PFMaBiSmAd

Have you restarted the web server to get the changes made to the php.ini to take effect?

You need a PHPIniDir statement in your httpd.conf file, something like - PHPIniDir "C:/php"

What does a phpinfo(); statement show for the Loaded Configuration File? That is the php.ini that is being used by php.

And the two values you do want to put into the query don't have a comma in between them.

You didn't post a link to the author's site, but if the script is this - http://www.68classifieds.com/pricing/ it's a purchased script, it's also likely encrypted, it comes with support, and there's not likely anything anyone here can do for you. If that script is building an UPDATE query that doesn't properly make the SET x=y in it, you should take the issue up with the author of the script.

Tracking down the code that is producing the query doesn't actually have much to do with programming. It's kind of like trying to find your car in the mall parking lot. You just keep looking for cars that are the same make, model, and color of your car until you find the right one that your key works in. You must use a programming editor (most have a search in file(s) option) to globally search through your files looking for calls to that query() function with a query that has the parts that were printed in the error message until you find the correct code. Is this an open-source third-party script that you could share a link to the author's site (and a version number.) Perhaps someone could find the offending code for you.

What makes you think that?

You should not be learning php, developing php code, or debugging php code on a live server. You waste a ton of time, both in constantly uploading changes just to see one result and in problems like the error_reporting/display_errors settings. You likely introduced a fatal parse error and you would need to set the error_reporting/display_errors settings in a local php.ini (when php is running as a CGI) or in a .htaccess file (when php is running as an Apache module.) You could post your current code so someone could determine what was wrong with it. You would be better off doing this on a local development system.

The HTML output that you posted works (produces the expected URL.) A few possibility exist that you would need to check out - 1) You are doing some URL rewriting and the GET parameters on the end of the URL are not being passed through, 2) The page that is the target of the URL is redirecting either back to itself or to another page and it is not passing the GET parameters on the end of the URL.

The DOUBLE data type requires a conversion into/out-of binary which introduces errors because some fractional values cannot be represented exactly in binary. You should use the DECIMAL data type, which are stored as BCD values, exactly as entered -

If that's the whole line of code, you are not assigning the result to anything, so it is lost. Posting your actual code that exhibits the problem and showing a data value that does not work would certainly help someone help you.

Sorry to be picky, but translate into what? French, German, C, Javascript, Forth, Klingon, ...?

Edit: Basically what they said ^^^ Could you clarify by providing an example of what you mean by 'add all the 4 subject together'? What you posted could mean any of - 1) Add all the same name field values together, 2) Concatenate all the same name field content together, 3) Add up the 'subject1', 'subject2', 'subject3', and 'subject4' field values for each row or for all the rows, 4) Concatenate the 'subject1', 'subject2', 'subject3', and 'subject4' field content for each row or for all the rows. Also, how does your title 'getting a variable from rows' relate to your question?

In general, you should only set error_reporting/display_errors/log_errors globally, either in your master php.ini (when you have access to it, such as on your development system), in a local php.ini (when php is running as a CGI), or in a .htaccess file (when php is running as an Apache module.) Setting them to OFF in your code generally means you hiding errors rather than fixing them and it will come back and bite you at some point in time.

This has already been answered many times before - http://www.phpfreaks.com/forums/index.php/topic,306198.msg1447499.html#msg1447499

A) Not bothering to tell someone that this is the SMF database abstraction layer and as such it is not directly a mysql question, B) Not bothering to post the actual syntax error, because that would help someone directly help you. C) Thinking that just because a syntax error is reported at that point in the query that it could not have actually been caused by something before that point.

So, what values did you set error_reporting and display_errors to?

The error message means that your query failed due to an error. Echo mysql_error(); on the next line after the line with your mysql_query() statement to find out why the query failed.

I've got a question related to that. If the current time is after your last entry for the week, do you want that to wrap around and match the first entry?

If space characters are not to be permitted at the start of the data, the end of the data, or as the whole data, the easiest method would be to use trim on the data.

Since the content you posted is apparently being built in a string, which you are either assigning to a variable to be echoed later or directly echoing, you don't put an echo statement inside of it. You must also supply a value after the : '<input type="radio" name="position" value="1" '.(get_option("shPosition") == 1 ? "checked" : '') .' /> Top <input type="radio" name="position" value="0" '.(get_option("shPosition") == 0 ? "checked" : '').' /> Bottom'

That's pretty wild because in the thread where that code was first posted for you it had a variable for each value in the query.

You should probably echo the $query variable so that you can see exactly what is in it.

You have also got an existing thread on this forum for this same problem where this was already answered - http://www.phpfreaks.com/forums/index.php/topic,307611.0.html

Actually this would be referred to as remote code execution/inclusion or arbitrary code execution. Getting remote code to be included and executed on your server. This remote code would typically be just the first step and it would place a complete management script onto your server that is then used to do anything the hacker wants. XSS (cross site scripting) generally refers to getting some client-side javascript code to either be posted on your site or in a link that is made to your site so that when the client-side code is executed in the visitor's browser, it sends information that is specific to your site to the hacker, such as session id cookies. There are at least three different ways that a script can check if it has been browsed to directly or if it was included - 1) The main script sets a variable that the included code tests. Unfortunately, if register_globals are ON, this can be bypassed/faked out. Register_globals was really a huge blunder. 2) The main script defines a constant that the included code tests. This cannot be faked. 3) The included code tests if the requested filename (the file in the http request) is the same as the included file name. If the included file is directly requested, the requested filename will be the same as the included filename. There are at least two useful ways to prevent http requests directly to included files. If either of these options are available and/or the exact method of setting them up is specific to how the web host has setup the server, what type of web server, and how php is installed on the web server - 1) Place the files into a folder that is outside of your document_root folder (i.e. closer to the disk root). 2) Place the files into a folder that you have prevented http requests in. For Apache web servers you would put a .haccess file in the folder that denies all http requests.