PFMaBiSmAd

It is likely that the page that is the target of the form is not validating the form data or even checking if the form was submitted and every time a search engine spider or other bot script visits the page that an empty/default value row is inserted. It would take seeing the relevant code.

A) You apparently put the two lines of code setting display_errors/error_reporting outside of any of the <?php ?> tags - B) Your query either has an extra single-quote before '{$visible} or it is missing the matching single-quote after that. Since the value is numeric, it is likely that the leading single-quote is not intended.

There is a typo in the second "visbile" - <input type="radio" name="visible" value="0" /> No <input type="radio" name="visbile" value="1" checked /> Yes

I edited my post above with some additional information that you should do, though it has no direct bearing on your current problem. That value in the $errors array means that neither radio button was selected.

Stating what it is doing helps pin down what path the code takes. Testing with the posted form and the posted code shows that it is likely that the mysql_query() is being executed. The following lines of code are missing some important code to report errors and notify you what the code did do - if (mysql_affected_rows() ==1) { // Success } else { // Failed } } else { //Errors occurred } Replace the above with this - if (mysql_affected_rows() ==1) { // Success echo "One row was updated<br />"; } else { // Failed die("Update query failed, query: $query<br />Rows: " . mysql_affected_rows() . "<br />Error: " . mysql_error()); } } else { //Errors occured echo "<pre>",print_r($errors,true),"</pre>"; } Also, add the following two lines of code immediately after your first opening <?php tag (move the require_once(...) statement down as necessary) - ini_set("display_errors", "1"); error_reporting(E_ALL); And you are getting a php parse error having something to do with footer.php. Either the require() statement actually contains a URL that you edited for the post and footer.php contains a syntax error or footer.php is in turn including/requiring a file using a URL that contains a syntax error. If any of your require/include statements are actually URL's that you edited for the post, please only xxxxx out any sensitive information in them that you don't want to show, but don't change the actual syntax being used in anything.

You do realize that databases are intended to store data, not files, and that file systems were designed to efficiently store files.

The posted code contains a fatal parse error because of a missing ) on the mysql_query(... statement. Putting error_reporting/display_error settings in your script won't help show fatal parse errors because your code is never executed. You should be developing php code and debugging php code on a system with error_reporting/display_errors set in your php.ini. When we suggest putting lines of code in to set those two settings in your code, it is to debug code that is at least doing something/being executed.

It would be really nice if you told us what exactly it does do when you try it. A blank page (and if so, what does the "view source" in your browser of the blank page show)? A php error? An error output from your code, such as "Database query failed ..."? Does it just redisplay the form?

NO. All content that is displayed in the browser has already been sent from the server to the browser. Anything you can do to make it harder for someone to then save that content can be EASILY bypassed. The whole purpose of the Internet is to publish content. If you don't want that content to be possibly saved by someone once it has been displayed in a browser, then don't publish it on the Internet in the first place.

Once you fix that php syntax error, you will be back at the code in reply #10, which is missing the single-quotes that go around string data values in a query. I recommend NOT using string concatenation (the dot .) as it results in a huge number of syntax errors because it is difficult to see exactly what syntax you have for the query string and what syntax you have as part of the php statements. If you use sprintf, it will make it easy to see the syntax of your query and the syntax of your php statements - $sql = "INSERT INTO cust_order (qty_adult,qty_child,adult_cost,child_cost,postage,c_name,h_name,town,county,p_code,email,p_num) VALUES ('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')"; $query = sprintf($sql, mysql_real_escape_string($_POST['qty_adult']), mysql_real_escape_string($_POST['qty_child']), mysql_real_escape_string($_POST['calcItem']), mysql_real_escape_string($_POST['calcChild']), mysql_real_escape_string($_POST['calcAll']), mysql_real_escape_string($_POST['c_name']), mysql_real_escape_string($_POST['h_name']), mysql_real_escape_string($_POST['town']), mysql_real_escape_string($_POST['county']), mysql_real_escape_string($_POST['p_code']), mysql_real_escape_string($_POST['email']), mysql_real_escape_string($_POST['p_num'])); If you use the above, don't forget to use the final $query variable in your mysql_query() instead of what you have now.

This is the DELETE query syntax prototype - As it applies to what you are doing (removing the unused elements) -

The leading part of the query that is printed in the error message is the point where mysql could not figure out what you mean. In this case 'order' is a reserved keyword and was encountered in your query where it could not normally exist - http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html You should rename your table to something else.

localhost in the header redirect that you posted is the domain portion of the URL. You need to use your actual domain name. You can use $_SERVER['HTTP_HOST'] to get the domain name at runtime, so you don't need to hardcode the domain into the php statement.

Your code is dependent on $_POST['sub1'] being set. Have you checked if it is? Perhaps the HTML of your form is invalid and the other browser are ignoring the error while IE does not.

See this link - http://www.php.net/manual/en/features.file-upload.errors.php And this one - http://www.php.net/manual/en/ini.core.php#ini.post-max-size ALL CODE that is responsible for processing user supplied data must check for all possible errors and validate that data before blindly attempting to use that data. Put some error checking logic into your code so that you know when the upload is failing. When the size of the uploaded file exceeds the post_max_size setting, the $_FILES array is completely empty and you need to check for that condition as the first validation test. See the empty function. You then need to check $_FILES['setImageUpload']['error'] for any errors, output a meaningful user message when there is an error and only process the uploaded file information where there is no upload error.

Yes, but what are the actual values php is using that a phpinfo() statement shows?

The error states where the output is occuring - Unfortunately, you have a php statement on line one of the posted code, so there are two possibilities. You should actually put the opening <?php tag on a line by itself with noting else on the line with it in order to help eliminate the second reason listed below - 1) Your file has been saved in UTF-8 format and the BOM (Byte Order Mark) characters that the editor places at the start of the file IS the content being output on line one. 2) Something in the /Connections/blubeetl.php file is causing output to be sent. This could be before the <?php opening tag, in the body of the file, or even after the ?> closing tag.

Wouldn't something that shows there is an error have significance - [error] => 1 http://www.php.net/manual/en/features.file-upload.errors.php ALL CODE that is responsible for processing user supplied data must check for all possible errors and validate that data before blindly attempting to use that data. Put some error checking into your code so that at least when a file is uploaded that is larger than the upload_max_filesize setting that you output a meaningful user message. And while you are at it, when the size of the uploaded file exceeds the post_max_size setting, the $_FILES array is completely empty and you need to check for that condition as the first validation test - http://www.php.net/manual/en/ini.core.php#ini.post-max-size

Most programming editors have a search/replace feature that would allow you to find and replace the occurrences of <? and <?= with <?php and <?php echo And the <? vs <?php has nothing to do with php version, but with a second shorter tag that unfortunately can be turned off (what were they thinking) and there is no guarantee that you will always be on a server where you will have the ability to turn it on. It is much better to spend the few minutes correcting your code once, than fighting something every time you switch to a different server or someone makes a change to your server configuration.

Investigate at what point the size is correct and at what point it is not. Is the whole file actually present in the database? What is your column definition? Can it hold a file of the size you are using? Does echoing strlen($content) given the correct value? (comment out the headers to see the result of the echo.) This empty header statement is not doing anything and should be removed - header();

memory_limit can be set in a script.

Actually, because each month does not have 31 days, you need a point of reference, either from a specific date or the current date (I was going to post code similar to above, but because it is referenced to January, which has 31 days, the result is not 14 years 2 months 1 day.)

XML is primarily designed to transport data between dissimilar applications. Within a single application, where you are both producing and consuming the data using the same programing language on each side, using XML is just adding unnecessary overhead. So, if your primary goal is performance, don't use XML.

Because you have php functions, variables, and logic, I would use printf - <?php if (!isset($_GET['actor'])) { } else { $format = '<form action="edit_actor.php?actor=%s" method="post"> <p>First name:<br /> <input type="text" name="first_name" value="%s" id="first_name"></input></p> <p>Last name:<br /> <input type="text" name="last_name" value="%s" id="last_name"></input></p> </p> <p>Visible: <input type="radio" name="visible" value="0" %s /> No <input type="radio" name="visible" value="1" %s /> Yes </p> <p>Content:<br /> <textarea id="content" name="content" rows="5" cols="60">%s</textarea> </p> <input type="submit" name="submit" value="Edit Actor\'s page" /> <a href="delete_actor.php?actor=%s&currentpage=%s" onclick="return confirm(\'Are you sure you want to DELETE this ACTOR\'s page?\');">Delete Actor\'s page</a> </form> <br /> <a href="content_actor.php?currentpage=%s">Cancel</a>'; printf($format, urlencode($sel_actor['id']), htmlentities($sel_actor['first_name']), htmlentities($sel_actor['last_name']), ($sel_actor['visible'] == 0) ? " checked='checked'" : "", ($sel_actor['visible'] == 1) ? " checked='checked'" : "", htmlentities($sel_actor['accents_dialects']), urlencode($sel_actor['id']), $currentpage, $currentpage); } ?>

I would use mktime() - <?php echo "<select>\n"; $now = getdate(); // array of current values "mon" and "year" for($i=0;$i<=28;$i++){ // hour, minute, second, month, day, year $dt = mktime(0,0,0,$now['mon']-$i,1,$now['year']); echo "<option VALUE='$i' >". date('M-Y',$dt) . "</option>\n"; } echo "</select>"; ?>