benanamen

Correct me if I am wrong, but shouldn't this line if (!isset($_POST[$required_param])) be if (empty($_POST[$required_param])) isset checks if a variable isset AND is NOT NULL If the form is submitted without filling out a required field, the POST for that field will be isset with an empty string making it not null so it will never throw an error.

That tutorial is complete obsolete junk. Throw it away now and don't spend another second with it. You need to use PDO. They also want you to use MD5 to "encrypt" your password which is also very bad. There is no 'fixing' this code. That 'tutorial' should be removed from the internet. https://phpdelusions.net/pdo

Your code is complete junk. Obsolete, Insecure, and has been completely removed from php. You need to use PDO. https://phpdelusions.net/pdo

@Jaques1, I like what you did with the foreach for missing parameters. That saves a lot of repetitive error checks. In your example you go with if not errors continue/else show errors. Any reason not to do the opposite and go with if errors display them/else continue processing. Thinking in logical and positive order (if errors), if there are errors, it seems handling the errors would be step two and not step three. Does it even matter?

I understand what your asking. My question is, why do you want to do this? What is the overall task you are trying to accomplish? And I don't mean how you are trying to accomplish it. I sense an XY Problem. See my signature for explanation.

Perhaps you should refer to the manual. You have buried yourself in so much code you can't think straight. http://php.net/manual/en/datetime.diff.php <?php $datetime1 = new DateTime('2009-10-11'); $datetime2 = new DateTime('2009-10-13'); $interval = $datetime1->diff($datetime2); echo $interval->format('%R%a days'); ?>

While you are at it, stop using if(isset($_POST['btn_submit'])){ And start using $_SERVER['REQUEST_METHOD'] == 'POST' You can research on your own why. There is detailed info on the subject in this website.

To be clear, you do agree $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack right? In your experience, have you ever known $_SERVER['SCRIPT_NAME'] to be unsafe in any cases, edge or otherwise? That would seem key. What about in the case where an index.php includes all the pages from $_GET? i.e. index.php?p=contact (Code reference: https://forums.phpfreaks.com/topic/302370-router-any-issues-comments/) Would you advocate always hard coding the index.php name instead of the following: <form action="<?= $_SERVER['SCRIPT_NAME'] ?>?p=<?= $_GET['p'] ?>" method="post"> You specifically mention the frontend. I pretty much only do backends with the previously noted code link so I don't do URL rewriting. Is there any case with the previous style AND Url rewriting that would be a problem?

Your code is all sorts of wrong. I will just point out a couple things. $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack. You need to use $_SERVER['SCRIPT_NAME'] It appears you are sending user supplied data directly to the database. That is a huge no-no. You have quite a bit of redundant SQL

Why are you querying the users table twice. You are just overwriting the first query. You need to ORDER BY on the column you want sorted by. You don't need to manually close the DB connection. It will close automatically when the script finishes running. Also, select specific column names, not SELECT * and use the column name results, not row[0]. Who the heck is going to know what you're dealing with when reading the script?

http://sims.net/ ???? All that is there is a useless broken outdated site with next to no information or a contact number. Is this a third party company that you do business with or does it belong to you? If it's third party I would be highly sceptical of trusting my business to them based on what I see there. As long as we are at it, how about attaching a zip of those php files you listed. Some people on here don't like to download zips but I will sandbox it before I open it. How locked into this "System" are you? There are much better booking systems available. * Does this have anything to do with the SIM's reality simulator game?

You have a much bigger problem. You are using obsolete insecure Mysql code that has been completely removed from Php. You need to use PDO with prepared statements. https://phpdelusions.net/pdo

The problem is you have class='row' in the foreach loop so it creates a new row for each record.

Ok, got it. Long day in front of the computer. Could you please attach the entire script. Are these the certain events and is this the order of display? Tornado Warning, Severe Thunderstorm Warning, Flash Flood Warning, Flood Warning

What are the specific nodes that you want?

What is the URL to the XML file?

You only created one column. You need this... <div class="row"> <div class="col-md-3">col 1</div> <div class="col-md-3">col 2</div> <div class="col-md-3">col 3</div> <div class="col-md-3">col 4</div> </div>

You know, a link to SIMS would be helpful. A search for SIMS booking gives 466,000 results. The script you use to get the data could also helpful.

Are you really going to make us drag info out of you post by post? WHAT MIS? IS THERE AN API? Getting this right starts with the datasource, not your attempt at how to handle it. See the XY Problem in my signature.

All fine and good and as it should be. What I am saying and others would say, is use CSS for the layout you want, not HTML. i.e: <table><tr><td>..... There is nothing more I can say other than that.

As previously asked, What MIS system and is their an API available? Is that the complete DB schema? If so, you are missing tables and have other problems to fix to get it right.

You are using obsolete Mysql code that has been completely removed from PHP. You need to use PDO with prepared statements. Post your current DB schema. I cannot tell if you just posted random MIS data or if that is your DB structure as well. If that is your DB it is not correct and needs to be fixed before going further. https://phpdelusions.net/pdo * More details on exactly which MIS would be helpful. I assume it means Managment Information System, which one? Is there an API?

What you are talking about sounds more like Ajax inline table editing with dynamic table row creation. Of course this can be done if it's what you really want. This is what I believe you are referring to but I dont think this is what the OP is trying to do. http://talkerscode.com/webtricks/demo/demo_add-edit-and-delete-rows-from-table-dynamically-using-javascript.php

How is a FORM tabular data? Let's not lose sight of where we started. The OP is using a table for LAYOUT/PRESENTATION when he should be using CSS.

I would say that about sums it up. Just like you "could" use <font size = "" color=""></font> or mysql_*, but you know not to.