Ch0cu3r

Spaces can be used but they will most likely end up being encoded to %20, which is just ugly, an alternative would be to convert all spaces to underscores. This will have to be done in your PHP code before the link is made, example $storeName = 'New Look'; $storeLink = '/store/' . str_replace(' ', '_', $storeName); // converts spaces to underscores in the store name echo '<a href="'.$storeLink.'">'.$storeName.'</a>'; For the rewriteRule to match you need to include an underscore in the pattern ^store/([a-z0-9_]+)$

Glad you go it sorted.

If you look at my code I replaced where you used $values with $_POST. There is no need to have the input duplicated in two different variables.

Make sure you have removed the comments from the two header() lines you commented out on post #11

It is possible to do that, it is called method chaining. Here is an example of how this is done. If you want your current code to compatible with future versions of PHP then now would be a good time to do so.

This is bit of the foreach loop does not seem right to me. foreach($fields AS $field=>$label){ //The following line is using the ternary operator, it's basically a shorthand if/else assignment. $errors[$field] = (!isset($values['store_name']) || !strlen($values['store_name'])) ? $errors[$label] = 'Mandatory field, input required!' : NULL; ... You are validating the the store_name field for every field in the in the $fields array? I think what you mean to do is loop through all the fields in $field, using the key for the index to $_POST and then setting the corresponding error message in the $fieldsErrorMsgs array when the field does not validate. First we need come up with better approach which the $fields and $fieldsErrorMesg arrays. Which would be to merge them together so that the $fields array is constructed like so $fields = array( 'store_name' => array( 'label' => 'Store Name', 'error' => 'Please enter a store name' ), ... ); The foreach loop will then constructed like this foreach($fields AS $field => $attr){ if(!isset($_POST[ $field ]) || empty($_POST[ $field ])) $errors[] = $field; // add current field to the $errros array, this will be used later on to display the error message for the field } To prevent creating a new record when a field does not validated we'll check to see if the $errors array is empty if(empty($errors)) { // add record to database } The loop for displaying the form fields should now be like foreach($fields AS $field => $attr){ //Print the form element for the field. echo "<label>{$attr['label']}:<br>"; //If the field had an error, display it. if(in_array($field, $errors)) { echo ' <span class="error">'.$attr['error'].'</span><br>'; } //Echo the actual input. If the form is being displayed with errors, we'll have a value to fill in from the user's previous submission. echo '<input type="text" name="'.$field.'"' . (isset($_POST[$field]) ? ' value="'.$_POST[$field].'"' : '') . ' /></label>'; }

@ginerjm if you look at the OP's code (post #10) you'll see the function is actually being defined @raymak What line is line 70? And what line is that function defined?

On line 45 you have left off the $ before result if (!$result) { As for the last error move the function definition so it comes before the while loop lines 66 ( echocsv($headers); ) For the the timezone error(s) that can solved by defining a default timezone for the date.timezone setting in the php.ini. If you dont have access to the php.ini then I think you can safely ignore it. But if you're doing anything with dates in your code then you will need to define a default timezone before using any date based functions.

You can have as many rewriterules as you like. The problem is each one needs to differentiate from each other. To do so you need add something in the url to differentiate the two types of urls, such as for stores have urls like site.com/store/store-id# RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^store/([a-z0-9-]+)$ /store.php?storeID=$1 [NC,L] # rule for stores RewriteRule ^([A-Za-z])([A-Za-z])([0-9]+)$ /webpage.php?webPageID=$1$2$3 [NC,L] # rule for member webpage You will have problems having the # in the url as anything after it is not sent in the request to the server.

First comment out the two header lines on 52 and 53. Next enable error reporting, change the first lines of you script to this <?php ini_set('display_errors', 1); error_reporting(E_ALL); include('dbcon.php') if (isset($_POST['export'])) { ... What output do you get now?

Okay, took a quick look at your code and I think the problem is with the call to header() on line 245 and 246. You cannot use header() after any output has been sent to the browser. When PHP get to this point it is most probably halted execution of script. If you enable error reporting it'll most likely spit out a Headers already sent error message. What you need to do is move the code responsible for exporting the data to csv (lines 195 to 289) so it is before any output. example <?php include('dbcon.php'); /* move code responsible for exporting data to csv on lines 195 to 289 to here, so it is before the line below */ include('inc/header.php'); ?> <div id="results"> <form id="searchform" action="" method="post"> ... EDIT: Notice moved the include for dbcon.php so it before the export csv code. You will need to do that otherwise your queries will fail

Okay, so the POST data is reaching index.php but the problem then is your code posted in post #3 is not being ran at all it seems. There is most likely a flaw in your codes logic, can you post (or attach) index.php in full so we can take a look further.

You're getting those notices because $_FILES wont be populated with any data until the form has been submitted. To prevent the notices you need wrap your form processing code inside a condition example if(isset($_FILES['csv'])) { // process form data // insert data from csv file into the database } You can automate the insertion of contents of the CSV file by using the MySQL LOAD DATA INFILE query clause. Example code if (isset($_FILES['csv'])) { // import the contents of the csv file into the database $result = mysql_query(" LOAD DATA INFILE {$_FILES['csv']['tmp_name']} # the tmp csv file INTO requisition # the table to insert the data to FIELDS TERMINATED BY ',' ENCLOSED BY '\'' # describe how the fields are separated and what character the values are enclosed by IGNORE 1 LINES # ignore the first line - which is usually used for the column headings "); // check the query did not fail if(!$result) { trigger_error('DB Error: Cannot import csv contents to database - ' . mysql_error()); } // check that query did add the data to the table if(mysql_affected_rows()) { header('Location: import.php?success=1'); exit; } // for some reason no data was added to the table else { echo 'Data was not added to the table!'; } }

Weird it seems for some reason the script is not receiving the POST data. What is the output of printf('<pre>%s</pre>', print_r($_POST, true));

im so fucking confused right now

Why are you executing the query twice here if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } $result = mysqli_query($con,$sql); You only need to execute it once $result = mysqli_query($con,$sql)); // check that the query executed if(!$result)) die('Error: ' . mysqli_error($con)); // will be better of using trigger_error instead Is this code used to generate the headings for each column in the csv? /* * output header row (if atleast one row exists) */ $row = mysqli_fetch_assoc($result); if ($row) { echocsv(array_keys($row)); } Instead you should use mysqli_fetch_fields, otherwise you will loose out on the first row $headers = array(); foreach(mysqli_fetch_fields($result) as $field) $headers[] = $field->name; echocsv($headers); You're using the while loop incorrectly here. /* * output data rows (if atleast one row exists) */ while ($row) { echocsv($row); $row = mysqli_fetch_assoc($result); } mysqli_fetch_assoc should be used as the condition while (row = mysqli_fetch_row($result)) { echocsv($row); }

Why? That is what is causing the Anitmalware/phishing text.

Well it is either something in the code (hard to tell without seeing code) or some thing on your computer is causing the text appear.

So what are you asking? Are you saying the Antiphishing Filter and Antimalware Filter text is being injected into your page from your antimalware software?

You wouldn't have two separate queries. Instead you'd use a JOIN to get the user profile picture. An Example query SELECT s.stream_username, s.stream_time, s.stream_status, # get the username, time and status from the streams table u.profile_picture # get the profile_picture from the users table FROM stream s LEFT JOIN users u ON u.user_username = s.stream_username # join the users table, where the username matches in the user and stream tables ORDER BY s.stream_id DESC And you'd loop over the results as you normally would $sql = 'SELECT s.stream_username, s.stream_time, s.stream_status, u.profile_picture FROM stream s LEFT JOIN users u ON u.user_username = s.stream_username ORDER BY s.stream_id DESC'; $result = mysql_query($sql); while($row = mysql_fetch_array($result)) { $tha = $row['stream_time']; $time = strtotime($tha); echo "<tr><td><img src=\"{$row['profile_picture']}\" /><b>" . $row['stream_username'] . "</b></tr></td>" . " <tr><td>" . $stream_pp . "</td><td>" . $row['stream_status'] . " " . humanTiming($time) . $msg; echo "<br></tr></td>"; } echo "</table>";

These four lines need to go inside of your showName function $rsTot = (float)$_POST['rsTot'];// float more forgiving int $rsSurvived = (float)$_POST['rsSurvived']; $rsSum = $rsTot - $rsSurvived; $rsRatio = 0;

I think you're confused. Once you have wamp/xampp installed you do not need to be connected to the internet. http://localhost is a local loop back address.

if you query returns more than one record then you can use'd use a loop to iterate over the results, Example // loop over the records returned by the query while($row = mysql_fetch_assoc($result)) { $title = $row['title']; // get the title for current record $name = $row['name']; // get the name for current record $category = $row['category']; // get the category for current record echo "$title - $category - $name<br />"; } But what are wanting to edit the values to?

No, HTML is used for creating the inputs. PHP is used for retrieving the data entered into the form fields when the form has been submitted. You can also use PHP to generate the HTML for the input fields, example $fields = array('firstname', 'surname'); foreach($fields as $field) { echo ucwords($field) . ': <input type="text" name="'.$field.'" /><br />'; // generate a text input field for current item } The code you posted is correct. You are most likely entered the PHP code in a .html file. Most servers are not configured to interpret .html files as PHP code. You should save your file with a .php file extension. Or you are directly opening your .php file directly in the browser. PHP is a server side language, HTML is a client side language. Web browsers only know how to parse client side languages. PHP on the other hand needs be parsed by the http server, which is why it requires a server environment. If you are new to PHP you can install a package such as wamp or xampp which will allow you to run your PHP code locally on your computer. Otherwise you will need to upload all your sites files to a webhost and you test your code that way. You could generate the radio buttons using PHP, similar to my example code I posted above.

Download an all-in-one package such as wamp or xampp. Place all your html/php files in the www/htdocs folder, add your data to MySQL database using phpmyadmin (usually accessed via http://localhost/phpmyadmin) and then run your code by accessing http://localhost.