information that i am trying to get across and i tend to be more detailed than others in my explanations, for which i get a lot of thanks and likes. i don't take the time to write out huge verbose replies because i want the typing practice, i write them to share relevant knowledge. it's too bad that others would use their time to point out 'problems' with something that someone has written, without having a clear understanding what they are replying to first.

Don't confuse A writing style with what is being written. do you think the Angus Macgyver character would be concerned with capital letters on what he wrote out to solve a problem or would he be concerned with the result? the methods i listed are a summery of the form processing practices that have been stated in countless replies on the forum. and again, the following has nothing to do with what was stated, and can only be reasonably accounted for by a translation problem - no one stated that how the data gets submitted is an issue and this has nothing to do with any of the suggestions. the OP did apparently get useful information out of the post since he gave it a like.

since English is probably not your first language, you have been given some slack in the 'off' replies you give. however, no one stated - what was stated is, you don't need and shouldn't use an isset() statement to "individually test if they (the type of fields that were specifically mentioned) exist." when you translated that to your native language, you apparently got - 'don't validate each form field' and didn't get anything else that was stated or the context in which it was stated. no one stated to not validate each expected form field. in fact, if you have read or correctly translated what was stated, someone mentioned and gave a method for -

since you are validating a post method form, your form processing code should first check, once, that a form has been submitted, and have all the form processing code inside of a single conditional statement. if your page will process more than one form, you would have a test for each possible form (test for a field name or a value that will always exist when the form is submitted and uniquely identifies the form) and only run the correct form processing code that matches the form that was submitted. once you have tested that a/the-correct form has been submitted, all the text, textarea, password, and select form fields will exist. it's not necessary to individually test if they exist. in fact individually using an isset() for each form field tends to hide typo errors in the field names between the form and the form processing code. you would want to get and display/log (development/live server) php errors in this case or in the case where someone is submitting their own form data and is not submitting all the expected form fields. after you have determined that a/the-correct form has been submitted, only check-box and radio-button may or many not exist, depending on if they are checked/selected and would need to use isset() statements within the form processing code to detect if they exist or not. since you will want to set up a unique validation error message for each different thing that can be wrong with the data for a form field and you will want a way to detect if there are validation errors at any point in your code, you can kill two birds with one stone by using an array to hold the validation error messages. you would add elements to the array, using the form field name as the array index and the message as the value. this same array can serve as the flag that there are validation errors by either testing that the whole array is empty() or not or you can test if individual elements/errors are set or not, using the field name index value with an isset() statement.

the answer is still to use explode (unless you are getting this from a file, in which case file() would be the best first step.). you explode first on the line-ending-character (varies depending on where you are getting the data from, can be \r, \n, \r\n, or \n\r), to give an array of individual lines. you then explode each line on the comma character. you would want to trim() the final data before you try to use it in case there's some white-space characters as part of the data.

i recommend that you read the thread i linked to in post #2 above. the OP in that thread is doing just about the same thing, with PDO, and is getting how you would dynamically build the sql query statement and dynamically bind any input parameters.

the entries you add to the $params array would need to each be a an array of the set of parameters that your ->bind() method expects. this would be an array containing two or three elements, the place-holder name, the value, and the optional type. when you loop over the $params array, you would call your ->bind() method inside the loop, using the elements from each entry in the $params array. you would need to test if the third, type, parameter has been supplied in the $params array entry it to avoid producing php errors or you could always build the element in the $params array with the third element. if you can use the second suggestion, of supplying the data to the ->execute(....) method and the $params array only contains the values (per the code i posted, using ? place-holders) or it only contains the place-holder name and the values (no type elements), the $params array IS the array you can supply to the ->execute() method as a parameter.

no, you won't have to check every combination of inputs. you only have to produce terms for the sql statement that have input values that you want to include in the sql statement. parts left out of the sql statement will match 'all' conditions for a column.

you would dynamically build the WHERE part of the sql query statement. see my posts in this recent thread - http://forums.phpfreaks.com/topic/299482-php-pdo-how-to-bind-values-to-varibale-contains-concatenated-string/ as you are testing the input parameters, for any of them that have non-empty, non-'all' values, add the portion of the sql statement for that input parameter to an array. at the end, if the array is not empty, implode the array using ' AND ' between the array elements. note: this works even if there is only one entry in the array as the implode will just return the single entry. it will only implode values, with the separator string between them, if there are two or more entires in the array.

are you getting any session_start() errors? is the host-name(sub-domain) and the path after the domain the same for the ajax requested file and the main file and your session cookie settings are only set up to match the exact host-name/path where the session is created, meaning that you have multiple different sessions?

you would use the same method, to not output the login form, when the visitor is already logged in, regardless of using any ajax. in fact, your page should work even if javascript is disabled. javascript/ajax only changes how client-side things occur. aside from adding logic to check if the request is an ajax request and to output only what the ajax expects, rather than the entire html document, you need the same functionality in the server-side code, ajax or not.

does that mean you validated the user's 'view source' from his browser at the time it wasn't working, or was that when you visited the page and it was working? if you are dynamically producing the page, there could be something for this set of users, that's causing the problem, such as data that contains html entities or character-encoded character, url's that need to be url-encoded when output on the page, or even data that's longer then the database field it's being stored in and it has been truncated. one characteristic that may be common to all the browsers/computers/networks where any one of these users has tried or could be a common thing between all the different uses with the problem, is that they may be accessing the web in such a way (proxy server) that a piece of information in the request is missing or not as expected. and the request for the web page could contain all the expected information, but media requests may not (i'm thanking back to AOL, where the requests for web pages and the requests for media on a web page could come from different ip addresses.) are you doing anything in a .htaccess file, such as trying to use the HTTP_REFERER to control access, or in your code trying to get and use their ip address making use of any of the HTTP_xxxxxxx headers? something like this in a .htaccess file or the code, could also account for why when you are logged in as them that you cannot reproduce the problem (i'm assuming you are actually using their credentials, rather than having an admin override, because an override may not be producing the exact same conditions.)

here's something else that you can do that will generalize your code. for the dynamic/conditional parts of the sql statement, add the different terms to arrays, then implode the contents of the array using either ' OR ' or ' AND ' as the separator string. for sections where you are producing something1 OR something2 OR ..., you would add each of the something... to an array, then implode the array using ' OR ' to give that part of the sql statement. your overall WHERE clause is a collection of AND'ed terms. you can have a main array that holds each of the individual parts as they are being built, then implode this array using ' AND ' (along with a few ( and ) ) to give the total AND term. here are your snippets of the query showing these methods (untested, could contain typo's) - $params = array(); $and_terms = array(); $and_terms[] = "au.suspended = 0"; if (!empty($_SESSION['advs']['title'])) { $terms = array(); // always initialize (array) variables if (isset($_SESSION['advs']['desc'])) { $terms[] = "au.description like ?"; $params[] = "%{$_SESSION['advs']['title']}%"; } $terms[] = "au.title like ?"; $terms[] = "au.id = ?"; $params[] = "%{$_SESSION['advs']['title']}%"; $params[] = $_SESSION['advs']['title']; $and_terms[] = implode(' OR ', $terms); } if (isset($_SESSION['advs']['buyitnow'])) { $and_terms[] = "au.buy_now > 0 AND (au.bn_only IN('y','n') AND (au.num_bids = 0 OR (au.reserve_price > 0 AND au.current_bid < au.reserve_price)))"; } if (isset($_SESSION['advs']['buyitnowonly'])) { $and_terms[] = "au.bn_only = 'y'"; } if (!empty($_SESSION['advs']['zipcode'])) { $userjoin = "LEFT JOIN " . $DBPrefix . "users u ON (u.id = au.user)"; $and_terms[] = "u.zip LIKE ?"; $params[] = "%{$_SESSION['advs']['zipcode']}%"; } $wher = "(".implode(') AND (',$and_terms).")"; // bind the data in $params here or use $params as a parameter to the ->execute($params) method

as you are dynamically building the sql query statement, you need to put a place-holder into the sql statement and add the data values as elements in an array. at the end, you would loop over the array of data values and run a bindvalue() statement for each place-holder/value in the array OR if all the values can be treated as strings or quoted-numbers, you can just supply the array as a parameter to the ->execute(...) method for LIKE comparisons, the wild-card % characters must be in with the data value, not in the sql statement.

when this doesn't work, it would be nice if you could get the 'view source' of the page to see if all of it is present, i.e. is the problem that the page isn't being completely sent/received or is it something that's occurring in the browser's rendering of the page. you mentioned that with javascript turned off the page would be crippled, here's a possibility. you have a race condition, that's dependent on the network used to access the site and/or the visitor's computer, having something to do with what the javascript is doing. a common occurrence, that's network speed/timing dependent, is if you are doing ajax requests that make use of session variables, and your main page is also using session variables, and/or you are dynamically producing images that are using session variables, the session data file is locked by each process/request in turn and each later request must wait until the file is release before the session_start() can open the file and return to your php script. if this is what is occurring, and you don't have a problem in your server side code (are you calculating the page generation time on the server and outputting it on the page and/or logging it?) that's causing the page to take a long time to be generated, the way to address this is to do a session_write_close() as soon as you are finished setting/changing any session variables on a page. if all you are doing is reading session variables, you can do the session_write_close() immediately after the session_start().

for one of the users where it doesn't work, hopefully on their computer when it doesn't work, is the copy/pasted html markup of the page in question, valid @ validator.w3.org ? for the last example of a user trying this at a library, is that using a different computer, one at the library, or his same computer, but using a different network/isp? is there anything in common between the users in what is being displayed on the page, such as special html characters (<, >, ', or ") as part of the information being output on the page from their profile? if they disable javascrpt in their browser and visit the page, does the problem still occur? could you have any cookies set due to your development cycle/access to the site that the users don't and it could be causing your attempt at reproducing this to be different from the users? are you using any cookies as part of the process, that if they do/don't exist or with outdated/changed-format/values over various revisions of the software, could affect how the page operates?

in order to make a single page web site, you need to separate the 'concerns' in your code. the post method form processing code is a separate concern from get method code that produces content for your page. the get method code can also be separated into 'business' logic that knows how to retrieve data, and stores the data in php array variables, and 'presentation' logic that knows how to produce the output using the retrieved data, and stores the produced output in php variables. the output that's produced from the 'presentation' logic should just be echoed at the correct place in your html document or output as a response to an ajax request. after you separate the code, for each different functionality you want on a page, into its separate concerns (some functionality may not have all three parts), you would group all the different post method form processing code together, all the get method 'business' logic together, and all the get method 'presentation' logic together. post method forms and post method form processing code should ONLY be used when you are submitting data to the server for creating/inserting data, updating/editing data, or deleting data. get method forms/links and get method code is for determining what the page will display. your code is apparently using a post method form to determine what to display on the page. you would need to fix this first. all the post method form processing code needs to come before you output anything to the browser, so that you can do a header() redirect after successfully processing the form data, to cause a get request for your page. the get method business/presentation logic should actually be before the <!DOCTYPE tag. see the following post for a suggested layout for the code on your page - http://forums.phpfreaks.com/topic/297824-database-issues-and-working/?do=findComment&comment=1519095 it also appears that your code is repeatedly making a database connection, running queries, and closing the database connection. your single page should make one database connection, then pass it into (functions/classes) any code that needs to use the database connection. if you follow the suggested page layout at that linked to post, there are specific places listed where you would make the database connection and close it.

It's a safe bet that nothing being hosted on or through an amazon web services server should be making requests to your web site. however, doing a whois ip lookup for two of those ip addresses, gives the following information - http://www.whois.com/whois/54.174.55.230 and http://www.whois.com/whois/54.174.62.56 these are apparently for a company named hubspot. those two whois lookups have different abuse contacts. get the whois lookup information for each of the different ip addresses you are getting requests from, then do two things - 1) provide the abuse contact(s) with the ip and datetime information about the requests. they should be able to determine for that set of ip addresses and datetime, what is sending the requests (perhaps they have a bot/proxy running on their system(s).) 2) find the range of ip addresses that each of the ip addresses is part of and assuming you are using an Apache web server, add an entry in a domain root .htaccess file that blocks (deny) requests from that entire range. repeat for any other ranges of ip addresses.

the character-encoding for the first link/page is - utf-16le, which is treating characters as consecutive 2byte/16bit entities. the character-encoding for the second link/page is - utf-8 just changing the character encoding that the first file is saved with may fix the problem.

you are actually doing two things - 1) recording who, what book_id/title they have borrowed/returned, how many they have borrowed/returned, when they borrowed/returned them (not just when they promised to return them.), and 2) being able to track actual inventory of books. before you continue to try and write any code or queries, or do things that other people tell you, which may not take into account all the requirements that only you know about, you need to sit down and do some 'thinking through the problem' and figure out what data you need to record and how you will query to get the results you need. the following is my thinking through this problem, and assumes that you are not going to serially number each book (which you stated in the previous thread that you weren't doing), which would make this like a discrete resource reservation system, i.e. a room booking system. without a serial number for each book, this is like a shopping cart/order system, except that you expect all the items to be returned (or accounted for if not returned.) so, someone visits the library, picks out some number of one or more different books, and goes to the check out desk. this should create a record for this transaction (order) that assigns a unique id, that will be used to refer to everything that's part of this transaction, who the person is, and any other unique information about each transaction. then, for each book_id/title that's part of a transaction, you would enterer a record in a second (order details) table that assigns a unique id (for reference purposes), the transaction_id, the book_id, quantity (i would store a negative quantity when a book is borrowed, a positive quantity when a book is returned, so that you can directly SUM() quantities to find inventory levels), date (or datetime if you are actually using the time part) that the quantity of book(s) was borrowed/returned, a scheduled/promised return by date (or datetime if you are actually using the time part) - this could be different for each book_id/title and could be extended by any amount upon request, and any other information you need for each book_id/title that's part of a transaction, such as status/memo fields. when book(s) are returned by a person, you would enter more records in this details table, using the same transaction id, book_id, a positive quantity, so that they offset the number of books that were borrowed, the date (or datatime) they were returned (the scheduled/promised return date is not used in this case.) the only use of a date (or datetime) in a query would be to find out if any books are over due or to determine when books should be available. to find out what books a person (still) has checked out, you would just query for the data for his transaction(s), group by the book_id and sum up the +/- quantities. to find out the available quantity of any book(s), you would write a query that groups by the book_id, regardless of the transaction, and sums up all the +/- quantiles for each book_id. to record initial books on hand, books added, books lost/damaged/sold, books found by others, ... you would enter records in this same details table, with + or - quantity. the status/memo field(s) would be used to mark the record with this type of extra information about a transaction. if you have any requirements that are not covered by this suggested method, you need to sit down and think through what data you need to store or calculate and how you will query to get the results you need.

a slightly more dynamic slant on doing this - // dynamically build the query string part of a url, from whatever part(s) it is made of - $q = array(); $q['PartID'] = $row['PartID']; $q['Color_ID'] = $row['ColorID']; // add any other key/value pairs here.... $qs = http_build_query($q,'','&'); // build urlencoded query string, with properly encoded & $label = htmlentities($row['PartID'],ENT_QUOTES); // use html entities on any content // this is just the <a></a> link part of what you are outputting, which appears to be incomplete/broken in your code echo "<a href='Part_Color.php?$qs' style='text-decoration:none;'>$label</a>";

for time being, forget about "individually without refreshing the page." you have to be able to write the program logic that does what you want first, and us just posting code isn't going to help you learn how to do that. start by making this all one page, but using just html and php (your page should work, even if someone has disabled javascript - you can output a submit button for your form(s) using a <noscrpt> tag.) then, you can add things like on change events and ajax requests after you have gotten all the code written and working. it sounds like you are making the U part of a CRUD (Create, Read, Update, Delete) exercise. the first step is to define the steps that accomplish the work flow. wouldn't these be something like - 1) list the available stages, with a way of selecting one. 2) if a stage value has been submitted, as a get parameter (you are controlling what is being displayed on the page), (safely) use the value to retrieve the record(s) that match that stage, display them, each as an individual (based on your stated goal) 'edit' form for updating the values. 3) if an edit form has been submitted, as post data (you are altering data values at this point), (safely) use the submitted form data to update the correct record. 4) repeat until you have updated all the records that you want or you pick a different stage value. you would basically use this list as comments in your code and write the code that implements each of these steps of the work flow. the code on your page should be laid out as suggested in this - http://forums.phpfreaks.com/topic/297824-database-issues-and-working/?do=findComment&comment=1519095

doing an exact, equal, comparison with dates doesn't make any sense. would the query you tried match any other row(s) in your database table for that id_item? it sounds like you don't know why you added the start and end dates/times, but whatever reason you have, you would need to make use of <, <=, >, or >= comparisons, not just = comparisons.

the OP should have that already in this table, as this is pretty much just a continuation of another thread - http://forums.phpfreaks.com/topic/298896-pdo-with-array/