PFMaBiSmAd

The correct syntax for using back-ticks would be `t`.`cid` However, since you don't need to use back-ticks unless your table/alias or column name requires special handling, why use them at all and in that one single place in your query?

The one ' that was displayed as ' is probably stored that way in your database. Are you using htmlentities or htmlspecialchars on data you are inputting into your database table? You should only do so when retrieving data and only when it is needed. The \ escape characters are part of the json definition. What sort of problem are you having with them being present?

You have a fatal parse (syntax) error in - For fatal parse errors to be reported in your main file, the error_reporting/display_errors setting must be set before your script is requested (your code never runs, so putting the settings into your script won't ever turn the settings on.) You should have the error_reporting/display_errors setting set in your master php.ini on your development system. You should also not be attempting to develop and debug php code on a live server. Set up a localhost development system, you will save a TON of time.

This topic has been moved to PHP Coding Help. http://www.phpfreaks.com/forums/index.php?topic=357779.0

Your code is actually using mysql, so the MS SQL form section where you posted it is not where this belongs at all. In any case, your current problem is the php code, so moving thread to the php help section...

Php is a server side scripting language. It is executed on the web server when the page is requested. You only get the output that php sends to the browser. Javascript is a client (browser) side scripting language. It is executed after the page is received in the browser. So, there is actually nothing such as php code inside of javascript. In any case, we cannot help you with any of your code unless you post all the code that reproduces the symptom.

Anything logically OR'ed with a true (1) value will be true. Therefor, userID='$userID' can be true or false and the result will be true.

This topic has been moved to Website Critique. http://www.phpfreaks.com/forums/index.php?topic=357765.0

<?php $access = 'admin'; $admin = $access == 'admin' ? ' OR 1' : ''; $query="SELECT esName, esID, esAddress FROM estates WHERE (esName LIKE '$req' OR esID LIKE '$req') AND userID='$userID'$admin"; echo $query;

The default error handling is: PDO::ERRMODE_SILENT - You need to call the ->setAttribute() method to set the PDO::ATTR_ERRMODE to PDO::ERRMODE_EXCEPTION $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

You are missing an actual alias name after the: AS ___. You should form your query statement in a php variable and then output the whole actual query statement as part of your error handling logic so that you can see exactly what the query statement is that is failing.

Your question is actually CSS related. Searching the Internet for 'CSS lower right-hand' should give you a solution.

Further to the above, accessing the ->error property after a ->bind() statement fails won't tell you why the bind failed (at least in php 5.3.8.) You will get a php warning logged/displayed from the bind statement and a false back from the bind statement, but the ->error property is empty. If you ignore the bind error and go on to execute the query, you will get a false back from the ->execute() statement and a vague message in the ->error property stating that - "No data supplied for parameters in prepared statement" (tested both for a wrong number of bind parameters and an invalid field specifier type.) [offtopic rant] And people wonder why there's an amount of hate directed at php over simple things that should work in an expected and consistent manor.[/rant]

As long as you are not including multiple 100's of files on each page request, you won't have any problem. At least one of the open source (cart) scripts was blindly reading through and including everything in multiple folders, loading 200+ files on each page request (instead of only loading what the page needed) and on the first request after a period of inactivity, since the files weren't in the disk cache, took a noticeable amount of time compared to follow-on requests that were able to read everything from the disk cache.

Since you didn't state or show what incorrect result you got, it's not possible for anyone here, who is not standing right next to you, to help. What exact error or exact symptom did you see in front of you that leads you to believe that you seem to not be doing it? I can name at least 6 different symptoms you might have gotten, ranging from the wrong page (no redirect) to a broken/partial page being output. You need to narrow down the problem by communicating what exactly occurred and at what point in the process it occurred at. And if you did get a blank or partial page, what does the 'view source' of that page in your browser show? You also need an exit; statement after your header() redirect to prevent the remainder of the code on your page from running while the browser requests the new page. Your existing if(!isset($_SESSION['Username'])){header("Location: login.php");} logic won't stop a hacker or bot script from accessing that page (all they have to do is ignore the header redirect.)

If you try to update a column to the same value, nothing takes place. An update query actually reads the row to be updated (it must find the row in order to update it, so reading the current values adds only a little overhead.) Only changed values are written to the database. You need to troubleshoot what your code is doing. $query->bind_param() will return a true or false value. You need to test it to see if the bind worked or failed. $query->execute() also returns a true or false value. If either of those statements fail, accessing the $query->error property will tell you why they failed. You actually need to have error checking, error reporting, and error recovery logic in all of your code to test if each step worked or failed. Your error reporting logic would output a user message on a live server - 'Sorry, the requested page cannot be displayed' and it would use something like trigger_error to handle the application level error reporting to log the actual error on a live server and to display it on a development system.

Are you sure of the value in $retval so that you know the if(){}else{} logic is doing what you expect? What exact value does $session->login() return, because if($retval) is a loose comparison and may not be doing what you think.

All of your header redirect statements need an exit; statement after them to prevent the remainder of the code on the page from running while the browser requests the new page. Also, you could be redirecting to login.php, but the code on the login.php page could be redirecting to the index page. What is the code on login.php?

A) Does the "The news article has been Modified!" message display in the browser? B) Do you have php's error_reporting set to E_ALL and display_errors set to ON in your master php.ini on your development system so that all php detected errors will be reported and displayed? C) What browser are you using, because only a limited few will set $_POST['submit'] when using an image for the submit button. You either need to test for one of the x,y coordinate variables (i.e. $_POST['submit_x']) or use some other method to detect when the form has been submitted to get your code to work in all browsers.

The $count variable is not being set to anything in the posted code, so it will be a little hard for the for(){} loop to do anything.

Variables start with $, function names do not (unless you are using variable functions.)

Edit: Sorry to keep reposting the same answers you have already given jesirose. There's no = sign as part of the LIMIT clause. The following is the SELECT syntax definition -

For most simple SELECT queries, the time it takes to transmit the query statement from php to the mysql server takes longer than the query itself takes to execute, even when using prepared statements, the time it takes to transmit just the replaceable parameter values from php to the mysql server takes longer than the query itself takes to execute. So yes, it will be significantly faster to form and execute one query that gets all the data you need at one time to produce a page.

Have you looked at the actual query statement that is failing to see if you can tell what is wrong with it (i.e. we cannot help you with what is wrong with it since we have not seen it or the code that is producing it either.)

The error is occurring on line 8 of functions.php. So far, nothing you have posted is where that error is at. It would be a line such as ... die('some message here...' .mysq_error); which should actually be ... die('some message here...' . mysql_error()); (i.e. you are missing the () which would identify it as a call to a function.)