Psycho

Um, that is a link to a file on your local computer - not a link that is web accessible. Anyway, you don't show how the validation scripts are initiated. But, I will *guess* what the problem is. In the form tag you should use the onsubmit trigger to call the valiadtion scripts. Your validation scripts seem to return true/false as would be expected. BUT, the onsubmit trigger must be formated to ALSO return true/false. Here is how the FORM tag shoudl look <form name="something" action="something.php" method="post" onsubmit="return checkForm(this);"> Note the "return" inside the onsubmit parameter value.

You would validate the selected value by doing a database query on the processing page. Something like: SELECT name FROM table WHERE name = '$search_value' Anyway, once you validate that the selected value exists in the database (or is all) you could use the following to decide whether or not to display the line above if($_POST['search'] != 'all') { echo "<td width=\"30%\" height=\"100\">"; echo rating_bar($rows['id'],'6','static'); echo "<a href=\"jadak.php?id={$rows['id']}&na={$rows['na']}&c={$rows['c']}&a={$rows['a']}\">Rate</a>"; echo "</td>"; }

So you are saying there are other elements on the page with ids in the format 'elementn[/n]'? I wouldn't think so. But, OK, let's say you only want to find DIV objects within the DIV 'meme' which have ids in that format. This will do that for you: <html> <head> <script type="text/javascript"> function getDivCount(parentID, childPrefix) { var parentObj = document.getElementById(parentID); var childCount = parentObj.childNodes.length; var divCount = 0; var childNode; for(childIdx=0; childIdx < childCount; childIdx++) { childNode = parentObj.childNodes[childIdx]; if(childNode.tagName=='DIV' && childNode.id.substr(0, childPrefix.length)==childPrefix) { divCount++; } } return divCount; } </script> </head> <body> Meme Div: <div id="meme" style="border:1px solid black; width:300px;"> <div id="element1">Meme Element 1</div> <div id="element2">Meme Element 2</div> <div id="element3">Meme Element 3</div> <div id="element4">Meme Element 4</div> <div id="element5">Meme Element 5</div> <div id="NONelement6">Meme NON Element 6</div> </div> <br />Not Meme Div: <div id="NOTmeme" style="border:1px solid black; width:300px;"> <div id="element7">Non Meme Element 1</div> <div id="element8">Non Meme Element 1</div> <div id="element9">Non Meme Element 1</div> </div> <br /> <button onclick="alert(getDivCount('meme', 'element'));">Count 'element' Divs in 'meme' Div</button> </body> </html>

The problem is pretty simple really. Workign backwards: Your query has the following WHERE clause WHERE work_order='$work_order' On the page you define $work_order as $work_order=$_GET['work_order']; So far, so good. But, on the form page you only use the work order number for displaying on the page: <tr><td>Work Order:</td><td><?php echo $work_order; ?></td></tr> No where on that page is there a field called 'work_order' to pass the value to the processing page. You can fix this by simply creating a hidden field as follows <inout name="work_order" type="hidden" value="<?php echo $work_order; ?>" />

If you just want to count the number of divs with the ID 'elementn', then you can do this: function getDivCount() { var divCount = 0; while(document.getElementById('element'+(divCount+1))) { divCount++; } return divCount; } Or are you wanting to count the divs specifically in the parent div 'meme'?

Something is changing your code. This is the ACTUAL code in your page: <title>Your Site - <?php echo REQUEST['kwd']; ?></title> So, somehow the < > are changed to their HTML codes of < >

Well, what are the "valid" values of the $c select list, what is the value of the All option, and what is the name of that select list? You should always validate user input. Even though you are using a select list, a malicious user CAN post values not in the select list. So you should always validate against the "approved" values. Also, to make it easier I would give the all option an empty value.

Need a little more info. There are TWO different parameters 1) The possbile values and 2) the number of places. Do they have to be the same in your situation?

foreach($cats as $cat_index => $cat_value) { //Display category echo " <input type=\"checkbox\" name=\"selection[]\" value=\"{$cat_index}\" id=\"{$cat_index}\" />"; echo "<label for=\"{$cat_index}\">{$cat_value[0]}</label><br />"; //Display subcats for the current category foreach($subcats[$cat_index] as $subcat_value) { echo " - {$subcat_value}<br />\n"; } }

Either three queries or one complex query. If you will only ever have three items, then three queries would probably be the most straitforward approach. If you will have many items, then you should probably do some testing to see what is the most efficient. Anyway, this is what the "complex" query would look like: $query = "UPDATE `items` SET `name` = CASE id WHEN {$_POST['id'][0]} THEN {$_POST['name'][0]} WHEN {$_POST['id'][1]} THEN {$_POST['name'][1]} WHEN {$_POST['id'][2]} THEN {$_POST['name'][2]} END product = CASE id WHEN {$_POST['id'][0]} THEN {$_POST['product'][0]} WHEN {$_POST['id'][1]} THEN {$_POST['product'][1]} WHEN {$_POST['id'][2]} THEN {$_POST['product'][2]} END WHERE id IN ({$_POST['id'][0]}, {$_POST['id'][0]}, {$_POST['id'][0]})" Of course, if the number of items is variable, you would want to script that: $itemCount = count($_POST['id']); $nameCases = ''; $productCases = ''; for($itemIdx=0; $itemIdx<$itemCount; $itemIdx++) { $nameCases .= "WHEN {$_POST['id'][$itemIdx]} THEN {$_POST['name'][$itemIdx]}\n"; $productCases .= "WHEN {$_POST['id'][$itemIdx]} THEN {$_POST['product'][$itemIdx]}\n"; } $query = "UPDATE `items` SET `name` = CASE id {$nameCases} END product = CASE id {$productCases} END WHERE id IN (" . implode(',', $_POST['id']) . ")";

That makes no sense. It would take a lot more processing to do it with that subcat array. Can you change the format of your $subcat array to this: $subcats=array( 'decorations'=>array('Banners', 'Balloons'), 'flowers'=>array('Tulips', 'Roses') ); Or if you need the lowercase keys: $subcats=array( 'decorations'=>array('banners'=>'Banners', 'balloons'=>'Balloons'), 'flowers'=>array('yulips'=>'Tulips', 'roses'=>'Roses') );

This doesn't look to be a PHP problem. Moving to the HTML forum. What errors/problems are you experiencing? What does the rendered HTML look like? The browser doesn't care about what PHP code is processed on the server - only the final output. Could be something in the values you are echoing to the page. Also, the code you have to echo the values is overcomplicated: if (!empty($lastName)) echo $lastName; That is basically saying - if the value is not empty echo it to the page. So, if the value is empty then it echos nothing, right? So, there is no need for the if statement. Just use: echo $lastName; and you will get the same results with less complexity.

Well, what IS it doing? Are you getting any errors? What debugging have you done to rule out some issues? I haveen't read through all of the code, but the very first line is wrong. This: if($_POST['langpair'] == en|zh-CN) { Should be: if($_POST['langpair'] == "en|zh-CN") { I also don't see where this value would be set: $textSource = $_GET['text_form']; Your form is using POST. Where are you setting a value on the query string? Also, don't use PHP short tags, it is a poor practice.

A better question is what is in the data that you need to get rid of? Why are you working with dirty data? Anyway to allow for a forward slash just use "\/", I know it looks funny, the backward slash is just to tell the regex processor to interpret the character as a literal. $patterns = array( "/&/", "/[^a-z0-9&\/\s]/i", "/&/" ); $replacements = array( "&", "", "&" ); You know there are going to be other exceptions too. It might be better if you post some of the input data showing what the problem is. There might be a better solution. Ones that might be problematic are ones with accented characters such as "Björk". The script above will convert that to "Bjrk". I don't know of a modifyer that is "accent insensitive" (if there is such a word)

$query = "SELECT name FROM ext_monsters ORDER BY lvl ASC"; $result = mysql_query($query) or die($db_error); $monsterOptions = array(); while ($monster = mysql_fetch_array($result)) { $selected = ($_POST['monstername'] == $monster['name']) ? ' selected="selected"' : ''; $monsterOptions[] = "<option value=\"{$monster['name']}\"{$selected}>{$monster['name']}</option>"; } print "<form action=\"killmonster.php\" method=\"post\">\n"; print "<select name=\"monstername\" length=\"20\">\n"; print implode("\n", $monsterOptions); print "</select>\n";

That is apparently in a function. Why are you making it so complicated? Your function simply needs a single line to do this: function foo() { return preg_replace('/[^A-Za-z0-9]/', '', $ds['nickname']); }

Well, now the problem becomes a little more interesting. The easy solution would be to simply allow the semi-colon as well. But, then that would allow a semi-colon anywhere in the name. Assuming you do not want to allow the semi-colon and that you want to maintain "&" (instead of converting to just "&"), you could do this: $patterns = array( "/&/", "/[^a-z0-9&\s]/i", "/&/" ); $replacements = array( "&", "", "&" ); echo preg_replace($patterns, $replacements, "--Echo & The Bunnymen--"); Basically, it does the following in order: 1. Convert any "&" to just "&" 2. Removes any character not a-z (upper or lower case), 0-9, & (ampersand), or white space 3. Convert any ampersands ("&") back to "&"

Seriously? Did you look at the link Daniel provided or the manual for preg_match? I have a hard time believing that you look at either and don't understand the simple fix. if (preg_match('/[^A-Za-z0-9]/', $name)

Well, you are not echoing the values within a table cell (i.e. TD tags). Also fixed: - You are also not escaping the user submitted ID value - this could cause a malicious user to use sql injection to cause havoc to your data. Fixed using mysql_real_escape_string() - Changed the name of the array to a more logical value. - Fixed the query to only get the values yuou need to be more efficient - Properly formatted the array values - i.e. the index is enclosed in quote marks <?php $conn = mysql_connect('jjennings3db.bimserver2.com', 'jjennings3db', 'bullet5646546541'); mysql_select_db('jjennings3db', $conn); $id = mysql_real_escape_string($_GET[id]); $sql = "SELECT PropertyName, Location, SalePrice FROM tblProperties WHERE id={$id}";$result1 = mysql_query($sql, $conn); $property = mysql_fetch_array($result1); ?> <html> <head> <title>Properties</title> </head> <body> <table width="640" border="2" align="center" cellpadding="0" cellspacing="0"> <tr> <td colspan="3" align="center"><h1>Property</h1></td> </tr> <tr> <td align="left" valign="top"><strong>Address:</strong></td> <td align="left" valign="top">PropertyName</td> <td rowspan="2" align="center"valign="middle">book cover picture</td> <td><?php echo $property['PropertyName']; ?></td> </tr> <tr> <td align="left" valign="top"><strong>Location:</strong></td> <td align="left" valign="top">Location</td> <td><?php echo $property['Location']; ?></td> </tr> <tr> <td align="left" valign="top"><strong>Property Price:</strong></td> <td align="left" valign="top">SalePrice</td> <td><?php echo $property['SalePrice']; ?></td> </tr> <tr> <td colspan="3" align="center" valign="top"> <a href="http://jjennings3.bimserver2.com/links.php">back to list of Properties</a> </td> </tr> </table> </body> </html>

@Daniel, C'mon, you can't actually expect people to click on the links you provide. That would require actual work on their part: reading, comprehension, etc.

I'm not seeing a problem, using '/[^a-zA-Z0-9&\s]/ as the search parameeter seems to work fine for me: echo preg_replace('/[^a-zA-Z0-9&\s]/', '', "--Echo & The Bunnymen--"); //Output: Echo & The Bunnymen echo preg_replace('/[^a-zA-Z0-9&\s]/', '', "--Hall & Oats--"); //Output: Hall & Oats You should double check the actual input data. Are you positive that the input is EXACTLY the ampersand and not the HTML code for an ampersand, i.e. "&"?

My pleasure. In the future, please mark topics as solved when you get a solution. There is a green button on the bottom left of posts that you start for this purpose. I've marked this one for you.

I would suggest modifying the field names in the connects table to be more "descriptive" to origin_cities_id and destination_cities_id. The purpose of that table is to allow you to join the cities table on itself to match up the origins to the destinations. But, instead of doing a JOIN you are running three queries. Because you need specific code at the beginning and the end for each origin city, I would create a function to create each javascript section of code. Using the current field names you have, this should work using a single query. Note, since I do not have your database to test against this is not tested. There may be some errors, but the logic is sound. <?php //function to create the javascript block for each origin city function createJScriptCode($origin, $destinationsAry) { $jScript = "if (chosen == '{$origin}') {\n"; foreach($destinationsAry as $destination) { $jScript .= " selbox.options[selbox.options.length] = new Option('{$destination}','{$destination}');\n"; } $jScript .= "}\n\n"; return $jScript; } //Query to get all origin cities and their destinations $query = "SELECT origin.`city` as origin, destination.`city` as destination, FROM `cities` as origin JOIN connects as c ON origin.id_cities = c.id_cities JOIN `cities` as destination ON c.connects = destination.cities_id"; $result = mysql_query($query); //Flag to trigger new origin city $current_origin = ''; //Process the results while ($row = mysql_fetch_array($result)) { //Check if current origin is new if($current_origin != $row['origin']) { //If not the first origin, create JS for last origin if($current_origin != '') { //Create jscript code after the last record for each origin echo createJScriptCode($current_origin, $destinations); } //Set flag for current origin $current_origin = $row['origin']; //Set/reset origins array $destinations = array(); } //Add destination to array for current origin $destinations[] = $row['destination']; } //Create jscript code for the last origin echo createJScriptCode($current_origin, $destinations); ?>

NOt tested, so there may be some syntax issues: <?php //Query the data $query = "SELECT p.paramname, h.year, h.dividenditem FROM `dividendparams` p JOIN `dividendhistorydetails` as h ON p.paramid = h.paramid ORDER BY p.paramname, h.year" $result = mysql_query($query); //Create arrays for the values $params = array(); $years = array(); //Proces the results while($row = mysql_fetch_assoc($result)) { $params[$row['paramname']][$row['year']] = $row['dividenditem']; if(!in_array($row['year'], $years) { $years[] = $row['year']; } } sort($years); //Create header row $output = "<tr>\n"; $output .= "<th>Parameter</th>\n"; foreach($years as $year) { $output .= "<th>{$year}</th>\n"; } $output .= "</tr>\n"; //Create the data rows foreach($params as $paramName => $data) { $output .= "<td>{$paramName}</td>\n"; foreach($years as $year) { $dividendItem = $data[$year]; $output .= "<td>{$dividendItem}</td>\n"; } } ?> <html> <body> <table border="1"> <?php echo $output; ?> </table> </body> </html>

If you don't compare the value from the database how would you make the determination of whether to show the checkbox as checked or not to indicate the currently saved value? You should use a field type of tinyint