ignace

Please post your code in its entirety

I'm just saying that having the same information (username) scattered across the database is a bad idea much more so when a simpler solution is at hand

if($checkUser == '0' || $Password != $checkUserInfo[Password]) { $errors[] = "Username or Password is incorrect"; } Should do the trick

You can also use buttons <button type="submit" name="state" value="1">Kansas</button>

echo "<tr><td><a href=\"GetEmp.php?UniqueID=$EmpID\">$Name</a></td>

Page 2: It's to verify this page first as the variable names now match the value of name=".." make sure they are named correctly throughout the script <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Uploadform</title> </head> <body> <?php include 'conexxion.php'; function clean($value) { $value = strip_tags($value); $value = htmlentities($value); $temp = @mysql_real_escape_string($value) ? $value = $temp : $value = addslashes($value); return $value; } $_POST = array_map('clean', $_POST); extract($_POST); $request_time = isset($_SERVER['REQUEST_TIME']) ? $_SERVER['REQUEST_TIME'] : time(); // sql insert die je in de database gaat doen $sql = 'INSERT INTO Survey_1 (Bedrijfsnaam, Kvknr, Telefoonnummer, Emailadres, Contactpersoon, Adres,' . 'Jaar_van_oprichting, Postcode, Plaats, Datum, IP, Admin_en_Belastingadvies, Huidige_situatie, Wie_doet_dit_1,' . 'Wat_kost_dit_1, Wie_doet_dit_2, Wat_kost_dit_2, Wie_doet_dit_3, Wat_kost_dit_3, Wie_doet_dit_4, Wat_kost_dit_4,' . 'Wie_doet_dit_5, Wat_kost_dit_5) VALUES (' . "'$bnaam','$kvk','$tel','$email,'$contpers','$adres','$jaar','$pcode','$plaats','$datum','$ip','$abadvies', '$stat','$wie1','$kost1','$wie2','$kost2','$wie3','$kost3','$wie4','$kost4','$wie5','$kost5')"; //uitvoeren van de query : $result = mysql_query($sql); if ($result) { echo "<b>Het bedrijf $bnaam is met success opgeslagen.</b>", '<p>Kies een bestand/factuur dat u wilt uploaden en druk vervolgens op volgende.</p>'; } ?> <form name="form1" enctype="multipart/form-data" method="POST" action="766.php"> <input name="bnaam" type="hidden" value="<?php echo $bnaam; ?>"> <input name="uploadNeed" type="hidden" value="<?php echo $uploadNeed;?>"> <?php // start of dynamic form if (isset($_POST['uploadNeed'])) { $uploadNeed = intval($_POST['uploadNeed']); for ($i = 0; $i < $uploadNeed; ++$i) { echo '<div><label>Kies een bestand: <input type="file" name="userfile[]"></label></div>'; } } ?> <p>- Indien u op de vorige pagina " 0 " heeft ingetoetst, druk dan gewoon op de onderste knop om verder te gaan.</p> <p>- Als u op de vorige pagina teveel heeft ingevoerd voor het uploaden negeer de rest van de uploads, u hoeft niet alle vakken te gebruiken.</p> <input type="submit" name="Submit" value="Bestand versturen"> <p>* Mocht u een fout melding krijgen over email of dergelijke, ga dan terug naar de <a href="javascript:history.go(-1);">vorige</a> pagina en gebruik een andere e-mail adres, het is mogelijk dat deze al in gebruik is. </p> </form> </body> </html>

I re-wrote page 3 have a look function my_form_add_error($error, $form_name = 'default') { $_SESSION[$form_name][] = $error; } function my_form_get_errors($form_name = 'default') { return isset($_SESSION[$form_name]) ? $_SESSION[$form_name] : array(); } function my_error_handler($errno, $errstr, $errfile = '', $errline = 0, array $errcontext = array()) { if ($errno === E_USER_ERROR) { echo "#$errno: $errstr ($errfile:$errline)"; exit(0); } } set_error_handler('my_error_handler'); $cwd = dirname(__FILE__) . DIRECTORY_SEPARATOR; $directory_name = date('d.m.y'); $directory_path = $cwd . $directory_name . DIRECTORY_SEPARATOR; if (!is_dir($directory_path) && !@mkdir($directory_path, 0644)) { trigger_error("Kon de map $directory_name ($directory_path) niet maken", E_USER_ERROR); } if (isset($_FILES['userfile'])) { $allowed_ext = array(); foreach ($_FILES['userfile']['error'] as $key => $value) { $name = $_FILES['userfile']['name'][$key]; if ($key === UPLOAD_ERR_OK) { $tmp_name = $_FILES['userfile']['tmp_name'][$key]; $ext = pathinfo($name, PATHINFO_EXTENSION); if (!in_array($ext, $allowed_ext)) { my_form_add_error("Ongeldige extensie voor bestand $name (" . implode(', ', $allowed_ext) . ')'); } if (!move_uploaded_file($tmp_name, $directory_path . $name)) { if (chmod($directory_path, 0644)) { // probeer te chmodden naar 0644 if (!move_uploaded_file($temp_name, $directory_path . $name)) { my_form_add_error("Kon het bestand $name niet uploaden"); } } } } else { my_form_add_error("Het bestand $name is niet of slechts gedeeltelijk geüpload, probeer opnieuw"); } } }

You can also accomplish this by using CSS. Give each div a class so they all have the same width and add float: left; If the total size of your divs is greater than it's containing div then it will be automatically be pushed to the next line.

if (!mysql_select_db($databaseName)) { //database not present or no server (MySQL) connection }

You should make the Username column a unique key to prevent that. You need to store the 'last access' date/time in the online table as well. You would UPDATE the last access date/time on every page request to keep it current. You can then check and remove records in the online table that have a last access date/time older than a value you pick (typically 10-20 minutes is used.) You can apply this method to your users table aswell just add a last_access field and update on each request. UPDATE users SET last_access = now() WHERE id = $uid To select all 'logged in' users: SELECT username FROM users WHERE unix_timestamp(last_access) + 300 > now() A user is allowed 5 minutes to be idle before he is considered logged out

Because in Mchl's example it will die() when you have a query error. In your example the script ends (blank page) whenever mysql_num_rows() returns 0

Yes³. No. 1. Add a field signup_date (DATETIME) to your people table 2. function get_latest_signups($number = 10, $db = null) { $number = intval($number); $number = 0 === $number ? 10 : $number; $latest_registrations = array(); $query = "SELECT name, profileurl FROM people ORDER BY signup_date DESC LIMIT $number"; $result = mysql_query($query, $db); if ($result && mysql_num_rows($result)) { while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $latest_registrations[] = $row; } } return $latest_registrations; } $latest_signups = get_latest_signups(); foreach ($latest_signups as $user) { echo '<a href="', $user['profileurl'], '">', $user['username'], '</a>'; }

That's because you should use \" instead of "

That would be: !=

You where on the right track the correct is: <form action="index.php"> <input type="hidden" name="site" value="clans"> <input type="hidden" name="action" value="clanregister"> <input type="hidden" name="cupID" vlaue="<?php echo $dl['ID']; ?>"> <select name="clanID"> <option><?php print $clan; ?></option> </select> <input type="submit" value="Go"> </form>

LOL I laughed at: elseif($state =! 1){ $state = !1 <=> $state = 0 which means that the body (between { and }) of elseif($state = !1) never executes $synopsis = substr($row['story'],0,50); Is not a good idea you could get: while the long text would have been Use $synopsis = substr($row['story'], 0, strpos($row['story'], ' ', 50)); It also looks nicer if(substr($row['story']) > 50) /* OR */ if(substr($row['story'] > 50)) 'hello world' > 50 <=> 0 > 50 = always false in both above cases. You probably meant: if(strlen($row['story']) > 50)

There aren't any traditional methodologies specific for webdevelopment. Possibly because a small website never needs the help of any software engineering methodology and is possibly just overkill. The real advantage can be found in large, enterprise-grade websites (or web applications). My recommended reading: OO Analysis & Design (by Grady Booch) Applying UML and Patterns (by Craig Larman)

function my_generate_username($prefix) { return $prefix . implode('', array_rand(range(0, 9), 3)); } $usernames = array_map('my_generate_username', array_fill(0, 12, $usr_username)); // generate 12 usernames (~$usr_username[0-9]{3}) // return all taken usernames $query = 'SELECT usr_username FROM core_users WHERE usr_username IN (' . implode(', ', $usernames) . ')'; $result = mysql_query($query); if ($result) { $row_count = mysql_num_rows($result); if (0 === $row_count) { // none of the generated usernames were taken $free_usernames = array_rand($usernames, 3); // select 3 usernames from the collection } else { while (list($username) = mysql_fetch_array($result, MYSQL_NUM)) { $key = array_search($username, $usernames); if (false !== $key) { unset($usernames[$key]); // already taken } } $free_usernames = array_rand($usernames, 3); } print_r($free_usernames); }

if it's in the form $array[0]['Stat']; function stat_get_max($stat_array) { $max = 0; if (!is_array($stat_array)) return $max; $sizeof = sizeof($stat_array); for ($i = 0; $i < $sizeof; ++$i) { $max = $stat_array[$i]['Stat'] > $max ? $stat_array[$i]['Stat'] : $max; } return $max; } $max_stat = stat_get_max($stat_array); The sorting will not be possible. Are you retrieving this from a database? Then add this to your query: ORDER BY Stat DESC For the above you can add: max(Stat) AS max_stat to your query to get the max

Try: echo "<a href=\"profile.php?userid={$row['userid']}\">" Also remember for valid HTML use " around values for attributes (href)

echo '<select name="select">'; echo '<option value="1">Size 9" - '.$row["price"].'</option>'; echo '<option value="2">Size 12" - '.$row["price"].'</option>'; echo '<option value="3">Size 14" - '.$row["price"].'</option>'; echo '</select>'; // $prices = array(1 => '', 2 => 4.39, 3 => 5.59); if (isset($_POST['select'])) { if (isset($prices[$_POST['select']])) { echo 'You have selected price ', $_POST['select'], '(', $prices[$_POST['select']], ')'; } }

echo '<p><a href="profile.php?id=',$row['id'],'">',$row['surname'],' ',$row['firstname'],'</a></p>';

www.google.com is a human-friendly version of an IP-address in order to translate www.google.com to an IP-address it uses reverse DNS lookup. To do that it reverses the URL and prepends a dot and asks their DNS server for the IP-address (every server in the network knows atleast one DNS server) .com.google.www A URL is normally www.google.com. but the extra dot in the end is optional and your browser will append it (http://www.google.com./) The first dot refers to the root-servers (ARPA) and they have the IP-addresses of every top-level domain server (com, be, net, org, ..) these individual top-level domains have the IP-address of every domain (google, phpfreaks, ..) these in turn have the IP-address of the actual server (www, www2, www3, ..) it's also possible to add more and get an URL like: ignace.developers.community.mazeltov.forum.domain.com You find these URL in academic communities but are rarely used by companies as an internet address (intranet is possible) due to usability reasons (to hard to remember).

My Tips: 1. Constructor should never do real work 2. The $encrypt = false|true is IMO bad use encrypt() and decrypt() instead or if that's not possible use a separate class for each. 3. If your using PHP5 then make everything PHP5 (format appropriatly) 4. MD5 is for hashing not encryption/decryption and dictionary lookups don't count (+ are to slow) see http://stackoverflow.com/questions/1240852/is-it-possible-to-decrypt-md5-hashes

There are a few ways you can do this however how do you want to keep track of these errors? Do they go into a file? multiple files? Please be more specific