Adam

Huh yeah not noticed that... Yeah they're stored in YYYY-MM-DD format but for some reason the query still works? Odd! Adam

Good explanation of the function used here: http://uk3.php.net/fgetcsv But.. basically while the variable $data still reads from the csv file and does not = false, do that code...

Hah I went through this just the other day, was a bit of a nightmare.. I'll give you a big help though and show you the MySQL syntax for selecting between two dates: SELECT * FROM yourTable WHERE yourDateField BETWEEN 'YYYY-MM-DD' AND 'YYYY-MM-DD' That assumes in the database table each record has a single date. Then the range of dates will replace the two YYYY-MM-DD 's, i don't know if you have two fixed dates in mind or if you're going to have a form for the user to select.. but that should help you on your way..

OR if that doesn't work: VALUES ('" .$row['realname']. "',

Do they need to be in form of 1, 2, 3, 4 etc ?? If not just create yourself a naming formula like.. md5(TodaysDate_TimeToTheSecond_Random4DigitNum) Chances are like 1 in 10 thousand per second that someone will ever get the same number.. or something daft! If they do need to be in order, could loop through, eg: $x = 1; while ( !file_exists($x . '.jpg')) { $x++; } $filename = $x . '.jpg'; ..not tested though! If you had a lot of uploads however, and it gets to like 300.jpg, or even 3000.jpg, don't wanna have to loop through each time. so could use a database or flatfile or something to store the current count... Adam

try using http://uk3.php.net/zip

$row = mysqli_fetch_assoc($result); .. returns an array. you need to use: $row['realname'] in: VALUES ('$row['realname']', Adam

Okay so double check; $username is what it's supposed to be that the username exists in the database and.. that there isn't two of the same username seen as you're using == 1 Adam

ahh, do you have error reporting turned off?? here's the problem i reckon: mysql_numrows($sql) should be: mysql_num_rows($sql)

Instead of: if (!get_magic_quotes_gpc()) { $username = mysql_real_escape_string(stripslashes($_POST['username'])); $password = mysql_real_escape_string(stripslashes(md5($_POST['password']))); } Just use: $username = mysql_real_escape_string(stripslashes($_POST['username'])); $password = mysql_real_escape_string(stripslashes(md5($_POST['password']))); See if that works? If not try outputting the $username and $password variables, if still nothing, try changing: if (mysql_numrows($sql) == 1) { $set = mysql_fetch_array($sql); if ($password == $set['password']) { $_SESSION['username'] = $set['username']; $_SESSION['id'] = $set['id']; $_SESSION['usrlvl'] = $set['usrlvl']; $_SESSION['logged_in'] = 1; } } to: if (mysql_numrows($sql) == 1) { $set = mysql_fetch_array($sql); if ($password == $set['password']) { $_SESSION['username'] = $set['username']; $_SESSION['id'] = $set['id']; $_SESSION['usrlvl'] = $set['usrlvl']; $_SESSION['logged_in'] = 1; } else { die('Invalid password!'); } } else { die('No user found!'); } Any luck?

No no.. thats for if they enter the login form. that codes just basically testing if they're already loggin in and redirecting them if so. And you only really need to test one session value. People tend to use something that actually means something, like.. $_SESSION['loggedIn']; so when you see: if ($_SESSION['loggedIn']) { makes sense... adding more $_SESSION values to the if can i guess be added safety but if your system works right then you shouldn't need to really.. Adam

Ah right gotchya, thought you was asking why it weren't working... could check for the time_start session you're setting, ie: <?php session_start(); if ($_SESSION['time_start']) { header("Location: memberspage.php"); } ?> put that at the top of loginpage.html (except it'll need to be .php now) and it should work fine... Adam

Okay that's just static HTML, why would the session carry over to this page?

Oh you've missed session_start() off of the top, should be: <?php session_start(); if (!isset($_SESSION['us....... Also have you connected to the database? Just realised there's no code...

The whole order of the script is a little illogical, plus you're not actually setting $logged_in to 1 at any point... <?php if (!isset($_SESSION['username']) || !isset($_SESSION['id'])) { if (!get_magic_quotes_gpc()) { $username = mysql_real_escape_string(stripslashes($_POST['username'])); $password = mysql_real_escape_string(stripslashes(md5($_POST['password']))); } $sql = mysql_query("SELECT * FROM members WHERE username ='" .$username . "'") or die(mysql_error()); if (mysql_numrows($sql) == 1) { $set = mysql_fetch_array($sql); if ($password == $set['password']) { $_SESSION['username'] = $set['username']; $_SESSION['id'] = $set['id']; $_SESSION['usrlvl'] = $set['usrlvl']; $_SESSION['logged_in'] = 1; } } } if ($_SESSION['logged_in'] == 1) { echo 'welcome'; } else { ?> <div id="login"> <div class="content"> <form id="form1" method="POST" name="login" action="<? $_SERVER['PHP_SELF'] ?>"> <fieldset> <legend>Sign-In</legend> <label for="inputtext1">Client ID:</label> <input type="text" id= "username" name="username"/> <label for="inputtext2">Password:</label> <input type="password" id="password" name="password" /> <input type="submit" name="login" value="Log In" /><br /> </fieldset> </form> </div> </div> <?php } ?> ...try that Adam

Yeah that's right, try changing PHP to this aswell: <?php //include the connect script include "connect.php"; /*THIS VARIABLE IS WHAT TABLE YOU ARE USING...IF YOU USED MY SQL FILE, THEN YOUR DEFAULT TABLE*/ /*NAME SHOULD BE 'userv2' AND YOU DO NOT NEED TO CHANGE ANYTHING, BUT IF YOU MADE YOUR OWN TABLE,*/ /*CHANGE THIS VARIABLE.*/ $tableName = "DNAreg"; //Post the new information they entered. $dna_no1 = $_POST['dna']; $dna_no2 = $_POST['dna2']; //if they match, update all the fields, even if they havent changed. $query = mysql_query("UPDATE $tableName SET Identifier = '$dna_no2' WHERE Identifier = '$dna_no1'"); if ($query) { echo "&msgText=Successfully Updated."; } else { echo "&msgText=Update Failed."; } ?>

I can't see any mistakes at all (with the PHP at least - useless with AS) but have you tried running the script itself, without the flash? Just need to create a simple HTML form linking to the script. Obviouslly if it works that would eliminate the problem being in the PHP side of it. And obviouslly if it works you'd be best seeking help in the "Other" forum... Adam

What character set are you using for your HTML page? I'm not 100% but I think using: <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> ... should solve the problem. That's the universal character set so should support about anything, I think? Adam

Best reading through some tutorials or articles... http://www.google.co.uk/search?&q=php+content+management+tutorial

Yeah: $value = round($value, 2);

Get what you mean, what's the code in "loginpage.htm" ? Adam

By the way in connection.php, this line has an extra bracket on the end: $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS)); should be: $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);

<?php session_start(); ini_set('error_reporting', E_ALL); function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if ($problem && strlen($data) == 0) { show_error($problem); } return $data; } function show_error($myError) { ?> <html> <body> <b>Please correct the following error:</b><br /> <?php echo $myError; ?> </body> </html> <?php exit(); } if ( isset($_POST['submit']) ) { if($_SESSION['security_code'] != $_POST['security_code'] && empty($_SESSION['security_code']) ) { show_error('Sorry, you have provided an invalid security code'); } //Code for processing the form: $db_host = 'xxxxxxx'; $db_user = 'xxxxxxx'; $db_pwd = 'xxxxxxx'; $database = 'xxxxxxx'; $table = 'xxxxxxx'; $connect = mysql_connect($db_host, $db_user, $db_pwd); mysql_select_db($database); $name = check_input($_POST['name'], "Please enter your name."); $email = htmlspecialchars($_POST['email']); if (! preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email) ) { show_error('E-mail address not valid.'); } $subject = check_input($_POST['subject'], "Please enter a subject."); $message = check_input($_POST['message'], "Please enter your resume."); $submission_date = date("l M dS, Y, H:i:s"); $ip = getenv("REMOTE_ADDR"); $insert = mysql_query("INSERT INTO $table (col_2, col_3, col_4, col_5, submission_date, ip_address) VALUES ('$name', '$email', '$subject', '$message', '$submission_date', '$ip')") or show_error(mysql_error()); // whats this for? $user = $_POST['name']; } header('Location: thankYouForResume.html'); unset($_SESSION['security_code']); exit(); ?> try that... just rearranged the code to be easier to understand and altered one or two small things.. Adam

Hmm, what's in mail.php ? Adam

ahh okay, could use this then: <?php // assuming you've connected and made the query $halfWay = ceil(mysql_num_rows($yourQuery) / 2); $x = 0; while ($record = mysql_fetch_array($yourQuery)) { if ($x < $halfWay) { $col1[] = $record['id'] .' '. $record['title'] .' '. $record['text']; } else { $col2[] = $record['id'] .' '. $record['title'] .' '. $record['text']; } $x++; } print '<ul>'; foreach ($col1 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; print '<ul>'; foreach ($col2 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; ?> .. not tested but should give you the desired result...