PFMaBiSmAd

If your form dynamically produced fields that look like this - <form method='post' action='some_page.php'> <input type='text' name='task[1]'><br /> <input type='text' name='task[1:1]'><br /> <input type='text' name='task[1:2]'><br /> <input type='submit'> </form> Your php code to iterate over that data would look like this - <?php echo '<pre>',print_r($_POST,true),'</pre>'; // display the data for demonstration purposes foreach($_POST['task'] as $key => $value){ $parts = explode(':',$key); if(count($parts) == 1){ // no ':' was in the $key, primary task, $parts[0] is the task number echo "Primary Task, Number: $parts[0], Value: $value<br />"; } else { // a ':' was in the $key, subtask, $parts[0] contains the primary task number and $parts[1] contains the subtask number // if you have sub-sub-tasks..., those numbers would be in $parts[2], $parts[3], ... echo "Subtask, Primary: $parts[0], Subtask Number: $parts[1], Value: $value<br />"; } } ?>

The array index (you can use name="foo[key]") can be used to convey the names/values.

<?php echo md5('your_actual_password_inbetween_these_single_quotes'); // echo the md5 value of some password ?>

LOL, because each folder has a . and .. entry, you will get a TRUE from the is_dir(), no matter where your script is executed at. The only way your script would give you TRUE values from is_dir() for specific folders within the images folder, is if the script is executed from inside the images folder. You would need to build either a relative or absolute path in the if(){} statement - if (is_dir ($path/$content)) {

Thorp's suggestion to use array names for the dynamically produced form fields had to do with a method that would allow the "what to do after that" to be a simple matter of looping through the resulting array(s) after they are posted. Dynamically creating a series of uniquely named form fields is shooting yourself in the foot because of the extra processing you must do to find and parse the field names and values (and it also takes more code to keep track of the names while you dynamically produce the fields.) To use an array(s), all you need to do to create another dynamic field is to add an identical array element ( name="foo[]" ) and then you simply use a foreach() loop(s) in the php code to access each element of the array(s.)

And since the output is occurring before the <?php tag, using any of the output buffering statements in the code would have no affect on the problem anyway.

You would test if the password field is empty, not if the md5 of the password is empty. In fact, you should only get the md5() of the password right before you place it into the query.

mysql_error also needs the $this->conn so that it returns errors from the correct connection.

So, the code you just posted above is what is in the memberspage.php file? What about the password and two md5 values? Most of what I suggested as a possible cause of the symptom is based on which md5 value is the correct one that corresponds to the password and if the incorrect md5 value corresponds to an empty password value. Without this specific information that you saw in front of you when you were troubleshooting the problem, this thread will just go on and on and on...

Perhaps if you posted what the actual password is, what the md5 value in the database table is, and what the md5 value is when you echo it in the log in code, someone could pin down what is going on. That would allow someone to determine which md5 value is actually correct and what is causing the wrong one (such as an empty $_POST variable.) I suspect the reason that the echoed md5 value from the log in code is different from the value in the database table is actually due to your log in code being requested without any $_POST data (it's not checking if a form was submitted at all or validating the data in any way before using it.) What got me thinking of this is something that Andy11548 posted - What if the log in code IS 'working' and is including the memberspage.php code, but something in that code is causing the page to be requested again without any post data. That would cause the log in form to be redisplayed and the md5 value that is being echoed would be what corresponds to an empty password.

By putting a local php.ini on the server, you are likely causing all the other php settings to take on their default values (the default error_reporting is E_ALL & ~E_NOTICE and display_errors is 1.) You can confirm this by using a .php script with a phpinfo(); statement in it and see what the settings are with and without the local php.ini file being present. Turning on the display_errors setting is causing the two warnings that were always present in your code to be displayed. You should probably find and fix the reason for each of those errors. You should also set display_errors to a 0 in the local php.ini so that php errors are not displayed as the error messages can help a hacker find information that would help him break into your site.

The $qry variable in your code is the TRUE/FALSE value from the first mysql_query() statement and since that is your UPDATE query that actually works, it is a TRUE or 1. You are putting $qry into a second mysql_query() statement as through it was a SQL statement, but it is not, so of course you are getting a failure message. Why do you have two mysql_query() statements in there?

If $_SESSION[50] actually contains an array, your code would do what you expect. What's your actual code that reproduces the problem? What does the following show for the $_SESSION array - echo '<pre>',print_r($_SESSION,true),'</pre>';

Sorry to be blunt, but the 'fixed' code that Andrew777 posted isn't even executing the query (there's no mysql_query() statement in it.) It also isn't even doing anything that is relevant to your question of retrieving the id and storing it in a session variable and If you had been learning the meaning of each of the fundamental php statements that you have been trying to use in this thread (you don't have to learn every php statement, just the ones you are trying to use) and actually reading the code in front of you, you would have recognized this. The method you are currently trying to use to - "Hi, I am trying to do this", is going to take you several hundred times longer, as already demonstrated by the length of this thread, to produce any code that even comes close to working, then if you had actually gotten a basic php/mysql book and read it to pick up the fundamentals. Programming involves defining what you are trying to accomplish, then breaking that statement down into the steps necessary to accomplish that task, then writing and testing the code that performs each of those steps. Here is your statement of what you are trying to accomplish - When the user logs in to my site, I want to put their id from the users table into the session. Do you have code that is logging the user into your site, because typical code to do that attempts to SELECT the matching row from the user table and all that you need to do to accomplish your stated goal is to retrieve the id from that row and store it into a specifically named $_SESSION variable, provided you have a session_start() statement before outputting any characters on the page.

What does your postErrorCheck() function code do and should it return an array element for each form field?

Edit: Basically says the same as above (I even had, but removed, mentioning that the information about the db md5 value vs the echoed md5 log in value, that we are basing this discussion on, is information from the OP.) What is this IT that would be automatically doing that? Computers only do exactly what their code tells them to do and your log in script only redisplays the login form when the username/password combination is not found in the database table. Except for the "Bad Login" message, which your log in form apparently doesn't use, there is no code in your script to echo anything when the log in is not successful.

IMO, most of the php tutorials posted around the Internet are dated and should either be removed or brought up to current php coding standards. There are a number of things that php put into the language in the early days that have proven to have been poor choices for a programming language and most of these things have been depreciated, turned off by default (in some cases, over 9 years ago), and soon to be removed from the language. Also, tutorials are meant to teach you in general how to do some task (i.e. a tutorial is part of the learning process) so that you can write the code yourself for that task that meets the needs of your application, it is not meant to be THE FINAL code you use in your application.

I suggest that you review the replies in this thread. You are apparently missing seeing some of them. The last post by Pikachu2000 (reply #37) sums up the current problem as I understand it (the md5() value you echoed of the password you entered to log in doesn't match the md5() value stored in the database table from the registration process?) All indications are that the md5 value stored in the table is incorrect and needs to be re-done (for all I know it is from a different password that you used in earlier testing.)

The code he posted has nothing to do with how your script works and in fact the second code doesn't work because you cannot echo anything before a header() statement (well you can, but either it will cause a header error or it will not be seen because it gets discarded when the output buffer gets discarded, assuming that output buffering is on.)

I think what session_register() does internally is dependent on the state of register_globals. The php.net documentation states that session_register() doesn't work when register_globals are off, but I tested not too long ago and with register_globals OFF, it registers the php variable you supply as the argument as the value that gets saved to the session data file, ignoring the actual $_SESSION variable you set in the script that has the same name. It's also possible that by creating a local php.ini with only the register_globals setting in it that all the other php.ini settings took on their default values.

Do all the numbers start with the # and will there only be one # in each string?

From the php.net OOP documentation -

If you define your column as DECIMAL(30,3) before you insert the data, the mysql part of this will work.

Your first step is to forget that you ever saw the php global keyword, in procedural code or OOP. Don't use global. That's not how you reference a class property/variable inside a class method. You use the $this->class_property syntax. Here's the first example from the php.net OOP documentation - <?php class SimpleClass { // property declaration public $var = 'a default value'; // method declaration public function displayVar() { echo $this->var; } } ?>

Your original while() logic test is wrong and will cause the loop to be execuited once when there are zero rows and mysql_fetch_object($resultCount) will return a false value, not an object. Actually, in looking at your logic, you need to redo all of that. If you are trying to determine if a username is already in use or not, you don't query for all the rows in the table and loop through all of them. You use a WHERE clause in your query to try and find if the entered username exists. You then simply test what mysql_num_rows returns to decide if the user name exists or not using one if(){}else{} statement, no loop. Edit: Your code also needs to test if your form was submitted at all (prevents your code from executing when a search engine indexes your site or someone requests the URL of your form processing page.) Edit2: If some tutorial had that code as part of it, find a different tutorial.