MadTechie

$sql="INSERT INTO newsletter (fname, lname, phone, dob, email) VALUES ('$_POST[fname]'; '$_POST[lname]'; '$_POST[phone]'; '$_POST[dob]'; '$_POST[email]')"; should be $sql="INSERT INTO newsletter (fname, lname, phone, dob, email) VALUES ('{$_POST['fname']}', '{$_POST['lname']}', '{$_POST['phone']}', '{$_POST['dob']}', '{$_POST['email']}')";

Welcome Can you click topic solved bottom left (if this is solved)

i just quickly wrote this should be okay <?php echo RandomChar(10, true); echo "<br>"; echo RandomChar(50, false); function RandomChar($length, $unique = true) { $chars1 = range('A', 'Z'); $chars2 = range('a', 'z'); $charset =array_merge($chars1, $chars2); $nums = range('0', '1'); $charset =array_merge($charset, $nums); if(count($charset) < $length && $unique) { die("CharSet less than $length Chars"); } $Rand = ""; shuffle($charset); if($unique) { foreach($charset as $R) { $Rand .= $R; } $Rand = substr($Rand, 0,$length); }else{ for($n;$n<$length;$n++) { $k = array_rand($charset); $Rand .= $charset[$k]; } } return $Rand; } ?>

IE7 Blocks it, (see IE7 Security/privacy settings) Your need to use something new.. cookies,sessions, GET etc

Set the cookie before output so move the script to the start of the file and see code below comment <?php if (isset ($_POST['login'])) { $username=trim($_POST['username']); $pass=trim($_POST['pass']); if (empty($username) || empty($pass)) { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; echo "<font color='red'>Please Enter Username and Password!</font>"; } else { $passok = "0"; $file=fopen("userlogincheck21071985.txt","r") ; while ( !feof($file)) { $f_user = trim(fgets($file)); $f_password = trim(fgets($file)); if ($f_user == $username && $f_password == $pass) { $passok = "1"; //ADD COOKIE HERE setcookie("login", $username, time()+3600); //whatever! } } echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; if ($passok =="0") { echo "<FONT color='red'>Ivalid Login</font>"; } if ($passok =="1") { echo "<FONT color='red'>Login Successful</font>"; } } } else { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; } ?>

yep.. i find it easier to manage/debug and update later (of course you don't need to tab it out like i have)

20 should be $namequery=mysql_query("SELECT teams.* FROM teams LEFT JOIN ladder ON teams.team_tid = ladder.ladder_lteamid WHERE teams.team_tid=$team_tid") or die(mysql_error()); note the extra ) and a ; removed

to fix your use if(mysql_num_rows($sql)!=0 && !empty($_POST['fname']) && !empty($_POST['lname']) && !empty($_POST['email']) && !empty($_POST['userN']) && !empty($_POST['pass']) && !empty($_POST['repass']) && $_POST['pass']==$_POST['repass'] && $pass_len > 5 && $pass_len < 11 && $user_len > 3 && $user_len < 51){ EDIT: note the !=0 (mysql_num_rows($sql)!=0 &&

change $namequery=mysql_query("SELECT teams.* FROM teams LEFT JOIN ladder ON teams.team_tid = ladder.ladder_lteamid WHERE teams.team_tid=$team_tid;"); //UPDATED to $namequery=mysql_query("SELECT teams.* FROM teams LEFT JOIN ladder ON teams.team_tid = ladder.ladder_lteamid WHERE teams.team_tid=$team_tid;") or die(mysql_error()); //UPDATED

what was the problem with the code i posted ?

sounds right to me.. is that not what you are expecting!

use a form to upload as normal (this is the preview) when you click preview, upload and display on the page.. the upload will be temp storage.. now while your previewing.. use a form with hidden fields to store the data (same as the ones used to create the preview) but now when they click upload you save that data to a keep area.. <?php switch($_GET['mode']) { case "upload": //do upload stuff (move to keep area) break case "preview": //do preview stuff (upload to temp area) }?>

try this.. long winded but will revele the problem with the if <?php $valid = false; if(mysql_num_rows($sql)==0) { if(!empty($_POST['fname'])) { if(!empty($_POST['lname'])) { if(!empty($_POST['email'])) { if(!empty($_POST['userN'])) { if(!empty($_POST['pass'])) { if(!empty($_POST['repass'])) { if($_POST['pass']==$_POST['repass']) { if($pass_len > 5) { if($pass_len < 11) { if($user_len > 3) { if($user_len <51) { $valid = true; }else{echo "user over 51";} }else{echo "user Under 3 chars";} }else{echo "pass over 11";} }else{echo "Pass Under 5 chars";} }else{echo "Passwords Don't match";} }else{echo "pass Not Set";} }else{echo "pass Not Set";} }else{echo "userN Not Set";} }else{echo "email Not Set";} }else{echo "lname Not Set";} }else{echo "fName Not Set";} }else{echo "Name Taken";} if(!$valid) { die("error"); } ?>

i just reviewed the if statement shouldn't it be && instead of ||?

try this <?php // Start String Function function escape_ladder_data($data) { global $connect; if (ini_get('magic_quotes_gpc')) { #$date = stripslashes($data); //TYPEO $data = stripslashes($data); //TYPEO FIXED } return mysql_real_escape_string(trim($data), $connect); } // End String Function // Start Get Team Name Function function getteamname($team_tid) { $namequery=mysql_query("SELECT teams.* FROM teams LEFT JOIN ladder ON teams.team_tid = ladder.ladder_lteamid WHERE teams.team_tid=$team_tid;"); //UPDATED $nameinfo=mysql_fetch_array($namequery); $nameinfo['ladder_lteamid']=stripslashes(trim(htmlspecialchars($nameinfo['ladder_lteamid']))); $nameinfo['team_tname']=stripslashes(trim(htmlspecialchars($nameinfo['team_tname']))); return $nameinfo['team_tname']; } // End Get Team Name Function ?>

the key is teams.team_tid = ladder.ladder_lteamid; they must match IE teams - team_tid teamA - 1 teamB - 2 teamC - 3 teamD - 4 ladder - ladder_lteamid Atest1 - 1 Atest2 - 1 Atest3 - 1 Atest4 - 1 Btest1 - 2 Btest2 - 2 Btest3 - 2 Btest4 - 3 will should return teamA - Atest1 teamA - Atest2 teamA - Atest3 teamA - Atest4 teamB - Atest1 teamB - Atest2 teamB - Atest3 teamB - Atest4

do you have entries on the ladder for the other teams ?

'PASSWORD('$confirmnew')' to PASSWORD('$confirmnew') 'PASSWORD('$newpassword')' to PASSWORD('$newpassword')

something like this SELECT teams.* FROM teams LEFT JOIN ladder ON teams.team_tid = ladder.ladder_lteamid;

What.. $uid is NOT a function! where is it set? <?php if (isset($_POST['submit2'])) { $oldpassword = escape_data($_POST['oldpassword']); $newpassword = escape_data($_POST['newpassword']); $confirmnew = escape_data($_POST['confirmnew']); //WHERE is $uid comming from ? $password = mysql_query("SELECT password FROM users WHERE user_id = '$uid' and password = 'PASSWORD('$confirmnew')'") OR DIE(mysql_error()); if(mysql_num_rows($password)>0) { if ($newpassword == $confirmnew) { $update = "UPDATE users SET password = 'PASSWORD('$newpassword')' where user_id='$uid'" or die(mysql_error()); mysql_query($update) or die(mysql_error()); echo '<h3>Password Changed!</h3>'; } else { echo '<h3>New password and confirmed password to not match</h3>'; } } else { echo '<h3>Current passwords do not match</h3>'; } } ?>

try this <?php if (isset($_POST['submit2'])) { $oldpassword = escape_data($_POST['oldpassword']); $newpassword = escape_data($_POST['newpassword']); $confirmnew = escape_data($_POST['confirmnew']); //WHERE is $uid comming from ? $password = mysql_query("SELECT password FROM users WHERE user_id = '$uid' and password = 'PASSWORD('$password')'") OR DIE(mysql_error()); if(mysql_num_rows($password)>0) { if ($newpassword == $confirmnew) { $update = "UPDATE users SET password = 'PASSWORD('$password')' where user_id='$uid'" or die(mysql_error()); mysql_query($update) or die(mysql_error()); echo '<h3>Password Changed!</h3>'; } else { echo '<h3>New password and confirmed password to not match</h3>'; } } else { echo '<h3>Current passwords do not match</h3>'; } } ?> EDIT: quick fix WHERE is $uid comming from ?

may want to look into JOIN http://dev.mysql.com/doc/refman/5.0/en/join.html

erm you did something wrong.. post what you have

32bit will still work on 64bit system.. not useful i know.. just wanted to remove some of the hate

well thats a security risk.. if you do, do that then just remove the oneway encryption.. but your need to reset all the passwords PS the examples above should work..