PFMaBiSmAd

Either $row['level'] is empty or non-existent or you have some php code that is overwriting $_SESSION['level'], such as if($_SESSION['level'] = '') (one =, an assignment) instead of if($_SESSION['level'] == '') (two ==, a comparison) It would take seeing your relavant code and data that both sets $row['level'] in your database to the expected value, retrieves $row['level'], assigns the value to $_SESSION['level'] and any code that references $_SESSION['level'] up to the point where you determined that is is empty, to be able to determine what the most likely cause of the problem is. Edit: Short answer - you have access to both your database and your code, you should be able to determine at what point your data and variables have the expected value and at what point they don't. I can guarantee that the code between those two points is where the problem is.

Define: that didn't work? What did it do, because that is exactly how you would make the query so that the specific category would match AND any one of the other terms would match. Are you sure you made the code change in the actual file you are using?

Use only full opening php tags in your code - <?php You got caught using php's lazy-way short open tag <?

^^^ You are setting $image_id equal to $row['image_id'] in your code. You would either need to use $image_id in the src='...' attribute or use $row['image_id']. Why are you using $image_id['imgage_id']?

Providing addition information would certainly help - 1) What kind of server operating system are you on? 2) What is the full error message (xxxxxx out any information you don't want to post, but post the complete wording of the error message.) 3) allow_url_fopen has absolutely no affect on the code you posted unless you are actually using a URL as the filename, in which case you really need to post your actual code.

It's likely that $Any_City or $City is either empty or contains some un-escaped special characters that are breaking the sql syntax of the query. I recommend forming your sql query in a php variable (such as $query) so that you can echo it out to see exactly what it contains.

The var declaration can only use constant values (literal strings, numbers, or a static array) - You would need to use code in the constructor or in a class method to assign values from variables to the class variables.

For example - <?php // Using HTML arrays $_POST['amount']['rent'], $_POST['amount']['elec'], ... and $_POST['notes']['rent'], $_POST['notes']['elec'], ... // The master array is used to both generate the form and iterate over the form data. You would also use it in the vaidation logic... $array = array(); // master array of item_id to index name. // ... other entries $array[13] = 'rent'; $array[14] = 'elec'; $array[15] = 'gas'; // ... other entries // process the form if(isset($_POST['submit'])){ $cid = 123; // testing testing foreach($array as $item_id => $index_name){ $query = "UPDATE client_budgets SET amount = '{$_POST['amount'][$index_name]}', notes = '{$_POST['notes'][$index_name]}' WHERE client_id = '$cid' AND item_id = $item_id"; echo $query . "<br />"; } } // produce and output the form $content = "<form method= 'post' action=''>\n"; foreach($array as $index_name){ $content .= ucfirst($index_name) . "- Amount: <input type='text' name='amount[$index_name]'>\n"; $content .= "Notes: <input type='text' name='notes[$index_name]'><br />\n"; } $content .= "<input type='submit' name='submit'>\n"; $content .= "</form>\n"; echo $content; ?>

Not knowing how you got to this point, but that it works in one browser, I would suggest clearing your browser caches and try again.

A) What URL are you entering in your browser? B) What does a 'view source' in the browsers that don't work show you? C) What is the raw source code for the page you are trying to view?

You would probably want to dynamically do this using a loop and perhaps a master array that contains an association between the item_id and the other values (which should be in an array if possible instead of individually named variables.)

The error means that your query failed due to an error (could be a connection problem, a database problem, a table problem, a column problem, or a syntax problem.) If you search for any part of that error message, you find that using mysql_error(); will tell you why the query failed. For troubleshooting purposes (remove it after you are done) echo mysql_error(); on the next line after the line with your mysql_query(...); statement.

I knew using a URL was probably it. When you post part of your code out of context of how it is actually being used and you tell us that 'this is my code and it is not working', but in reality that is not all your actual code that is involved in the problem, it takes a really long time to help you, in this case ~20hours. When you use a URL in an include, it causes your web server to make a http request back to your web server. This invokes a separate instance/child process of your web server/php to parse the requested file. This causes several things to happen - 1) It takes a minimum of 100 times longer than if you used a directly file system path, 2) The included file does not inherit the variable scope of the main file (which is why you are getting the symptoms that you are), 3) You only get back the content that is output by that file, you don't get the php code and data from that file incorporated into the main file, and 4) The settings that allow this might not be enabled on any particular server configuration, so you might find your include statement not working at all (and not just the variables) if you move to a different server or someone updates/alters the configuration of your existing server.

http://w3schools.com/html/default.asp

Since resubmitting a form that contains filled-in file fields causes those files to be re-uploaded each time the form is submitted, you might want to separate the process into more than one form or process and save any uploaded files and not enable the file fields in the form if you need to have the visitor correct some of the other fields.

$value1 = file_get_contents('http://yourdomain.com/test.php'); // assuming that the allow_url_fopen setting is ON

No. The field is read only. You cannot set it with HTML or javscript. Only the browser's file dialog box can set it. No. Only the file name portion is submitted and since there is no way for you to set the value, it does not matter. AFAIK - the only way to style the file browse button is to make it invisible and overlay it with your own button that you can style.

So, after you changed the register code so that it stored the md5 of the entered password, did you delete any rows from your table and re-register so that the value stored in the table would be updated so that the query in the login code could match the md5 value?

Maybe if you show your actual full code involved in the problem someone could directly solve this. xxxxx out any information you don't want to post, such as your domain name, but don't change any of the syntax (such as if you are using a URL to include the file http://xxxxx.com/file.php or using a file system path.)

It would help if you provided an example of what $search contains and what the wordsExist() function does, because if you are just trying to find a matching row in a database table is it customary to simple query for that matching row instead of retrieving all the rows and trying to find a match - "SELECT * FROM `engines` WHERE some_column = '$search'"

You output selected="selected" inside the <option > tag that you want to be selected - http://w3schools.com/html/tryit.asp?filename=tryhtml_select3 Without seeing your code, it is not possible to tell you why your's did not work.

$query="select * from user where uname='$n' and pw=md5('$p')";

Using just a session with the time of the last post stored in it can still be easily bypassed (see ChemicalBliss's post.) You would need to persistently store (database table) the session id and the visitor's IP address so that you can make sure that they are keeping the same session that they started with and are not simply dropping the session id and getting a new session each time.

That script is using password('$pw1') in the registration script but is not doing the same thing when it checks in the login page, so that script never worked and no one cared enough to correct it after it was posted. Also, the script should NOT be using mysql's password() function in the first place. It should be using either md5() or sha() AND it should be doing the same thing in both the register and login script.

You could use two cookies, one would be set with a unique id value (and store the unique value in a database table so that you can check if the visitor didn't just put some random value into a cookie) and the second one would be set to determine when the last post was. You would test to make sure the unique value cookie was provided to make sure that cookies were being accepted and sent back to the server and that the unique value was one that you assigned and that the last post cookie was not set. You should also regenerate and reset the unique id cookie upon each post so that they cannot get one valid unique id cookie and keep posting by deleting the 'postflood' cookie. If they don't accept cookies, they delete both of them, or they did not get a unique id value from you, you won't allow them to post.