Psycho

Use good function names and make your functions do specific things - not a whole bunch of things. Then if you load a page and see an empty select list you can open the script for that page and you would see that there is a function call to a function such as createSelectOptions. You would then know that the problem is either with the data passed to the function or with the function itself.

That function will not work. It will always return nothing (unless the value of $mvp is the literal string 'MVP'). So, I'm not sure what you are really trying to do. The function will generate a variable array ($class) with exactly one element with the index 'MVP' . Then it will attempt to return the value of $class[$mvp]. If $mvp has any value other than 'MVP' then there is no value for $class[$mvp] defined.

Well, PHP would have nothing to do with this, but the fact that this is on an android could mean there are other causes I have not considered. If there is no JavaScript, other than that alert, then that is not the problem. I originally though that the complexity/size of the page was a long shot because PCs have improved so much in processing power and memory. But, since this is a tablet/phone that is definitely a possibility. You should also look at the amount of images and other "rich" content you have. For example, do you have a large image that you are resizing using the image height/width tags? If so, the device still has to download and hold that large image in memory regardless of the size settings you define. As for checking the html code you can use the W3C validator: http://validator.w3.org/ But, unless you have been writing good code you are going to get a lot of errors.

Do you need to do the same thing for other select lists? If so, it would be easy to create a function for creating your list items. Just pass the funtion the list of values/labels and the selected value. function createSelectOptions($valuesAry, $selectedValue=false, $useIdAsValue=false) { $output = "": foreach($valuesAry as $id => $label) { $value = ($useIdAsValue) ? $id : $label; $selected = ($value === $selectedValue) ? ' selected="selected"' : ''; $output .= "<option value='{$value}'{$selected}>{$label}</option>\n"; } return $output; }

What do you mean it shows up in the query? Where - exactly - are you seeing the data with 'county' in the serialized data? It is not in your DB results based upon the var_dump of the records extracted. One possibility is that your database has individual records in that table for each piece of meta data associated with each user. Then when you do a GROUP BY the records are collapsed into a single record. Therefore, the meta data field is only going to contain one of the meta records for those records that are grouped. But, that is only one possibility. I'm not going to try and guess what all the possible problems might be when you can simply provide more information about the database structure as I have previously requested.

I've never heard of any such issues and I don't see how that is different from what you were trying to do above. But the problem with what you were trying to do is the format of the code is wrong and your condition. The condition is set as $current1['name'] == $current1['name'] You are comparing the same value to itself and that would always return true. But the code you just posted does not make sense based upon your first post. In the first post you have an offset number as the option value and a description as the option label. But, the last code you provided shows you using the exact same variable for the option value and the option label. I can't really provide any updated code without knowing the format of the data you are using (i.e. the array format and how the offset and description are stored).

The DB results do not contain any data related to "county", "region" or anything similar. So, there is no way to get the results you want. It has nothing to do with the data being serialized. However, you stated later that Since you are *certain* the correct data is there I decided not to respond further. I already suggested that the structure of your database and how you are using it are flawed. But, you apparently are not open to the idea of improving it. I also asked for more details on your DB structure so that perhaps we could find a solution to work with the flawed structure. You did not provide that information. If you are not going to use the advice given or provide the requested information there's not much more we can do for you. The bottom line is that the data you want is NOT in the query results. The serialized field only contains a value for "s2member_level4". And, that is it.

I always include the semi-colon as well, but that is really a personal preference thing. The last line of code before a closing PHP tag ( ?> ) does not require a semi-colon. So, his code is perfectly valid. However, I do feel it is good practice to use it. Otherwise you end up adding more code after the last line and you get parse errors. From the manual (emphasis added): http://www.php.net/manual/en/language.basic-syntax.instruction-separation.php

I'll add to scootsah's example that you will make your life much easier if you set the values in an array and then create the options in a loop. Makes your code much more flexible. You can hard code the array in the current script, another file or even get it from the database. Plus, you don't have to create ALL those lines of code. When you do the same thing over and over again it is very easy to make a mistake on one or more instances and then spend a lot of time trying to find the cause. Example: $timezones = array( '-28800' => '(GMT -0800) Pacific Time', '-25200' => '(GMT -0700) Mountain Time', '-21600' => '(GMT -0600) Central Time', '-18000' => '(GMT -0500) Eastern Time', ); foreach($timezone as $value => $label) { $selected = ($user_timezone == $value) ? ' selected="selected"' : ''; echo "<option value="{$value}"{$selected}>{$label}</option>\n"; }

Why don't you start a new thread on the problems you are having with your current application for certain resolutions. That is something we could most definitely help you with. And, that's the real solution you should be pursuing. If your car makes a knocking sound when it goes over 50 miles per hour you don't take it to the mechanic and ask him to install a govenor to prevent the car from going over 50.

There have been numerous people in your threads that have said similar things about you. Yet, you think there is something I need to work on. Perhaps you need to take a look in the mirror and realize what the common denominator is (you). I don't appear to have the same issue with the vast majority of users on these forums, but you have the same issue with many others.

OK, let's start with your first POST which included misinformation. You stated that the stored value contained this <IMG alt=\"\" src=\"/public/images/231781538234094.jpg\" width=796></P> and should instead contain this /public/images/231781538234094.jpg You inferred that ONLY the image source was supposed to be in the saved content and that even the image tag and other parameters were there erroneously. Please be more specific in the future. Yes and no. You should use the right sanitization process based upon the data type. As I stated before, the ID value should be run through intval() to force it to be an integer. Also, I asked previously what is the value before and after you perform any sensitization? The last thing you posted shows what the value is after sensitization. But, from that I can see what the problem is: Magic Quotes Magic quotes is a process whereby certain characters are escaped on-the-fly when being sent via POST/GET on the server. This sounds like a good thing, but the problem is that data should be escaped as appropriate to the repository that it is being stored. That is why you should be using mysql_real_escape_string() for that data. But, since it is getting automatically escape via the POST transaction, mysql_real_escape_string() is escaping the escaped data. You should turn off magic quotes on your server (if you have that ability) or you can implement a process to disable them at run time: http://www.php.net/manual/en/security.magicquotes.disabling.php

htmlentities()

Aside from the DB connection lines, I provided just 4 lines of code that performs any actions. Did you even look at those lines and try to analyze what they are doing? This is not difficult stuff and we are trying to be patient. But, rather than try the code provided or even ask a question about the code provided you just restate what you are trying to achieve. So basically, I took time out of my day to help you and you completely ignored it. The code I provided will create a select list and auto-select the value that matches the value of $name. That is what you just said you wanted. If you don't want "--None--" in the select list then simple change $fabOptions = "<option value='--None--'>--None--</option>\n"; To this $fabOptions = ''; Here is the same logic with some comments added. <?php //For this to work properly, the variable $name //will contain the previously selected 'user' value //Connect to DB and run query to get list of 'user' values $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('user'); $result = $mysqli->query("SELECT user FROM user"); //Create variable to hold the options HTML code //Set this to empty string if you don't want "--None--" $fabOptions = "<option value='--None--'>--None--</option>\n"; //Iterate through DB results of 'user' values while($row = $result->fetch_assoc()) { //Set the variable $selected to the HTML code to select the option //if the current DB value matches $name, else set to an empty string $selected = ($name && $name == $row['user']) ? " selected='selected'" : ''; //Create the HTML code for the option using the current 'user' value from the //DB results as the value and label for the option. Use the $selected variable //to set the selected status of this option $fabOptions .= "<option value='{$row['user']}'{$selected}>{$row['user']}</option>\n"; } //The lines below will output the select list and all the options generated above ?> <div id="fab1"> <select name='fab1'> <?php echo $fabOptions; ?> </select> </div> I should not have to provide that level of detail for every code snippet I provide. I only did it so I would not feel that I wasted my time in my first response today. This will be my last post to provide any assistance to you as I only volunteer my time here for the enjoyment of helping others who appreciate my help. Maybe you do appreciate the help, but I'm just not feeling it. Good luck to you.

PHP has nothing to do with how much memory the browser will use. All PHP code is processed on the web server. The only thing the browser 'sees' is the final content that is sent to the browser. A couple things to look for that might be causing browser memory issues: - Overcomplicated or very 'large' pages. Not very likely but I've seen issues many years ago where pages with lots of nested tables would cause problems. Especially if the tables were not properly created (i.e. missing closing tags). Most browsers are forgiving of some simple HTML structure errors, but to overcome them there would have to be some processing taking place. So, the more complicated the page with errors could cause problems. I've also seen problems with very large forms - hundreds of select fields with many/many options each. Again, this was years ago with PCs with a fraction of the memory of PCs used today. - JavaScript. I think this is a more likely cause. Are you running any JavaScript in a loop or is there any JavaScript running on mouseover/mouseout events or something like that? Or, are you running any AJAX on a timed event?

You have not provided enough information to identify/fix the problem. The query is going to insert the data in those variables. So, if the value in the database contains <IMG alt=\"\" src=\"/public/images/231781538234094.jpg\" width=796></P> then that is what is in the data you are inserting. Exactly which field is the one you are having a problem with? What kind of input field are you using? What is the exact data you are entering into that field? What is the value of the POST data before and after any sanitizing you are doing? Also, I assume ID is supposed to be an integer. In that case you should be using intval() instead of mysql_real_escape_string() which is meant for "string" data.

Is that code above being executed within a loop? Because you are referencing a $row[] array value before you do the query (which you then redefine $row). If so, you need to move the query outside the loop and save the results to an array and then use the array within a loop. Database queries are one of the more "costly" processes with respect to server resources and overhead. Running queries in loops will have significant impact performance. Plus, you are creating a div with a hard coded ID, so if it is run in a loop you are creating multiple divs with the same ID - which is not valid. Also, don't use '*' in your SELECT queries if you don't need all the data. Again, it is a waste of resources Anyway, to the code you have. You are doing a check to see if the selected value is "--None--", but the code is not generating a "--None--" value. If the code is only creating options with other values I'm not sure how "--None--" would ever be valid. I think this should do what you need. I've separated the logic from the output so you can separate those sections accordingly in your files. <?php $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('user'); $result = $mysqli->query("SELECT user FROM user"); $fabOptions = "<option value='--None--'>--None--</option>\n"; while($row = $result->fetch_assoc()) { $selected = ($name && $name == $row['user']) ? " selected='selected'" : ''; $fabOptions .= "<option value='{$row['user']}'{$selected}>{$row['user']}</option>\n"; } ?> <div id="fab1"> <select name='fab1'> <?php echo $fabOptions; ?> </select> </div> However, if that code IS meant to be run in an external loop, then other changes would be warranted.

OK, here is a complete rewrite of your code in a more logical format. I did this from the rendered page (i.e. after the PHP code was parsed). So you would need to implement the changes in your PHP file. I also added some sample classes that you referenced for testing so you should take those out. But, you can run the complete code below as a flat HTML file to see if it works as you need it to. Just a couple notes though: If you have a minimum and maximum length requirement for a field, so you really need to verify that the user input something? As I stated previously you really shouldn't be doing a min/max length check on a login form since the user is not creating the values. But, if you do that type of check on a field, then a check to see if the field is empty is redundant. As stated previously there is no valid reason for restricting ' and & for SQL Injection purposes. <html> <head> <link rel="stylesheet" href="styles.css" type="text/css" /> <style> .box { background-color: yellow; } .errmsg { background-color: red; } </style> <script type="text/javascript"> // *** VALIDATION FUNCTIONS *** function isEmpty(fieldValue) { return (fieldValue==''); } function validLength(fieldValue, minLength, maxLength) { return (fieldValue.length >= minLength && fieldValue.length <= maxLength) } function invalidCharacters(fieldValue, invalidChars) { var regEx = invalidChars.split('').join('|'); return (fieldValue.search(regEx)!=-1) } // **** HELPER FUNCTIONS *** function getFieldValue(fieldID) { var fieldObj = document.getElementById(fieldID); //Trimm the value and replace in field fieldObj.value = fieldObj.value.replace(/^\s+|\s+$/g,''); //Return the trimmed value return fieldObj.value; } // **** VALIDATION FUNCTION *** function setClass(objID, className) { document.getElementById(objID).className = className; return; } function validate() { var validForm = true; //Get the field input values (and trim them) var aesidValue = getFieldValue('aesid'); var pwordValue = getFieldValue('pword'); //Set all text descriptions to non-error condition setClass('aesid_text', 'box'); setClass('pword_text', 'box'); //Perform validations of AESID field if (isEmpty(aesidValue)) { setClass('aesid_text', 'errmsg'); validForm = false; } else if(!validLength(aesidValue, 6, 12)) { setClass('aesid_text', 'errmsg'); validForm = false; } else if(invalidCharacters(aesidValue, "'&")) { setClass('aesid_text', 'errmsg'); validForm = false; } //Perform validations of password field if (isEmpty(pwordValue)) { setClass('pword_text', 'errmsg'); validForm = false; } else if(!validLength(pwordValue, 6, 12)) { setClass('pword_text', 'errmsg'); validForm = false; } else if(invalidCharacters(pwordValue, "'&")) { setClass('aesid_text', 'errmsg'); validForm = false; } return validForm; } </script> </head> <body> <form name="login" action="" method="POST" onsubmit="return validate();"> <div id="loginlabel">AeroStar ID: (AES000)</div> <fieldset> <div id="loginfield"><input type="text" name="aesid" id="aesid" maxlength="7" value=""></div> <span class="box" id="aesid_text">Aerostar IDs follow the pattern AES000.</span> </fieldset> <div class="clearboth"></div><div id="loginlabel">Password:</div> <fieldset> <div id="loginfield"><input type="password" name="pword" id="pword"></div> <span class="box" id="pword_text">Passwords are between 6 and 12 characters and can not contain apostrophies or $.</span> </fieldset> <div class="clearboth"></div> <div id="loginsubmit"><input type="submit" name="subbtn" value="Login"></div> </form> </body> </html>

I find that very difficult to believe. There are so many issues of so many variations I can't see how someone would progress so far with none of it working. But, no matter, I'm still willing to help. As I stated previously, you need to do one thing at a time. As nogray stated the onsubmit trigger needs to have a "return" statement in it. If you return false the form is not submitted. So, the standard is to do something such as onsubmit="return validate();" and have the validation function return true if validation passes (form is submitted) or false if validation fails (form does not submit). Start over on your validation function and only do ONE validation. Don't even worry about the fancy changing of the classes. Once that works then move on to adding additional features or additional validations.

Also there is no valid reason to restrict apostrophes or dollar signs from the user input to prevent SQL Injection. Basically, you need to start over. Do ONE thing and make it work. Then add ONE more thing. Make it work as well as the previous function. Then add ONE more thing and make it work as well as the first two things. And so on... Do not try to build a complete solution in one go. I have to assume you copied that code above from somewhere and pasted it into your page expecting it to work. That's fine to use existing code but you have to understand what it is doing so you can make the appropriate modifications for your situation.

Here's a question, why are you doing character and length checks on a login page? The user should already have thier username and password so stating requirements such as those have no value. You should only do those types of checks in the creation process. By giving information such as length requirements and character requirements on the login page you are only providing information to users who might be trying to hack into your site.

When trying to debug JavaScript errors I find it much easier to work from the HTML source code. So, access the file above in a browser and then export the source to a flat HTML file. That way you don't have to worry about mixing JS and PHP errors. Once you get the page working then you can migrate the correct code into the PHP script. OK, here are a few things I see: 1. You are missing BODY tags. Although this is not the source of your problem it doesn't help to have non-conforming code. 2. You should revise your validation logic so it doesn't have all those nested if statemetns. Instead do a negative check and return false for each validation. Much easier to read. 3. You are referencing field using getElementById(), but you failed to provide an ID to the fields! 4. Your notEmpty() validation returns false if the input is a single space - not if it didn't have a value 5. Your validation functions are attempting to reference the parent node - but in each instance the parent node is not the object you actually want. In some you want the span after the field with the display text in others you want the fieldset. Neither is the parent node of the input fields. Basically I see so much wrong in that code it would take me quite a while to find all the problems. EDIT: Some other issues: 6. Although you are trying to return false in the function you are not returning false for the form, thus the form will ALWAYS submit 7. When trying to change the class of an object it needs to be "className", not "classname";

This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=352057.0

Yeah, htmlspecialchars() is a better choice. I always mix the two up.

Use <pre> tags and htmlentities(): $php_code = "<?php echo 'sdfjksdf'; ?>"; echo "<pre>" . htmlentities($php_code) . "</pre>";