cyberRobot

It has already been moved by mac_gyver to the PHP section. Also, it looks like you posted your real database credentials. You need to change those now that they're visible to the public. Side note: you should take a look at the following article about the dangers of using PHP_SELF as the form action: http://seancoates.com/blogs/xss-woes

It sounds like you're passing the information using a SESSION variable. On the page which as a problem with the variable, did you call session_start() at the top? http://php.net/manual/en/function.session-start.php

You could add index values to the input names: Number 1: <input type = "text" name = "input[a]" size=3> <br> Number 2: <input type = "text" name = "input[b]" size=3> <br> Number 3: <input type = "text" name = "input[c]" size=3> <br> Number 4: <input type = "text" name = "input[d]" size=3> <br>

You could reduce the amount of str_replace() calls by using regular expressions. For example, to replace all <br> and <br/> tags, no matter how many there are, you could do something like <?php $fullt = 'This is my<br><br>break text<br><br><BR/><br><BR><br/><br>hi<br><BR>kjsdf<br/><br/><br/>fsdffsd<br/><br/>df'; print htmlentities($fullt) . '<br>'; $fullt = preg_replace("~(<br>|<br/>)+~i", "<br>", $fullt); print htmlentities($fullt); ?> Note that the "i" at the end of the regular expression makes it case insensitive. That way it also replaces <BR> and <BR/>.

Did you try echoing out the results from mysql_num_rows($result)? Perhaps it's finding more than 1 result?

Did you try echoing $email and $password to see if they contain what you expect? You should also try echoing out the hash password and compare the variables against the database. Can you match them manually?

The error results need to be echoed: echo mysql_error();

Just to clarify, the mysql_error() function can be added like this: $qry="SELECT * FROM Customers WHERE Email='$email' AND Password='".md5($_POST['password'])."'"; $result=mysql_query($qry); echo mysql_error();

Did you try adding the mysql_error after the query is processed? Note that you'll need to comment out the header redirect so you can see any errors produced by PHP. //Login failed $_SESSION['errorsec'] = "Invalid email address or password"; //header('Location: ../Checkout'); //<-- COMMENT OUT THIS LINE

Have you seen the sticky post under the misc. section: http://forums.phpfreaks.com/forum/24-miscellaneous/ There's a post titled "http://forums.phpfreaks.com/topic/2307-good-programming-and-web-design-books/'>Good Programming and Web Design Books".

Is the password stored in the database hashed with md5()? You need to use the same hashing function. Side notes: mysql_ functions have been depreciated. You'll need to start looking into the alternatives. I would link to the PHP manual, but Google says there is harmful content on that website. Instead you can search Google for MySQLi and/or PDO. When querying a database, you need to escape any information which comes from an un-trusted source such as a form. Fields can be escaped with mysql_real_escape_string().

So you're not getting any errors? The code posted is missing a curly bracket: <?php }else{ //Login failed $_SESSION['errorsec'] = "Invalid email address or password"; header('Location: ../Checkout'); die(); } //<-- I added this bracket }else { die("Query failed"); } ?> If you don't see any errors, have you tried using mysql_error() to see if there are any MySQL errors. Note that the function needs to be called after the query is processed.

How about explode(): http://php.net/manual/en/function.explode.php

Have you tried using mysqli_error() to figure out what's going on? Do you get any errors? http://php.net/manual/en/mysqli.error.php

Is there a reason you don't want to use GET? If you must use POST, you could look into using HTML forms and buttons instead of the links.

Is the error caused by the missing "$" before "result"? <?php $result = mysql_query("UPDATE controle set chave_nei= chave_nei + 1"); ?> If not, what is the error you are receiving? Side note: the mysql_ functions have been depreciated. If you're not doing so already, you should start looking into the alternatives: http://www.php.net/manual/en/mysqlinfo.api.choosing.php

It looks like the OP posted the code in Reply 12. I don't see any references to $_POST or $_GET, so the removal of "register_globals" is likely the culprit.

Here's another quick tip. If you're not doing so already, you should debug with errors on and being displayed. On the script which processes the form submission, try adding the following at the top: <?php error_reporting(E_ALL); ini_set('display_errors', 1); ?>

If you want Photoshop to make the HTML file for you, there are many tutorials available online: https://www.google.com/search?q=convert+psd+to+html

The form most likely isn't the problem. The problem more likely resides in the script which processes the form submission. If you're looking for answers, you'll need to post that code.

First, I would recommend changing the values for your checkboxes. <td width=50%><input value=1 type=checkbox name=search_marital_status[] checked> Single - Never Married</td> <td width=50%><input value=3 type=checkbox name=search_marital_status[]> Married</td> <td width=50%><input value=5 type=checkbox name=search_marital_status[] checked> Divorced</td> When the form is submitted, you can loop through the $_POST['search_marital_status'] variable to get the values.

How are you reading in the data submitted through the form? Perhaps the removal of "register_globals" has something to do with the issue: http://www.php.net/manual/en/migration54.incompatible.php

It's a user-defined function. <?php function died($error) { //.... } ?>

There appears to be an extra curly bracket here: <?php } } //<-- extra bracket here if(strlen($message) < 2) { $error_message .= 'The message you entered do not appear to be valid.<br />'; } ?> Also, you should remove the error suppression character from the call to the mail() function. Instead, you should test if the mail was accepted for delivery. For example: <?php if(mail($email_to, $email_subject, $email_message, $headers)) { //mail queued successfully } else { //mail failed } ?>

Sorry, I think I misunderstood the question. Is the question is that you're getting "07:29:00" for the time instead of "00:29:00"? If so what is the code you're using to format the date? The following <?php $time = '03-10-2013 00:29:00'; echo strtotime($time) . '<br>'; echo date('d-m-Y H:i:s', strtotime($time)); ?> ...gives the following output: 1380785340 03-10-2013 00:29:00