joquius

you have to do it this way however: [code] INSERT INTO `emails` (email, name) VALUES ((SELECT `emailaddress`, `firstname` FROM `newsletter` WHERE `id` = '$id'), (SELECT `emailaddress`, `firstname` FROM `newsletter` WHERE `id` = '$id')) WHERE `id` = '$id' [/code] assuming you want to copy accross the values. the selected rows will have to be single rows and single results within VALUES ()

oh ok. but this is not advised: [code] $year = substr ($date, 0, 4); $month = substr ($date, 4, 2); $day = substr ($date, 6, 2); $new_date = $month."/".$day."/".$year; [/code] can't you just dump the timestamp and go for putting time(); into the db? date() is much better for formatting.

just change the input $dir to something other than album1. it must be set to this somewhere else in the script. The question is don't you want both scripts to work?

ok well as I said this is wrong. The time stamp has to be taken from a time(); function, which gives you the number of seconds which have passed from 0:00 1/1/1970. date() works with these time stamps. it calculates the date based on the number of seconds you input, and adds those seconds to the date of 1/1/1970. you are giving date() 20060607, which adds that many seconds to the above date. That's why you are getting 08/20/1970. when you write the database insert the date from a time() output.

[!--quoteo(post=381844:date=Jun 9 2006, 03:17 PM:name=RonScott)--][div class=\'quotetop\']QUOTE(RonScott @ Jun 9 2006, 03:17 PM) [snapback]381844[/snapback][/div][div class=\'quotemain\'][!--quotec--] It just is not working, here is my formating: $ts=date('m/d/Y', $myrow[12]); Here is the result: [a href=\"http://www.egca.org/new_site/members-only/jm_postings.php\" target=\"_blank\"]jm_postings[/a] Check out how it takes any date (in the month of June, 2006) and makes it 08/20/1970. I have tried every variation, such as $ts=date('r', $myrow[12]); No luck.... I know there is some small thing I am missing, but can't figure it out. [img src=\"style_emoticons/[#EMO_DIR#]/huh.gif\" style=\"vertical-align:middle\" emoid=\":huh:\" border=\"0\" alt=\"huh.gif\" /] [/quote] Tell me.........was this "date" the 20th of june 2006? Are you inputting 20062006 (which comes out 08/20/1970) or the actually timestamp which should be about 1150000000? remember date (FORMAT, TIME_SECONDS)

this is the same sql query twice though you could use sql with 2 databases in any case SELECT * FROM `table_1` AS t1, `table_2` AS t2 WHERE ...

quoted from php.net: Note on ===: While the php documentation says that, basically, ($a===$b) is the same as ($a==$b && gettype($a) == gettype($b)), this is not true. The difference between == and === is that === never does any type conversion. So, while, according to documentation, ("+0.1" === ".1") should return true (because both are strings and == returns true), === actually returns false (which is good). Edit: didn't want to post again. Obviously not needed but it's not my script.

The if ($page) was just an example of escaping to html within php. I'll show you what your page would look like: [code] <?php $func = (isset ($_GET['func'])) ? $_GET['func'] : ""; $id = (isset ($_GET['id'])) ? $_GET['id'] : ""; //hazards test// include ("config.php"); $rs = mysql_connect ($host, $user, $pass) or die (mysql_error ()); $rs = mysql_select_db ($db); $rs = mysql_query ($sql) or die (mysql_error ()); if($func === "view") {     $sql_staff = "SELECT * FROM news where id=\'1\'"; // the issue was here, no slashes on the quotes inside the query     $rs = mysql_query ($sql_staff) or die (mysql_error()); // $sql_staff was not defined? ?> <table id="Table_01" width="314" height="100" border="0" cellpadding="0" cellspacing="0">     <tr>      <td>         <table background="box2/images/index_01.gif" width="314" height="23">     <tr>     <td><b><?=$row['subject']?></b><br><br><div align="right">Posted by : <b><u><?=$row['author']?></u></b> on <i><?=$row['date']?></i></div></td>     </tr>     </table>      </td>     </tr>     <tr>      <td>         <table background="box2/images/index_02.gif" width="314" height="72" cellpadding="5">     <tr valign="top">     <td><?=$row['content']?></td>     </tr>     </table>      </td>     </tr>     <tr>      <td>         <img src="box2/images/index_03.gif" width="314" height="5" alt="">      </td>     </tr> </table> <? } ?> [/code] As you can see, within the html we do <?=$var?> to get php vars

unexpected end happens when something is still open. this could be a line, if, loop, etc. a few notes which could all be culprits: $func = $_GET["func"]; // please use if (isset ($_GET)) $_GET = $var; // as this can cause errors, not critical but anyway mysql_connect( "$host","$user","$pass" ) // this does not need quotes for the $strings mysql_select_db( "$db" ); // neither does this $rs = mysql_query($sql_staff) or die(mysql_error()); // where is $sql_staff set? '.$row["subject"].' // change this to ".$row['subject']." as you have opened the echo on " With so much html you are better escaping php. this can simply things a lot. <? if ($page) { ?><html></html><? } ?> No need to addslashes so much. Also $_var["attrib"] is better as $_var['attrib'] if you're using echo ""; standardize your quotes

if you want to filter _GET keys do this: [code] <? $allowed_get_queries = array ("get1", "get2", etc...); if (isset ($_GET) || is_array ($_GET)) {   foreach ($_GET as $key => $value)   {     if (!in_array ($key, $allowed_get_queries))     {       $_GET[$key] == ""; // or die ("Unallowed HTTP_VAR");     }   } } ?> [/code] I am assuming however that there is a script on the page which needs this. [code] <? if (isset ($_GET) || is_array ($_GET)) {   foreach ($_GET as $key => $value)   {     if (preg_match ("/:\/\//", $value))     {       $_GET[$key] == ""; // or perhaps die ("Unallowed");     }   } } ?> [/code]

I have written quite a few versions of sql session systems. Very easy to use and manipulate, secure and no excess db fields. Here's a look at the code: [code] function ps_create ($user_id) {     global $c_time;     global $_config;     $ps_expire = db_data ("user_level", "ps_expire", "level_id", db_data ("user_list", "user_level", "user_id", $user_id));     $user_ip = $_SERVER['REMOTE_ADDR'];     $plops_id = md5 (uniqid ($user_ip).$c_time);     setcookie ($_config['ps_cookie_name'], $plops_id, $ps_expire + $c_time, "/");     mysql_query ("DELETE FROM `user_plops` WHERE `plops_expire` + `plops_active` <= '$c_time' && `user_id` = '$user_id' && `user_id` != '-1' || `user_id` = '-1' && `user_ip` = '$user_ip'");     mysql_query ("INSERT INTO `user_plops` VALUES ('$plops_id', '$user_id', '$user_ip', '$c_time', '$ps_expire')");     return $plops_id; } function ps_data ($pid) {     global $c_time;     global $_config;     mysql_query ("DELETE FROM `user_plops` WHERE `plops_expire` + `plops_active` <= '$c_time'");     if (db_data ("user_plops", "user_ip", "plops_id", $pid) == $_SERVER['REMOTE_ADDR'])     {         $user_id = db_data ("user_plops", "user_id", "plops_id", $pid);         $user_data = mysql_fetch_array (mysql_query("SELECT * FROM `user_list` WHERE `user_id` = '$user_id'"));         $ps_expire = db_data ("user_level", "ps_expire", "level_id", $user_data['user_level']);         mysql_query ("UPDATE `user_plops` SET `plops_active` = '$c_time' WHERE `plops_id` = '$pid'");         setcookie ($_config['ps_cookie_name'], $pid, $ps_expire + $c_time, "/");         return $user_data;     }     else     {         if (isset ($_COOKIE[$_config['ps_cookie_name']]))         {             setcookie ($_config['ps_cookie_name'], "", 0, "/");         }     } } [/code] that's all the code. db_data() is just a function for getting database values quickly. They're not really sessions though. I was told once not to call something by a name that does not apply to it. PLOPS: "Permission Level Operators for Protected Sessions" It's a kind of variant session. I'll explain the code: ps_create: You take the user_id from the user_list, and create the session with that user_id and the client ip, generating an md5hash out of them and a unique string. You set the cookie with the "plops_id". then you remove any excess expired sessions, and you enterthe new session into the session DB. ps_data: First you clean the data base of any expired sessions. You then take the plops_id, either from cookie or ?p_id=, you verify the db sessions user_ip vs. the IP from remote_addr, and if this returns true you output the user_list data which corresponds with that user_id. Before finishing the function updates the session of the user, adding an updated active_time (to prevent expiry). This session function is very similiar to phpbb2, I realized this only after writing it, but it's just that any research would come to this code in any case. What I have added here however, is an additional option: to set expiry times specific to each user level, whether admin, user etc. This increases security as obviously it is better if admins cannot stay logged in for days. If you have any question regarding implementation...

Hi just some general points first. There are quite a few issues with the _GET verification. First of all you should always ?isset() _GET vars. The second if query is the same as the first so it should be emmited. Aslo "AND" should be moved to the optional sql as it will make an open query if the optional is not appended. I will not go into the code too much, but what you could can do is simply add a ?user=<?=$user?> on the redirect back to the other page, or added the user lookup on the same page (hidden until $_GET['search']) and add it with java onclick="documentgetElementById('user_name').value="<?=$user_name?>";" here's a quick run over what I stated in a verbal form: <first page> <? if (isset ($_GET['add_account'])) include ("serachform.php"); ?> in searchform.php, onclick add, value of user in form on first page is set to the value from search query I am assuming this is what you meant by autoselecting yes?

This is because the $_POST is taken at the top of the page. You would need to added the php upload code after the html is sent, and use a javascript header to avoid issues with a header();

[!--quoteo(post=381774:date=Jun 9 2006, 09:15 AM:name=wildteen88)--][div class=\'quotetop\']QUOTE(wildteen88 @ Jun 9 2006, 09:15 AM) [snapback]381774[/snapback][/div][div class=\'quotemain\'][!--quotec--] To check the format of the data you might want to use preg_match which will check whether the date is in the correct format, heres a basic example: [code]<?php $date = "02/01/2006"; //valid //$date = "02/13/2006"; - invalid if(preg_match("/([0-9]{2})\/([0-12]{2})\/([0-9]{4})/", $date, $matches)) {     echo "Valid";     echo "<pre>" . print_r($matches, true) . "</pre>"; } else {     echo "not valid"; } ?>[/code] This code ONLY checks the format and not whether the date is valid, such as 31/02/2004 isnt a valid date but the format is correct. If you weant to check whether the data is valiud it'll require more tweeking. [/quote] This will actually not work because 12 is not a charactar in regular expressions. [0-12] is taken as "0-1" and "2". any date with a month including any number beyond these will be invalid. probably the best way is to input the months and explode the $date [code] <? $month[1] = 31; $month[2] = 28; $month[3] = 31; $month[4] = 30; $month[5] = 31; $month[6] = 30; $month[7] = 31; $month[8] = 31; $month[9] = 30; $month[10] = 31; $month[11] = 30; $month[12] = 31; $verify = explode("/", $date); if (is_numeric ($verify[0]) && $verify[0] <= $month[$verify[1]] && strlen ($verify[2]) <= 4) { echo "This date is valid"; } ?> [/code]

I'm assuming the page reloads to submit the upload data to upload the file. In this case just add the hidden section in if (isset ($_POST['submit'])) { } or which ever method you are using. If you want a popup you'd need to go java and open a new window to a specific upload script (redirect would have to include the data in the http_get_vars data, which would close the window (again with java) once the upload is done. Depends what you want

for the first page output the boats as an array of the boat list [code] <table> <? $sql = mysql_query ("select * from `boats` WHERE 1 ORDER BY `added_time` DESC LIMIT 0, 10"); if ($mysql_num_rows ($sql) != 0) {   while ($sql_data = mysql_fetch_array ($sql))   {     ?><tr><td><a href="?boat=<?=$sql_data['boat_id']?>"><?=$sql_data['boat_name']?></a></td></tr><?   } } ?></table> [/code] the other page: [code] <? if (!isset ($_GET['boat']) || !mysql_result (mysql_query ("select `boat_id` from `boats` where `boat_id` = '".$_GET['boat']."'"), 0)) die ("No boat selected"); $boat_data = mysql_fetch_array (mysql_query ("select * from `boats` where `boat_id` = '".$_GET['boat']."'")); ?><?=$boat_data['boat_name']?><?=$boat_data['boat_length']?>...etc [/code] The thing to remember is just have the main page listing and the second selecting. The first page here selects a certain range from the list of boats, giving you a link which includes the boat_id from the DB, letting the other page know what information to retreive.

Hi, new, but not new to php just looking for something to do at work in free time when my strength for coding has run out. Are $grab and $location actually defined here as $HTTP_GET_VARS ? if (isset ($_GET['grab'])) $grab = $_GET['grab']; same for location. In any case you should clean up the code a bit maybe cut out some excess variables and add some spaces it's slightly unclear