Barand

The sooner you learn where to find the PHP reference manual, the better. Start with the basics

Does this do it for you? wp_wpforms_entry_fields: +----------+----------+--------------------+ | entry_id | field_id | value | +----------+----------+--------------------+ | 1 | 5 | Laura Norder | | 1 | 13 | School A | | 1 | 16 | Belt 1 | | 1 | 18 | Sparring - $75.00 | | 2 | 5 | Peter Dowt | | 2 | 13 | School B | | 2 | 16 | Belt 2 | | 2 | 18 | Sparring - $90.00 | | 2 | 43 | Belt 3 | | 3 | 5 | Tom Dicanari | | 3 | 13 | School C | | 3 | 16 | mmm | | 3 | 18 | Soarring - $100.00 | | 3 | 43 | kkk | | 4 | 5 | Joe King | | 4 | 13 | School D | | 4 | 16 | Belt 4 | | 4 | 18 | Sparring - $150.00 | | 4 | 43 | sss | +----------+----------+--------------------+ mysql> SELECT entry_id -> , field_id -> , CASE field_id -> WHEN 5 THEN CONCAT(SUBSTRING_INDEX(value, ' ',1), ' ', LEFT(SUBSTRING_INDEX(value,' ', -1), 1)) -> WHEN 18 THEN TRIM(SUBSTRING_INDEX(value, '-', 1)) -> ELSE value -> END as value -> FROM wp_wpforms_entry_fields -> WHERE field_id IN (5, 13, 16, 18) -> ORDER BY entry_id; Query results: +----------+----------+----------+ | entry_id | field_id | value | +----------+----------+----------+ | 1 | 5 | Laura N | | 1 | 13 | School A | | 1 | 16 | Belt 1 | | 1 | 18 | Sparring | | 2 | 5 | Peter D | | 2 | 13 | School B | | 2 | 16 | Belt 2 | | 2 | 18 | Sparring | | 3 | 5 | Tom D | | 3 | 13 | School C | | 3 | 16 | mmm | | 3 | 18 | Soarring | | 4 | 5 | Joe K | | 4 | 13 | School D | | 4 | 16 | Belt 4 | | 4 | 18 | Sparring | +----------+----------+----------+

What is this doing ... REPLACE(REPLACE(REPLACE(REPLACE(value, '- $', ''), '75.00', ''),'90.00',''),'100.00','') What's the data that requires a quad-replace?

Puzzled - what it is it supposed to do? It doesn't reference anything from the query nor does it reference any classes.

I just didn't see the table - the end of that first line was somewhere in my neighbour's living room.

So that they can jump in their time machines and go back to login correctly?

The purpose of a prepare() is to separate the query from the input data.. You therefore need WHERE msg.order_id = ? then provide the data in an array of parameters when you execute $statement->execute( [$orderid] );

Very little resemblance to the examples I gave you. Why did I bother?

I am not talking about the mydloader.php page. I … am ... talking … about … the … page … that … contains … the ... link/image … that … you … are … clicking … on

You'll stand a better chance of doing that if it is one of the tables in the query.

View the page HTML source of the page containing the link that your php code created. When that page is displayed in your browser, select "View source" to see what the html is for that link.

if you view the page source, what does it look like?

Not surprised, browsed to the page and got put in a holding queue.

My code contains a loop to output the divs. Your code contains a loop. Work it out.

It's much easier with CSS and divs than it is with a table. <?php $output = ''; for ($i=1; $i<=28; $i++) { $output .= "<div class='db-entry'>Entry $i</div>\n"; } ?> <!DOCTYPE html> <html> <head> <meta http-equiv="content-language" content="en"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Example</title> </head> <style type="text/css"> .db-entry { width: 18%; height: 50px; padding: 20px 2px; border: 1px solid gray; margin: 0 2px 2px 0; float: left; } </style> <body> <?=$output?> </body> </html>

Are you sure the php file names match? Or is that just a typo? It works for me with an image there.

Check my sample

I doubt it. That will link to ... <a href="mydloader.php?ip=" ... because you put quotes in the middle of the query string. Don't know why you've stuck demo_app at the end.

foreach ($_POST['purchases'] as $line) { fputcsv($file, [$line]); } ?

Sample HTML <!DOCTYPE> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Sample</title> </head> <body> <a href="mydloader.php?ip=xyz&filename=banner.png">banner.png</a><br> <a href="mydloader.php?ip=xyz&filename=punchcard.jpg">punchcard.jpg</a><br> <a href="mydloader.php?ip=xyz&filename=demo_app.html">demo_app.html</a><br> </body> </html> mydloader.php <?php include 'db_inc.php'; # YOUR CONNECTION $db = pdoConnect('test'); # GOES HERE if (isset($_GET['ip'])) { $add = $db->prepare("INSERT INTO download (IP_ADDRESS, FILENAME) VALUES (?, ?)"); $add->execute( [ $_GET['ip'], $_GET['filename'] ] ); header('Content-Type: octet-stream'); header('Content-Disposition: attachment; filename="'.$_GET['filename'].'"'); header('Pragma: no-cache'); header('Expires: 0'); readfile("download/{$_GET['filename']}"); } ?> mysql> select * from download; +-------------+------------+---------------+ | download_id | ip_address | filename | +-------------+------------+---------------+ | 1 | xyz | banner.png | | 2 | xyz | punchcard.jpg | | 3 | xyz | demo_app.html | +-------------+------------+---------------+

try foreach ($_POST['purchases'] as $line) { fputcsv($file, $line); }

Because you should always work with yyyy-mm-dd format in your database (column type DATE) If you always want to insert the current date, use VALUES ('$oracleid','$name','$des',CURDATE(),'$username', '$pass','$isadmin') EDIT: and use prepared statements!

If he result of a query is boolean (ie false) then the query failed. Check for failures. Easiest way is to put this line before your mysqli connection line mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); You must like living on the edge. Embedded variables in the query AND multi query. That's not just opening the door to SQL injection, it's demolishing the whole wall.

Instead of linking directly to the target file, link to a php script which updates your db and sends the file for download.