PFMaBiSmAd

What makes you think that anyone can see the URL in your .php files?

You are referencing some sort of an array variable using an associative index name of firstname and it does not exist. You would need to determine why it does not exist and if it is normal that your code is executed when it might not exist, you should use the isset() function to test if the variable exists before referencing it.

Edit: Basically says the same as above ^^^^ I'm going to take a wild guess here. Do you want to add an ORDER BY to the `objecten` table because you want the records ordered by the objectName column that is in that table? If so, your query would be - $selectObjects = "SELECT * FROM `objecten` ORDER BY objectName"; We only see the information that you supply in your posts. When you post code that contains a php variable $item['objectName'] somewhere in it, we have to assume that IS what you wanted to put into the code for some reason that you have, especially if you don't state what it is you are trying to accomplish. It is always best to state what it is you are trying to accomplish, not just that something you are showing us does not work.

A) You should always post actual code that exhibits the stated symptom so that someone can actually help you (there's no reason to be typing code unless it is in a reply trying to help someone.) B) The symptom you are experiencing is that of a session_start() not working (or not even present) and the $_SESSION variable is a plain program variable and not the actual session array. Are you doing this on a system with error_reporting set to E_ALL and display_errors set to ON so that all the php errors would be reported and displayed to help you find out why it is not working as expected? C) Using global on one of the actual super-global arrays actually causes a new variable by that name to be created inside of the function/class and it is NOT a copy of the actual super-global and does not have the values of the super-global array. D) Don't use global any way as it breaks the black-box nature of functions/classes so that they cannot be reused without keeping track of the main program variables that are hard coded into them. E) "and thus such values should be passed as parameters" Yes, that's the way you should always write functions/classes.

You will find that in almost every case, using an array will result in simpler code. It will be faster too, because setting or referencing a variable using a variable variable is three times slower than using an array variable directly.

Doesn't that output suggest to you that $item['objectName'] is empty or does not exist at all? kickstart already asked what is the value of $item['objectName']? What code is setting it or where is it coming from?

deg2rad

Doing this for any particular existing application is not a trivial task. Your first step would be to examine the code and database tables for all your applications and learn exactly what method and data is being used to register a visitor and what method and data is being used to log visitors in and keep them logged in (and any related tasks like displaying visitors on line, log out...) Then you would be able to plan the cleanest universal solution that requires the minimum of modification to the code of the applications.

Storing fixed/static values in cookies for login purposes is not secure. Once someone gets a hold of those values, the can send those to your server and appear to be the actual person they belong to as long as they remain the same fixed/static values. You should generate a unique id (see: uniqid) per visitor and save it in the cookie and in their row in your user table. The cookie will only identify the visitor. Its existence alone won't cause that visitor to be logged in. You would then only store a value on the server that determines if the matching visitor is logged in or not.

$query2 = "SELECT brands.brand, brands.partid, bullets.bullid, bullets.bullettext, bullets.buorder, count(bullets.partid) as bucnt, bullets.partid as bupartid FROM brands JOIN bullets ON (brands.partid=bullets.partid) WHERE (brands.partid=".$partid.") AND (brands.brand<>'".$brand."') GROUP BY brand HAVING bucnt > 0 ORDER BY brand, partid"; There's no need for all the quotes and concatenation nonsense. You can write a multi-line query.

The user entered email address should be put into a Reply-to: header. The From: address should be a valid email hosted at the sending mail server (even if you are sending it to yourself.)

The most common reason why the mail() function would randomly not send emails would be if you are putting a user entered email address in as the From: email address and relaying restrictions on the sending mail server is preventing it from being sent or domain/server checking on the receiving mail server is preventing its reception. The second most common reason would be if content on a line exceeds 70 characters and/or does not contain proper newline characters. Both of these problems can (sometimes mail servers are setup to NOT provide error feedback) result in php notice/warning errors. Is error_reporting set to E_ALL and log_errors set to ON so that all php detected errors would be logged so that you would be getting information about any problems that php detects? You could also log all relevant information for each form submission so that you have a record of what is occurring. See the error_log function.

Since one of the benefits of using prepared statements is that string data will be escaped for you, you should remove the addslashes() function call from the code.

Your code works for me, therefore there must be something going on with it on your server. And since you actually have some error checking and reporting logic for the connection, you most likely have a problem with your table or your columns or perhaps the mysqli extension is not enabled. Are you developing and debugging your code on a system with error_reporting set to E_ALL and display_errors set to ON so that all the php errors would be reported and displayed? $stmt->execute(); will return a FALSE value if the query fails due to an error and you can use $stmt->error to find out why it failed.

Your "to this" code isn't using the correct variable name in the mysql_query(...) statement.

Your are mixing mysql and mysqli statements. You cannot do that. Stick to one family of instructions for any connection that you make. If you were doing this on a system with error_reporting set to E_ALL and display_errors set to ON, you would have gotten errors alerting you to the fact that your connection was not compatible with the query statement.

http://www.php.net/manual/en/language.types.string.php

Nothing that php put into the language, like the magic_quotes, that were intended to be aids, have actually ever saved more in typing time then they have cost in troubleshooting time. When you get right down to it, a programming language should be just that, a programming language. The core language should not do extras that the programmer should be doing himself, when and where he needs them to be done.

Php previously attempted to escape extrnal data for you thinking that they would - Unfortunately, what they did didn't work in all cases and didn't help at all for those people who weren't even going to use the data in a database.

ONLY if you are using prepared statements, which the code you have posted is NOT doing.

That's not working ok. It should take at most a few seconds to a few 10's of seconds. It sounds like you have php code retrieving and looping through all the rows from one or more tables, with queries being executed inside of loops... inside of loops. You also probably have memory management and table indexing issues. It would take seeing the code responsible for the symptoms, an example of the data being processed, a statement of how much total data is being processed, and the definition of the tables involved to directly help.

You might want to work on defining what it is you want to do at each step. You are currently displaying everything that your first form matches in one single form to all be submitted at once. You might want to either output each activity as its' own form so that only one set of data gets submitted or if you want to be able to submit multiple sets of data, add a check-box form element to each set of data that you click. Your form processing code would then check if the check-boxes are set and only process the sets of data for checked boxes.

This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=310127.0

Then just write code to do that. You could build the LIKE '....' term dynamically with the entered values and wildcard characters in any positions you want.

Since this word in stored in a database, you would generally want to do this in a query and check if the query matched any row(s) - $first, $fourth, and $last php variables hold the entered characters. The underscore _ wildcard character ignores the 2nd, 3rd, 5th, 6th, and 7th positions - $query = "SELECT COUNT(*) FROM your_table WHERE your_column LIKE '$first__$fourth___$last' AND another_condition_that_identifies_the_specific_word_you_want_to_check"