Jessica

You should turn global variables off and do $email = $_GET['email']; Is it email or Email? Caps matter. Do you get the error message or just nothing?

You could also try: $query = "INSERT INTO facility_cameras (facilityid, cameraid, miscid) VALUES ('".$_POST['nt']."', '".$_POST['nt1']."', '".$_POST['nt2']."')"; run print_r($_POST) at the top to make sure the post vars are being set as you think they should be.

$Email is never defined. You really need to stop posting your database login info. This is the second time from you, and third or fourth today

Seems like they'll make more money selling sites to suckers than the adsense will ;)

You have to have your HTML page include the image page like an image, not like a php include. <img src="phppage.php" />

$search is a variable. You never give it a value. It's empty. It is nothing... Before you try to use it, you need to do $search = $_POST['employee'];

It's probably just lower in the ranking. What is the site and what are the keywords you want?

$sqlquery = "SELECT * FROM `employee` WHERE Surname LIKE '%$search%'";  You never define $search?

In the display_user_menu() function, add global $username; or pass it the username var. Otherwise this function can't see $username which is why it's blank, even though it's the same page.

It might be easier to just catch him at it instead of try to prevent it. Log the IP addresses and times, and then analyze it. If people are logging in from different IPs at the same time with his info, he broke the rules, and then can be dealt with. Thats how I'd approach it - seems easier.

Okay, the amount of code here is starting to confuse me. Where is $username ever initially set, before it is supposed to go in the URL? Before you ever try and $_GET it, where is it ever set to be printed out in that link?

That seems to indicate the arrays are never being filled. I'd suggest you check, perhaps they are not being filled due to some other reason - but if $m = (get_start_dates($mainAccounts)); should return an array, and you have to explicitly define $m as an array, that tells me that $m is not ever being filled. Good luck anyway.

You sorta have to trust people to not give out their login info. Why would they?

tldr; I bet one of those includes outputs something before the session_start. Clear out any whitespace, etc.

The manual says nothing about a difference in 4-5. What are the variables? The error says $gr is not an array. Can you run print_r($gr); before this and see what it puts out?

Well...that would explain why there is no username wouldn't it.

What's the URL look like?

Do you understand why you have to do that...You can't just randomly stick php variables in your html and expect it to work...

Whenever they view a page, save the time in a row in your user table. Then you can extrapolate who was logged in when, and see users logged in in the past 10 minutes, etc.

Well that's not PHP, that's HTML. Try <a href="reports.php?username=<?=$username?>">Reports< /a> Or post the whole line of code if it is in PHP.

[quote author=elis link=topic=122836.msg507096#msg507096 date=1169059111] Yes, well I've tried that numerous times - it isn't working, hence why I came here. [/quote] Yes, well, that's not in your code. Posting actual code and explaining problems prevents useless answers. The code you HAVE, does NOT prevent against any SQL attacks. Hence, my answer. Plus, it looks like you're using register_globals, a big security no-no.

Make sure that's not in single quotes.

"For your convenience, AACA offers six locations throughout the Dallas/Ft. Worth Metroplex." Hey, I live there...maybe I should head over and hand them my card...tell them to get a developer who won't post their login online for everyone to access their php my admin ;) I think we need to mod the forum to allow editing - not just after x seconds or whatever it is, but period. People make mistakes.

look up mysql_real_escape_string and do some research on SQL injection

if ($_GET['go']=='aboutus') { include 'aboutus.php'; }else{ include 'indexContent.php'; } Don't put your index content unless you know there isn't another include, or else, kinda duh, it will show up...