PFMaBiSmAd

http://dev.mysql.com/doc/refman/5.5/en/union.html

Nope. OR is a logical operator. It takes the boolean values on each side and or's them together. In your first query, `sbody` LIKE '%Survivor%' produces a true or false result that the OR operator uses with the other true/false results to determine if the WHERE clause is true. When you use `sbody` OR `stitle`, the value in `sbody` is treated as boolean true or false OR'ed with the value in `stitle` treated as a boolean true or false value. The resulting true or false value is then tested to see if it matches the LIKE '%Survivor%' term.

The code on your page is doing something when $content contains either the specific content in that variable or contains some amount of content in that variable. Set $row['post_message'] to some short test string, right before the set of $content .= "..."; statements, to see if the length or the actual content in it changes the symptom. Frankly, this is one of those problems, i.e. a whole page that doesn't work, that we could probably solve easily if we had all the code needed to reproduce the problem, since the suggestions to try would be specific to what the code is doing and not just guesses. What does a phpinfo(); statement show for the error_reporting, display_errors, and output_buffering settings? BTW - having output_buffering on in the php.ini or using it in your code can hide php error messages.

Any chance that the content in $row['post_message'] contains some javascrpt that causes the page to redirect to itself w/o some needed value in the URL or a different URL so that you get a blank page for the new http request? What does - echo htmlentities($row['post_message']); show?

For the delete category example, assuming you have created a link like this - <a href='adminprocessing.php?action=delete&id=1'>Delete</a> for each category, where the id value is the category_id, the code in the 'adminprocessing.php' page would look something like - <?php // perform any get actions for this page - $get_action = isset($_GET['action']) ? strtolower($_GET['action']) : ''; switch($get_action){ case 'delete': echo "Delete category with ID: {$_GET['id']}"; // show what choice and id value got submitted for demo purposes. // your code to validate the data goes here... // at this point, the value in $_GET['id'] has been filtered/trimmed and validated that it is a number, greater-than zero, and the category with that id exists (you wouldn't want to try and delete a category that doesn't exist.) delete_category($_GET['id']); // call the function to delete the category break; }

Those operations are administrative operations. You would make an administrative page that authenticates that the current visitor is logged in and is an administrator. You would most likely want to put all the necessary forms/links on one page. To add a category, you would want a form for entering the new category name with an 'add' submit button. When the 'add' form is submitted, after you check that the current visitor is logged in and is an administrator, the form processing code would detect that the 'add' form was submitted, validate the name that was submitted, and call the add_category() function with the new category name as a parameter. To edit an existing category name(s), you would want to display one or all at one time (your choice) of the existing name(s) with a form field next to each one to enter a new name. If you only want to deal with editing the name of one at a time, you would make an individual form for each one with an 'edit' submit button next to each name/new name field. If you want to allow mass editing of names, you would make one form with a single 'edit/update' submit button. The form processing code would be similar to that for the 'add' category. To delete a category name, you would place a delete link (with the category id as a get parameter) after the 'edit' submit button if you want to delete one at a time or if you want to allow mass deleting of names, you would have a check-box for each one with a single 'delete' submit button.

A) The example code you found is a bad one to pick to try and decide if you should use the global keyword (you should not). For the specific example code, now you have got to remember to never use the a variable named $sess_save_path in all the code you write for all the programmers working on your project, now and forever in the future, when new programmers come on board. The global keyword simply creates more work and problems. B) The parameters that those specific functions receive come from php when it calls those functions as part of the session handling. The definition of the parameters for each function is determined by the underlying C code. The specific save_path parameter being discussed has (likely) been processed by php to resolve things like the path (the system tmp folder for the current operating system, a php/user defined folder, or which folder in the optional random multiple-folder set.) The save_path parameter is something that php provides and that you need to use for any statement that accesses a session data file.

If your database username/password is the same for both databases and you are simply using two different database names, you don't need to make two different connections (the second one is actually just reusing the first connection.) You can either just call mysql_select_db when you need to switch database names or you can use the database name in your query. Instead of table_name in a query, you would use db_name.table_name

Nothing in your code is php version specific. However, using mysql_error(...) after a mysql_query() statement requires the same link resource as a paraemter that the mysql_query() statement used so that it will report any errors that occurred on the same connection that the query was executed on.

Assuming that you actually need to use a custom session save handler (most people don't), you would use a class so that the variables that are specific to those functions that must be shared between the functions can do so with out needing to jump through any hoops.

Echo out the $sql variable so that you can see exactly what is in it. However, your course# column name contains a character # that is not normally permitted in a column identifier and you likely need to enclose that column name in back-ticks ``

A numerical zero value is considered, by php and the empty() statement, to be empty.

Your source file probably has had the new-line characters changed to just LF (line-feed) and the browser you are using doesn't recognize those as new-lines. Make sure that the new-line character setting in your editor is set to either CR or CRLF and re-save your file with the new setting.

$isaresult is either a FALSE value (if there was no row for the mysql_fetch_xxxxx statement to fetch) or an array. You would need to test a specific element of the $isaresult array.

$html .= (isset($v['uri']) && $this->getVar($v['uri'])) ? urldecode($_GET[$v['uri']]) : NULL;

I'm going to guess that in your actual code, you are running another query inside of that loop and you are overwriting the $result variable so that when the loop condition is evaluated to start the second pass through the loop, $result no longer contains the result resource from the SELECT query.

If your page layout is that broken, it is more likely due to the html. Have you cleared your browser cache/forced the page to reload so that the latest version of the page is being displayed? You are also loading two different versions of the jquery library. If you must use two different versions, you must use jQuery.noConflict() after loading the first version. You are also loading the same version in two different places. I would make sure that the page you are seeing in your browser is the current page and make sure that the resultant page is valid HTML using http://validator.w3.org/

You forgot to tell us what exactly it did wrong, because we don't have the ability to run your code with your data. Knowing exactly what part of the page worked and what the code did wrong or didn't do at all is crucial to locating what the problem is. Also, you need an exit; statement after your header() redirect to prevent the remainder of the code on your 'protected' page from running. Without an exit; statement, all a hacker needs to do is ignore the header() redirect that you are sending to the browser and he can freely access the remainder of the content on your 'protected' pages.

You cannot write any code until you have broken down a problem into the individual steps necessary to solve that problem. For any particular action (adding a new entry to the guest book file), have you set down in front of an editor and thought about and made a list of steps you would do to accept the data from the form and save it into a text file stored on a computer? You would then write the code necessary to perform each of those individual steps. For example, one of the steps might be to open and read through the existing content of the text file. You would then make use of the Filesystem function section in the php documentation (or more likely your instructor has covered the instructions he expects you to use) to find what functions exist that allow you to open and read the content of a file.

You would form a multi-value insert query - INSERT INTO your_table (column_name) VALUES ('value1'),('value2'),('value3'),...,('valuen') You can form the value1'),('value2'),('value3'),...,('valuen by imploding the array with '),(' between each value.

The date() format string should be 'Y-m-d'

New-line characters are not rendered by the browser (they format the 'view source' of the page only.) See this function - nl2br

The double-quotes around that data from the first row of the result set implies that the extra double-quotes are actually stored in the data table with that particular piece of data and you should probably manually remove them by editing the table cell using your favorite database management tool (phpmyadmin or similar.)

What does the 'view source' of the page in your browser show?

The double-quotes that are inside of the string (those between the first and final double-quote) must be escaped OR you must instead use single-quotes inside the string. Use one or the other of the following - echo"<tr><td width=\"400px\"><img src=\"{$row['product_pic']}\" />{$row['product_title']}.<br />{$row['product_Description']}.<br />{$row['price']}</td></tr>"; echo"<tr><td width='400px'><img src='{$row['product_pic']}' />{$row['product_title']}.<br />{$row['product_Description']}.<br />{$row['price']}</td></tr>";