PFMaBiSmAd

A) Why on earth did you use multiple tables instead of putting all the items into one table? Using multiple tables to hold data that only differs in the type of item/category creates a data management nightmare (see item B) below.) B) The only way you can do this in a single query is to dynamically form (php code) a UNION query using all the different tables (you will need to use a SHOW TABLES query first to get a list of all of the tables) OR you will need to execute a query for each table. Both of these things result in poor performance and take more code to accomplish (you do want to write and debug more php code?) I recommend that you combing all the data into a single table, using a 'category' column to distinguish what type of data it is.

You didn't state exactly at what point you get the 405 Method Not Allowed error, but if it is at the point where you submit your form, it is likely that the action="..." attribute of your form is invalid and if it is being produced by php code, then that php code would be where the problem is at.

Is your administration login check actually secure? Assuming you are using a header() redirect if someone is not logged in, do you have an exit; statement after the header() statement to prevent access to the remainder of the code on the 'protected' pages? Also, are you using URLs like - ?page=some_page and then including a file named some_page.php and allow_url_fopen and allow_url_include are ON so that someone is including remote raw php code and executing it on your server OR you are not validating what some_page is and someone on a normal visitor page can specify that an administration page be included so that the administration content runs at the level of a normal visitor?

What's your actual code in image.php, because so far you are not setting the $sku variable to anything and your query won't match anything.

You have an extra comma right before the FROM or you intended on selecting another column name but forgot to list it.

What happed to the script you were just using in your last thread about this with your picscript.php script that was doing exactly what BlueSkyIS just posted that you need to do?

^^^ You can just try what the code does and see if works as expected. <?php // populate/get your $states array anyway you want $states = array(); $states[] = 'AK'; $states[] = 'AL'; $states[] = 'AR'; $states[] = 'AZ'; $states[] = 'CA'; $states[] = 'CO'; $states[] = 'CT'; $states[] = 'DC'; $row['pri_add4'] = 'CO'; // a test value $pri_add4 = ''; // the option list foreach($states as $state){ $selected = ($row['pri_add4'] == $state) ? ' selected="selected"' : ''; $pri_add4 .= "<option value='$state'$selected>$state</option>\n"; } // dummy form echo "<form>\n"; echo "<select>\n"; echo $pri_add4; // output the option list echo "</select>\n"; echo "</form>\n"; ?>

You would make an array of the values (AK, AL,...) so that you can iterate over the array to build the <option> elements and you would simply test if the current value is in $row['pri_add4'] in order to output the selected="selected" at the correct time. Give me a few minutes to post some code...

^^^ What makes you think that? If php can create the session data files in that folder, you can use php to remove the session data files in that folder (that are owned by the same user that your web server/php is running under.) And as someone already mentioned, why are you still using php4? It's dead and gone.

Delete/unlink the file yourself. You have the session id and can make the filename from that.

^^^ You are not using a URL (unless you altered the code you posted to hide what you are really doing), so that setting has noting to do with the problem.

There is no php.ini setting that controls file_put_contents. What php errors do you get that would be telling you why the statement is failing? Since you are redirecting on the page, if output buffering is on, you won't see any php generated errors anyway. I recommend commenting out the header() redirect until you get the code on the page to work.

What database class are you using or what is the actual code for the lastInsertId() method?

I haven't seen a statement of what the problem is? Posting an image of something is kind of pointless (especially if the full size image doesn't load) without a statement of what is wrong in that image. Something might look wrong to you, but looks perfectly fine to everyone else because they don't know what the image is supposed to look like.

@php-real-degree, Until garbage collection removes the old session data file, someone that has the old session id can visit a site and appear to be the actual visitor that had that session data file before the id was regenerated (assuming that the script is not doing anything to tie the session id to the actual visitor.)

The end of life of php4 was over 4 years ago. No one should still be using php4 at this point in time in the year 2011.

A) I recommend that you read the session handling section of the php documentation - http://www.php.net/manual/en/book.session.php B) I also recommend that you create a set of test scripts to get this working on your server so that you will see what is involved. C) If the session data files cannot be accessed by all the web sites due to permissions and ownership, you will need to find or write a custom session save handler that stores the session data in a database that can be accessed by all the web sites. After you complete A, B, and C above, you will have the background needed to implement this in the actual scripts on your site. If you don't fully understand everything in the steps above, you are going to need to hire a programmer to do this for you. And, you do realize that passing the session id on the end of the URL creates several security risks.

If the code you did post is inside of a loop, it won't work, no matter what logic you use, because the code inside the loop is not executed when there are zero rows in the result set. You must test before the start of the loop if there are rows or not and print your "You have no messages ..." if there are no rows and execute the loop if there are rows.

You are going to need to rewrite all your php scripts to pass the session id on the end of the URL, because php will only add the session id on relative URLs (i.e. URLs within a single domain.) Php won't even put the session id onto the end of an absolute url within a single domain.

You would be much better off duplicating/replicating the log in data between the two sites. By default the session id is propagated between pages using a cookie and ALL cookies are domain specific. Also, the session data file is owned by the user/account that the web server runs under. So, to make this work between different domains, you must both pass the session id between the pages as a parameter on the end of the URL and you must make the session data available to both web sites (usually by storing it in a database that both web sites can access.)

The only way to prevent your javascript file from being viewed is to not post it on the Internet. ANYTHING that is sent to the browser can be viewed.

You either have something else going on in your form, such as nested form tags, which is invalid, or the move.php page you are submitting to is redirecting back to the form with that unexpected URL. You would need to post enough working code that produces/reproduces the symptom. Just the small part you did post doesn't reproduce the problem.

Because of the multiple problems in the picscript.php code, I recommend temporarily commenting out the header() statement and browsing directly to the picscript.php file. This will show you the actual output, including any php detected errors. You also need to use E_ALL for your error reporting setting (by using & ~E_NOTICE you are hiding notice messages, which can also hide problems in your code that is preventing it from working.)

Actually, upon further review, you don't have a session_start() statement in picscript.php, so $_SESSION['id'] won't exist and your query won't match anything.

What does a phpinfo() statement show for the magic_quotes_runtime setting?