radi8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <?php if ($_POST['submit']) { require_once('db_connect.php'); if (empty($_POST['email'])) { echo "didnt enter email"; } else { $e = trim($_POST['email']); } if (empty($_POST['pass'])) { echo "Didnt enter pass"; } else { $p = trim($_POST['pass']); } if (@$e && @$p) { $q = "SELECT user_id, first_name FROM users WHERE email='$e' ANd pass=SHA1('$e')"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 1) { $row = mysqli_fetch_array($r); } else { echo "youre not in the db"; } } }//end of if post submit if (empty($email)) { $errors[] = "you didnt enter EMAIL<br />"; } else { $e = trim($email); } if (empty($pass)) { $errors[] = "Didnt enter PASS<br />"; } else { $p = trim($pass); } if (empty($errors)) { $q = "SELECT user_id, first_name FROM users WHERE email='$e' AND pass=SHA1('$p')"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 1) { $row = mysqli_fetch_array($r); $data=array(true, $row); } else { echo "Youre not in the DB"; $data= array(false, $errors); } } if ($data) { setcookie('user_id', $data['user_id']); setcookie('first_name', $data['first_name']); header("Location: index.php"); exit(); } ?> <h1>Login</h1> <form action="login.php" method="post"> <p>Email address <input type="text" name="email" /></p> <p>Password <input type="text" name="pass" /></p> <p><input type="submit" name="submit" /></p> </form> ?> </body> </html>

Well, that's how I interpreted it, sorry. Maybe he should be more explicit.

or use the sql order by

put a button to fetch the next set of 15, and the sql code can be researched here: http://dev.mysql.com/doc/refman/5.1/en/select.html

I will also go out on a limb and assume that the user is using a CMS system. If so, then look throughthe CMS addon's and find the one that will do what you need. Making or changing functinality of a base CMS object is not for the feint of heart. Someone has already done the work you need, it is a matter of finding it and installing it. If you truly need a custom mod, I am sure you can pay someone to do it for you.

not really apropos to the question. The comparison is exactly like the that for an integer: $test_email =$_POST['posted_email']; $val = ($test_email=$customer->email?,0,1); Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'customer` SET `guest`=$val WHERE `email`= $customer->email'); // OR $test_email =$_POST['posted_email']; if($test_email==$customer->email){ Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'customer` SET `guest`=0 WHERE `email`= $customer->email'); }

This appears to mean that there is already an entry in the table that matches the one you are creating. Ensure that you are not duplicating a record's primary index.

Change the query and remove the inner join. Do one like: SELECT a . * , b . * FROM tbl1 a, tbl2 b WHERE a.id = b.id LIMIT 0 , 30

I do not think that it is a problem with the SQL since you ran it in PHPMyAdmin and got results. just for the heck of it, try removing these lines: mysql_query("SET NAMES 'utf8';", $conn) or die ("Unable to set names."); mysql_query("SET CHARACTER SET 'utf8';", $conn) or die ("Unable to set charset."); and add the following: $count=mysql_num_rows($result); echo 'Results: '.$count.'<br>';

Well, live and learn my friends.

This $_POST value was probably inside another if statement and may not have been executed (prior if returned false or something). What you may want to do is assign the $_POST value to a static variable in an area of your code that is triggered by any page load and then reference that variable in the line 48 statement.

How about: <html> <?php // Reference that div below me. // Manipulate it. // Write it back in its same location, but with new code around it. ?> <div id="something_to_be_referenced"> <?php print $Something_to_be_ replaced; ?> </div> </html>

This seems simple enough as long as the fonts are available on the site. Put the available fonts in a drop down list or something and then do something like: echo "<font face=".$_POST['fontval'].">Text</font>

Since PHP is server side scripting (all processing on the server and then delivered to the client), what you are asking is not feasible with PHP without doing a page reload. BUT... the way I was able to do this was with div tags and javascript since javascript is client side and will control the layout without a page reload.

I am embarrassed to ask, but... what is the syntax to add links to a signature?

this: <?php $output .= "<td>'Today'</td>\n"; // echo 'Today'; }else if ($date_compare == $date_yesterday) { $output .= "<td>'Yesterday'</td>\n"; // echo 'Yesterday'; ?> has NOTHING to do with database output. It looks like you are referring to the current server date/time stamps. Gotta be clear on what you ask for.

SQL is a ligical search engine and the wild cards you are using will return anything that pattern matches what was input. If you do not want the B156_ tables, then with the B15 input, add the '_' to the string literal: $blabla=$search.'_'; Then the $sql= ... WHERE Tables_in_bkv45 LIKE '$blabla%' "; will retrieve only tables that have strin patterns of B15_xxxxx.

2nd page, add: <?php //resultDetail.php $sql_server= "localhost"; $sql_user = "*******"; $sql_pass = "******"; $db = "profiles"; $root_url="http://www.trilakesmc.com/intranet/profiles/images/"; //Root url to the images directory (with trailing slash) // ADD THIS LINE $email=$_GET['email']; // END ADD $link = mysql_connect($sql_server, $sql_user, $sql_pass); if (! $link) die ("Couldn't connect to mySQL"); mysql_select_db($db, $link); $query = "SELECT * FROM users WHERE email = '$email'"; $result = mysql_query($query); $row = mysql_fetch_row($result); ?> <html> <head> <title>Details for <?php print ("$row[0] $row[1]");?></title> </head> <h2 align="center"><font color="#000000"><?php print ("$row[0] $row[1] ($row[2])");?></font></h2> <body text="#FFFFFF"><br><br> <?php for ($i = 0; $i < 8; $i++) { if ($row[$i] =="") $row[$i] = "Not Specified"; }?> <div align="center"> <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="600" id="AutoNumber1" bgcolor="#0099CC" bordercolorlight="#000099" bordercolordark="#3333CC"> <tr> <td width=150><p align="right">Name:</p></td><td width=450><?php print ("$row[0] $row[1]");?></td> </tr><tr> <td width=150><p align="right">Email:</p></td><td width=450><a href="mailto:<?php print $row[2];?>"><?php print $row[2];?></a></td> </tr><tr> <td width=150><p align="right">Business Phone:</p></td><td width=450><?php print $row[5];?></td> </tr><tr> <td width=150><p align="right">Department:</p></td><td width=450><?php print $row[3];?></td> </tr><tr> <td width=150><p align="right">Picture:</p></td><td width=450><?php if ($row[6]=="Not Specified") { print ("Not Specified"); } else { ?><p align="center"><img src="<?php print $root_url; print $row[6];?>"></p><?php }?></td> </tr><tr> <td width=150><p align="right">Hobbies:</p></td><td width=450><?php print $row[4]?></td </tr> </table> <form><input type="button" onClick="window.open('edit.php?email=<?php print $row[2];?>','mywindow','width=700,height=500,scrollbars=yes')" name="edit" value="Edit Profile" style="font-size: 2mm"</form><br> <form><input type="button" onClick="window.close()" name="close" value="Close Window"></form> </div> </body> </html> ?>

Well, I am not sure but it appears as though you are putting the UNIX_TIMESTAMP in the wrong place. I would try: $date = UNIX_TIMESTAMP($someDate); INSERT INTO `restrictions` (`userid`,`enforcer`,`topics`, `posts`, `timeout`) VALUES ('1','1','1', '1', $date)

Be sure to initialize these variables at the top of the page or section where they are being used. These variables exist in the code but when the form processed they were not referenced or used. Since they are in the form cache state table, it generates a WARNING. If you initialize the variables somewhere that they will always be touched by the process, then these warnings will go away.

Very odd indeed. I am sure that these files and folders actally DO exist, so check see that the reference string CASE matches the actual CASE of the file/folder, i.e. staff/Images != staff/images.

Well, one thing that you can do is prevent any type of html in your text fields. it wold be a relatively simple thing to make a function to 'wash' all text field data to prevent specific characters/keywords/phrases, i.e. search for '<script' and if it exists, kill the text . The hard part is determining all the places where this can occur at and squashing it at the source.

Use this at the top of you code page: <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); ?> It will tell you what is wrong and where in the code the problem is.

Well, in the if statement, you need to have 2 '=' to do the comparison, like so: <?php if($n==$_POST["xDDDD"]){ echo("<font color='ff0000'>".$n."</font><br>......"); } ?>

For a mysql databse, this appears to be a valid command sequence for PDO since the mysql_real_escape_string() prepares the string so that mysql doesn't barf on the value: <?php <?php $color='red'; $cal=150; /* Execute a prepared statement by passing an array of values */ $sth = $dbh->prepare('SELECT name, colour, calories FROM fruit WHERE calories < ? AND colour = ?'); $sth->execute(array(150, mysql_real_escape_string($color)); $red = $sth->fetchAll(); ?> ?>