esukf

The following line is removing any characters not alphanumeric, underscore, comma, space and dash in the password. Try removing it and see if it works. $var = preg_replace("/[^A-Za-z0-9_, -]/", "", $var);

Isn't job id j.id? employee.php?id=<?php echo $r_emp['j.id']; ?>

Refactoring <?php $formated = sprintf("%-44.44s%s\n", $firstname, $lastname); $formated .= sprintf("%-39.39s%-15.15s%-3.3s%s\n", $street, $city, $state, $zip); $formated .= sprintf("%-10.10s%s\n", $phone, $fax); ?>

From http://en.wikipedia.org/wiki/UK_postcodes (GIR 0AA|[A-PR-UWYZ]([0-9]{1,2}|([A-HK-Y][0-9]|[A-HK-Y][0-9]([0-9]|[ABEHMNPRV-Y]))|[0-9][A-HJKS-UW]) [0-9][ABD-HJLNP-UW-Z]{2})

Try <?php $formated = sprintf("%-44.44s", $firstname)."$lastname\n"; $formated .= sprintf("%-39.39s", $street).sprintf("%-15.15s", $city).sprintf("%-3.3s", $state)."$zip\n"; $formated .= sprintf("%-10.10s", $phone)."$fax\n"; ?> This will truncate any variable length longer than allowed.

Try searching http://regexlib.com for validation of postcode/ phone numbers for the countries you want.

<?php echo number_format($AZ2L, 2, '.', ''); ?> http://uk3.php.net/manual/en/function.number-format.php

Tutorial here http://www.phpit.net/article/using-curl-php/.

Filter it. <?php $file = $_POST['file']; $bad = array('../', './'); $file = str_replace($bad, "", $file); ?>

1433

Try:- <?php $itemq = "SELECT sdlitm, sddsc1, sduorg, sdlnid, sduncs FROM F4211 WHERE sddoco = $ordernum AND sddcto LIKE '$ordertype' ORDER BY sdlnid"; $result3 = odbc_exec($connect, $itemq); $i = 0; $total = 0; $array = array(); while (odbc_fetch_row($result3)){ $array[$i]['partnum'] = odbc_result($result3, 1); $array[$i]['desc1'] = odbc_result($result3, 2); $array[$i]['qty'] = odbc_result($result3, 3)/100; $array[$i]['position'] = odbc_result($result3, 4); $array[$i]['uncs'] = odbc_result($result3, 5); $array[$i]['extcost'] = $array[$i]['uncs'] * $array[$i]['qty']; $total = ($total + ($array[$i]['uncs'] * $array[$i]['qty'])); $i++; } //write file $filename = "$reportnumber.txt"; $fp = fopen($filename, "w"); fwrite($fp, "Activity Number: $reportnumber\r\n"); fwrite($fp, "Warranty Type: $reason\r\n"); fwrite($fp, "Customer Name: $custname\r\n"); foraeach($array as $arr){ fwrite($fp, "{$arra['qty']} {$arr['partnum']} {$arr['desc1']}\r\n"); } fclose($fp); ?>

Have you actual tried the piece of code i wrote before? Anyway, here's the full code you can try. <?php $view = $_GET['view']; if($view) { $msel = mysql_query("select * from mail where id=$view"); //$view NOT $view['id'] while ($msg = mysql_fetch_array($msel)) { print" <table border=1 cellpadding=0 cellspacing=8 style=border-collapse: collapse width=100% bgcolor=#333333> <tr> <td width=100% style=padding:3px;> <table border=0> <tr> <td valign=top> </td> <td width=613 valign=top> <table border=1 cellspacing=0 cellpadding=5 width=610> <tr> <td bgcolor=#353535><font size=+1 color=5098D7>{$msg['subject']} </font></td> </tr> <tr> <td width=100% height=34 style=background-color:#666666 cellpadding=5> <table cellpadding=0 cellspacing=0 border=0> <tr> <td>From : </td> <td>{$msg['sender']}</td> </tr> </table> </td> </tr> <tr> <td height=128 bgcolor=545454>{$msg['body']}</td> </tr> </table> </td> </tr> </table> [<a href=\"message.php?view=write&id={$mail['id']}\">Reply</a>] [<a href=message.php?message={$mail['id']}&step=delete>Delete</a>]</td></table>"; } } ?>

Try:- (SELECT 1 AS tableNo, id, name, date FROM `table1`) UNION ALL (SELECT 2 as tableNo, id, name, date FROM `table2`) order by tableNo ASC, date DESC; You need to list out all the columns. SELECT * won't work.

Have you tried replacing your code:- // insert a new user to the database $sql = "INSERT INTO users (id, username, password, name, email) VALUES ('', '$username', '$password', '$name', '$email')"; "INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql); with what one of the suggestions I gave before? Are you getting any errors with the insert?

<?php $sql = "INSERT INTO `users` (`id`, `username`, `password`, `name`, `email`) VALUES ('', '$username', '$password', '$name', '$email')"; $sql1 = "INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql)or die ("mysql_error()"); $result1 = mysql_query($sql1)or die ("mysql_error()"); ?> Or are you trying to have 2 insert statement separated by ;? <?php $sql = "INSERT INTO `users` (`id`, `username`, `password`, `name`, `email`) VALUES ('', '$username', '$password', '$name', '$email'); INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql)or die ("mysql_error()"); ?>