premiso

The javascript way is a halfassed way imo. <?php error_reporting(E_ALL); require('secure.php'); include "dateheader.php"; include "connectdb.php"; $newdate = date("Y-m-d", strtotime($_POST['rcf_date'])); // echo "newdate:" . $newdate . "<br>"; // commented out as it will cause header issues. $current_date = date ("m/d/y"); $query = "SELECT * FROM `icu` WHERE `id_incr` = '".$_POST['id_incr']."' "; $result = mysql_fetch_array(mysql_query($query)) or die(mysql_error()); // echo "<br> problist:" . $result['problist']; // commented out as it will cause header issues. $problist = $result['problist']; if($problist != $_POST[problist]) { $problist_date = date("Y-m-d H:i:s"); } else { $problist_date = $result['problist_date']; } $todo = $result['todo']; if($todo != $_POST[todo]) { $todo_date = date("Y-m-d H:i:s"); } else { $todo_date = $result['todo_date']; } $sql = "UPDATE icu SET rm_loc = '" . mysql_real_escape_string($_POST['rm_loc']) . "', patient = '" . mysql_real_escape_string($_POST['patient']) . "', mrn = '" . mysql_real_escape_string($_POST['mrn']) . "', age = '" . mysql_real_escape_string($_POST['age']) . "', race = '" . mysql_real_escape_string($_POST['race']) . "', gender = '" . mysql_real_escape_string($_POST['gender']) . "', attg = '" . mysql_real_escape_string($_POST['attg']) . "', cs_doc = '" . mysql_real_escape_string($_POST['cs_doc']) . "', rcf_date = '" . $_POST['rcf_date'] . "', dx = '" . mysql_real_escape_string($_POST['dx']) . "', pmhx = '" . mysql_real_escape_string($_POST['pmhx']) . "', code = '" . mysql_real_escape_string($_POST['code']) . "', allergy = '" . mysql_real_escape_string($_POST['allergy']) . "', todo = '" . mysql_real_escape_string($_POST['todo']) . "', todo_date = '$todo_date', problist_date = '$problist_date', problist = '" . mysql_real_escape_string($_POST['problist']) . "', comments = '" . mysql_real_escape_string($_POST['comments']) . "', signoff_status = '" . $_POST['signoff_status'] . "', rcf_date2 = '$newdate' WHERE id_incr = ".$_POST['id_incr'].""; if (isset($sql) && !empty($sql)) { //echo "<!--" . $sql . "-->"; $result = mysql_query($sql) or die ("Invalid query: " . mysql_error()); } header("Location: displayactive.php"); ?> If you are redirecting you do not need to echo anything. Echoing anything before a header command will cause it to not work. You will also notice I removed the "done" why are you outputting done if you are just redirecting? Anyhow, I hope this helps you better to understand what is going on.

Yes. str_replace or preg_replace will help to get you started. $string = "highlight the word the in this string"; $string = str_replace("the", "<span class=\"highlight\">the</span>", $string);

Well replace the itemid with name. Although this is a poor design for a DB (not 3NF form) that should work. Like I said, I was just trying to paint a picture, you not providing us with code etc is like hte blind leading the blind. You asked howto, I explained it. You never said, "Here is how my DB is setup here is some code I tried can anyone help me modify the code to work." It was more or less, "Can this be done if so how".

Verify that your variable passed in has the text. What does not work right mean? As far as substr is concerned your usage is sound/correct. EDIT: Post an example of the string you are trying to chop and what you expect it to be.

You posted no relevant code or information. You asked that a member deposited 5 items, I am taking it that you have a table of items which is linked to a member by a member id (I need to amend this). The table should have a primary key of "id" (I used itemid to hopefully paint the picture/give you the idea). The as will assign it to the returned array from mysql_fetch_assoc function as $fetchedData['itemcnt']. To do this by member: SELECT count(itemid) as itemcnt, `date` FROM table_name WHERE memberid = '2' GROUP BY `date` Or for all members: SELECT count(itemid) as itemcnt, `date`, memberid FROM table_name GROUP BY `date`, memberid But yea, provide us with code you have tried or current code and you will get far better and much more detailed help.

The \n is where the issue arises, unfortunately. But as long as the other method works you are good. I just figured it would be good for you to have an explanation why it was not working properly. The \n to wordwrap is already separating the string. Alternatively, if \n is meant to do that you might want to look into nl2br as that may be an answer.

Yea, the image is created and display by php and before that is done a counter is initiated and records the hit to the database. Granted you do not need the link, just the image and the image can be a clear pixel so no one sees it.

SELECT count(itemid) as itemcnt, `date` FROM table_name GROUP BY `date`

You want to look into BBCode. http://www.sitepoint.com/article/bb-code-php-application/ For a tutorial on BBCode. Google PHP BBCode for other examples.

Do you understand what urlencode does? As neil stated, jack would be jack. urlencode basically takes a string that may have bad characters (space single quote double quote ampersand) and converts them to save characters to pass through the url world (space amounts to %20). Just so you know why the above is considered "working". An "encoded" jack. How do you want it encoded?

What type of data is held in the job_title, is it just one word? Or does it have a "\n" (line break) or any other weird items like that? wordwrap can be picky. And that could be the issue.

That is really a question for you to figure out. I do not know how these "ladder" tables are created. The issue is that when you add new data to the table you are getting $id from, you should create a new ladder table. I am not sure if that is the right logic, but that is how your logic works. That or have a column of ladderid in that table and use that to pull the right ladder table.

Not in the sense you are using it. I highly suggest turning it off. Register_globals takes data such as $_GET, $_POST and session and cookies and instead of them being an array they are now $variable. This is bad because most people do not fully understand that if you have a session that contains "loggedin" and if that value is true the user is logged in. Given that without proper checks, anyone can pass $loggedin via Get and be considered logged in. That is the short version, do not turn it on. Leave it off. This has nothing to do with your question.

Yes, you can post data from one site to another (that is essentially how some spam bots works).

Wow dude. That is the worst advice ever. Do not turn on register_globals. Horrible horrible advice. This is being removed in PHP 6 and is depreciated in PHP 5 and turned off by default as of PHP 4.2 (thanks pf) due to security issues. register_globals read there for more information on the security risks etc. EDIT: Just because a script is on google does not mean it is coded correct. You should pass that in as a parameter, because it is A the same amount of code or less, and B that way you know what is being passed and you are not second guessing whether that is being changed by another script. Read up on function do not be afraid to pass something as a parameter, that is what functions are meant to do.

That's your issue. Some of the id's are not valid ladder tables.

Let me explain with an example. function header_($header, $setPage=true) { if ($setPage) $_SESSION['last_page'] = $_SERVER['PHP_SELF']; header($header); return true; } That is added in some file that is included. <?php session_start(); include('functions.php'); // has our header function. if (!$_SESSION['loggedin']) { header_("Location: index.php?page=login"); } ?> Simple as that, now the session contains ['last_page'] in it, the user is redirected where you want them to be and you can then redirect them (with or without using header_) to the page they were trying to access.

Echo out the username and gen_id, make sure that they are what you expect them to be from the $_POST code. Chances are something is slightly different and causing the issue.

I already know what you are trying to accomplish. The code more or less gives me that explanation. The issue is, you are getting mal data for that id, so the sql query is trying to pull "ladder_ " which in return is throwing a sql error cause $id was not set. $sql = "SELECT COUNT(*) FROM ladder_$id "; $totalteams=mysql_query($sql) or die("SQL: {$sql} <br />MySQL Returned:" . mysql_error()); Change that to be what I just posted and you will see the error given and it may help you diagnose the problem.

Gotcha. I do not think mod_rewrite would work here, I am unsure how the form is setup, but basically you want them to be able to access that form but look like it is just coming from their page. And I take it the form contains certain data so just using file_get_contents or curl would not work. How I would set it up, is the form.php on the main host server requires an access hash to access that form. Using cURL or the get contents it must be passed via get, then you can use that hash to pull the form from that database, build it up then return it to that page. However, if it is just a simple html form, whats to stop them from just copying it and creating their own file? The hard part will be "Securing" the form from being copied, which I do not think is possible. I could however be interpreting this wrong.

Well making a variable global, when it should be passed as a parameter is one of the contexts. In a function like the above, I would pass $a as a parameter since it is required. Given what you stated, that any file can change what the value might be, sounds like a poor design. You should really use unique variable names and keep them inline so you are not guessing what is being passed. With that example, you would be using them in the wrong context, that is my outlook at least.

You can have a form, where you tell a user to enter the "keyword" and "url" with a comma seperated on each line. IE: (Text area) cnn, http://www.cnn.com help_en, http://www.domain.com/Help/En/ etc. Then just access these via the database, explode at the comma then run through that if for the user. Just be wary, this can be problematic if a user wants it to be. I would do some heavy checks on what is inputted in that form etc.

You can, create an "overrided" header function. Just make sure you put this in a file that is included in every page: function header_($header, $setPage=true) { if ($setPage) $_SESSION['last_page'] = $_SERVER['PHP_SELF']; header($header); return true; } Then just use that, which it should set the session variable and viola.

So in your sql Query, change it to teamid, and that will hopefully solve your issue. Granted, MySQL probably returned an error as that column is probably not defined.

You are querying the result, which is probably throwing an error I hope. if ($result = mysql_query("SELECT username, gen_id FROM users WHERE username='$username' AND gen_id='$gen_id'")) { if (mysql_num_rows($result) > 0) { echo "Pin Matched"; }else { echo "Pin did not match."; } }else{ echo "SQL Error: " . mysql_error(); }