esukf

The following line is removing any characters not alphanumeric, underscore, comma, space and dash in the password. Try removing it and see if it works. $var = preg_replace("/[^A-Za-z0-9_, -]/", "", $var);

Isn't job id j.id? employee.php?id=<?php echo $r_emp['j.id']; ?>

Refactoring <?php $formated = sprintf("%-44.44s%s\n", $firstname, $lastname); $formated .= sprintf("%-39.39s%-15.15s%-3.3s%s\n", $street, $city, $state, $zip); $formated .= sprintf("%-10.10s%s\n", $phone, $fax); ?>

From http://en.wikipedia.org/wiki/UK_postcodes (GIR 0AA|[A-PR-UWYZ]([0-9]{1,2}|([A-HK-Y][0-9]|[A-HK-Y][0-9]([0-9]|[ABEHMNPRV-Y]))|[0-9][A-HJKS-UW]) [0-9][ABD-HJLNP-UW-Z]{2})

Try <?php $formated = sprintf("%-44.44s", $firstname)."$lastname\n"; $formated .= sprintf("%-39.39s", $street).sprintf("%-15.15s", $city).sprintf("%-3.3s", $state)."$zip\n"; $formated .= sprintf("%-10.10s", $phone)."$fax\n"; ?> This will truncate any variable length longer than allowed.

Try searching http://regexlib.com for validation of postcode/ phone numbers for the countries you want.

<?php echo number_format($AZ2L, 2, '.', ''); ?> http://uk3.php.net/manual/en/function.number-format.php

Tutorial here http://www.phpit.net/article/using-curl-php/.

Filter it. <?php $file = $_POST['file']; $bad = array('../', './'); $file = str_replace($bad, "", $file); ?>

1433

Try:- <?php $itemq = "SELECT sdlitm, sddsc1, sduorg, sdlnid, sduncs FROM F4211 WHERE sddoco = $ordernum AND sddcto LIKE '$ordertype' ORDER BY sdlnid"; $result3 = odbc_exec($connect, $itemq); $i = 0; $total = 0; $array = array(); while (odbc_fetch_row($result3)){ $array[$i]['partnum'] = odbc_result($result3, 1); $array[$i]['desc1'] = odbc_result($result3, 2); $array[$i]['qty'] = odbc_result($result3, 3)/100; $array[$i]['position'] = odbc_result($result3, 4); $array[$i]['uncs'] = odbc_result($result3, 5); $array[$i]['extcost'] = $array[$i]['uncs'] * $array[$i]['qty']; $total = ($total + ($array[$i]['uncs'] * $array[$i]['qty'])); $i++; } //write file $filename = "$reportnumber.txt"; $fp = fopen($filename, "w"); fwrite($fp, "Activity Number: $reportnumber\r\n"); fwrite($fp, "Warranty Type: $reason\r\n"); fwrite($fp, "Customer Name: $custname\r\n"); foraeach($array as $arr){ fwrite($fp, "{$arra['qty']} {$arr['partnum']} {$arr['desc1']}\r\n"); } fclose($fp); ?>

Have you actual tried the piece of code i wrote before? Anyway, here's the full code you can try. <?php $view = $_GET['view']; if($view) { $msel = mysql_query("select * from mail where id=$view"); //$view NOT $view['id'] while ($msg = mysql_fetch_array($msel)) { print" <table border=1 cellpadding=0 cellspacing=8 style=border-collapse: collapse width=100% bgcolor=#333333> <tr> <td width=100% style=padding:3px;> <table border=0> <tr> <td valign=top> </td> <td width=613 valign=top> <table border=1 cellspacing=0 cellpadding=5 width=610> <tr> <td bgcolor=#353535><font size=+1 color=5098D7>{$msg['subject']} </font></td> </tr> <tr> <td width=100% height=34 style=background-color:#666666 cellpadding=5> <table cellpadding=0 cellspacing=0 border=0> <tr> <td>From : </td> <td>{$msg['sender']}</td> </tr> </table> </td> </tr> <tr> <td height=128 bgcolor=545454>{$msg['body']}</td> </tr> </table> </td> </tr> </table> [<a href=\"message.php?view=write&id={$mail['id']}\">Reply</a>] [<a href=message.php?message={$mail['id']}&step=delete>Delete</a>]</td></table>"; } } ?>

Try:- (SELECT 1 AS tableNo, id, name, date FROM `table1`) UNION ALL (SELECT 2 as tableNo, id, name, date FROM `table2`) order by tableNo ASC, date DESC; You need to list out all the columns. SELECT * won't work.

Have you tried replacing your code:- // insert a new user to the database $sql = "INSERT INTO users (id, username, password, name, email) VALUES ('', '$username', '$password', '$name', '$email')"; "INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql); with what one of the suggestions I gave before? Are you getting any errors with the insert?

<?php $sql = "INSERT INTO `users` (`id`, `username`, `password`, `name`, `email`) VALUES ('', '$username', '$password', '$name', '$email')"; $sql1 = "INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql)or die ("mysql_error()"); $result1 = mysql_query($sql1)or die ("mysql_error()"); ?> Or are you trying to have 2 insert statement separated by ;? <?php $sql = "INSERT INTO `users` (`id`, `username`, `password`, `name`, `email`) VALUES ('', '$username', '$password', '$name', '$email'); INSERT INTO user1 (username, password) VALUES ('$username', '$password')"; $result = mysql_query($sql)or die ("mysql_error()"); ?>

Try select count(*) as "id_count" From `Facilitators` Where Location = 'Michigan' and (Type = '5' or Type ='1' or Type = '3' or Type = '7') and Active = '1'

Pass the array to the function by reference. http://uk.php.net/language.references.pass

<textarea rows="10" cols="50" name="post" class="form_elements_text"></textarea> <input type="submit" name="post" value="Post" class="button" /> Both the textarea and submit input have the same name="post".

You can grab what ever column you want once the tables are joined. <?php $GetLetters = mysql_query("SELECT Username, Subject, Sender, Senttime, MessageText FROM messages INNER JOIN userregistration ON (messages.sender = userregistration.UserID) WHERE Reciever = '{$_SESSION['Current_User']}'"; ?>

Sorry, my question should be where you are getting the value for the $view variable. You should on you pmessage.php page have something like the following to grab the view value from the querystring pmessage.php?view=23. <?php $view = $_GET['view']; //23 ?> I think why you are just getting only the first value is this:- <?php $view = "23"; //Your view string value echo $view['id']; //2 //You are trying to get the value as an associative array but $view is a string. //$view['id'] is interpreted as $view[0] so just returns the first character. ?> So to fix your problem either have:- <?php $view = $_GET['view']; $msel = mysql_query("select * from mail where id=$view"); ?> or <?php $view['id'] = $_GET['view']; $msel = mysql_query("select * from mail where id=$view[id]"); ?>

Find from the script that creates the line below and add border="0" to the img tag. <a href='?action=detail&category=Shabbat Shalom&id=1192254819'><img src='images/th-sendingshalom.jpg' alt=''></a> to <a href='?action=detail&category=Shabbat Shalom&id=1192254819'><img src='images/th-sendingshalom.jpg' alt='' border="0"></a>

use either <?php if( strlen($row[username])>1 ): ?> <input type="text" name="name" size="31" value=<?php echo $row[name];?>> <?php else: ?> <input type="text" name="name" size="31" value=<?php if (isset($_POST[name])) echo $_POST[name];?>> <?php endif; ?> or <?php if( strlen($row[username])>1 ){ ?> <input type="text" name="name" size="31" value=<?php echo $row[name];?>> <?php } else { ?> <input type="text" name="name" size="31" value=<?php if (isset($_POST[name])) echo $_POST[name];?>> <?php } ?>

Try :- <?php include("include.php"); $GetLetters = mysql_query("SELECT * FROM messages WHERE Reciever='{$_SESSION['Current_User']}'") or die(mysql_error()); if (mysql_num_rows($GetLetters) == 0) { header("Location: letterbox.php"); exit; } else { include("energybarinclude.php"); $row = mysql_fetch_assoc($GetLetters); $Subject = $row['Subject']; $From = $row['Sender']; $SentOn = $row['Senttime']; $MessageOne = $row['MessageText']; $FindUser1 = mysql_query("SELECT * FROM userregistration WHERE UserID='$From'") or die(mysql_error()); //Fetch the row from the database $rowuser = mysql_fetch_assoc($FindUser1); $UserName1 = $rowuser['UserName']; } ?> You might want to use a JOIN instead of using another query to get the username <?php $GetLetters = mysql_query("SELECT UserID, Subject, Sender, Senttime, MessageText FROM messages INNER JOIN userregistration ON (messages.sender = userregistration.UserID) WHERE Reciever = '{$_SESSION['Current_User']}'"; ?>

Is $view an array? How are you getting the variable from the query?? <?php $view = (int) $_GET['view']; $msel = mysql_query("select * from mail where id=$view"); ?>

You need to use a JOIN clause in your sql statement. Something in the line of:- SELECT * FROM products_table INNER JOIN colours_table ON (products_table.colour = colours_table.id); There are various types of joins which you can read up on http://en.wikipedia.org/wiki/Join_(SQL)