PFMaBiSmAd

& is a special character and cannot be used in a database, table, or column name unless you enclose the database, table, or column name in back-ticks ``

^^^ Just as well, because without your actual code that was producing the symptom, no one could have helped you with the problem anyway.

The following modified editinplace.js successfully sends the data using the post method - // JavaScript Document <!-- //script by http://www.yvoschaap.com //XMLHttpRequest class function function datosServidor() { }; datosServidor.prototype.iniciar = function() { try { // Mozilla / Safari this._xh = new XMLHttpRequest(); } catch (e) { // Explorer var _ieModelos = new Array( 'MSXML2.XMLHTTP.5.0', 'MSXML2.XMLHTTP.4.0', 'MSXML2.XMLHTTP.3.0', 'MSXML2.XMLHTTP', 'Microsoft.XMLHTTP' ); var success = false; for (var i=0;i < _ieModelos.length && !success; i++) { try { this._xh = new ActiveXObject(_ieModelos[i]); success = true; } catch (e) { } } if ( !success ) { return false; } return true; } } datosServidor.prototype.ocupado = function() { estadoActual = this._xh.readyState; return (estadoActual && (estadoActual < 4)); } datosServidor.prototype.procesa = function() { if (this._xh.readyState == 4 && this._xh.status == 200) { this.procesado = true; } } datosServidor.prototype.enviar = function(urlget,datos) { if (!this._xh) { this.iniciar(); } if (!this.ocupado()) { this._xh.open("POST",urlget,false); this._xh.setRequestHeader("Content-type", "application/x-www-form-urlencoded") this._xh.send(datos); if (this._xh.readyState == 4 && this._xh.status == 200) { return this._xh.responseText; } } return false; } var urlBase = "editText.php"; var formVars = ""; var changing = false; function fieldEnter(campo,evt,idfld) { evt = (evt) ? evt : window.event; if (evt.keyCode == 13 && campo.value!="") { elem = document.getElementById( idfld ); remotos = new datosServidor; nt = remotos.enviar(urlBase,"fieldname=" +encodeURI(elem.id)+ "&content="+encodeURI(campo.value)+"&"+formVars); //remove glow noLight(elem); elem.innerHTML = nt; changing = false; return false; } else { return true; } } function fieldBlur(campo,idfld) { if (campo.value!="") { elem = document.getElementById( idfld ); remotos = new datosServidor; nt = remotos.enviar(urlBase,"fieldname=" +escape(elem.id)+ "&content="+escape(campo.value)+"&"+formVars); elem.innerHTML = nt; changing = false; return false; } } //edit field created function editBox(actual) { //alert(actual.nodeName+' '+changing); if(!changing){ width = widthEl(actual.id) + 20; height =heightEl(actual.id) + 2; str = actual.innerHTML; actual.innerHTML = str.replace(/<br>/gi, ""); actual.innerHTML = "<textarea name=\"textarea\" id=\""+ actual.id +"_field\" style=\"width: "+width+"px; height: "+height+"px;\" onfocus=\"highLight(this);\" onblur=\"noLight(this); return fieldBlur(this,'" + actual.id + "');\">" + actual.innerHTML + "</textarea>"; changing = true; } actual.firstChild.focus(); } //find all span tags with class editText and id as fieldname parsed to update script. add onclick function function editbox_init(){ if (!document.getElementsByTagName){ return; } var spans = document.getElementsByTagName("span"); // loop through all span tags for (var i=0; i<spans.length; i++){ var spn = spans[i]; if (((' '+spn.className+' ').indexOf("editText") != -1) && (spn.id)) { spn.onclick = function () { editBox(this); } spn.style.cursor = "pointer"; spn.title = "Click to edit!"; } } } //crossbrowser load function function addEvent(elm, evType, fn, useCapture) { if (elm.addEventListener){ elm.addEventListener(evType, fn, useCapture); return true; } else if (elm.attachEvent){ var r = elm.attachEvent("on"+evType, fn); return r; } else { alert("Please upgrade your browser to use full functionality on this page"); } } //get width of text element function widthEl(span){ if (document.layers){ w=document.layers[span].clip.width; } else if (document.all && !document.getElementById){ w=document.all[span].offsetWidth; } else if(document.getElementById){ w=document.getElementById(span).offsetWidth; } return w; } //get height of text element function heightEl(span){ if (document.layers){ h=document.layers[span].clip.height; } else if (document.all && !document.getElementById){ h=document.all[span].offsetHeight; } else if(document.getElementById){ h=document.getElementById(span).offsetHeight; } return h; } function highLight(span){ //span.parentNode.style.border = "2px solid #D1FDCD"; //span.parentNode.style.padding = "0"; span.style.border = "1px solid #54CE43"; } function noLight(span){ //span.parentNode.style.border = "0px"; //span.parentNode.style.padding = "2px"; span.style.border = "0px"; } //sets post/get vars for update function setVarsForm(vars){ formVars = vars; } function showhide() { if (document.getElementById('hide').style.display == 'none') document.getElementById('hide').style.display = "block"; else document.getElementById('hide').style.display = "none"; } addEvent(window, "load", editbox_init); --> You should also develop your code with error_reporting set to E_ALL and display_errors set to on. There are a number of statements that need to use isset to avoid producing undefined index messages.

Both browsers and web servers have limits on the length of a URL that you can use. It would appear that your .js file is using the GET method to submit data. You should use the POST method when submitting more than about 2k worth of data in a URL.

See this post - http://www.phpfreaks.com/forums/index.php?topic=328053.msg1544137#msg1544137

LOL, datediff() was added to mysql 4.1.1 in 2004 and MySQL 4.1 Extended Support ended on December 31, 2009. Time to upgrade your mysql version.

Check your spelling, Capitalization (yes it matters on operating systems that are case-sensitive), and for any white-space/non-printing characters that might be at the start of end of the table name.

You should not simply keep a count of the items in your inventory. You should set this up as a balance account, where you insert a separate row for each addition/subtraction. When you receive stock, you insert a row with the item id, the quantity, date received, and your purchase order number. When someone purchases an item, you insert a row with the item id, the quantity (as a negative number), date ordered, and the order number (which ties the information back to who ordered it and what the status is of each item.) To get the current balance or any or all items, you simply group by the item id and do a SUM() of the quantity column. To expand on the above, if someone selects a quantity of an item you can insert a row for them for that item and the quantity, but have a status column that indicates the order is pending and the quantity is 'allocated' against a possible order. If they adjust the quantity in their row or remove that item, you just need to alter their row for that item. When they place the order, you change the status to 'ordered'. If they don't complete the order, you can remove their rows after a time.

Setting a cookie with a simple value in it is not secure (anyone can put that value in a cookie and become logged in as an administrator to your site.) Also, you are not using the GET method in your form, so $_GET["password"] won't ever be set (don't blindly copy code that someone posts.) There are literally 100's of thousands of php log in scripts posted all over the Internet that you can find and examine to see how you can create you own code.

A) You might (untested) be able to use the HTML <base> Tag. B) You can use a configuration constant/variable/replaceable parameter in each link that gets the actual value of the http://domain.com/path at runtime or do a string replace/preg_replace at runtime to put in the actual value. C) You can put in the http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'] before every link

Your echo statement is inside your while(){} loop. It should be after the end of your loop.

Phone numbers are not integers. They are formatted strings consisting of numeric characters and other (optional) separator and formatting characters.

I'm pretty sure there are very few written languages and zero programming languages that use a trailing - sign on negative numbers. You need to store your numbers with a leading negative sign, i.e. -40.0

A) Please start your own thread for your problem, B) The error means what it says, what ever variable you are using in the $result->fetch_assoc() statement isn't an object because your query failed and returned a false value instead of a result object or you overwrote the variable somewhere else in your code.

For that error, you would probably want to troubleshoot why you are calling the set_value() method with an empty first parameter. Since you haven't posted enough of your code for anyone to reproduce this problem, it's kind of hard for us to help you.

I'm guessing that some of your NOTICE error messages were probably pointing to that line of code. Code should not normally produce any errors, warnings, or notice messages and you should always look to find what is causing each one and fix the problem.

The following line in your set_value() method is missing the $ in front of the what and never was working as posted - $this -> what = addslashes($value);

Without the full code that reproduces the problem, no one can directly help you. This could as likely be a problem with your form as with the parts of the php code you have posted (the 'full' class you posted wasn't the whole class and obviously isn't all the code involved in the problem.) You are asking someone who is not standing right beside you to tell you what your code is doing, without having that code. If you were to echo the query and post what it actually is, that would help.

Exactly what symptom or error are you getting that leads you to believe that the code you have been posting is where the problem is? It is more likely you have a database table or connection problem that is preventing the update query from working.

It's likely that you are redirecting back to a URLs on your site that has or doesn't have a www. (the hostname/subdomain) as part of the URL and it doesn't match the hostname/subdomain on the URL where you started the session and in the browser(s) where this does work, you probably have a matching session due to the URL where you started the session matching the URL you are redirecting back to. Are you consistently using URL's all with or all without the www. and what is your session.cookie_domain setting?

Your web host has register_globals turned on. If none of your existing scripts are dependent on this feature (overwriting session and program variables from same named post/get/cookie variables), then you should turn register_globals off ASAP because this is a security hole (being able to set session variables to anything you want) and a lot of web sites have been taken over. If php is running as a CGI application on your web server, you should be able to turn this setting of in a local php.ini. If php is running as an Apache Module on your web server, you should be able to turn this setting off in a .htaccess file. FYI: register_globals were turned off by default over 9 years ago in April of 2002.

You would need to specify a name="..." attribute in your <textarea > tag.

A lot of people don't put exit; statements after header() redirects in their login check code and bot scripts can access the 'protected' pages the same as if the security check code isn't even present.

The only thing a header() statement does is send a raw http header to the browser - If you want your php code to stop executing, you must put an exit; statement after the header() statement.

Is this file you are reading really a remote file on someone else's server or it is a local file on your server that you should be reading through the file system?