fastsol

Have yo uactually verified that the output on the style sheet is what you expect it to be, or are you judging it by a simple refresh and not seeing the chagnes on the screen? It might be a chache issue. Second, in the code examples above you go back and forth between $AccentColor1 and $AccentColour1, notice the u difference in the name. Make sure you have all you vars labeled correctly.

Without any of your code it's impossible to tell you much of anything. I would start by turning display_errors ON in the php.ini file so that you can see what errors the script is finding.

What you are asking for is fairly involved to build. You basically need a simple shopping cart and paypal IPN integration. Here is a tutorial for the shopping cart http://www.youtube.com/playlist?list=PL0A34371AA1BE4FEF and one for the paypal IPN http://www.youtube.com/playlist?list=PLC121B382EC5F372C The paypal specific code in the IPN tutorial is old paypal code that no longer works for them, I answered another post on here about that http://forums.phpfreaks.com/topic/280248-paypal-ipn-doesnt-update-database/ You'll need to combine the 2 tutorials to make the kind of system you need.

I have a tutorial on file download, you'll just need to edit how you get the file name in the script to use your database, beyond that it's pretty easy. http://amecms.com/article/PHP-Force-File-Download-With-File-Whitelist

I have a ready to go Ajax style contact form that i distribute http://amecms.com/article/Easy-to-use-contact-form-with-validation

You need quotes around 'meat' in the if()

The errors were probably always there but the free host likely has error reporting turned off.

Check this out http://css-tricks.com/video-screencasts/95-a-tale-of-border-gradients/

Here is your rank code. echo ($profile_data['vip'] == 1) ? 'Premium' : (($profile_data['type'] == 1) ? 'Admin' : 'Standard'); As for setting the topic as solved, I don't know for sure cause I have never started a topic on here, only answered them. From what I can tell there should be a button under each reply that allows you to mark it as "Answered", you're suppose to choose the reply that best answered the topic issue, beyond that I couldn't tell ya what to do.

I didn't even try to diagnose the issue, but I can tell you that you should seriously scrap this whole thing and start over with something that is actually secure and built correctly. You are totally wide open for sql injection and security is NONE in your case. There are some good video tutorials on youtube from phpacademy and betterphp, I would suggest starting there.

You need to use the WHERE clause in the queries, that way you are checking for that specific aid in the db. Also your is_numeric check is pointless, just cast the post to an int like you are (without the trim()), when you runt the query it will filter out if the album actually exists. if (empty($_POST['aid'])) { $errors [] = '<h5 style="color: red;">* You forgot to select an album.</h5>'; } else { $aid_entry = (int)$_POST['aid']; $aq ="SELECT `aid` FROM `cpg15x_albums` WHERE `aid` = $aid"; $ar = mysqli_query($dbc3, $aq);// or die("Error: ".mysqli_error($dbc3)); if (mysqli_num_rows($ar) == 1) { $aid = $aid_entry; } else {$errors[] = '<h5 style="color: red;">* Album number error.</h5>';} } else {$errors[] = '<h5 style="color: red;">* Album string error.</h5>';} I also moved some things around and got rid of pointless lines and code.

Use the ORDER BY. Clause in your query to sort it by whatever column you want.

You forgot to put the ; at the end of those 2 lines

Something like this <?php $host = "localhost"; $user = "testuser"; $pass = "test"; $db = "testuser"; $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!"); mysql_select_db($db) or die ("Unable to select database!"); $query = "SELECT * FROM locations ORDER BY id DESC"; $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); define('COLS', 4); $col = 0; echo '<table border="2px"><tr><th>Owner Name</th><th>Location</th><th>URL</th></tr>'; echo '<tr>'; while ($rows = mysql_fetch_assoc($result)) { $col++; if ($col == COLS) { $col = 1; echo '</tr><tr>'; } echo '<td class="center">', $rows['name'], '</td>'; echo '<td class="center">', $rows['location'], '</td>'; echo '<td class="center">', $rows['url'], '</td>'; } echo '</tr>'; echo "</table>"; A couple things, use mysql_fetch_assoc() instead of mysql_fetch_array(), it will reduce the amount of items in the array by half cause it will only return an array with the keys as the names of the columns in the db. Then you reference the array key by the column name like I have in the example above. Also the <center> tag has been removed long ago and many browsers don't even use it or understand it anymore, you should be using css for such things now. In the example I used class="center" so you would make a css style named center and put in text-align: center; for it's attribute. If you need more info on css there are tons of tutorials if you google.

session_register() is not a used function anymore in php, now you simply just set a session var like $_SESSION['username'] = 'whatever' The header issue is likely cause of the mysql_error being output to the screen, fix the sql error and it should go away. And yes this looks correct $sql="SELECT * FROM $tbl_name WHERE wcdname='$wcdname' and pword='$pword'"; It is also very good practice to put backticks around column and table names like this $sql="SELECT * FROM `$tbl_name` WHERE `wcdname`='$wcdname' AND `pword`='$pword'"; Plus always CAPITALIZE statements or functions names in the query like WHERE, AND, FROM, stuff like that.

It's saying that the username column doesn't exist in your db (not the info in the column but the column name itself), you might have spelled it differently or with a capital, either way it's not username

Where do you get the value for $tbl_name in the query? Change this line $result=mysql_query($sql); To this and see what the error tells you. $result=mysql_query($sql) or die(mysql_error());

How are you distinguishing between the 3 ranks, your db is only set to be 1 or 0 for the `type`, that would only work for 2 ranks unless `vip` is for premium?

That is a cool trick! Is that how many of the big sites do it when they say go to www.example.com/contact or something like that?

Great, glad it worked right away for you. The $valu thing is really just for diagnostics during testing, development and for future diagnostics if you find consistent errors coming across, you can look at what was sent everytime by paypal and diagnose from there. I even have a testing script i use when making complex stuff for the ipn cause you can't get error feedback when the ipn script is live.

I know of the tutorial you watched as I was a long time member on that forum too. The code Alex uses is very outdated for paypal, hence the new stuff I linked to. Here is a reworked version using your code and the new paypal stuff. I also added some security. Plus a couple lines of code to build a string of data for the posted vars to be inserted into the db. You'll need to add a column in your db `log` table to hold this info and set it as text type. This will allow you to see everything that paypal is sending and their according names and values. I commented the areas in the code below. <?php //reading raw POST data from input stream. reading pot data from $_POST may cause serialization issues since POST data may contain arrays $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode ('=', $keyval); if (count($keyval) == 2) $myPost[$keyval[0]] = urldecode($keyval[1]); } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if(function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exits = true; } foreach ($myPost as $key => $value) { if($get_magic_quotes_exits == true && get_magic_quotes_gpc() == 1) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&$key=$value"; } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://www.paypal.com/cgi-bin/webscr'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.paypal.com')); // In wamp like environment where the root authority certificate doesn't comes in the bundle, you need // to download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path // of the certificate as shown below. // curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem'); $res = curl_exec($ch); curl_close($ch); if (strcmp ($res, "VERIFIED") == 0) { // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment // Assign posted variables to local variables $item_name = mysql_real_escape_string($_POST['item_name']); $item_number = mysql_real_escape_string($_POST['item_number']); $payment_status = mysql_real_escape_string($_POST['payment_status']); $payment_amount = mysql_real_escape_string($_POST['mc_gross']); $payment_currency = mysql_real_escape_string($_POST['mc_currency']); $txn_id = mysql_real_escape_string($_POST['txn_id']); $receiver_email = mysql_real_escape_string($_POST['receiver_email']); $payer_email = mysql_real_escape_string($_POST['payer_email']); $user_id = (int)$_POST['custom']; // Our user's ID set to int assuming it's supposed to be a number. if ($payment_status == 'Completed') { // Builds a string to insert into the db so you can see everything that has come across from paypal. // Pairs are separated by commas and paired key-to-value with a / forward slash foreach($_POST as $k => $v) { $valu.= $k.' / '.$v.', '; } $txn_id_check = mysql_query("SELECT `txn_id` FROM `log` WHERE `txn_id` = '".$txn_id."'"); if (mysql_num_rows($txn_id_check) !=1) { if ($receiver_email == '[email protected]') { if ($payment_amount == '0.01' && $payment_currency == 'EUR') { // add txn_id to database // Add a column to hold the $valu var info $log_query = mysql_query("INSERT INTO `log` VALUES ('','".$txn_id."','".$payer_email."', '".$valu."') "); // update premium to 1 $update_premium = mysql_query("UPDATE `users` SET `vip` = 1 WHERE `user_id` = '".$user_id."'"); } } } } } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation //$db->query("INSERT INTO `".PURCHASES."` SET `test` = 'not valid response'"); } ?>

Just do some basic diagnostics then, first you need to sanitize the value of your post. According to your select menu it's an integer but I assume that is just an example, so you need to use mysql_real_escape_string() and then add mysql_error() after the query to see why the query is failing. $ea_name = mysql_real_escape_string($_POST['ea_name']); $myData = mysql_query($sql); echo mysql_error();

The code you are using to talk with paypal is outdated. I ran into the same problem initially. Here is a link to the current code straight from paypal https://developer.paypal.com/webapps/developer/docs/classic/ipn/ht_ipn/ and a link to the current pdf documentation https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/ipnguide.pdf Do you have a sandbox account to test with at paypal? If not you will want to sign up for that so you can do live testing of your script. Make sure to add "sandbox." to the form action in front of the paypal.com and also in the ipn page on this line $ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr'); Then once it's all working you remove the sandbox part and it will go back to normal workings on the main paypal site. Honestly I have done a fair amount of testing with the ipn and sandbox and I still find it confusing so you may get very frustrated with this before you're done.

Yes you would want to validate this on php side, java side would be pointless and could easily get by. Are you processing the form on the same page as the form? Here is a example of how to work this. if($_SERVER['REQUEST_METHOD'] == "POST"){ // Pick up the form data and assign it to variables $name = stripslashes($_POST['name']); $email = stripslashes($_POST['email']); $tel = $_POST['telephone']; $comments = stripslashes($_POST['message']); $field = strtolower($_POST['field']); $spam_check = 'love'; if($field == $spam_check){ // Build the email (replace the address in the $to section with your own) $to = '[email protected]'; $subject = "The Vintage Affair Web Quote enquiry"; $comments = "Name: $name \nEmail: $email \nTelephone: $tel \n\nDetails: $comments"; $headers = "From: [email protected]" . PHP_EOL . "Reply-To: [email protected]"; // Send the mail using PHPs mail() function mail($to, $subject, $comments, $headers); // Redirect header("Location: thankyou.html"); } else{ echo 'Spam check failed!'; } } Also I do have a premade fully validated contact form that I distribute at http://amecms.com/article/Easy-to-use-contact-form-with-validation

Your site!