cyberRobot

As maxxd mentioned, your SQL qurey has a syntax error. Your selecting all columns (*) and the password column. Your query needs a comma $q="select *, password from affiliates where username='".$mail."'"; Or since you're only using the password column, you could remove the asterisk. $q="select password from affiliates where username='".$mail."'"; Also note that you need to run the query through mysqli_query() before you can use mysqli_fetch_assoc(). More information can be found here: http://php.net/manual/en/mysqli.query.php Side note: your query is vulnerable to SQL injection attacks. If you're not doing so already, you should look into creating Prepared Statements or at least use mysqli_real_escape_string(). And if you need more information about password hashing, the following may help: http://php.net/manual/en/faq.passwords.php

You could create an array of valid values and then run the test. For example <?php function ball_callback($atts,$content,$tag){ //collect values, combining passed in values and defaults $values = shortcode_atts(array( 'num' => 'other' ),$atts); //based on input determine what to return $output = ''; $validValues = array('1', '2', '3'); if(in_array($values['num'], $validValues)){ $output = "output for {$values['num']}"; } return $output; } add_shortcode('ball','ball_callback'); ?> Note that you could use range() to create the array for $validValues. More information can be found here: http://php.net/manual/en/function.range.php

As mac_gyver mentioned, nothing can be outputted to the screen before calling header(). Since you're just redirecting the user, the header() call can be moved to the top of your script. <?php //lets check the user is authorised to be here! if ($userLevel > 3){ echo "you are authorised to be here!"; } else { header('Location: ../index.php'); exit; } //this is going to be the main section for reporting include('../header.php'); ?> Note that I added the "exit" statement after the header() call to prevent the script from doing any further processing. If you want to display a message before the page is redirects, you could look into using header() and "refresh". An example can be found here: http://php.net/manual/en/function.header.php#97114

That seems like it would work. Did you have any additional questions?

session_start() needs to be called before anything is outputted to the screen. Note that there is a bunch of HTML being displayed to the screen before you call the function.

Your function is only set up to accept one argument. To pass three ('john', 'smith', and 'k'), you'll need to modify the function definition.

Perhaps the following will help: http://php.net/manual/en/functions.arguments.php

The code for re-populating the last name field is commented out. Try using something like the following: <!doctype html> <html> <head> <meta charset="utf-8"> <title>Untitled Document</title> </head> <body> <?php $problem = false; if($_SERVER['REQUEST_METHOD'] == 'POST') { if(empty($_POST['fname'])) { $problem = true; echo "Please enter your first name"; } } ?> <form action="sticky2.php" method="post"> <input type="text" name="fname" size="15" placeholder="First Name" value="<?php if(isset($_POST['fname'])) { echo $_POST['fname']; } ?>"> <input type="text" name="lname" size="20" placeholder="Last Name" value="<?php if(isset($_POST['lname'])) { echo $_POST['lname']; } ?>"> <input type="submit" name="submit" value="Contact Me!"> </form> </body> </html> Note that I removed the <label> tag since you weren't really using it. To be honest, I'm not sure if the <label> tag is needed when you're using the "placeholder" attribute. Perhaps that's something else to research. I also removed the "id" attribute from the first name field since it probably isn't being used.

If you post the attempted code, we may be able to identify why you're getting a blank page. Do you know if PHP is set to show all errors and warnings? You can make sure by adding the following code to the top of your script during the development / debugging process: <?php error_reporting(E_ALL); ini_set('display_errors', 1); ?>

Is PHP set to show all errors and warnings? To make sure, you can add the following to the top of your script during the debugging process: error_reporting(E_ALL); ini_set('display_errors', 1); Side note: using the raw value from PHP_SELF in the form action attribute makes your script vulnerable to XSS attacks. To send form submissions to the same page, you can leave the attribute blank or delete the attribute altogether.

Change this $stmt = $mysqli ->prepare("INSERT INTO clients fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,projectOptions,projectOverview,year) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)" To this $stmt = $mysqli ->prepare("INSERT INTO clients fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,projectOptions,projectOverview,year) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)");

Are you getting any errors for the $_POST variables? The array indexes should be enclosed in quotes. For example: $_POST['fname']

You're missing a parenthesis here (before the semi-colon): $stmt = $mysqli ->prepare("INSERT INTO clients fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,projectOptions,projectOverview,year) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)";

What's the overall goal of the project? Are you trying to build an e-commerce website? There appears to be a lot of high-risk information being stored in your database (such as credit card information and national ID [assuming that's something like a social security number]). Do you really need all that information? If so, is the information being protected?

The only data that's passed through your form is from the following: <input type ='hidden' name='userid' value=". $row["number"] .">"; If that's the ID you're trying to test, then the POST variable should be $_POST['userid'] But you still need to address the fact that the rest of the data isn't being passed.

Also note that you need to use input fields when passing data through forms. Perhaps the following article will help: http://php.net/manual/en/tutorial.forms.php

Have you tried enabling all PHP errors and warnings? To do that, you can add the following to the top of your PHP script during the debugging process: error_reporting(E_ALL); ini_set('display_errors', 1); Based on a quick look, I didn't see a form field named "id". Without id, $_POST['id'] isn't going to be set.

It seems like the issue has to do with the code assuming that $pageURL always contains "?404;" and ":80/". Since it sounds like that's an issue with the new server setup, you'll want to make sure the URL contains those values before trying to split a string based on the values. Try changing this $pageURL = explode('?404;', $pageURL); $pageURL = $pageURL[1]; $pageURL = explode(':80/', $pageURL); $pageURL = $pageURL[1]; To this var_dump($pageURL); //<-- debugging code; remove when done if(strpos($pageURL, '?404;') !== false) { $pageURL = explode('?404;', $pageURL); $pageURL = $pageURL[1]; } if(strpos($pageURL, ':80/') !== false) { $pageURL = explode(':80/', $pageURL); $pageURL = $pageURL[1]; } var_dump($pageURL); //<-- debugging code; remove when done Note: the calls to var_dump() are just there so that you can see how the URL looks before and after the code executes. They can be removed at any time.

Did you get a chance to enable all errors and warnings, as suggested by ginerjm? That should hopefully give you a clue if anything is out of date.

It likely won't make a difference, but you would basically change references like this include("$_SERVER[DOCUMENT_ROOT]/kf.pages/$c.php"); To this include("{$_SERVER['DOCUMENT_ROOT']}/kf.pages/$c.php"); Or this include($_SERVER['DOCUMENT_ROOT'] . "/kf.pages/$c.php");

It seems odd that there is a dot after the DOCUMENT_ROOT variable here: if(!file_exists("$_SERVER[DOCUMENT_ROOT]./kf.pages/$c.php")){$c = "404";} But not here: include("$_SERVER[DOCUMENT_ROOT]/kf.pages/$c.php");

DOCUMENT_ROOT is likely just referring to the standard index available through $_SERVER. http://php.net/manual/en/reserved.variables.server.php Since the array variable ($_SERVER) is used within a double quoted string, the quotes around the index are not required. I also ran a quick test and creating a constant with that name doesn't seem to affect the array variable. At least is doesn't on my web server.

For what it's worth, you can remove the text from both the Age and Birthday fields.

Also, note that the code posted isn't complete. Perhaps you just didn't post it all, but you're missing the <option> tags and the end </select> tag. And for what it's worth, you should consider reviewing the documentation for the <label> tag. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/label

You're using "SymptomId" here: <select name="Symptom" id="SymptomId" onchange="Symselect()"> And "Symptomid" here: var x = document.getElementById("Symptomid").value; Those values need to match. Note: the values are case sensitive. Note that I moved the topic to the JavaScript forum.