joshgarrod

How do you mean? I just replaced the query line and all I get again is an error. It seems to be finding the results but it won't display them. It prints a message saying how many there are?

hello all. i have a poblem, i have a bar down the side of my website and it shows all of the different makes from my classified adverts and how many of them there are. the user then clicks on link and it should then only show the results matching that description. it knows how many there are when it loads the search page, however, it doesn't show any results. here is my code: <?php // Get the search variable from URL $var = @$_GET['q'] ; $trimmed = trim($var); //trim whitespace from the stored variable // rows to return $limit=100; // check for an empty string and display a message. if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } // check for a search parameter if (!isset($var)) { echo "<p>We dont seem to have a search parameter!</p>"; exit; } //connect to your database mysql_connect("ipaddr","usr","pass"); //(host, username, password) //specify database mysql_select_db("db") or die("Unable to select database"); //select which database we're using // Build SQL Query $query = "select * from classifieds where make like \"%$trimmed%\" order by make"; $numresults=mysql_query($query); $numrows=mysql_num_rows($numresults); if ($numrows == 0) { echo "<p>Sorry, your search: "" . $trimmed . "" returned zero results</p>"; } // next determine if s has been passed to script, if not use 0 if (empty($s)) { $s=0; } // get results $query .= " limit $s,$limit"; $result = mysql_query($query) or die("Couldn't execute query"); // display what the person searched for echo "<p>You searched for: "" . $var . "", there are $numrows caravans matching this criteria</p>"; while ($row= mysql_fetch_array($result)) { $ref = $row["ref"]; $make = $row["make"]; $model = $row["model"]; $year = $row["year"]; $berth = $row["berth"]; $weightun = $row["weightun"]; $weightla = $row["weightla"]; $lengthin = $row["lengthin"]; $lengthex = $row["lengthex"]; $image1 = $row["image1"]; $price = number_format($row["price"]); //formatting the price field to use a thousand separator echo '$berth'; echo "<div id=\"caravan_row\">"; echo "<div id=\"logo\"><a href='view_used_caravan.php?ref=$ref'><img src=\"images/$make.gif\" border=\"0\" alt=\"$make caravan\" title=\"$make caravan\" width=\"66\" height=\"83\"/></a></div>"; if ($image1 == "uploads/") { echo "<div id=\"image\"><a href=\"view_used_caravan.php?ref=$ref\"><img src=\"images/icon_no_photo.gif\" alt=\"$make $model $year\" width=\"100\" height=\"75\" border=\"0\" /></a></div>"; } else { echo "<div id=\"image\"><a href='view_used_caravan.php?ref=$ref'><img src=\"$image1\" border=\"0\" alt=\"$make $model $year\" width=\"100\" height=\"75\" title=\"$make $model $year\" /></a></div>"; } echo "<div id=\"specifications\">"; echo "<div id=\"make\"><h1></strong>$make $model</h1></div>"; echo "<div id=\"price\"><span class=\"price\">£$price</span></div>"; echo "<div id=\"more\"><a href='view_used_caravan.php?ref=$ref' title=\"More info on the $make $model $year \">More info>></a></div>"; echo "<div id=\"year\"><strong>Year: </strong>$year</div>"; echo "<div id=\"weightun\"><strong>MIRO: </strong>$weightun kg</div>"; echo "<div id=\"berth\"><img src=\"images/$berth.gif\" class=\"berth\" />$berth berth</div>"; echo "<div id=\"weightla\"><strong>MTPLM: </strong>$weightla kg</div>"; echo "<div id=\"lengthex\"><strong>Shipping length: </strong>$lengthex ft</div>"; echo "<div id=\"lengthex\"><strong>Location: </strong>$county</div>"; echo "</div>"; echo "</div>"; } ?> many thanks in advance

brilliant, I can never spot my little errors, thanks V much

Hi, I am trying to create a list of all of the different types of makes that are listed in my database and how many of them, (similar to how eBay has down the left side) but I am getting the following warning: I cannot figure it out, any ideas, here is my code: <?php $query = "select make, count(make) from classifieds where make in (select distinct make from classifieds) group by make"; $result = mysql_query($query); while($row = mysql_fetch_assoc($query)){ echo $row['make'].' ('.$row['count(make)'].')<br />'; } ?> Thanks in advance

Hi, I am trying to give the option to add data to more than one table if required, at the moment if the user selects a second category as apposed to selecting none it inserts the data only into one table: <?php if ($_POST['submit']) { $seccat = mysql_real_escape_string($_POST['seccat']); $category = mysql_real_escape_string($_POST['category']); if ($seccat == "None") { $title = mysql_real_escape_string($_POST['title']); $descr = mysql_real_escape_string($_POST['descr']); $stocknu = mysql_real_escape_string($_POST['stocknu']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $image = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $SQL = "INSERT INTO $category"; $SQL .= " (title, descr, stocknu, price, category, image) VALUES "; $SQL .= " ('$title','$descr','$stocknu','$price', '$category', '$image') "; } else { $title = mysql_real_escape_string($_POST['title']); $descr = mysql_real_escape_string($_POST['descr']); $stocknu = mysql_real_escape_string($_POST['stocknu']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $image = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $SQL = "INSERT INTO $category"; $SQL .= " (title, descr, stocknu, price, category, image) VALUES "; $SQL .= " ('$title','$descr','$stocknu','$price', '$category', '$image') "; $title = mysql_real_escape_string($_POST['title']); $descr = mysql_real_escape_string($_POST['descr']); $stocknu = mysql_real_escape_string($_POST['stocknu']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $image = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $SQL = "INSERT INTO $seccat"; $SQL .= " (title, descr, stocknu, price, category, image) VALUES "; $SQL .= " ('$title','$descr','$stocknu','$price', '$category', '$image') "; } ?>

i am using a search word that i no should bring results, so i am not using spaces atm. noting seams to be happening at all? Sorry I am slowly learning php but this is out of my league!

hi thanks, for the reply, i replaced: $find_array = explode(" ", $find); $find_sql = ""; // init with: $find = str_replace(" ","%",$find); $sql = "SELECT * FROM `database` WHERE `table` LIKE '%".$find."%'"; and it does the same... ?

Hi, my search script is not working correctly, i send a search but it just refreshes the page with no results returned, where am i going wrong? thanks in advance. PHP <?php $find = $_POST['find']; //This is only displayed if they have submitted the form if ($searching =="yes") { echo "<h2>Results</h2><hr>"; //If they did not enter a search term we give them an error if ($find == "") { echo "<p>Please enter a search term"; exit; } // Otherwise we connect to our Database mysql_connect("ip_addy", "usr", "pass") or die(mysql_error()); mysql_select_db("databsae") or die(mysql_error()); // We preform a bit of filtering $find = strtoupper($find); $find = strip_tags($find); $find = trim ($find); //Now we search for our search term, in the table the user specified $find_array = explode(" ", $find); $find_sql = ""; // init foreach ($find_array as $temp) $find_sql .= "upper($field) LIKE '%".$temp."%' OR"; // note only need to do the substr once, the second time was removing the other %' $find_sql = substr($find_sql, 0, -3); // throw away last OR statement $sql = "SELECT * FROM $field WHERE $find_sql"; $data = mysql_query($sql) OR DIE("SQL Was: " . $sql . "<br />ERROR: " . mysql_error()); $sql = mysql_query("SELECT * FROM $field"); $num = mysql_num_rows($sql); if ($num > 0) { // There's a result } else { // No results found. }//And we display the results while($result = mysql_fetch_array( $data )) { echo "<b>Title: </b>"; echo $result['title']; echo "<br>"; echo "<b>Description: </b>"; echo $result['descr']; echo "<br>"; echo "<b>URL: Click here to view more details: </b>"; echo "<a href=\"view_vehicle_accessory_$field".$result['ref']."\">More Details >></a>"; echo "<br>"; echo "<hr>"; } //This counts the number or results - and if there wasn't any it gives them a little message explaining that $anymatches=mysql_num_rows($data); if ($anymatches == 0) { echo "Sorry, but we can not find an entry to match your query<br><br>"; } //And we remind them what they searched for echo "<b>Searched For:</b> " .$find; } ?> HTML: <form action="<?=$PHP_SELF?>" method="post" name="search" class="style1"> Seach for: <input type="text" name="find" /> in <Select NAME="field"> <option value="electrics">Electrics</option> <option value="gas">Gas</option> <option value="towing">Towing</option> <option value="water">Water</option> <option value="kitchen">Kitchen</option> <option value="furniture">Furniture</option> <option value="security">Security</option> <option value="stepslevel">Steps & Levelling</option> </Select> <input type="hidden" name="searching" value="yes" /> <input type="submit" name="search" value="Search" /> </form>

Hi, I have a form that submits info into my table and is supposed to upload 4 images too. It uploads the first 1 but the others dont work.... any ideas, thanks in advance PHP: <?php $idir = "uploads/"; // Path To Images Directory if (isset ($_FILES['fupload'])){ //upload the image to tmp directory $url = $_FILES['fupload']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload']['type'] == "image/jpg" || $_FILES['fupload']['type'] == "image/jpeg" || $_FILES['fupload']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload']['tmp_name'], "$idir" . $_FILES['fupload']['name']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload2'])){ //upload the image to tmp directory $url = $_FILES['fupload2']['name2']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload2']['type'] == "image/jpg" || $_FILES['fupload2']['type'] == "image/jpeg" || $_FILES['fupload2']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload2']['name2'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload2']['tmp_name'], "$idir" . $_FILES['fupload2']['name2']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload3'])){ //upload the image to tmp directory $url = $_FILES['fupload3']['name3']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload3']['type'] == "image/jpg" || $_FILES['fupload3']['type'] == "image/jpeg" || $_FILES['fupload3']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload3']['name3'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload3']['tmp_name'], "$idir" . $_FILES['fupload3']['name3']); // Move Image From Temporary Location To Permanent Location } } if (isset ($_FILES['fupload4'])){ //upload the image to tmp directory $url = $_FILES['fupload4']['name4']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload4']['type'] == "image/jpg" || $_FILES['fupload4']['type'] == "image/jpeg" || $_FILES['fupload4']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload4']['name4'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload4']['tmp_name'], "$idir" . $_FILES['fupload4']['name4']); // Move Image From Temporary Location To Permanent Location } } error_reporting (E_ALL ^ E_NOTICE); $usr = "61854"; $pwd = "65165"; $db = "5165"; $host = "21.50"; # connect to database $cid = mysql_connect($host,$usr,$pwd); if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); } if ($_POST['submit']) { $make = mysql_real_escape_string($_POST['make']); $model = mysql_real_escape_string($_POST['model']); $year = mysql_real_escape_string($_POST['year']); $berth = mysql_real_escape_string($_POST['berth']); $weightun = mysql_real_escape_string($_POST['weightun']); $weightla = mysql_real_escape_string($_POST['weightla']); $lengthin = mysql_real_escape_string($_POST['lengthin']); $lengthex = mysql_real_escape_string($_POST['lengthex']); $awning = mysql_real_escape_string($_POST['awning']); $spec = mysql_real_escape_string($_POST['spec']); $price = mysql_real_escape_string($_POST['price']); $contactname = mysql_real_escape_string($_POST['contactname']); $contactnum = mysql_real_escape_string($_POST['contactnum']); $contactemail = mysql_real_escape_string($_POST['contactemail']); $county = mysql_real_escape_string($_POST['county']); $image1 = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']); $image2 = mysql_real_escape_string("$idir" . $_FILES['fupload2']['name2']); $image3 = mysql_real_escape_string("$idir" . $_FILES['fupload3']['name3']); $image4 = mysql_real_escape_string("$idir" . $_FILES['fupload4']['name4']); $password = mysql_real_escape_string($_POST['password']); $model_chk = (!isset($_POST['model']) || trim($_POST['model']) == "") ? die ('ERROR: Enter a model') : mysql_escape_string(trim($_POST['model'])); $SQL = " INSERT INTO table"; $SQL .= " (make, model, year, berth, weightun, weightla, lengthin, lengthex, awning, spec, price, contactname, contactnum, contactemail, county, image1, image2, image3, image4, password) VALUES "; $SQL .= " ('$make', '$model', '$year', '$berth', '$weightun', '$weightla', '$lengthin', '$lengthex', '$awning', '$spec', '$price', '$contactname', '$contactnum', '$contactemail', '$county', '$image1', '$image2', '$image3', '$image4', '$password') "; ?> HTML: <input type = "hidden" name="MAX_FILE_SIZE" value = "102400"> <div class="input_row"><div class="input_titles">Select image:</div><div class="input_box"><input type = "file" name = "fupload"></div></div> <div class="input_row"><div class="input_titles">Select image:</div><div class="input_box"><input type = "file" name = "fupload2"></div></div> <div class="input_row"><div class="input_titles">Select image:</div><div class="input_box"><input type = "file" name = "fupload3"></div></div> <div class="input_row"><div class="input_titles">Select image:</div><div class="input_box"><input type = "file" name = "fupload3"></div></div>

Is it going to be a case of rearranging the code lots as it does the count first of the total amount of records in the database, what would I need to do?

Hi, my script currently produces a list of all my results from my table, however than can be as many as 200 results and for practicality i have paginated them to 10 per page, but someone is not going to sit and scan through the whole list so I would like to create a keyword search facility. I am not sure as to how exactly I would go about this with my pagination script, what is my best bet? Here is my current script: <?php error_reporting (E_ALL ^ E_NOTICE); $records_per_page = 10; //number of records to be displayed per page (!$_GET['start']) ? $start = 0 : $start = $_GET['start']; mysql_connect("host", "usr", "pass") or die(mysql_error()); mysql_select_db("db") or die(mysql_error()); $query = "SELECT COUNT(*) FROM spares"; $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error()); $row = mysql_fetch_row($result); $total_records = $row[0]; echo "<p>We currently have $total_records spare parts listed</p>"; echo "</div>"; if (($total_records > 0) && ($start < $total_records)) { $orderby = "ASC"; $query = ("SELECT * FROM spares ORDER BY ref $orderby LIMIT $start, $records_per_page"); $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error()); echo "<div id=\"next_prev\">"; if ($start >= $records_per_page) { echo "<a href=" . $_SERVER['PHP_SELF'] . "?start=" . ($start-$records_per_page) . " class=\"next_prev\"><< Previous Page</a> "; } if ($start+$records_per_page < $total_records && $start >= 0) { echo "<a href=" . $_SERVER['PHP_SELF'] . "?start=" . ($start+$records_per_page) . " class=\"next_prev\">Next Page >></a>"; } echo "</div>"; while($row = mysql_fetch_object($result)) { //$price = number_format($row->price); //formatting the price field to use a thousand separator Print "<div id=\"spares_row\">"; Print "<div class=\"image_info\"><a href='view_caravan_spare.php?ref=$row->ref'><img src=\"$row->image\" border=\"0\" height=\"75\" width=\"100\" alt=\"$row->title\" title=\"$row->title\" /></a><br />"; Print "<a href='view_used_caravan.php?ref=$row->ref' title=\"More info on the $row->title\">More info>></a></div>"; Print "<div id=\"specifications\">"; Print "<div id=\"title_title\"><strong>Description: </strong></div><div id=\"answer\">$row->title</div>"; Print "<div id=\"title_title\"><strong>Part no.: </strong></div><div id=\"answer\">$row->partno</div>"; Print "<div id=\"title_title\"><strong>Price: </strong></div><div id=\"answer\">£$row->price</div>"; Print "</div>"; Print "</div>"; } } echo "<div id=\"next_prev\">"; if ($start >= $records_per_page) { echo "<a href=" . $_SERVER['PHP_SELF'] . "?start=" . ($start-$records_per_page) . " class=\"next_prev\"><< Previous Page</a> "; } if ($start+$records_per_page < $total_records && $start >= 0) { echo "<a href=" . $_SERVER['PHP_SELF'] . "?start=" . ($start+$records_per_page) . " class=\"next_prev\">Next Page >></a>"; } echo "</div>"; ?>

thanks v much, works now

ok, I will try that thank you

I have an image uploader and submitting form, the form uploads the image and stores it in a folder called "uploads", then I need to find the name of the image and store it in the database field "image" so that it knows where to source the image from when I process the data. All it does at the mo is puts "uploads/" into the databse. Can any body help please? PHP: <?php $idir = "uploads/"; // Path To Images Directory if (isset ($_FILES['fupload'])){ //upload the image to tmp directory $url = $_FILES['fupload']['name']; // Set $url To Equal The Filename For Later Use if ($_FILES['fupload']['type'] == "image/jpg" || $_FILES['fupload']['type'] == "image/jpeg" || $_FILES['fupload']['type'] == "image/pjpeg") { $file_ext = strrchr($_FILES['fupload']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['fupload']['tmp_name'], "$idir" . $_FILES['fupload']['name']); // Move Image From Temporary Location To Permanent Location if ($copy) { // If The Script Was Able To Copy The Image To It's Permanent Location print '' .$url . ' Image uploaded successfully.<br />'; // Was Able To Successfully Upload Image } } } error_reporting (E_ALL ^ E_NOTICE); $usr = "usr"; $pwd = "pass"; $db = "fb"; $host = "host"; # connect to database $cid = mysql_connect($host,$usr,$pwd); if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); } if ($_POST['submit']) { $title = mysql_real_escape_string($_POST['title']); $descr = mysql_real_escape_string($_POST['descr']); $partno = mysql_real_escape_string($_POST['partno']); $price = mysql_real_escape_string($_POST['price']); $avail = mysql_real_escape_string($_POST['avail']); $image = mysql_real_escape_string($_POST['image']); $SQL = "INSERT INTO spares"; $SQL .= " (title, descr, partno, price, avail, image) VALUES "; $SQL .= " ('$title','$descr','$partno','$price', '$avail', '$image') "; $result = mysql_db_query($db,$SQL,$cid); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } echo ("<P><B>Congratulations... you have successfully added a new part to the stock list - $image_name</B></P>\n"); } ?> HTML: <input name="image" type="hidden" value="uploads/<?php echo $url; ?>" />

unfortunately that is a little over comprehensive for what I need but thank you for the reply.

Hi all, I have a form which is supposed to submit information to the database about an item and upload an image with it, it submits the data fine but the image doesn't upload, it gets as far as renaming the file and moving it to a temp file but no further, where am I going wrong? PHP: <?php if (isset ($_FILES['fupload'])){ $filename = $_FILES['fupload']['name']; $randomdigit = rand(0000,9999);//create random digit $newfilename = $randomdigit.$filename;//make new file name with random digit //printing file information print "<table>"; print "<tr><td>Original Name:</td><td> ". $_FILES['fupload']['name']."</td></tr>"; print "<tr><td>New Name:</td><td> ".$newfilename."</td></tr>"; print "<tr><td>Size: </td><td>". $_FILES['fupload']['size']."</td></tr>"; print "<tr><td>Temp Name: </td><td>". $_FILES['fupload']['tmp_name']."</td></tr>"; print "<tr><td>Type: </td><td>". $_FILES['fupload']['type']. "</td></tr>"; print "<tr><td>Error: </td><td>". $_FILES['fupload']['error']. "</td></tr>"; print "</table>"; //checking the type of file, if it is image it will display it if ($_FILES['fupload']['type'] == "image/jpeg"){ $source = $_FILES['fupload']['tmp_name']; $target = "uploads/".$newfilename; move_uploaded_file($source, $target); // or die ("Couldnt copy"); //displaying the image $imagesize = getImageSize($target); $imgstr = "<p><img width=\"$size[0]\" height=\"$size[1]\" "; $imgstr .= "src=\"$target\" alt=\"uploaded image\" ></p>"; $yoursite = "http://www.mysite.co.uk/"; $imagepath = $yoursite.$target; print $imgstr; print "The link to your image is: ".$yoursite.$target;//link to the image } } error_reporting (E_ALL ^ E_NOTICE); $usr = "ust"; $pwd = "pass"; $db = "db"; $host = "host"; # connect to database $cid = mysql_connect($host,$usr,$pwd); if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); } if ($_POST['submit']) { $title = mysql_real_escape_string($_POST['title']); $descr = mysql_real_escape_string($_POST['descr']); $partno = mysql_real_escape_string($_POST['partno']); $price = mysql_real_escape_string($_POST['price']); $avail = mysql_real_escape_string($_POST['avail']); $image = mysql_real_escape_string($_POST['image']); $SQL = "INSERT INTO spares"; $SQL .= " (title, descr, partno, price, avail, image) VALUES "; $SQL .= " ('$title','$descr','$partno','$price', '$avail', '$image') "; $result = mysql_db_query($db,$SQL,$cid); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } echo ("<P><B>Congratulations... you have successfully added a new part to the stock list</B></P>\n"); } ?> HTML form: <form enctype="multipart/form-data" action="<?php print $_SERVER['PHP_SELF'] ?> " method ="post"> <div class="input_row"> <div class="input_titles">Title:</div> <div class="input_box"><INPUT NAME="title" TYPE="text" id="title" VALUE="" SIZE=50> /div> </div> <div class="input_row"><div class="input_titles">Description:<br /><br />(Use this space to add further descriptive text about this spare part e.g. dimensions etc.)</div><div class="input_box"><textarea name="descr" cols="50" rows="10" id="descr" type="text" value="" /></textarea></div></div> <div class="input_row"><div class="input_titles">Part number:</div><div class="input_box"><input name="partno" type="text" id="partno" value="" size="10" /></div></div> <div class="input_row"><div class="input_titles">Price (£) :</div><div class="input_box"><input name="price" type="text" id="price" value="" size="15" />(number only, no commas or pound signs)</div></div> <div class="input_row"><div class="input_titles">In stock:</div><div class="input_box"><input name="avail" type="text" id="avail" value="" size="4" />(number only)</div></div> <input name="image" type="hidden" value="<?php $imagepath ?>" /> <input type = "hidden" name="MAX_FILE_SIZE" value = "102400"> <div class="input_row"><div class="input_titles">Select image:</div><div class="input_box"><input type = "file" name = "fupload"></div></div> <div class="input_row"><div class="input_titles"><input name="submit" type="submit" value="Add part" /></div></div> </FORM>

Hi, i have a script that is "supposed" to submit data to my databse, but it is not working. I can't figure out why, the error tells me it is something to do with my sql syntax? <?php error_reporting (E_ALL ^ E_NOTICE); $usr = "ust"; $pwd = "pword"; $db = "db"; $host = "ipad"; # connect to database $cid = mysql_connect($host,$usr,$pwd); if (!$cid) { echo("ERROR: " . mysql_error() . "\n"); } if ($_POST['submit']) { $title = mysql_real_escape_string($_POST['title']); $desc = mysql_real_escape_string($_POST['desc']); $partno = mysql_real_escape_string($_POST['partno']); $price = mysql_real_escape_string($_POST['price']); $avail = mysql_real_escape_string($_POST['avail']); $image = mysql_real_escape_string($_POST['image']); $SQL = " INSERT INTO spares"; $SQL .= " (title, desc, partno, price, avail, image) VALUES "; $SQL .= " ('$title', '$desc', '$partno', '$price', '$avail', '$image') "; $result = mysql_db_query($db,$SQL,$cid); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } echo ("<P><B>Your itemhas been added to our classified section</B></P>\n"); } ?>

thanks for your help, works just as it should now!

Hi, I know I submitted a thread earlier and marked it as solved but I realised my method only required someone to right click and view source to find the password to enter to delete the record. i have figured a new method but am having trouble sourcing the password for the record I am trying to delete, any ideas? <?php $con = mysql_connect("serv","usr","pass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("db", $con); $id=$_POST['id_delete']; $password_entered = $_POST['password_entered']; $query = ("SELECT password from classifieds WHERE ref'$_POST[id_delete]'"); $result = mysql_query($query); while($row = mysql_fetch_array($result)) { $hidden_password = $row ['password']; if ($password_entered == $hidden_password) { mysql_query("DELETE from classifieds where ref='$_POST[id_delete]'"); mysql_close(); header("location:thankyou.html"); exit(); } else { header("location:error.html"); exit(); } } ?> This is the error I get:

sorted it! thanks for your help guys

i have tried that too and it has no effect...

it still doesn't work with that line, my if statement doesn't seem to be checking the two variables properly as you can enter the wrong password and it still goes to thankyou.html but does not delete the record

ok, thanks, i added exit(); after header and it now redirects me to the thankyou.html but the it does not delete the record. and i just realised it goes to the thank you page even if password is wrong

i have a system where people can submit adverts and when they do so they also enter a password, so if their item is sold they can view their advert and enter their password into a form on it and if they match up delete the record. At the moment i am seeing the url in address bar but the page comes up blank when you submit the password. Advert view with delete form: <?php $password = $info ['password']; $ref = $info ['ref']; echo "<h2>Is this your item, and has it been sold?</h2>"; echo "<p>Simply type the password you entered when submitting the item and it will be removed from our website instantly.</p>"; echo "<form method=\"POST\" action=\"delete_item.php?ref=".$info['ref']."\"> Password: <input type=\"text\" name=\"password_entered\" size=10> <input name=\"hidden_password\" type=\"hidden\" value=\"$password\" /> <input name=\"id_delete\" type=\"hidden\" value=\"$ref\" /> <input type=\"submit\" value=\"Sold\"> </form>"; ?> delete item: <?php $con = mysql_connect("serv","usr","pass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("db", $con); $id=$_GET['id_delete']; $password_entered = $_GET['password_entered']; $hidden_password = $_GET['hidden_password']; if ($password_entered == $hidden_password) { mysql_query("delete from classifieds where ref='$id'"); mysql_close(); header("location:thankyou.html"); } else { echo "You entered the wrong password"; } ?>

awesome got it working, thanks so much for your help