Ch0cu3r

You are almost there. Process the user login before you display the login form. If the query didn't return any results then set the $msg variable to your error message. In the form check that this variable exists and then echo it. <?php include('header.php'); include('config.php'); if (isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $query = "SELECT * FROM login WHERE user_name='$username' AND pass_word='$password' LIMIT 1"; $result = mysql_query($query) or die(mysql_error()); if(mysql_num_rows($result)) { header('location:stdrecord.php'); exit; } else { $error = "Wrong Username Or Password"; } } ?> <table class="login" align="center"> <tr> <td class="table1" > Student Information System</td> </tr> </table> <div class="table2"> <form method="post"> <table class="table3" align="center"> <?php if(isset($error)): ?> <tr> <td style="color: red; font-weight: bold"><?php echo $error; ?></td> </tr> <?php endif; ?> <tr> <td>Username</td> <td><input type="text" name="username"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password"></td> </tr> <tr> <td colspan="2" align="center"><input type="submit" name="submit" value="LogIn"></td> </tr> </table> </form> </div> <?php include('footer.php'); ?> When using using user input in SQL queries make sure you sanitize it using mysql_real_escape_string

Your are displaying the error in a div that has a CSS class of failure <div class="failure"> <?php if($date_failure_message){ echo $date_failure_message; }else{ echo 'You need to allow 24 hours between now and the selected booking date.'; } ?> </div> Apply a CSS definition in your stylesheet for .failure class .failure {background:#F00; padding:10px; margin-top:10px; font-weight:bold; color:#FFF;} /* Display red background with white text */

How are you running the PHP code? Are you loading the .php file directly into your browser? (eg the address bar starts with file://). Web browser do not understand PHP code, this is why I think you are seeing the code in the browser. In order to run PHP code on your computer you need to install a http webserver (such as Apache) that is configured with PHP. You can then run the .php files by going to http://localhost/.

You don't need separate pages. Only one. You can have the form submit to itself. When the form is submitted you add the course details to your database. Example <?php if(isset($_POST['submit'])) { // see what is in the _POST printf('<pre>%s</pre>', print_r($_POST, 1)); // add the course details to the database here echo 'TODO: Add course to database'; } ?> <!DOCTYPE html> <html> <head> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> <script type="text/javascript"> $(document).ready(function() { // on page load hide the fields within div#fields if($('input[name="course"]:checked').length === 0) { $('#fields').hide(); } // when user selects a course slide fields into view $('input[name="course"]').bind('click', function(e) { $('#fields').slideDown(); }); }); </script> </head> <body> <?php // list courses in an array $courses = array('DANSK', 'TYSK', 'MATEMATIK', 'ENGELSK', 'ANDET'); ?> <form method="post"> <div id="course"> <dt>Course: <?php // loop through courses and output radio button foreach($courses as $course): $checked = (isset($_POST['course']) && $_POST['course'] == strtolower($course)) ? ' checked' : null; ?> <dd><input type="radio" name="course" value="<?php echo strtolower($course) ?>" <?php echo $checked ?> /> <?php echo $course; ?></dd> <?php endforeach ?></dt> </div> <div id="fields"> <p>Type: <input type="text" name="type"></p> <p>Time: <input type="text" name="time"></p> <p>Desc: <textarea name="desc"></textarea></p> <p>Dlink: <input type="text" name="dlink"></p> <p><input type="submit" name="submit" value="Add" /></p> </div> </form> </body> </html> I have used JQueries slideDown animation for sliding the fields into view. You can use whatever animation you like.

Sounds like you want to have the results in an array rather than a concatenated list. I have modified the code for this however it is untested. <!DOCTYPE html> <html> <head> <style> body { background-color:#d0e4fe; } { a:link,a:visited { display:block; font-weight:bold; color:#FFFFFF; background-color:#98bf21; width:360px; text-align:center; padding:10px; text-decoration:none; border:2px solid; border-radius: 5px; } a:hover,a:active { background-color:#7A991A; } } </style> </head> <body> <?php if(!isset($_COOKIE['authorised']) || ($_COOKIE['authorised'] != 'true')) { ?> <center> <a href="secure.html"><img src="/images/badsmiley.png" alt="Smiley face" height=195 width=210></a> <b> <br /> <font face="Comic Sans MS" size="6" type="bold"> Åhhh nej!! <br /> Brugernavnet eller kodeordet er forkert! <br /> prøv igen, ved at klikke på smiley'en </font> </b> </center> <?php exit(); } elseif(isset($_COOKIE['authorised']) || ($_COOKIE['authorised'] == 'true')) { $host = "notpublic"; $db = "notpublic"; $user = "notpublic"; $pass = "notpublic"; if (!mysql_connect($host, $user, $pass)) { echo 'Could not connect to mysql'; exit; } mysql_select_db($db); $sqldansk = "SELECT * FROM listdansk"; $resultdansk = mysql_query($sqldansk); if (!$resultdansk) { echo "DB Error, could not list tables in dansk\n"; echo 'MySQL Error: ' . mysql_error(); exit; } $sqltysk = "SELECT * FROM listtysk"; $resulttysk = mysql_query($sqltysk); if (!$resulttysk) { echo "DB Error, could not list tables in tysk\n"; echo 'MySQL Error: ' . mysql_error(); exit; } $sqlmatematik = "SELECT * FROM listmatematik"; $resultmatematik = mysql_query($sqlmatematik); if (!$resultmatematik) { echo "DB Error, could not list tables in matematik\n"; echo 'MySQL Error: ' . mysql_error(); exit; } $sqlengelsk = "SELECT * FROM listengelsk"; $resultengelsk = mysql_query($sqlengelsk); if (!$resultengelsk) { echo "DB Error, could not list tablesin engelsk\n"; echo 'MySQL Error: ' . mysql_error(); exit; } $sqlandet = "SELECT * FROM listandet"; $resultandet = mysql_query($sqlandet); if (!$resultandet) { echo "DB Error, could not list tables in andet\n"; echo 'MySQL Error: ' . mysql_error(); exit; } Print "\n<!-- Start of Table -->\n"; Print "<table border=1 cellpadding=15 width=100%>\n"; Print "\n<!-- First row (Headings) -->\n"; Print "<tr>\n"; Print " <th width = 20%>DANSK</th>\n"; Print " <th width = 20%>TYSK</th>\n"; Print " <th width = 20%>ENGELSK</th>\n"; Print " <th width = 20%>MATEMATIK</th>\n"; Print " <th width = 20%>ANDET</th>\n"; Print "</tr> \n"; // Created this function to get the results from the queries function getResults(&$result) { $links = array(); if(mysql_num_rows($result)) { while($row = mysql_fetch_row($result)) { #$id=$row[0]; #$type=$row[1]; $time =$row[2]; $desc =$row[3]; $dlink = $row[4]; // add link to $links array $links[] = $time.' - <a href="'.$dlink.'">'.$desc.'</a>'; } } return $links; // return an array of links } $links = array(); $links['DANSK'] = getResults($resultdansk); // get links for dansk $links['TYSK'] = getResults($resulttysk); // get links for tysk $links['MATEMATIK'] = getResults($resultmatematik); // get links for atematik $links['ENGELSK'] = getResults($resultengelsk); // get links for engelsk $links['ANDET'] = getResults($resultandet); // get links for andet // loop through each link category // and count how many links it has $count = array(); foreach($links as $linkCategory) $count[] = count($linkCategory); // get the maximum number to loop $maxCount= max($count); // loop over maxCount printing the links for($i = 0; $i < $maxCount; $i++) { // get link for current loop position ($i) // check if link exists ? get the link : no link $endprt1 = isset($links['DANSK'][$i]) ? $links['DANSK'][$i] : '-'; $endprt2 = isset($links['TYSK'][$i]) ? $links['TYSK'][$i] : '-'; $endprt3 = isset($links['MATEMATIK'][$i]) ? $links['MATEMATIK'][$i] : '-'; $endprt4 = isset($links['ENGELSK'][$i]) ? $links['ENGELSK'][$i] : '-'; $endprt5 = isset($links['ANDET'][$i]) ? $links['ANDET'][$i] : '-'; // output the link for current position. print "<tr>"; Print " <td width = 20% align=center>".$endprt1."</td>\n"; Print " <td width = 20% align=center>".$endprt2."</td>\n"; Print " <td width = 20% align=center>".$endprt3."</td>\n"; Print " <td width = 20% align=center>".$endprt4."</td>\n"; Print " <td width = 20% align=center>".$endprt5."</td>\n"; print "</tr>"; } print "</table>"; } ?> </body> </html>

What is your question? Is this your code, or you have you randomly grabbed it from the internet?

What? Are you saying you have created a login form but you don't want the text in red to show? What is your current code?

The .= is the concatenation assignment operator http://php.net/manual/en/language.operators.string.php Example $var = 'hello '; $var .= 'world'; echo $var; // prints hello world // The .= is the same as $var = $var . 'world'; echo $var; I used this operator so as it loop through the results it'll add each download link to the $endprt* variable. So when you echo these variables in the table you'll see the links are listed.

You are better of asking that question over at phpbb.com. They will be more clued up on what source file(s) need to be changed for this.

You have not understood my reply. For each of your results (which are $resultdansk, $resulttysk, $resultmatematik, $resultengelsk and $resultandet) you need to use a separate while loop. Example while loop codes for the DANSK and TYSK columns // check that query for DANSK returned any results if(mysql_num_rows($resultdansk)) { $endprt1 = ''; // loop through all results for DANSK while($row = mysql_fetch_row($resultdansk)) { #$id=$row[0]; #$type=$row[1]; $time=$row[2]; $desc=$row[3]; $dlink=$row[4]; $dlink2='<a href="'.$dlink.'">'.$desc.'</a><br />'; $endprt1 .= $time.' - '.$dlink2; // concatenate each download link to $endprt1 variable } } else { $endprt1 = '-'; // no results for DANSK } // check that query for TYSK returned any results if(mysql_num_rows($resulttysk)) { ​$endprt2 = ''; // loop through all results for TYSK while($row = mysql_fetch_row($resulttysk)) { #$id=$row[0]; #$type=$row[1]; $time=$row[2]; $desc=$row[3]; $dlink=$row[4]; $dlink2='<a href="'.$dlink.'">'.$desc.'</a><br />'; $endprt2 .= $time.' - '.$dlink2; // concatenate each download link to $endprt2 variable } } else { $endprt2 = '-'; // no results for TYSK } //etc... // do the same for the $resultmatematik, $resultengelsk and $resultandet results

Just calling mysql_fetch_row on its own only returns the first record from the query. If your queries return more than one record you need to be looping through the results, eg $result = mysql_query(/* YOUR QUERY */); while($row = mysql_fetch_row($result)) { // process the results }

try echo $obj->data->{1000377128}->clan->clan_id;

To get the clan_id try echo $obj->data[1004089236]->clan->clan_id;

Yes you can surround the if/else with HTML code. So long as the file still has a .php extension and you are starting the session before you output the html. Example with html <?php session_start(); //start the session before the html ?> <html> <head> <title>Page title</title> </head> <body> <div id="container"> <div id="header"> <h1>Header</h1> <div id="nav"> <?php // output login or logout links here if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) { echo '<a href="logout.php">Logout</a>'; // output logout link } else { echo '<a href="login.php">Login</a>'; // output login link } ?> </div> </div> <div id="content"> page content </div> </div> </body> </html>

Why are you so concerned with escaping mysql_error. It does not run any SQL code within the query, It only returns a snippet of the sql query where the error has occurred. As vinny mentioned earlier the only person that should see this error message is you the programmer. If you have properly sanitized/validated the data before you start to use it within your SQL queries then no damage can be done, with the error that is returned. When your site goes live on a production server no error messages from PHP/MySQL etc should ever be displayed to the user. Instead you'd log the error and maybe send an email to the site owner notifying them of what went wrong so they can fix it. The end user should see a plain simple error message informing them something went wrong. They shouldn't see the actual error message(s) from PHP/MySQL

As you haven't set the forms submit mehtod (method="") <form name="myform" action="" method=""> and you have named your drop down menu as mydropdown <select name="mydropdown"> When the form has been submitted, then you'll get the selected value using $_GET['mydropdown']. If you set the forms submit method to post (method="post") you'd use $_POST['mydropdown']

As you output the Payment value you add it to a $total variable $total += $row['Payment']; // add current payment to total and then echo the $total Example $result = msyql_query('SELECT id, Payment FROM payment_table'); $total = 0; // init total to zero while($row = mysql_fetch_assoc($result)) { $total += $row['Payment']; echo $row['id'] . ' - ' . $row['Payment'] . ' - ' . $total . '<br />'; }

There is no standard built in feature for this. A simple example would be when a user successfully logs in you set a session variable like this $_SESSION['logged_in'] = true; To work out what link to show you check this session variable's value. If it is set to true then you output the logout link. Otherwise you output the login link. Example if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) { echo '<a href="logout.php">Logout</a>'; // output logout link } else { echo '<a href="login.php">Login</a>'; // output login link }

Why would you need to escape mysqli_error() for? It used to get the error message from MySQL when an error occurs. No, that function only escapes harmful characters which could be used to make SQL injection attacks. An alternative safer way to use user input in queries is to use prepared queries

I have converted the var_dump you provided to an array and the code you are using is returning index 7 for the id matches 4 $rows = array( array("id" => "24"), array("id" => "22"), array("id" => "12"), array("id" => "11"), array("id" => "8"), array("id" => "6"), array("id" => "5"), array("id" => "4"), ); $id = 4; foreach($rows as $index => $row) { if($row['id'] == $id) { $position = $index; break; } } echo $position; What is it you are trying to do? If you need to get specific record, why not just query the database for which record matches id of 4?

You can use xpath. Example usage <?php $xml = simplexml_load_file('users.xml'); if(isset($_POST['submit'])) { $username = $_POST['username']; $result = $xml->xpath('//users/user/username[. ="'. $username .'"]'); // search for the username in the <username></username> node // if xpath returned empty result (array) if(empty($result)) { echo 'Username is fine'; // username not found } else { echo 'User exists, please use another username'; // username found } } ?> <form method="post"> Username: <input type="text" name="username" /><br /> <input type="submit" name="submit" value="Search" /> </form> Example users.xml data <users> <user> <username>FooBar</username> <password>bananas</password> </user> <user> <username>JohnDoe</username> <password>apples</password> </user> </users>

You are getting that error because the query before line 64 either did not return any results or returned an error. Can you explain what you are trying to do. Using queries within loops is not very efficient.

Did you configured PHP to use an SMTP server when you moved to the new server? does you new server come configured with an smtp server to use?

Here you are setting the error if the booking time is not greater than 24 hours if ($booking_time > $time_restriction ) { // success .. } else { $dateZoneError = 'You need to book 24 hours'; $dateZoneError = true; } To stop the email/success message being sent you need to change $dateZoneError = true; to $hasError = true; Also the above if/else could be rewritten as just if ($booking_time < $time_restriction ) { $dateZoneError = 'You need to book 24 hours'; $hasError = true; }

I have tested you code for errors in editform.php and there are non. The problem is when you go to site.com/editform.php nothing is displayed due to this if (isset($_GET['Submit']) && $_GET['Submit'] == "Update") { // rest of page code here } It will only display the edit form if your go to editform.php using the following url site.com/editform.php?Submit=Update&id=1 . Where 1 relates to the record's id you're trying to edit in the nmrr table. What is the code for this?