maxxd

You would do this (for the events drop-down): echo buildSelectOptions('events', getEvents(), 27); Remember that the last parameter in the buildSelectOptions() function is the currently selected option. Where that comes from is completely up to you - database, user input, or imagination. Go nuts. You can also not pass anything to that parameter, and the first option in the select element will be selected by default. The array parameter $options is not optional in the function definition of buildSelectOptions(), so if you pass it anything other than an array (including not passing it anything at all), the script will fail and display an error. Passing an empty array simply outputs an empty select object. It's printed to screen where the code says "echo buildSelectOptions(...". 'echo' prints a string to screen. No idea. Are your queries returning any data? To answer your other questions, 'events' and 'moods' are strings, not variables. They're used to set the name and id attributes of the resulting select elements. And, as Barand explained, the $ret variable is locally scoped - in other words, that variable doesn't exist outside of the function it's defined within. So you can use the same variable name in as many different functions as you want, as long as you don't want the data that variable contains to persist.

I don't know Laravel, but it certainly looks like a function that gets all the data from a table called Flight, then passes that data to a template file that is rendered to the user.

Drop the in-line height attributes on the images. You could also (and I'm not sure if this'll work, it's just an idea) set your #bannerImage{x} divs to display: flex, flex-direction: column, and align-items: stretch. Again, not sure if that will work because it's early and I've not tried it, but it could. One more thing while I'm thinking about it - I'd consolidate the repeated style info from #bannerImage1 and #bannerImage2 into a class (.bannerImageWrap, maybe?) and assign that class to both. You can then overwrite the defaults for either or both divs using the id.

Have you tried using flexbox? It takes a little getting used to, but can do what you're asking, and is supported by all modern browsers - though (of course) if you're supporting IE 10 you'll need to use prefixes and if IE 9 or lower is important, stick with floats. But like I said, modern browsers have no problem with flex.

Right, but the thing is - especially with passwords - you want to hash the submitted value before you send it over the line to the database. So use password_hash() before you insert the value into the database, then password_verify() after you retrieve it (and before you log a user in). Also, encryption of passwords should be a one-way thing; you should never be able to decrypt a user's password. That way, if the database is compromised, the hacker isn't getting any useful password information. If the user has forgotten their password, a new temporary one should be generated for a set amount of time, during which the user can log in to the system (using the auto-generated temporary password), and reset his or her permanent password. Which again, should be hashed (or encrypted - there's a difference between the two, but it's early and I can't rightly recall exactly what that difference is) before being sent to the database.

That's my question. I'm not judging, and the intent may be completely benign, but it sounds like "Help me create a CSRF script, please".

What's the overall goal here? Because honestly, it kinda sounds shady.

To add to it, your call to mysql_query() - which you shouldn't be using anyway; see QuickOldCar's note about Mysqli or PDO - is malformed. You're sending the second half of your query as the second parameter to the function. The second parameter of mysql_query() is an optional connection identifier. Also, don't use mysql_*.

You're creating a race condition by checking the supplied username and email before inserting the data. Just make sure your database has a unique constraint that covers the username and email columns, and try to insert the record. If the insert fails because of the constraint, you know that username/email combo already exists. And obviously you're not going to want to display the mysqli error directly to the user if the prepare() fails for whatever reason.

What does the response say in FireBug? Could be an error in the get_booking script - the response should let you know.

You are correct - keyword, not reserved word. Of course, I still think it's a bad idea to use as an identifier.

This is off topic, true, but why does the column 'year' (which is a reserved word in MySQL, by the way) not contain a year value? 'College' isn't a year, 2015 is a year.

Where are you stuck? wsdl basically is SOAP, so the usage is pretty much the same. ini_set('soap.wsdl_cache_enbled',0); ini_set('soap.wsdl_cache_ttl',0); try{ $opts = array( 'trace' => true, 'exceptions' => true, 'cache_wsdl' => WSDL_CACHE_NONE, 'soap_version' => SOAP_1_2, ); $client = new SoapClient($apiAddress,$opts); $params = new stdClass(); $params->param_a = 'Testing'; $params->param_b = 'Still testing'; $results = simplexml_load_string($client->InputFunction($params)->ReturnValues); }catch(SoapFault $e){ print("<p>Error: {$e->getMessage()}</p>"); } This is assuming the return values are XML-formatted.

If you're just beginning with php, I'd recommend using PDO over MySQLi. It's an easier interface to wrap your head around, and not limited to one database as MySQLi is. Basically, what you're going to want to do is create a prepared statement using the user ID stored in session, query the database using prepared statement, and echo the resulting data to the page. If you're up for the learning curve, check out a templating system for the data display (for instance, Twig) - it takes some getting used to but if you're just starting to learn, you may as well learn good habits from the get-go.

First and foremost, php won't be parsed on pages with an .html extension unless the server is specifically set up to do so, which is a waste of resources as then every .html page will be passed through the php parser. So, if you're going to be dynamically building output, you'll need to change the extension to .php. As for the previous post, add the following error_reporting(-1); ini_set('display_errors',true); to index.php, before the line include('db.class.php'); and after the opening <?php tag and see what that has to say.

First off, it certainly doesn't look like this is a method within an object, so $this doesn't point to anything. Other than that, we've really no way of telling because none of the code you've posted contains the logic. It's all display, so we can't see what objval() is expecting or is expected to return. Turn on error reporting by placing the following at the top of your script and see what that has to say. error_reporting(-1); ini_set('display_errors',true); In fact, you reference $this->objval() in several places - are any of them working? Because, again, this doesn't appear to be a method of an object.

That's it - thank you! I knew there was something I should've remembered about PHP_SELF...

Unfortunately, the closest you can come to a prepared statement in WordPress is their prepared statement. So, you could do $gemeente = isset($_GET['gemeente']) ? sanitize_text_field($_GET['gemeente']) : ''; global $wpdb; $sql = " SELECT location , value , COUNT(*) as total FROM {$wpdb->prefix}rg_lead_detail INNER JOIN ( SELECT lead_id ,value as location FROM wp_rg_lead_detail WHERE field_number = 11 ) loc USING (lead_id) WHERE field_number IN (8,16,20) AND value <> 'Selecteer uw lied!' AND location = '%s' GROUP BY location, value ORDER BY total, location DESC LIMIT 10"; $posts = $wpdb->get_results( $wpdb->prepare( $qry, $gemeente ) ); Which is at least a bit safer - you've run the user input through the sanitize filter, and you've kinda used a prepared statement. If I'm not mistaken, the prepare() method does use mysqli_real_escape_string() at least before plopping the value into the query string. Still not the safest, but definitely better than what's currently happening. Note that I switched the total and location values in Barand's ORDER BY clause. This should take care of your order question, though it's untested and I've only had one cup of coffee, so no guarantees... According to the WP codex entry:

$curPg = $_SERVER['PHP_SELF']; // OR $curPg = $_SERVER['REQUEST_URI']; while($cat_rs = mysqli_fetch_assoc($cat_query)){ print("<li><a href='index.php?page={$cat_rs['link_name']}'"); if($cat_rs['link_name'] == $curPg){ print(" class='active'"); } print(">{$cat_rs['name']}</a></li>"); } You can use PHP_SELF or REQUEST_URI depending on what's stored in the 'link_name' column of your administration table. Or, you may have to do a bit more finessing on the data before the comparison. The important thing is that you get the current page and compare it to the value of link_name. If they match, you're on the current page and append the active class to that link.

Just making the previous statement a bit more specific.

Try running this code - comment out everything else on your page, paste this at the top of the page, and let us know what it says in your browser when you submit the form to this page. <?php error_reporting(-1); ini_set('display_errors',1); if(isset($_POST['submit'])) { $errors = validate_input(); display_form($errors); }else{ print("<p>POST is not set</p>"); } function validate_input() { if(empty($_POST['fname'])){ $errors['fname'] = "<span class='error'>Please enter your first name.</span>"; } return $errors; } function display_form(array $errors){ if(!empty($errors)){ print("<pre>".print_r($errors,true)."</pre>"); }else{ print("<p>No errors!</p>"); } }

Just out of curiosity, what can IE run correctly that Chrome can't? Because that sounds remarkably backwards from my experience...

No. Use the code I gave you. The if() statement is pretty clear in that post.

Use empty() if(empty($_POST['fname'])){ $errors['fname'] = "<span class='error'>Please enter your first name.</span>"; } Please note that I updated your code to HTML5 and assumed you would use stylesheets, instead of deprecated markup and inline styling as is currently the case.

Can't recommend enough not using the wizards. I've used DreamWeaver since before Macromedia released the studio bundle, and only used the wizards once in all that time (I keep using DW because I got used to the code coloring and, well, I already have it... Though admittedly I'm looking at different IDEs now). The pre-buit code is bloated, confusing, and badly written. I honestly think you'll be much better off hand-coding any changes you need made.