MadTechie

all 3 can.. but php will require a refeash we need more info

still example 1,

example 1 as example 2 isn't passing anything!

no, no, like this <?php /error_reporting(E_USER_WARNING); session_start(); ?> <html> <head> <meta http-equiv="Content-Language" content="en-gb"> <meta http-equiv="Content-Type" content="text/html; charset=WINDOWS-1252"> <title>Propertyeagle.co.uk: Search Properties</title> </head> <body> <p><img border="0" src="logo.GIF" > <font face="Verdana" size="1"> <br> <?php $tempflag= $_GET['id']; if ($tempflag == '1') { $keywords=$_POST['keywords']; //keywords $keywordscriteria=$_POST['R1']; //keywords criteria $minprice=$_POST['minprice']; //minimum price $maxprice=$_POST['maxprice']; //maximum price $daysposted=$_POST['daysposted']; //how many days back to search $resultsortcriteria=$_POST['R2']; //criteria used to sort results $resultsortcriteriab=$_POST['R2']; //criteria used to fix problem with checkbox not sticking //Strip any possibly malicous PHP or HTML code out of all te variables used on this page $keywords=strip_tags ($keywords); $minprice=strip_tags ($minprice); $maxprice=strip_tags ($maxprice); $daysposted=strip_tags ($daysposted);

after a very quick review.. that seams fine..

My Post = Quick and Cheap toplay Post = nicely done..

not really.. what are you passing to it ? if your passing the same data to many functions then use OOP

you need to find the a common phone spec, or the minimum spec you can build to.. iframes are old and maybe pure AJAX would be better..

i assume your talking about SQL injection.. or XSS.. $username = addslashes($_POST['username']); $sql = "select * from USERS where username = $username"; $usermessage = htmlentities(POST['message']); echo $usermessage; if that doesn't help, please post more detail..

you could use a temp file, cookies, database, GET/POST.. maybe eaiser to help if we know what your attemping to do

compatible will be a problem, ie non javascript browers etc.. you can remove the iframe and use purely AJAX's, but no matter what route i think of your going to have atleast some compatible issules or a flickering page.. do you have a idea of the standard spec you wish to work to (ie the browser spec for mobile phones)

try this, your get the idea (review code below) <?php // includes include("../inc/conn.inc.php"); include("../inc/validate.inc.php"); ?> <?php $from_date = $_REQUEST['from_date']; $to_date = $_REQUEST['to_date']; if ($_POST['submit']) { $REPS=""; if($_REQUEST['reps'] != "") { $REPS = "AND TMR_Name = '".$_REQUEST['reps']."' "; } $sql_prop = "SELECT * FROM $db.iStock WHERE Trans_Date BETWEEN '".$from_date."' AND '".$to_date."' $REPS ORDER BY Trans_Date ASC"; $result_prop = mysql_query($sql_prop); $sql_date = "SELECT * FROM $db.iStock WHERE Trans_Date BETWEEN '".$from_date."' AND '".$to_date."' $REPS ORDER BY Trans_Date ASC"; $result_date = mysql_query($sql_date); $rs_date = mysql_fetch_array($result_date); //summation $sql_prop2 ="SELECT SUM(Quantity) AS total_quantity, SUM(Income) AS total_income, SUM(Purchased) AS total_purchased, SUM(Month_Income) AS total_month_income FROM $db.iStock WHERE Trans_Date BETWEEN '".$from_date."' AND '".$to_date."' $REPS ORDER BY Venue_Name ASC"; $result_prop2 = mysql_query($sql_prop2) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_rows", $_SERVER['REMOTE_ADDR'])); $rs_prop2 = mysql_fetch_array($result_prop2); //// $sql_rows = "SELECT COUNT(*) FROM $db.iStock WHERE Trans_Date BETWEEN '".$from_date."' AND '".$to_date."' $REPS"; $result_rows = mysql_query($sql_rows); $rs_rows = mysql_fetch_array($result_rows); $numrows = $rs_rows[0]; } else { $sql_prop="SELECT * FROM $db.iStock ORDER BY Venue_Name ASC"; $result_prop = mysql_query($sql_prop) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_rows", $_SERVER['REMOTE_ADDR'])); //summation $sql_prop2 ="SELECT SUM(Quantity) AS total_quantity, SUM(Income) AS total_income, SUM(Purchased) AS total_purchased, SUM(Month_Income) AS total_month_income FROM $db.iStock ORDER BY Venue_Name ASC"; $result_prop2 = mysql_query($sql_prop2) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_rows", $_SERVER['REMOTE_ADDR'])); $rs_prop2 = mysql_fetch_array($result_prop2); ///// $sql_rows = "SELECT COUNT(*) FROM $db.iStock ORDER BY Venue_Name ASC"; $result_rows = mysql_query($sql_rows) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_rows", $_SERVER['REMOTE_ADDR'])); $rs_rows = mysql_fetch_array($result_rows); $numrows = $rs_rows[0]; $sql_date_row ="SELECT MAX(Trans_Date) AS to_date_max, MIN(Trans_Date) AS from_date_min FROM $db.iStock"; $result_date_row = mysql_query($sql_date_row); $rs_date_row = mysql_fetch_array($result_date_row); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title></title> <link href="../styles/opus_db.css" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- .style39 {font-size: 24px} .style41 {font-size: 12px; padding-left: 10px; font-family: Arial, Helvetica, sans-serif;} .style42 {color: #558ED5} --> </style> <link href="../styles/opus_db_print.css" media="print" rel="stylesheet" type="text/css" /> </head> <body> <table width="778" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#000000" bgcolor="#BECADE"> <tr> <td valign="middle"><p align="right" class="head1"><br /> <span class="style39"> iStock Online </span></p> <table width="782" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF"> <!--DWLayoutTable--> <tr> <td id="nodisplay" width="172" height="299" valign="top" bgcolor="#E9EDF4"><p class="head2"><strong> <u>Menu</u> </strong></p> <p class="body2"><strong>Online stock management<br /> </strong><a href="alerts.php" style="color:#000000"><span class="style41">Alerts</span></a><br /> <span class="body3"><a href="current_outlet.php" style="color:#000000;">Current Outlet stock bal</a></span><br /> <a href="sales.php"><span class="body3 " style="color:#000000">Sales to date</span></a><br /> <span class="body3"><a href="model.php" style="color:#000000">Model stock settings</a></span></p> <p class="body2"><strong>Management Reports<br /> </strong><span class="body3 style42"><strong>Sales to Outlets</strong></span><br /> <span class="body3">Sales by SKU</span><br /> <span class="body3">Monthly report</span><br /> <span class="body3">Rep Monthly Report</span><br /> <span class="body3">Invoice Reports</span> </p> <p class="body2"><strong>Outlet sales<br /> </strong>Outlet sales/turnover</p> <p class="body2"><strong>Diagnostic Report</strong> </p></td> <td width="610" valign="top"><form name="searchform" method="post" action="sales_to_outlets.php"> <table id="nodisplay" width="610" height="213" dir="ltr"> <tr> <td height="32" colspan="3" bgcolor="#558ED5"><span class="style37"> Sales to Outlet</span></td> </tr> <tr> <td style="padding-left:5px; padding-right:2px;" width="103" height="23" bgcolor="#E9EDF4" class="style35">From Date: </td> <td height="23" colspan="2" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"> <?php if ($_POST['submit']) { ?> <input name="from_date" type="text" id="from_date" value="<?= $_REQUEST['from_date']; ?>" /> <? } else { ?> <input name="from_date" type="text" id="from_date" value="<?= $rs_date_row['from_date_min']; ?>" /></td> <? } ?> </tr> <tr> <td style="padding-left:5px; padding-right:2px;" height="23" bgcolor="#E9EDF4" class="style35">To Date: </td> <td height="23" colspan="2" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"><span class="style35"> <?php if ($_POST['submit']) { ?> <input name="to_date" type="text" id="to_date" value="<?= $_REQUEST['to_date']; ?>" /> <? } else { ?> <input name="to_date" type="text" id="to_date" value="<?= $rs_date_row['to_date_max'];?>" /> <? } ?> </span></td> </tr> <tr <?php if (is_int($i/2)) print "bgcolor=\"#558ED5\""; ?>> <td style="padding-left:5px; padding-right:2px;" height="23" bgcolor="#E9EDF4" class="style35">Region</td> <td height="23" colspan="2" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"><select name="region" id="region"> <option value="" selected="selected">All Areas</option> <?php $sql_props = "SELECT * FROM $db.iStock"; $result_props = mysql_query($sql_props) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_props", $_SERVER['REMOTE_ADDR'])); $area_list = array(); while($rs_props = mysql_fetch_array($result_props)) { if (!in_array($rs_props['Venue_Area'], $area_list)) array_push($area_list, $rs_props['Venue_Area']); } asort($area_list); foreach($area_list as $area) { print "<option value=\"".$area."\">".ucwords($area)."</option>"; } ?> </select> </td> </tr> <tr <?php if (is_int($i/2)) print "bgcolor=\"#558ED5\""; ?>> <td style="padding-left:5px; padding-right:2px;" height="23" bgcolor="#E9EDF4" class="style35">Representative</td> <td height="23" colspan="2" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"> <select name="reps"> <option selected="selected" value="%">All Reps</option> <?php $sql_props = "SELECT * FROM $db.iStock"; $result_props = mysql_query($sql_props) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_props", $_SERVER['REMOTE_ADDR'])); $area_list = array(); while($rs_props = mysql_fetch_array($result_props)) { if (!in_array($rs_props['TMR_Name'], $area_list)) array_push($area_list, $rs_props['TMR_Name']); } asort($area_list); foreach($area_list as $area) { print "<option value=\"".$area."\">".ucwords($area)."</option>"; } ?> </select> </td> </tr> <tr <?php if (is_int($i/2)) print "bgcolor=\"#558ED5\""; ?>> <td style="padding-left:5px; padding-right:2px;" height="23" bgcolor="#E9EDF4" class="style35">Outlet</td> <td height="23" colspan="2" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"><select name="outlets" id="outlets"> <option value="" selected="selected">All Outlets</option> <?php $sql_props = "SELECT * FROM $db.iStock"; $result_props = mysql_query($sql_props) or die(error_report("Mysql Error", mysql_error()."\n\n$sql_props", $_SERVER['REMOTE_ADDR'])); $area_list = array(); while($rs_props = mysql_fetch_array($result_props)) { if (!in_array($rs_props['Venue_Name'], $area_list)) array_push($area_list, $rs_props['Venue_Name']); } asort($area_list); foreach($area_list as $area) { print "<option value=\"".$area."\">".ucwords($area)."</option>"; } ?> </select> </td> </tr> <tr <?php if (is_int($i/2)) print "bgcolor=\"#558ED5\""; ?>> <td style="padding-left:5px; padding-right:2px;" height="23" bgcolor="#E9EDF4" class="style35">Output Media </td> <td height="23" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"><a href="javascript:window.print()">Print Report</a> </td> <td width="342" height="23" bgcolor="#E9EDF4" class="style35" style="padding-left:5px; padding-right:2px;"><a href="3">Excel Download</a> </td> </tr> <tr> <td height="23" colspan="3" bgcolor="#D0D8E8"><input name="submit" type="submit" id="submit" value="Submit" /></td> </tr> </table> </form> <? if (($from_date = $_REQUEST['from_date']) || ($to_date = $_REQUEST['to_date'])) { ?> <p class="body3"><strong>Report Generated:</strong> From <span class="style10"> <?= $_REQUEST['from_date']; ?> </span> to <span class="style10"> <?= $_REQUEST['to_date']; ?> </span><br /> <strong>Representative:</strong> <span class="style10"> <?= $_REQUEST['reps']; ?> </span><br /> </p> <? } ?> <table width="610" height="144" dir="ltr"> <tr> <td width="56" height="32" bgcolor="#558ED5"><span class="style37"> Rep</span></td> <td width="102" height="32" bgcolor="#558ED5"><span class="style37"> Outlet</span></td> <td height="32" bgcolor="#558ED5"><span class="style37"> Sales to Date</span></td> <td height="32" colspan="4" bgcolor="#558ED5"><div align="right"><span class="style37"> <span class="body-text"> Displaying <?= $numrows;?> records </span></span></div></td> </tr> <tr> <td width="56" height="29" bgcolor="#558ED5"><span class="style35"></span></td> <td width="102" height="29" bgcolor="#558ED5"><span class="style35"></span></td> <td width="139" height="29" bgcolor="#558ED5"><span class="style34"> Var</span></td> <td width="71" height="29" bgcolor="#558ED5"><div align="center"><span class="style34">Total Packs purchased<br /> since installation</span></div></td> <td width="69" height="29" bgcolor="#558ED5"><div align="center"><span class="style34">Total<br /> income generated</span></div></td> <td width="65" height="29" bgcolor="#558ED5"><div align="center"><span class="style34">Ave purchased per month</span></div></td> <td width="76" height="29" bgcolor="#558ED5" class="body"><div align="center">Total <br /> monthly <br /> income <br /> generated </div></td> </tr> <?php $i = 0; while ($rs_prop = mysql_fetch_array($result_prop)) { ?> <tr <?php if (is_int($i/2)) print "bgcolor=\"#558ED5\""; ?>> <td style="padding-left:5px; padding-right:2px;" width="56" height="23" bgcolor="#E9EDF4" class="style35"><span class="style10"> <?= ucwords($rs_prop["TMR_Name"]); ?> </span></td> <td style="padding-left:5px; padding-right:2px;" width="102" height="23" bgcolor="#E9EDF4" class="style35"><span class="style10"> <?= ucwords($rs_prop["Venue_Name"]); ?> </span></td> <td style="padding-left:5px; padding-right:2px;" width="139" height="23" bgcolor="#E9EDF4" class="style35"><span class="style10"> <?= ucwords($rs_prop["L_Code_Code"]); ?> </span></td> <td width="71" height="23" bgcolor="#E9EDF4" class="style35"><div align="center"><span class="style10"> <?= ucwords($rs_prop["Quantity"]); ?> </span></div></td> <td width="69" height="23" bgcolor="#E9EDF4" class="style35"><div align="center"><span class="style10">R <?= ucwords($rs_prop["Income"]); ?> </span></div></td> <td width="65" height="23" bgcolor="#E9EDF4" class="style35"><div align="center"><span class="style10"> <?= ucwords($rs_prop["Purchased"]); ?> </span></div></td> <td height="23" bgcolor="#E9EDF4" class="style35"><div align="center">R <?= ucwords($rs_prop["Month_Income"]); ?> </div></td> </tr> <?php $i++; } ?> <tr> <td height="23" colspan="3" bgcolor="#D0D8E8" class="body"><div align="right"><strong>Totals: </strong></div></td> <td height="23" bgcolor="#D0D8E8" class="style35"><div align="center"> <?= $rs_prop2['total_quantity']; ?> </span></div></td> <td height="23" bgcolor="#D0D8E8" class="style35"><div align="center"> R <?= $rs_prop2['total_income']; ?> </div></td> <td height="23" bgcolor="#D0D8E8" class="style35"><div align="center"> <?= $rs_prop2['total_purchased']; ?> </div></td> <td height="23" bgcolor="#D0D8E8" class="style35"><div align="center"> R <?= $rs_prop2['total_month_income']; ?> </div></td> </tr> <tr> <td height="23" colspan="7" bgcolor="#D0D8E8"><div align="right" class="body3"> </div></td> </tr> </table> <p> </p></td> </tr> </table></td> </tr> </table> <p> </p> </body> </html> <script> <?php function dropdown($values, $form) { foreach($values as $key => $value) { print "document.".$form.".".$key.".value = \"".$value."\";\n"; $i++; } } if (eregi($_SERVER['PHP_SELF'], $_SERVER['HTTP_REFERER'])) { $dropdown['reps'] = $_POST['reps']; //$dropdown['status'] = $_POST['status']; //$dropdown['Status'] = $_POST['Status']; $validate->dropdown($dropdown, "searchform"); } ?> //ddType(document.searchform.type); </script>

My first thought, is can you use code tags [.code][/.code] (without the dots) as its a pain to read the code otherwise second thought, your using where ac_id='".$_POST['id']."'" thus it will only update that id.. can we see the form.. code below is unchanged but eaiser to read for anyone else <?php $title="Vehicle Allocation Sheet"; $title2=$Title."<center>Stats</center></font></u>"; $msg = $Body."<center>"; { $sq2l="UPDATE cars SET reg='".$_POST[reg]."', type='".$_POST['type']."', tail='".$_POST['tail']."', grg='".$_POST['grg']."', mark='".$_POST['mark']."', status='".$_POST['status']."', active=".$_POST['active']."', allocation=".$_POST['allocation']."', nextserv=".$_POST['nextserv']."' where ac_id='".$_POST['id']."'"; if(mysql_query($sql2,$conn)) { $msg.=$Body."Database updated successfully<br><a href=index.php?page=management&managementpage=users&use=view>Click here edit Again</a><br> <br><a href=admin.php>".$Body."Admin page</font></u></b></a><br> <a href=index.php>".$Body."Home</font></u></b></a><br>"; } $sql="select * from cars where grg=3 order by tail ASC"; $query = mysql_query($sql); $msg.= "<center><img src=images/avatars/car.gif>"; $msg .= "<table border=1 align=center><tr><td><strong>Allocation</strong></td><td><strong>Tail</strong></td><td><strong>Reg</strong></td><td><strong>Type</strong></td><td><strong>Mark</strong></td><td><strong>Hours</strong></td><td><strong>Status</strong></td><td><strong>Next Service</strong></td></tr>"; while($row = mysql_fetch_row($query)) { $query_hours = "SELECT sec_to_time(sum(time_to_sec(t2.duration))) AS duration_sum FROM carst1, car_reports t2 WHERE t1.reg=\"".$row[5]."\" AND t1.reg=t2.cars"; $result_hours = mysql_query($query_hours); if (mysql_numrows($result_hours) > 0) { $time = mysql_result($result_hours,0,"duration_sum"); } { if($row['10'] == 0) { $UnServiceable = "selected"; } elseif($row['10'] == 1) { $Serviceable = "selected"; } if($row['12'] == 0) { $Minor = "selected"; } elseif($row['12'] == 1) { $Major = "selected"; } elseif($row['12'] == 2) { $Minorstar = "selected"; } $msg .= "<tr align=center><td><input type=\"text\" name=\"allocation\" value=\"".$row['11']."\"></td><td><strong>".$row['6']."</strong></td><td>".$row['5']."</td><td>".$row['1']."</td><td>".$row['2']."</td><td>".$time."</td> <td><select name=\"".$row['10']."\"><option value=0 ".$UnServiceable.">UnServiceable</option><option value=1 ".$Serviceable.">Serviceable</option></select> <td><select name=\"".$row['12']."\"><option value=0 ".$Minor.">Minor</option><option value=1 ".$Major.">Major</option><option value=2 ".$Minorstar.">Minor Star</option></select><td>".$row['10']."</td><td>".$row['12']."</td></tr>"; } } $msg.="</table>"; } ?>

try this <?php $result = mysql_query("SELECT show FROM optionaltext WHERE id= 1"); $row = mysql_fetch_array($result); $show= $row['show']; // So $show will have the value Y or N. $sel = ($show == "Y")?"checked=\"checked\"":""; echo "Would you like this page to be displayed?<br/>"; echo "option<input type=\"radio\" name=\"show\" value=\"Y\" $sel>"; echo "option<input type=\"radio\" name=\"show\" value=\"N\" $sel>"; ?>

tr this $sql = "SELECT p.id, p.uid, u.id, u.country, u.id as uID, p.id as pID FROM provide_cameraman p, user_data u WHERE p.id = 1 AND u.id = p.uid"; $row[uID] = user_data id $row[pID] = provide_cameraman id

try this <?php function parse_mysql_dump($url, $ignoreerrors = false) { $file_content = file($url); $query = ""; foreach($file_content as $sql_line) { $tsl = trim($sql_line); if (($tsl != "") && (substr($tsl, 0, 2) != "--") && (substr($tsl, 0, 1) != "#")) { $query .= $sql_line; if(preg_match("/;\s*$/", $sql_line)) { $result = mysql_query($query); if (!$result && !$ignoreerrors) die(mysql_error()); $query = ""; } } } } ?>

try this, <?php //$checkline="checkline"; //unused $name=$_POST["name"]; $address=$_POST["address"]; if(empty($name) || empty($address)) { echo "Please Enter name and email"; die; } //darkfreaks email checker if (!preg_match("/^( [a-zA-Z0-9] )+( [a-zA-Z0-9\._-] )*@( [a-zA-Z0-9_-] )+( [a-zA-Z0-9\._-] +)+$/" , $address)) { echo "Error, email not valid"; die; } $namelen=strlen($name); if ($namelen<5) { echo "Error, name entered is under 5 characters long."; die; } $efile=fopen("eregistrations.txt","a+") ; if ($efile) { $inuse = false; while ( !feof($efile) && !$inuse) { $f_name = trim(fgets($efile)); $f_address = trim(fgets($efile)); if($f_name == $name) { echo "user '$name' is already used<br>\n"; $inuse = true; } if($f_address == $address) { echo "email '$address' is already used<br>\n"; $inuse = true; } } if(!$inuse) { fwrite ($efile, $name . "\n"); fwrite ($efile, $address . "\n"); echo"Registration Succesful, Thank you $name"; echo"<br>You will be one of the first to recieve all of our amazing offers!<br>" ; echo"You will recieve your username and password soon, Check your inbox.<br>" ; echo"Please click your browsers back button to return to fonecave.<br>" ; } fclose($efile); } ?>

LOL, explode seams less of a pain after seeing that

also echo "<a href="http://craigh.tlcrepair.net/movieset.php?favmovie=$myfavmovie'>" should be echo "<a href='http://craigh.tlcrepair.net/movieset.php?favmovie=$myfavmovie'>";

checked folder permission ?

if you want a javascript solution then your in the wrong section, as for a php solution try this <?php $myarray = array("test1" => 1, "test2" => 2, "test3" => 3); echo "<form method=\"POST\" enctype=\"application/x-www-form-urlencoded\">\n"; echo "<select name=\"test\">\n"; foreach($myarray as $K => $V) { $sel = ($V == $_POST['test'])?"selected = \"selected\"":""; echo "<option value=\"$V\" $sel>$K</option>\n"; } echo "</select>\n"; echo "<input type=\"submit\" value=\"tester\" />\n"; echo "</form>\n"; ?>

sure you need to escape the quotes ie echo "<img src=\"theimage.jpg\" width=\"100\" height=\"200\">"; you could also do this echo "<img src='theimage.jpg' width='100' height='200'>"; or even echo '<img src="theimage.jpg" width="100" height="200">';

okay try this instead.. $Query = "SELECT * FROM analyzer_query"; its not what we want but i would like to see if the error still occurs also try $Query = "SELECT * FROM Activity_Log";

The way i get started, is by building a small system, then expanding it.. also buy a book, and try the examples.. it has to be something your enjoy to keep you intrested but not to hard to put you off

your welcome