Daniel0

Strange. Is there another field later on with the same name? If there is it will override it.

Turn off magic_quotes_gpc in php.ini. Which version of PHP are you using? It's turned off by default in PHP 5.

If it counts correctly then it gets inside the if. In that case you'll just have to adjust the echo and the $path variable at the top.

You could make a setter method that sets the upload path.

You could use preg_split. $string = <<<EOF foo bar [code]test foo baz EOF; $newString = ''; foreach (preg_split('#\[/?code\]#', $string) as $i => $part) { if ($i % 2 == 0) { $newString .= nl2br($part); } else { $newString .= ' ' . $part . ' '; } } echo $newString;[/code]

It's called id, not stock_id in your HTML source. Your code is really difficult to read because of the many echo'es. You should consider reformatting it.

Try posting the HTML source of your form.

PHP doesn't care either way. You can replace them with forward slashes if you want, but you can actually use a mixture of forward and backward slashes in paths.

Why would it be that unless you manually run something like addslashes() or mysql_real_escape_string()? (Or if you have magic quotes turned on, in which case you should turn it off)

Something simple like this should do it: <?php $path = '/images/'; $numImages = 0; foreach (new DirectoryIterator('/path/to/images') as $item) { if ($item->isFile() && in_array(pathinfo($item->getPathname(), PATHINFO_EXTENSION), array('png', 'jpg', 'gif'))) { echo "<img src='" . $path . $item->getFilename() . "'>"; ++$numImages; } } printf('There are %d images.', $numImages);

If all your pages are routed through a single file, a simple hack would be to define a constant called something like ROOT_PATH that contains the path of your application's root on the file system. A better way would be to use some sort of auto loader in an OO environment. If you care about micro optimization, absolute paths are also faster because the system doesn't need to resolve the real path. That's only an issue in large enterprise applications though.

Try doing var_dump($_POST); before the query. The file db-open.php wouldn't happen to mess with $_POST, right?

Yeah... use double quoted strings for accessing your array indices in this case

Can't you just use absolute paths?

You can use the DirectoryIterator for that.

That'll just confuse people when characters are silently stripped from their password.

Or just turn magic quotes off.

I mean kind of like this (also changed some other stuff to make it look nicer). <?php include '../include/db/db-open.php'; $postTypesResults = $mysqli->query("SELECT editPageUrl FROM post_types WHERE active = 1 AND id = " . ((int) $_POST['postTypeId']) . " LIMIT 1"); include '../include/db/db-close.php'; if ($postTypesResult = $postTypesResults->fetch_object()) { header("Location: ".$postTypesResult->editPageUrl); exit; } else { echo 'Link not found'; } Are you sure it's submitting using POST and not GET?

Variable substitution only works in double quotes strings. Single quoted strings are evaluated literally. http://dk.php.net/manual/en/language.types.string.php

I don't see what the problem is and why you cannot use mysql_real_escape_string(). That function is designed exactly to do what you want.

You're missing a starting delimiter.

First of all, you should use a MySQL WHERE instead of selecting a lot and doing a manual linear search through the result set. Regarding $postTypeId, have you tried echoing it? Are you sure it's the right name?

Generally speaking, user agent sniffing is a bad idea. It breaks forward compatibility and it's the reason why why modern user agent string are long and cryptic.

1) Post in the correct forum. 2) Use or [php] tags (I edited your post this time). 3) Do you expect us to guess what your "problem" is?

How is that confusing? What are you having trouble with exactly? I'll have to say that I still don't see the point though.