Aeglos

I see now what you are attempting; getting the previous five integers. for ($x = $current-5; $x < $current; $x++) { if ($x < 1) { $x = 1; } echo $x; } That will give you the previous 5 integers before $current. Note the if() which is important if $current is lower than 5. Cheers.

You are thinking all backwards. You want the values FROM one and UP TO your defined boundary, just do: for ($x = 1; $x < $current; $x++) { echo $x; } So you loop from 1 up to one less than your $current value (that's why you use '<' instead of '<='). That should output 123456 if $current is 7.

The problem is that your supplied username/password is/are wrong.

The single quotes around the $vegeid var are the problem. Somewhere the '15' gets converted to `15` which is column name designation. I'd try removing the single quotes around it (which works) or checking where and why they change... Maybe the sprintf function does it, don't really know. But since it's a value you generate and get yourself from the script/database, there should be no risks to removing the single quotes. May I ask why are you using sprintf to build the queries though? It's simplier to just concatenate the variables, seems like added bloat with no practical benefit to me.

Yes, that is injected code. A little googling reveals that it's probably something uploaded through unsecured FTP access, or, a local virus that infects uploaded webpages. Change all of your access passwords, and everyone who has file access should check for virus. I think that includes the hosting service.

I can't find a mistake at a quick glance. Could you put echo $insertSQL_b before the last mysql_query() and paste the output here? So we can check for errors in the full SQL query that you are trying to run.

The "Notice: undefined index..." errors mean that those variables don't exist. It would seem that the form never set them and they were never posted, so check the form for errors. The error in your SQL syntax is due to the "NULL" you have in you column list. It servers no purpose and is messing things up. Notice that you have 11 values to insert, and 12 fields, that can't be... the quantity has to match, also SQL tries to map the first value to the NULL column which is nonexistant and the query fails. Remove the NULL item from the query. If you are concerned about an ID value in the database that comes first (as I asume), don't worry. If you don't reference columns in an insert query, SQL will fill them up with their default or simply leave them blank. Just remember to have the same number of values and (corresponding) column names in the query. ALSO. mysql_insert_id() will return nothing until you actually run the query, so you have to move it down... ... $result1 = mysql_query($insertSQL, $connection); $vegeId = mysql_insert_id(); // Here it will work, the query has already run. $insertSQL_b = ... //Your SQL query that uses $vegeId. $result2 = mysql_query($insertSQL_b, $connection);

Seriously... did you even read or try to comprehend the error? It clearly states BLOB/TEXT types can't have default values... change: ITEM_DESCRIPTION TEXT DEFAULT '', to: ITEM_DESCRIPTION TEXT,

mysql_query() can't accept 2 query strings. First argument is the query, second is the optional link identifier. You are basically saying "run $insertSQL query on the $insertSQL_b database connection". You have to use two different mysql_query() function calls, one with each query string. $result1 = mysql_query($insertSQL, $connect) or die(mysql_error()); $result2 = mysql_query($insertSQL_b, $connect) or die(mysql_error());

Short PHP tags is a bad practice, use full <?php ?> always. It all comes down to this line: print('<a href="photos.php?cat_id='.$cat_id.'&pic_id='.$pic_id.'"><img src="images/'.$location.$file_name.'" width="100" border="0"></a>'); Check for $pic_id > 0 before that line, if the condition is false, execute above said line, else skip it. If you want cleaner code (or at least more organized) try a mini front controller aproach... Before doing anything check all the GET vars. If $pic_id is PROPERLY set you know you only have to display a single image. If it is not set then check for a properly set $cat_id and display the thumbnails, or else just display the categories. The usual simple way is with an $action variable, like $action=thumbnails&cat_id=3 or $action=display&pic_id=76. Then you only check for the proper action (with an if-ifelse-else or a switch() conditional) and act accordingly using the rest of the GET variables supplied. Keeps things more organized. After that a whole world opens up which leads to full front controllers, page controllers, mvc and whatnot. Cheers.

I don't see the POST variable "dob" set anywhere, you have three distinct variables dob_DD, dob_MM and dob_YYYY (Through PHP generated forms I assume...) but no plain 'dob' anywhere in the form. So I assume your "DOB" column is empty for all users in the database and you are searching for an empty date on an empty column wich evaluates to true always. Also, the HTTP_VARS_* arrays are horribly deprecated, you should use $_POST, $_GET and similar arrays instead. You should also try not to skip braces in the if conditional blocks, it makes the code harder to understand and leads to errors. And finally, using globals (i.e. global $sErr) is a very bad practice unless you really know what you are doing. Cheers.

The script is working as intended, you have to realize that converting foot/inches height into decimals does not work that well. 5'11" to decimal is 5.11 which is clearly lower than 5.5 and higher than 5.0 Possible solutions would be creating two separate columns in the DB, one for feet and one for inches and sort by feet then inches. Or a more ugly approach is check if the $in variable is less than 10, and in that case divide it by 1000 rather than by 100. Not too sure about that though... You'd have to re-format them again when displaying them.

It will work as long as $error_text[$error_display[0]] is a numeric value... I think you are confusing array keys with array values. Does $error_display[0] hold a numeric value? or the error text?.

Try changing the format of all the cookie values, from this: $userValue = "$result[username]"; to this: $userValue = $result['username'];

733407 is the number of days. Convert it to the current number of seconds and then use strftime(); <?php $time = 733407*24*60*60; $date = strftime("%Y-%m-%d", $time); echo $date; //Should output YYYY-MM-DD ?>