wildteen88

field names should be wrapped in backticks (eg `field_name`) not quotes.

If you want the specification field to span all the rows, change your while loop to $rows = mysqli_num_rows($result); $i = 0; while ($row = mysqli_fetch_assoc($result)) { //need to format the date on this function //get NewsID echo "\n <tr> <td>$row[ProdNum]</td> <td>$row[PartNum]</td> <td>$row[ProdRangeF]</td> <td>$row[ProdRangeC]</td>\n"; if($i == 0) echo "<td rowspan=\"$rows\" valign=\"top\">$row[ProdSpec]</td>\n"; echo "</tr>\n"; $i++; }

Change $id = $_GET['id']; $id = mysql_real_escape_string($id); //$sql = "SELECT * FROM tbl_product WHERE pd_id = $'id'"; $sql = "SELECT * FROM `tbl_product` WHERE `pd_id` = '$id'"; to if(isset($_GET['id']) && !is_numeric($_GET['id'])) die('Forbidden'); $id = (int) $_GET['id']; $sql = "SELECT * FROM `tbl_product` WHERE `pd_id` = $id"; mysql_real_escape_string should only be used on strings, not numbers.

So you're uploading images, but when you save the image you remove the file extension! Why? Also by DDBB do you mean Database?

If you're retrieving values from a form and you have spaces in your field names. Your browser will convert the spaces to underscores, so you should use $_POST['first_name']

Yes $_SESSION can be multi-dimensional. It is the same as any other array

Open Apaches httpd.conf and look for the Listen directive. It should look like Listen localhost:80 Post what it says here. Also look at this post.

This is called a favicon

!isset and isset do the same thing, both check to see if a variable is defined and return true or false The only difference is to do with the ! operator.

When you retrieve Variables from urls you use $_GET not $_POST. $_POST is used to to retrieve data from forms (only if you set method="post" within your form tag). This line if($add == "addfriend") { Should be if(isset($_GET['add']) && $_GET['add'] == "addfriend") {

Have a look into setting up cronjobs perhaps.

Yes, if your product id is only supposed to contain a number then check it is a number before using it in your query. Example url: yoursite.com/product.php?pid=12324 This is the code I'd use to check to see if pid only contains a number if(isset($_GET['pid']) && is_numeric($_GET['pid'])) { $product_id = $_GET['pid']; // rest of your code here } else die('Product ID code invalid');

Something like preg_match('@^/([a-z]+)/([0-9]+)@i', $_SERVER['REQUEST_URI'], $matches); $url = "http://" .$_SERVER['HTTP_HOST'].$matches[0]; print $url;

Im not surprised if you have to do it to all variables judging by the code you posted above which I have quoted: extracting all superglobal variables is just as bad as enabling register_globals. What so hard in typing $_POST['username'] over $username? Taking short cuts like this just causes more problems in the long run and can make your code vulnerable to attack.

Change your rewrite rules to # matchs mysite.com/cars/bmw RewriteRule ^([a-z0-9-]+)/([a-z0-9-]+)$ displaypage.php?page=$1&sub=$2 [NC,L] # matches mysite.com/cars RewriteRule ^([a-z0-9-]+)$ displaypage.php?page=$1 [NC,L]

$sql = "SELECT COUNT(*) FROM Reviews WHERE ProductId LIKE $ProductId AND ReviewIsApproved=1";

You could use strpos $profileTXT = file_get_contents('/home/alport/public_html/'.$row['Username'].'/text/name.txt'); if(!strpos($profileTXT, 'Default User')) { echo 'Display profile here'; } else { echo 'do someting else, Default User present in file'; }

This thread maybe

Yes that is the only way. Web browsers ignore whitespace characters. nl2br converts new lines to a HTML line break tag <br />.

When WAMP is installed, it only configures Apache to parse .php files with PHP. To parse .html files as PHP, go to WAMP tray icon and select Apache > httpd.conf. Scoll down until you find this line AddType application/x-httpd-php .php Change it to AddType application/x-httpd-php .php .html Save the httpd.conf and restart the Apache service. Your .html files should now be parsed as PHP.

You'll have to setup a second rule for this, eg: RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d # matchs mysite.com/cars/bmw RewriteRule ^([a-z0-9-]+)/([a-z0-9-]+) displaypage.php?page=$1&sub=$2 [NC,L] # matches mysite.com/cars RewriteRule ^([a-z0-9-]+) displaypage.php?page=$1 [NC,L] To retrieve the sub catergory in displaypage.php you'll use $_GET['sub']

This is to do with variable scope. Functions have their own variable scope. To be able to use a variable set outside of a function you can, either define the variable within the function as global, eg: $myvar = 'hello'; function foo() { global $myvar; echo $myvar; } Or pass the variable to the function $myvar = 'hello'; function foo($var) { echo $var; } The same applies to variables set within a function. In order to retrieve variables that were defined within a function you can either define it as global (as shown above) or return the the value the variable, eg: function add_up($n, $y) { $result = $n + $y; return $result; } $result = add_up(5, 6); // OR echo add_up(5, 6); ?>

Make sure you're saving your PHP code within .php files. As for this issue You may need to add the following line 127.0.0.1 localhost to your hosts file, which is located in C:\Windows\System32\drivers\etc NOTE: To edit the hosts file in Vista you'll need to run your editor with Administrator privileges (right click your text editor icon and select run as administrator)

Generally you set localhost as the database hostname 99% of the time. ,All you need to provide is the name of the database that you setup in Cpanel. followed by your username and password for MySQL (this maybe the same as your Cpanel Account however check with your host about this). All other fields you can leave blank.

That will multiply $qty by 2 and then add it on to the current value of $this->volume For example, say $this->volume was set to 5 and $qty is set to 10, when the following is run $this->volume += ($qty * 2); $this->volume will equal 25