PFMaBiSmAd

Should be - $this->id no spaces around the ->

Given that the logic that is validating the contents of the form fields is at the end of your code and it is only being executed if the upload ['error'] element is a 4, what do you expect? You send the email after only checking if the form data exists and the upload worked, not after you have validated all of the data. Computers only do exactly what their code tells them to do. You would need to put all the validation logic first, then only process the information if there are no validation errors. I recommend using an array to hold the validation errors and to set an element for each validation error, then you can simply test if the array is empty or not to determine if there are any validation errors. If the array is empty, no errors, process the information.

If you read the documentation for the getimagesize() function, you will learn that it takes the filename as a parameter. It does not take the image resource produced by the imagecreatefrompng() function.

^^^ you are using those two variables to hold the $row[......] index names, but you are overwriting those variables in the loop, so they won't hold valid index names after the first time through the loop. If you were developing and debugging php code in a system with error_reporting set to E_ALL and display_errors set to ON, you would get some error messages concerning the invalid index names that would have pointed you to the cause of the problem. Edit: And since this is not a mysql problem, moving thread to the php coding forum...

A) You didn't show us how you are setting the cookies, because they must be deleted using matching parameters. B) The $_COOKIE variables are set by the browser and so would only show the updated values after a page has been requested. C) Its' not clear from your description, but you likely have a logic error that is setting the cookies, perhaps due to the code following a header() redirect that does not have an exit(); statement after it to prevent the remainder of the code on the page from being executed.

It will only take a couple of minutes using a programming editor to globally search/replace <? with <?php in all your files. I recommend these steps - 1) Replace <? with <?php 2) Replace <?phpphp with <?php 3) Replace <?php= with <?php echo

You got caught using one of php's blunders, the lazy-way short open tag <? Use full php tags <?php so that your php code will always be seen as php code. And if you actually state what problem you are having and what the code is that experiences that problem, you can get quicker solutions to your problems.

Under php 5.3.2 your first code produces a fatal parse error due to the incorrect syntax (which is incorrect in all php4/5 versions) and your second code works as expected.

Show us the opening php tag you are using in the file. Edit: And the first code contains a fatal parse error (there are no () after the class name in the declaration.) So, you should be developing and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php would report and display all the errors it detects.

I spy a spelling error.

Looks OK (the length matches the visible characters.) How about - var_dump($_GET);

The error means that your query failed due to an error (this is NOT the result of a query that executed but matched zero rows.) If you echo mysql_error(); on the next line after the line with your mysql_query() statement, it will tell you why the query failed.

I'm going to guess that you have some non-printing characters as part of your data and even though it displays as expected, it does not actually match the $_GET variable name. Use the following to see exactly what $svar might contain - var_dump($svar);

http://www.englishgratis.com/1/wikibooks/php/paamayimnekudotayim.htm

If you are escaping data correctly (only once) the \ characters are NOT inserted into the actual database table.

Syntax errors are often reported on a line after where the actual problem is located. This is because the language parser cannot determine what the programmer intended when he left out some piece of syntax. I would suggest posting about 5 lines of code prior to the line where the error is being reported.

There's about a half-dozen different upload errors that will result in a file name, but no mime type because the upload failed. Since you did not bother to mention that you were testing the ['error'] element, I'll guess you are not.

The code blindly assumes that your query worked and returned a row from your database. Since you have no error checking logic in your code to make sure you got a value from your query, there is no guarantee that $_GET[$svar] will produce anything.

Are you testing if the $_FILES array is empty or not or the $_FILES['uploaded']['error'] element in your code to make sure something else is not causing the problem?

You cannot fake a session variable, but if register_globals are on, anyone can set one of your session variables to any value they want by simply supplying a same name cookie, post, or get variable when they request your page. If the value you put into a session variable originally came from the visitor, such as their username from a form, as long as you escaped it when it was originally received, it would be safe to put the session variable directly into a query.

Having those two lines of code immediately after your first opening <?php tag line of code should show runtime errors, warnings, and notices (you may need to do a 'view source' of your page in your browser to see some of them because if they occure inside of some html tags and elements, such as a form, they will appear in the source of the page but they won't appear in the rendered output of the page.) If you are getting a blank page, you likely have a fatal parse error and setting those two values in your code won't help. You should be developing and debugging php code on a local development system where you can set those two values before your code is requested (in the master php.ini) so that they will report and display all the php detected errors. You will also save a ton of time, because constantly uploading files to your web server to see one result wastes a huge amount of your time. You also have an error in your form's action="" attribute. It's not $_POST['PHP_SELF'] it is $_SERVER['PHP_SELF']. Edit: Also as has already been suggested, your require_once() is probably failing and stopping code execution. A leading slash on a file system path refers to the root of the current hard disk and I doubt that is where your /include/ folder is located nor do you likely have access to the root of the hard disk on your web hosting.

You have an extra - )

You are not supposed to directly request install.php. You are supposed to request index.php

They are generally called 'tooltips'. Here is one that works with a drop-down/select list - http://www.dynamicdrive.com/dynamicindex5/dhtmltooltip2.htm

Are you sure curl is not working because the libeay32.dll, ssleay32.dll auxiliary files are not present, not of the same version as your php package, or not on the Windows path and/or the openssl extension is needed by your code as well and/or the allow_url_fopen setting is not on?