benanamen

Your site/server has several security issues and you are vulnerable to Click Jacking. You should also run your pages through an html validater. You have some code issues. The site is also not mobile friendly (Not responsive design).

You are using deprecated code that will not work at all in the latest version of Php. You need to use PDO with prepared statements or Mysqli.

@Jaques1, I am not sure I am getting what you said as to why. Could you please provide a case example. * And if there are worlds outside the USA, they should just be using our date format anyways.

OP, while I am pondering the response from @Jaques1, the SQL I said would not require two query's is simply SELECT column1, column2, date_format(date_column, '%m/%d/%Y') as date FROM stats Regardless of the date formatting, better to select the specific column names you want rather than SELECT *

It doesn't require another query. Post your current query.

You can get it straight from the database the way you want it. SELECT date_format(date_column, '%m/%d/%Y') as date @Jaques1, why go through code gymnastics to format the date when the DB can easily give it to you the way you want? Surprised you didn't mention date_format.

You could always just remove the two lines where you are setting time limits.

@Barand, it was supposed to say form "element". He is missing an opening tag for a fieldset. I didn't use the code tags because the code was highlighted and formatted. "bovine excrement!" LOL! I will have to use that one.

I concur. Very bad grammar. Very hard to understand what you were saying.

You are using fieldset and legend wrong. There is only ONE fieldset and ONE legend per form. You should work on your code formatting. It will make it easier to read. There are several established styles to chose from. You can see a list of them here: http://www.terminally-incoherent.com/blog/2009/04/10/the-only-correct-indent-style/ Also, you keep escaping out of Php when you are still in Php. Formatted code from your last code post: <?php ini_set('display_startup_errors', 1); ini_set('display_errors', 1); error_reporting(-1); ?> <? session_start(); if ($_SESSION['user'] == '') { header("Location:login.php"); } else { include("config.php"); $sql = $dbh->prepare("SELECT * FROM employee WHERE emp_id=?"); $sql->execute(array( $_SESSION['user'] )); while ($r = $sql->fetch()) { echo "<div class='home-content'>"; echo "<center><h2>Hello, " . $r['username'] . "</h2>"; echo "<a href='logout.php'>Log Out</a></center>"; echo "</div>"; } } ?> <?php $hostname = ''; $username = ''; $password = ''; $db = new PDO("mysql:host=$hostname;dbname=", $username, $password); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // if form is submitted update task details if ($_SERVER['REQUEST_METHOD'] == 'POST') // was data sent { if ($_POST['descrip'] != '') { try { $sql = "UPDATE task SET customer_name = ?, customer_phone = ?, customer_address = ?, date_of_repair = ?, description = ?, status = ? WHERE task_id = ?"; $stmt = $db->prepare($sql); $result = $stmt->execute(array( $_POST['customer_name'], $_POST['customer_phone'], $_POST['customer_address'], $_POST['date_of_repair'], $_POST['descrip'], $_POST['status'], $_GET['task_id'] )); if ($result && $stmt->rowCount() !== 0) { $msg = 'Task has been updated successfully'; } else { $msg = 'Sorry unable to update task.'; } } catch (PDOException $e) { $db->rollBack(); die($e->getMessage()); } } } // return the task which matches $_GET['task_id']; $sql = $dbh->prepare(" SELECT task_id , customer_name , customer_phone , customer_address , date_of_repair , description , status FROM task WHERE task_id = ?"); $sql->execute(array( $_GET['task_id'] )); $sql->setFetchMode(PDO::FETCH_ASSOC); // fetch the row from the result $row = $sql->fetch(); function emps_assigned_by_taskid($db, $task_id) /******************************************* * function to list employees with checkboxes - checkbox is checked if they are assigned to the task ********************************************/ { $sql = "SELECT e.emp_id, e.emp_name, IF(a.emp_id IS NULL, 0, 1) as isAssigned FROM employee e LEFT JOIN assignment a ON e.emp_id = a.emp_id AND a.task_id = ?"; $stmt = $db->prepare($sql); $stmt = $db->prepare($sql); $stmt->execute(array( $task_id )); $emps = ''; foreach ($stmt->fetchAll() as $row) { // if isAssigned is set to 1 then set the checked attribute, otherwise leave blank $checked = $row['isAssigned'] == 1 ? ' checked="checked" ' : ''; $emps .= "<input type='checkbox' name='emp_id[]' value='{$row['emp_id']}'{$checked}> {$row['emp_name']}<br>"; } return $emps; } ?>

$data is only a count. Your actual data is in $result. These are wrong: $data['FirstName']

Lets forget the code a minute. Your standing next to the arrival/departure board at XYZ Airport. Now tell your buddy standing next to you what you want to know about it in a simple complete explanation. I am still not grasping what your wanting to know about the information. Something like: We are at airport XYZ on 3-6-2015. There is an arrival coming from HHN at 16:15 and then it is leaving to TPS at 18:35. I WANT TO KNOW................??????

If the form is POST'd as most forms are, the value will be in POST, not GET.

Times you are giving dont even exist in the database. There is no 13:25 or 22:25 anywhere in the data.

Its not clear how your data output correlates. Please provide a detailed description of the previous post. So far I have this output:

Give me an example of what the correct output looks like from that table.

Can you post an sql dump of your db please. I meant the the end goal, not how you are trying to get there. What should the correct result look like?

What is the overall goal? It looks like you are not going about this the right way.

You can only have ONE where. Second one should be AND BAD: WHERE tp.status = '1' WHERE td.entry_year = '2016' GOOD: WHERE tp.status = '1' AND td.entry_year = '2016'

Now that t is clear exactly what is being talked about...... Unchecked check boxes will not exist at all so that statement fails in that instance as well. After hours of painstaking translation of @Jaques1 "english", I was able to come up with something a programmer could understand. echo base64_decode('U291bmRzIHByZXR0eSBjbGVhciB0byBtZTogWW91IHJlY29tbWVuZCBhZ2FpbnN0IHRlc3RpbmcgZWFjaCBpbmRpdmlkdWFsIGZpZWxkIHdpdGggaXNzZXQoKS4gQW5kIEkgc3Ryb25nbHkgZGlzYWdyZWUgd2l0aCB0aGF0Lg0KIA0KTXkgcG9pbnQgaXMgdGhhdCBpbmNvbXBsZXRlIHN1Ym1pc3Npb25zIGRvIGhhcHBlbiBhbmQgc2hvdWxkIGJlIHRyZWF0ZWQgbGlrZSBhbnkgb3RoZXIgaW5wdXQgZXJyb3IgKGRpc3BsYXkgYSBwcm9wZXIgZXJyb3IgbWVzc2FnZSwgZW1pdCBhIDQwMCBjb2RlIGV0Yy4pLiBZb3UgY2Fubm90IHJlbHkgb24geW91ciBmb3JtcywgYmVjYXVzZQ0Kc29tZXRpbWVzIGZvcm0gZmllbGRzIGdldCBibG9ja2VkIGJ5IGJyb3dzZXIgcGx1Z2lucyAoYXMgaW4gbXkgZXhhbXBsZSkNCmV4cGVyaWVuY2VkIGNsaWVudHMgbWF5IHNlbmQgdGhlIGRhdGEgd2l0aCBjVVJMIG9yIGEgdXNlciBzY3JpcHQgcmF0aGVyIHRoYW4gc3VibWl0dGluZyB5b3VyIGZvcm0gKHdoaWNoIGlzIHBlcmZlY3RseSBsZWdpdGltYXRlKQ0KdGhlIGNsaWVudCBtYXkgaGF2ZSBjYWNoZWQgb24gb2xkIHZlcnNpb24gb2YgdGhlIGZvcm0NCkFsbCB0aG9zZSBjYXNlcyBzaG91bGQgbGVhZCB0byBhIHByb3BlciBlcnJvciBtZXNzYWdlLCBub3QgYSBwaWxlIG9mIFBIUCB3YXJuaW5ncyB3aGlsZSB5b3UgdHJ5IHRvIOKAnHZhbGlkYXRl4oCdIGZpZWxkcyB0aGF0IGRvbid0IGV2ZW4gZXhpc3QuDQogDQpPSz8gSWYgeW91IHN0aWxsIGRpc2FncmVlLCB0cnkgdG8gbWFrZSB0ZWNobmljYWwgYXJndW1lbnRzLiBNeSBFbmdsaXNoIHN1Y2tzPyBNZWgu');

Your mistake is in trying to determine a duplicate client based on an address. A client should have some unique identifier. An address can have several units or suites so it cannot be unique to a client. Additionally the same exact address can exist across city's or states. In a normalized database you would have street names in it's own table with a unique index on the street name and then do an INSERT IGNORE to that table when adding new clients street names. In your form you could use an AJAX auto-complete for the street name field that would pull any existing street names If your database is setup correctly it would be impossible to insert duplicate anything.

I have to agree. I had to read the response several times to make sure who the response was directed to. @Jaques1 has shown over and over again a VERY high degree of expert knowledge even in highly technical subjects, even to the point I have suspected he is or was an operative for the NSA, CIA, or MI6. I have yet to find him wrong about anything and trust me, I have tried to challenge him a couple times only to find out he was absolutely right.

The second way. The first one is a <?= str_rot13('Pyhfgre Shpx') ?>

OP, Just learned something new. if(isset($_POST['submit']) can FAIL in Internet Explorer if form is submitted with all empty fields, and there is no name attritbute for submit therefore anything within that code will fail since it will never run. The no fail way is to do: if($_SERVER['REQUEST_METHOD'] == 'POST') I am digging deep into if ($_POST) to see if there are any issues I don't know about with that method.

Problem is here if($_POST){ Delete it. Your form tables are bad as well. All your tables are missing closing tags No closiing tr or td's, or table. And you shouldnt be using a tables for your forms. Use CSS. And you should probably switch around your if else post to if($_POST) instead of the negative if not post. Also, there is no need to create all those useless variables.