Adam

The whole order of the script is a little illogical, plus you're not actually setting $logged_in to 1 at any point... <?php if (!isset($_SESSION['username']) || !isset($_SESSION['id'])) { if (!get_magic_quotes_gpc()) { $username = mysql_real_escape_string(stripslashes($_POST['username'])); $password = mysql_real_escape_string(stripslashes(md5($_POST['password']))); } $sql = mysql_query("SELECT * FROM members WHERE username ='" .$username . "'") or die(mysql_error()); if (mysql_numrows($sql) == 1) { $set = mysql_fetch_array($sql); if ($password == $set['password']) { $_SESSION['username'] = $set['username']; $_SESSION['id'] = $set['id']; $_SESSION['usrlvl'] = $set['usrlvl']; $_SESSION['logged_in'] = 1; } } } if ($_SESSION['logged_in'] == 1) { echo 'welcome'; } else { ?> <div id="login"> <div class="content"> <form id="form1" method="POST" name="login" action="<? $_SERVER['PHP_SELF'] ?>"> <fieldset> <legend>Sign-In</legend> <label for="inputtext1">Client ID:</label> <input type="text" id= "username" name="username"/> <label for="inputtext2">Password:</label> <input type="password" id="password" name="password" /> <input type="submit" name="login" value="Log In" /><br /> </fieldset> </form> </div> </div> <?php } ?> ...try that Adam

Yeah that's right, try changing PHP to this aswell: <?php //include the connect script include "connect.php"; /*THIS VARIABLE IS WHAT TABLE YOU ARE USING...IF YOU USED MY SQL FILE, THEN YOUR DEFAULT TABLE*/ /*NAME SHOULD BE 'userv2' AND YOU DO NOT NEED TO CHANGE ANYTHING, BUT IF YOU MADE YOUR OWN TABLE,*/ /*CHANGE THIS VARIABLE.*/ $tableName = "DNAreg"; //Post the new information they entered. $dna_no1 = $_POST['dna']; $dna_no2 = $_POST['dna2']; //if they match, update all the fields, even if they havent changed. $query = mysql_query("UPDATE $tableName SET Identifier = '$dna_no2' WHERE Identifier = '$dna_no1'"); if ($query) { echo "&msgText=Successfully Updated."; } else { echo "&msgText=Update Failed."; } ?>

I can't see any mistakes at all (with the PHP at least - useless with AS) but have you tried running the script itself, without the flash? Just need to create a simple HTML form linking to the script. Obviouslly if it works that would eliminate the problem being in the PHP side of it. And obviouslly if it works you'd be best seeking help in the "Other" forum... Adam

What character set are you using for your HTML page? I'm not 100% but I think using: <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> ... should solve the problem. That's the universal character set so should support about anything, I think? Adam

Best reading through some tutorials or articles... http://www.google.co.uk/search?&q=php+content+management+tutorial

Yeah: $value = round($value, 2);

Get what you mean, what's the code in "loginpage.htm" ? Adam

By the way in connection.php, this line has an extra bracket on the end: $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS)); should be: $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS);

<?php session_start(); ini_set('error_reporting', E_ALL); function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if ($problem && strlen($data) == 0) { show_error($problem); } return $data; } function show_error($myError) { ?> <html> <body> <b>Please correct the following error:</b><br /> <?php echo $myError; ?> </body> </html> <?php exit(); } if ( isset($_POST['submit']) ) { if($_SESSION['security_code'] != $_POST['security_code'] && empty($_SESSION['security_code']) ) { show_error('Sorry, you have provided an invalid security code'); } //Code for processing the form: $db_host = 'xxxxxxx'; $db_user = 'xxxxxxx'; $db_pwd = 'xxxxxxx'; $database = 'xxxxxxx'; $table = 'xxxxxxx'; $connect = mysql_connect($db_host, $db_user, $db_pwd); mysql_select_db($database); $name = check_input($_POST['name'], "Please enter your name."); $email = htmlspecialchars($_POST['email']); if (! preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email) ) { show_error('E-mail address not valid.'); } $subject = check_input($_POST['subject'], "Please enter a subject."); $message = check_input($_POST['message'], "Please enter your resume."); $submission_date = date("l M dS, Y, H:i:s"); $ip = getenv("REMOTE_ADDR"); $insert = mysql_query("INSERT INTO $table (col_2, col_3, col_4, col_5, submission_date, ip_address) VALUES ('$name', '$email', '$subject', '$message', '$submission_date', '$ip')") or show_error(mysql_error()); // whats this for? $user = $_POST['name']; } header('Location: thankYouForResume.html'); unset($_SESSION['security_code']); exit(); ?> try that... just rearranged the code to be easier to understand and altered one or two small things.. Adam

Hmm, what's in mail.php ? Adam

ahh okay, could use this then: <?php // assuming you've connected and made the query $halfWay = ceil(mysql_num_rows($yourQuery) / 2); $x = 0; while ($record = mysql_fetch_array($yourQuery)) { if ($x < $halfWay) { $col1[] = $record['id'] .' '. $record['title'] .' '. $record['text']; } else { $col2[] = $record['id'] .' '. $record['title'] .' '. $record['text']; } $x++; } print '<ul>'; foreach ($col1 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; print '<ul>'; foreach ($col2 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; ?> .. not tested but should give you the desired result...

.... oh wait. Do you want them in format like: record 1 .. record 2 record 3 .. record 4 or.. record 1 .. record 3 record 2 .. record 4 ??

Ah right well, the method I showed you before will basically take one record at a time and you can save whatever fields you like into an array that alternates each time.. effictely being like.. "one for you and one for me" between the two arrays. So record 1 is in array 1, record 2 is in array 2, record 3 is in array 1, record 4 is in array 2, etc. So basically splitting the records into lists, or columns if you were to display the lists at the side of each other. you don't need to count them up, that would sort of be a long way round. All you then do is loop thru each array and print out the contents in the array... Adam

Oh wait sorry, fields? So for each record in db table, you want to split the field into two and put half in one list, and half in the other list? Or do you mean like two records at the side of each other.. like: record1 record2 record3 record4 etc.. ? Adam

Could do something like.. <?php // assuming you've connected and made the query $col = 1; while ($record = mysql_fetch_array($yourQuery)) { if ($col == 1) { $col1[] = $record['someField']; $col = 2; } else { $col2[] = $record['someField']; $col = 1; } } print '<ul>'; foreach ($col1 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; print '<ul>'; foreach ($col2 as $data) { print '<li>' .$data. '</li>'; } print '</ul>'; ?> Could be a simpler way.. just a quick idea.. Adam

Use GET instead of POST .. for example, on query.php the link to download it should be something like... <a href="downloadxls.php?Organism=<?php print $orn; ?>&Category=<?php print $cag; ?>"> Then instead of using: $orn=$_POST['Organism']; $cag=$_POST['Category']; ... in downloadxls.php, use: $orn=$_GET['Organism']; $cag=$_GET['Category']; ... and you shouldn't have a problem. Adam

Don't understand what you're trying to do there though... $size=filesize($_FILES['image']['tmp_name']); if ($size == $_FILES['filename']['size']); { echo 'You have exceeded the size limit!'; echo $size; $errors=1; die (); } $_FILES['image'] .. isn't actually used on the form, not sure why you have lots of references to it? But you need to set a size limit yourself. with that you're basically setting the filesize limit to equal the filesize of a file i'm not even sure exists; filesize($_FILES['image']['tmp_name']) ...? should look something more like: if ($_FILES['filename']['size'] >= 1048576) { echo 'You have exceeded the size limit of 1Mb!'; echo ' Actual size: '.$_FILES['filename']['size']; $errors=1; die (); }

if's need brackets.. if (something == something) { ... } should be: if ($size == $_FILES['filename']['size'])

oh yeah you changed it to: function file_extension($filename) { $path_info = pathinfo($filename); return $path_info['extension']; } ... so needs to be: $filename = stripslashes($_FILES['filename']['name']); $type = strtolower( file_extension( $filename));

You're using $_FILES['image'] and $_FILES['filename'] when it should be (as it is on the form) $_FILES['filename'] ..

$filename = stripslashes($_FILES['image']['name']); $type = getExtension($name); $type = strtolower($extension); Problem is here i think, should be: $filename = stripslashes($_FILES['filename']['name']); $type = strtolower( getExtension( $filename));

try to find some errors... for example on querys like: $result = mysql_query($sql); add: $result = mysql_query($sql) or die('MySQL Error: ' .mysql_error()); Also echo out your inputs to make sure they're valid.. $ids = $_GET["id"]; $tabsl = $_GET["base"]; die('INPUTS: ' .$ids. ' ... ' .$tabsl); You may also want to make sure there's actually a record being retrieved from the database: $result = mysql_query($sql); if (mysql_num_rows($result) == 0) { print 'No record found!'; } else { $myrow = mysql_fetch_assoc($result); // print out form } Your codes very minimal at the minute.. Adam

oh aye.. must have skimmed over it ??? Well as fireball5 said, AJAX is the answer.. but the bit of code I showed you before with a few small changes will function as the PHP side of it... <?php // connect $username = mysql_real_escape_string($_POST['username']); $check = mysql_query("SELECT userField FROM yourUserTable WHERE userField = '{$username}'"); if (mysql_num_rows($check) > 0) { print 1; } else { print 0; } ?> Then just follow a tutorial such as http://www.w3schools.com/Ajax/ajax_database.asp .. to setup the javascript side of it. Any help? Adam

The function "pathinfo" - http://uk2.php.net/pathinfo - returns an array of information about a filepath .. are you using PHP4?

Use something like: <?php $username = mysql_real_escape_string($_POST['username']); $check = mysql_query("SELECT userField FROM yourUserTable WHERE userField = '{$username}'"); if (mysql_num_rows($check) > 0) { print 'Username taken!'; } else { print 'Username available!'; } ?> Adam