PFMaBiSmAd

http://dev.mysql.com/doc/refman/5.5/en/string-functions.html#function_find-in-set

I recommend solving one problem at a time.

I'm assuming that question is referring to the ON DUPLICATE KEY UPDATE part of your query? Since the INSERT query in the code you originally posted is cut off, I don't know exactly what you are referring to. However, if you need to reference any of the INSERT values in the UPDATE part of the query, see this post - http://forums.phpfreaks.com/topic/269074-prepared-statement-on-duplicate-help/#entry1382663

The following is the php.net stmt->execute() example, modified to loop over data - <?php $query = "INSERT INTO myCity (Name, CountryCode, District) VALUES (?,?,?)"; $stmt = $mysqli->prepare($query); $stmt->bind_param("sss", $val1, $val2, $val3); while(your_while_condition_test_here){ // set the bound variables from your actual data source $val1 = some_statement_that_references_the_actual_dynamic_data_value; $val2 = some_statement_that_references_the_actual_dynamic_data_value; $val3 = some_statement_that_references_the_actual_dynamic_data_value; /* Execute the statement */ $stmt->execute(); } $stmt->close(); The only thing that should be inside of the loop are statements needed to reference dynamic data values and to call the ->execute() method.. A number of the values you show in your query are static (don't change for the duration of the loop) and should be set before the start of the loop. Also, your data source is apparently an array. You should probably use a foreach(){} loop instead of a while(){} loop.

The VALUES(column_name) function (not be confused with the VALUES keyword) should work - UPDATE filter_prefs = VALUES(filter_prefs)

Your code makes no logical sense. You are fetching the first row from the result set before the start of the while loop. If there's only one row, the while loop will be skipped over and if there is more than one row, the first one won't be present inside of the while loop.

That will let you detect if a form was submitted, but it doesn't tell you anything about the uploaded file.

You put the main php logic first on the page, then you produce any output for the page, then you output that content as a html document. You would first put any security check logic - what can the current visitor do when he requests this page? Then put any form processing logic on the page - your current form processing code. At this point you would redirect if needed and since you haven't produced or output any content on the page, the redirect will have no problem working. Next handle any get request logic that determines what the page should display, produce the requested content, and finally output a valid html document with any css/javascript and content that you want. Lastly, you always need to perform server-side validation of all submitted external data. Your javascript validation will alert a legitimate visitor, that has javascript enabled, but won't do anything for the few visitors with javascript disabled or bot scripts that don't have javascript at all and submit data directly to the form processing logic and could care less about any client-side validation you have.

If you saw a value of 4 in the error element - $_FILES['editcar_fileupload']['error'], wouldn't that mean that $_FILES['editcar_fileupload'] ISSET?

Your second FILE (pages in a web setting are something else) of posted code is making the connection inside of a loop. Is there any chance the connection error was worded something like "too many connections?" You should be making ONE connection, before the start of your loop. You should also prepare the INSERT query ONCE, before the start of the loop, and then simply populate the variables with the data for each loop and ->execute() the query inside of the loop. Also, since you are not using place-holders in the prepared query statement for the data values, you are not realizing any benefit from using a prepared query. Edit: Here's the posted code, formatted so that it is readable - <?php require_once 'pvt/cfg.php'; $n = 0; if(!isset($_POST) && !array_key_exists('addCart', $_POST)){ $_POST['addCart'] = 0; } else if(isset($_POST['addCart'])){ $cart = $_POST['addCart']; $n = count($cart); $i = 0; if ($n === 0){ echo "You did not put anything into the cart."; } else { while($i < $n){ $id = session_id(); $date = new DATETIME(); $expDate = $date->add(new DateInterval('PT3H')); $comp = 0; $i++; //connect to database $mysqli = new mysqli($dbhost, $dbuserI, $dbpassI, $db); if ($mysqli->connect_error) { die('Connect Error (' . $mysqli->connect_errno . ') ' . $mysqli->connect_error); } //prepare query relative to action $query = ' INSERT INTO `sessions` ( `id` , `created` , `expired` , `completed` , `price` ) VALUES (`$id`, `$date`, `$expDate`, `$comp`, `$price`) ON DUPLICATE KEY UPDATE'; if($stmt=$mysqli->prepare($query)){ if($stmt->execute()){ //add values to cart//////////////////////////////// } $stmt->free_result(); $stmt->close(); } } } } if($n === 1){ $cartTxt = "Item"; } else { $cartTxt = "Items"; } if($n > 0){ $imgLnk = "fullCart.gif"; } else { $imgLnk = "cart.gif"; } $cartLnk = "#"; $cartReadout = "<img src='../img/%s' width='40' height='30' /> <br /> <a id='cartLnk' href='%s'>%d %s In Cart</a>"; printf($cartReadout,$imgLnk,$cartLnk,$n,$cartTxt); $n = 0; edit2: You also (apparently) have back-ticks around the data values in the query.

Your form doesn't have any field named 'submit', so your form processing code that tests - if (isset($_POST['submit'])) will never be true.

The $_FILES array will be set and not empty for most of the possible error conditions. You must test if the file was actually uploaded, the ['error'] element is set and equal to zero, before you can access any of the uploaded file information.

For real-life applications, data is normally never actually deleted. You would just have a 'status' field that is set to a value that indicates the data is inactive or use something like an end_date column and you only select active data with an end_date that is not in the past.

Is this solved yet?

I'm going to venture a guess, that since you have marked the thread as solved, that once you actually looked at the value in the data, you noticed that it wasn't exactly what you were trying to match in the str_replace statement.

Why do users in the office even know the database username/password?

Locking this thread because you already have an active thread for this.

The short answer is - programming is not painful. The OP has spent a number of hours with this problem, when in fact, had he been learning php, developing php code, and debugging that php code on a local development system, properly setup with error_reporting and display_errors set as suggested, it would have taken him probably 3 minutes to determine what was causing the problem and could have probably fixed it himself.

Your php code has been tabbed over, so it now contains white-space before the first opening <?php tag. That will prevent all the session/cookie related statements from working. You need to have php's error_reporting set to E_ALL and display_errors set to ON in your master php.ini on your development system to get php to help you. You will save a TON of time. You should also be developing and debugging php code on a local development system, not a live server.

The obvious answers are that the content doesn't contain the string you are trying to find/replace OR since this is a link and all you are replacing is the target url in the link, you won't see any thing different unless you look at the 'view source' of the page or hover your mouse over the link.

I recommend reading the error message you are getting, because it tells you where your page is sending output to the browser that is preventing the header from working. It's that output that you must find and eliminate or you must reorder the code on your page so that the logic using the header() statement comes before sending any non-header output to the browser.

You would subtract 1 if the mmdd of the birthday is less than the mmdd of the current date.

The code you have posted is basically just a template'ed page being built using php include statements. Other than the php code in your included files, the only php statements are the getLastPhoto() function calls. You would start by pinning down where the code spends the greatest amount of time, either in one or more of the included files or making calls to the getLastPhoto() function. You can use $some_var = microtime(true);, before and after any block of code to get the starting/ending times and subtract the two times to get the amount of time taken for any code block.

Prepared queries don't directly return a result resource that you can iterate over using mysqli_fetch_xxxxx statements. You normally use mysqli_stmt_bind_result to bind the selected columns to variables and use mysqli_stmt_fetch in your loop to populate the variables with the data from each row. If you have php 5.3 and are using the mysqlnd driver, you can use mysqli_stmt_get_result to convert the result of a prepared query into a traditional result resource that you can use mysqli_fetch_xxxxx statements with. Edit: Your use of mysqli_stmt_store_result only transfers the result set from the sql server into php memory so that things like the num_rows method will work and you can iterate over the result set local to php rather than sending commands and data back and forth between the sql server and php on each fetch statement.

The value attribute of an image being used as a submit button won't be submitted (well it will by some browsers, but those are not following the w3.org specification.) To distinguish which image was clicked, that will work in all browsers, you must use different names for each one.