benanamen

OP already stated in another thread that she doesn't care about programming or if it's right as long as it works. Fellow experts are just wasting your time with this.

You're seriously wasting your time with this obsolete insecure code.

We are not going to do your homework for you. What have you tried?

You need to talk to your professor or whoever and tell them they are teaching you code that has been deprecated for over a decade and won't even work at all in the current version of Php.

Your code is junk. Toss it. It is obsolete and insecure and vulnerable to an SQL Injection Attack and has been completely removed form Php. You need to use PDO. It is not fixable. https://phpdelusions.net/pdo

What do you mean Guru?

Rather than copping an attitude at people that are trying to help you for FREE, why don't you just answer the question? From what you provided, it logically doesn't make sense, at least not to me. It appears to be an XY problem. You can see my signature for an explanation of that.

Isn't that the real problem? Where is the logic in that?

Try SELECT DISTINCT product_name_column, total FROM products

No one is going to be able to solve your problem with the code YOU think we need to see. I won't even get into why you should not be using IIS as your server. Also, what changed yesterday from the day before?

Correct me if I am wrong, but shouldn't this line if (!isset($_POST[$required_param])) be if (empty($_POST[$required_param])) isset checks if a variable isset AND is NOT NULL If the form is submitted without filling out a required field, the POST for that field will be isset with an empty string making it not null so it will never throw an error.

That tutorial is complete obsolete junk. Throw it away now and don't spend another second with it. You need to use PDO. They also want you to use MD5 to "encrypt" your password which is also very bad. There is no 'fixing' this code. That 'tutorial' should be removed from the internet. https://phpdelusions.net/pdo

Your code is complete junk. Obsolete, Insecure, and has been completely removed from php. You need to use PDO. https://phpdelusions.net/pdo

@Jaques1, I like what you did with the foreach for missing parameters. That saves a lot of repetitive error checks. In your example you go with if not errors continue/else show errors. Any reason not to do the opposite and go with if errors display them/else continue processing. Thinking in logical and positive order (if errors), if there are errors, it seems handling the errors would be step two and not step three. Does it even matter?

I understand what your asking. My question is, why do you want to do this? What is the overall task you are trying to accomplish? And I don't mean how you are trying to accomplish it. I sense an XY Problem. See my signature for explanation.

Perhaps you should refer to the manual. You have buried yourself in so much code you can't think straight. http://php.net/manual/en/datetime.diff.php <?php $datetime1 = new DateTime('2009-10-11'); $datetime2 = new DateTime('2009-10-13'); $interval = $datetime1->diff($datetime2); echo $interval->format('%R%a days'); ?>

While you are at it, stop using if(isset($_POST['btn_submit'])){ And start using $_SERVER['REQUEST_METHOD'] == 'POST' You can research on your own why. There is detailed info on the subject in this website.

To be clear, you do agree $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack right? In your experience, have you ever known $_SERVER['SCRIPT_NAME'] to be unsafe in any cases, edge or otherwise? That would seem key. What about in the case where an index.php includes all the pages from $_GET? i.e. index.php?p=contact (Code reference: https://forums.phpfreaks.com/topic/302370-router-any-issues-comments/) Would you advocate always hard coding the index.php name instead of the following: <form action="<?= $_SERVER['SCRIPT_NAME'] ?>?p=<?= $_GET['p'] ?>" method="post"> You specifically mention the frontend. I pretty much only do backends with the previously noted code link so I don't do URL rewriting. Is there any case with the previous style AND Url rewriting that would be a problem?

Your code is all sorts of wrong. I will just point out a couple things. $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack. You need to use $_SERVER['SCRIPT_NAME'] It appears you are sending user supplied data directly to the database. That is a huge no-no. You have quite a bit of redundant SQL

Why are you querying the users table twice. You are just overwriting the first query. You need to ORDER BY on the column you want sorted by. You don't need to manually close the DB connection. It will close automatically when the script finishes running. Also, select specific column names, not SELECT * and use the column name results, not row[0]. Who the heck is going to know what you're dealing with when reading the script?

http://sims.net/ ???? All that is there is a useless broken outdated site with next to no information or a contact number. Is this a third party company that you do business with or does it belong to you? If it's third party I would be highly sceptical of trusting my business to them based on what I see there. As long as we are at it, how about attaching a zip of those php files you listed. Some people on here don't like to download zips but I will sandbox it before I open it. How locked into this "System" are you? There are much better booking systems available. * Does this have anything to do with the SIM's reality simulator game?

You have a much bigger problem. You are using obsolete insecure Mysql code that has been completely removed from Php. You need to use PDO with prepared statements. https://phpdelusions.net/pdo

The problem is you have class='row' in the foreach loop so it creates a new row for each record.

Ok, got it. Long day in front of the computer. Could you please attach the entire script. Are these the certain events and is this the order of display? Tornado Warning, Severe Thunderstorm Warning, Flash Flood Warning, Flood Warning

What are the specific nodes that you want?