premiso

http://www.google.com/search?hl=en&q=php+users+online+script+tutorial&btnG=Google+Search Google is your friend. First result: http://www.phpeasystep.com/phptu/9.html

curl_setopt($ch,CURLOPT_POSTFIELDS,array('id'=>$id,'xml'=>$xml)); Where is $id being set?

Read up on AJAX. You would create a page then populate an array, then echo the array after it has been json_enocoded'd. I would point you to jQuery, google that it makes AJAX a ton easier, plus you are likely to find some really good, clean examples of how to use it.

Thus you are not POSTing to that form. How is the URL to be transferred to that update page?

Do me a favor and do this: <?php print_r($_POST); die(); $nav_results = mysql_query("SELECT * FROM navigation"); while($field = mysql_fetch_array($nav_results)) { $id = $field['ID']; //For sake of simplicity echo "<tr><td align='center'><input type='text' name='". $field['Name'] ."' value='". $field['Name'] ."' class='field2' /></td>\n"; echo "<td align='center'><input type='text' name='URL' value='". $field['URL'] ."' class='field2' /></td>\n"; echo "<td align='center'><a href='$id'>Up</a> | <a href='$id'>Down</a></td>\n"; echo "<td align='center'><a href='nav_settings.php?delete='$id'>Delete</a></td></tr>\n"; } if(!empty($_POST['URL'])) //Update existing link { $id = $field['ID']; //For sake of simplicity $old_link = mysql_real_escape_string($_POST['URL']); $update = mysql_query("UPDATE navigation SET URL='$old_link' WHERE ID='$id'"); } else { echo 'Unable to update right: ' .mysql_error(). ' '; } ?> And paste what that prints out.

<?php $one_way = (isset($_POST['one_way'])) ? $_POST['one_way'] : null; if (!is_null($one_way)) { //execute query in here. } ?>

$_POST['URL'] is empty if it is throwing that error. Check your POST variables.

<form name="delete_form" id="delete" method="post" action=""> <input type="hidden" name="delete" value="delete" /> <label for="DelID"><h4>Enter Conatact ID:</h4></label> <input type="text" name="DelID" id="DelID"><br /> <label for="button"></label> <input type="submit" name="del" id="del" value="DELETE"> </form> Try that and it should work.

<?php $sql = "SELECT * FROM dos, diagnosis, icu WHERE dos.dos_id = diagnosis.dos_id AND icu.id_incr = '" . $_GET['id'] . "' AND dos.pt_id = '" . $_GET['id'] . "' order by dos_id, diagnosis.billing_date"; // changed this. $result = mysql_query($sql) or die ("Invalid query: " . mysql_error ()); echo "<table>"; $i=0; while ($row = mysql_fetch_assoc ($result)) { if ($row['billing_date'] != $oldDate) { if ($i != 0) { echo implode(", ", $diagnos) . '</td></tr>'; } echo '<tr>'; echo "<td> pt_id: " . $row['pt_id'] ."</td>"; echo "<td>" . $row['patient'] . " " ."</td>"; echo "<td>" . $row['billing_date'] ."</td>"; echo "<td>"; $diagnos = array(); $i++; // moved this down here cause it would have never incremented. } $diagnos[] = $row['diagnosis']; $oldDate = $row['billing_date']; } echo implode(", ", $diagnos) . "</td></tr></table>"; ?>

But I don't think I had a variable $a, anywhere, that had a list of anything to be got/accessed by the GET function. Isn't that required for the $_GET['a'] thing to happen? I don't even know what the a variable was, but I believe it was just used a as to be say that if you put anything in after a in http://www.boundkingdom.com/index.php?a=ind.htm, it would work. I mean I am really bad at understanding this stuff now, but I am really trying. . . my brain though is literally trying to implode from trying to learn it right now. Passing a through the url sends it as a GET variable. The real danger with your code, is if someones does a ../../ etc they can potentially include any file, or even view files (.htpasswd) they are not suppose to. My suggestion would be to replace the $a line with this: <?php $a = isset($_GET['a'])?basename($_GET['a']):'index.htm'; if (file_exists($a)) { include ($a); } ?> basename will filter out them trying to do a ../ etc and just get the filename to include. I would highly suggest you read up on $_GET variables if that confuses you.

No clue, test it and see. It seems like alot of extra code imo, why not just surround the top most element with the try { } catch, if it is thrown on the 2nd or 3rd nested loop it will still catch it and avoid having that extra, unessecary code in there.

Or freakin learn to code before asking for help. L2CODE buddy. Plenty of free tutorials online for registration system, also plenty of free PHP and MySQL books online. When you actually have code written and are receiving an error/problem then post here for the answer to that problem/question. As far as someone telling you each step to do it in, no thanks. No one on here gets paid to do all the work for someone, freelance forum is your best bet.

while ($row = mysql_fetch_assoc ($result)) { if ($row['billing_date'] != $oldDate) { if ($i != 0) { echo implode(", ", $diagnos) . '</td></tr>'; $i++; } echo '<tr>'; echo "<td> pt_id: " . $row['pt_id'] ."</td>"; echo "<td>" . $row['patient'] . " " ."</td>"; echo "<td>" . $row['billing_date'] ."</td>"; echo "<td>"; $diagnos = array(); } $diagnos[] = $row['diagnosis']; $oldDate = $row['billing_date']; } echo implode(", ", $diagnos) . "</td></tr></table>"; Not the cleanest, but it will work.

$sql = "select LinkIndex from Links where CustomerNum = ".$custId." and LinkOrder = ".$linkorder; $dbArray1 = $dbObj->query($sql); if (!is_array($dbArray1) && count($dbArray1) > 0) { foreach ($dbArray1 as $row) { // modify the rest as follows } } That would give you your error checking back. Make sure it returned an array and there is more than 1 element in an array, if not either there is no data or there was an error.

ini_set("session.gc_maxlifetime", 3600); This assumes you are allowed to use ini_set. and the $timeout you were setting it to I do not think was accurate. To check use ini_get and see.

True, but how often is that...? What is more likely to occur is the user stays on the site, switches to a new tab and continues browsing, or be like me and leave my computer on, and on the same pages for weeks at a time. Then I just refresh the page to look at it. Timeout is definitely the fail-safe way to do it and make sure your results are accurate. Cause if a user does not respond with in 5minutes, they are probably not gonna respond for another 5-10. I just want him to get accurate, fail-safe results on this. Setting the timeout would ensure that.

Better to code for the future, I would add this in one of your included pages <?php if (!function_exists('json_encode')) { function json_encode($a=false) { if (is_null($a)) return 'null'; if ($a === false) return 'false'; if ($a === true) return 'true'; if (is_scalar($a)) { if (is_float($a)) { // Always use "." for floats. return floatval(str_replace(",", ".", strval($a))); } if (is_string($a)) { static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"')); return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"'; } else return $a; } $isList = true; for ($i = 0, reset($a); $i < count($a); $i++, next($a)) { if (key($a) !== $i) { $isList = false; break; } } $result = array(); if ($isList) { foreach ($a as $v) $result[] = json_encode($v); return '[' . join(',', $result) . ']'; } else { foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v); return '{' . join(',', $result) . '}'; } } } ?> That will do the exact thing that json_encode does, and you can use the same name. Then when you upgrade to PHP5 all your code should still work without having to change it.

<?php create table categories ( catid INT(11) NOT NULL auto_increment, parentid INT(11) NOT NULL default '0', catname varchar(50) NOT NULL, catseoname varchar(50) NOT NULL, disporder INT(3) NOT NULL default '0', primary key(catid) ); */ mysql_connect("localhost", "root", ""); mysql_select_db("cat"); /* my test data insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test1', 'test1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-1', 'test1-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('1', 'Test1-2', 'test1-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-1', 'test2-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('0', 'Test2', 'test2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-3', 'test2-2', '2'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('6', 'Test2-2-2', 'test2-2-2', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('6', 'Test2-2-1', 'test2-2-1', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('5', 'Test2-3', 'test2-2', '2'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('7', 'Test2-2-2-1', 'test2-2-2-1', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('7', 'Test2-2-2-2', 'test2-2-2-2', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('7', 'Test2-2-2-3', 'test2-2-2-3', '0'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('3', 'Test1-2-1', 'test1-2-1', '1'); insert into categories (`parentid`, `catname`, `catseoname`, `disporder`) VALUES ('3', 'Test1-2-2', 'test1-2-2', '0'); */ function retrieveCategoryList($parentid=false) { if ($parentid === false) { $query = mysql_query("SELECT catid, parentid, catname, catseoname, disporder FROM categories WHERE parentid = 0 ORDER BY disporder, catname"); }else { $query = mysql_query("SELECT catid, parentid, catname, catseoname, disporder FROM categories WHERE parentid = " . $parentid . " ORDER BY disporder, catname"); } $numRows = mysql_num_rows($query); $catArray = "none"; if ($numRows > 0) { $catArray=array(); while ($row = mysql_fetch_assoc($query)) { $catArray[$row['catname']]['id'] = $row['catid']; $catArray[$row['catname']]['parentid'] = $row['parentid']; $catArray[$row['catname']]['catseoname'] = $row['catseoname']; $catArray[$row['catname']]['catname'] = $row['catname']; $catArray[$row['catname']]['disporder'] = $row['disporder']; $catArray[$row['catname']]['subcats'] = retrieveCategoryList($row['catid']); } } return $catArray; } function displayCats($cat=false, $charDisp=0) { if (!$cat) { if ($charDisp != 0) { $cats = retrieveCategoryList($charDisp); }else { $cats = retrieveCategoryList(); } foreach ($cats as $cat) { displayCats($cat); } }else { echo str_repeat("_", $charDisp) . $cat['catname'] . "<br />"; if ($cat['subcats'] != "none") { foreach ($cat['subcats'] as $value) { displayCats($value, $charDisp+1); } } } } displayCats(false, 6); echo "<pre>"; // Lets just pull out a set of categories. print_r(retrieveCategoryList()); ?> You would want to look up on recursion, but there is an example. The above returns an array for you to use how you want to.

The point I am trying to get acrossed is that you do not need to modify the smarty class. By using the example below you are setting the template_dir without changing the smarty class period. <?php include(smartyclasshere); $template = "my/template/dir"; $smarty = new Smarty; $smarty->template_dir = "templates/$template"; ?> Will set the template_dir to "templates/my/template/dir" without doing any modification to the class code of smarty. The code I posted above with smarty, would be to show you the way you "wanted" to do it. But as I stated before it is uneseccary to do that since smarty offers the solution I just posted above $smarty->template_dir to dynamically set the template_dir to what you want it to be.

$sql = "SELECT * FROM dos, diagnosis, icu WHERE dos.dos_id = diagnosis.dos_id AND icu.id_incr = '" . $_GET['id'] . "' AND dos.pt_id = '" . $_GET['id'] . "' order by dos.billing_date"; $result = mysql_query ($sql) or die ("Invalid query: " . mysql_error ()); echo "<table>"; $i=0; while ($row = mysql_fetch_assoc ($result)) { if ($row['billing_date'] != $oldDate) { if ($i != 0) { echo '</tr>'; $i++; } echo '<tr>'; } echo "<td> pt_id: " . $row['pt_id'] ."</td>"; echo "<td>" . $row['patient'] . " " ."</td>"; echo "<td>" . $row['billing_date'] ."</td>"; echo "<td>diagnosis: " . $row['diagnosis'] ."</td>"; $oldDate = $row['billing_date']; } echo "</table>";

Maybe that was where I was having the issue, is that some browsers would not do this, so it was not fail-safe and I wanted it to be fail-safe. But you could do the cron job to cleanup anything past x-minutes and use ajax to send a call to the page onunload to set the database. A mixture of the two would yield the best results so you have both. Another issue with just using the javascript onunload, is like for instance me in firefox. I tend to have multiple windows and multiple tabs. I could open a new tab and goto a different site and forget about your site being loaded, then it would seem like i was active on the site until I come back to it and close or refresh it. But yea, that is just my opinion a mixture of the two would probably be the best way to get near accurate results. EDIT: As far as which support it, I am not sure, check Opera, Chrome and Safari. I think earlier versions of IE6 did not support it. Also, if the user has javascript disabled, the onunload would not work, but the image file would still work with the timeout, another reason why to use the img with a cronjob at least as the base then the javascript as a bonus, if the javascript fails you still have the img.php standalone code that will keep you straight.

Weird...I just tried it an it worked. I could have sworn that it did not use to work due to the browser close...I will re-research that, but after testing that it worked on my end so yea. I will verify my research and see where I came up with that.

Wow that is dangerous stuff, you are not verifying a and you were using register_globals on (which is why it is not working now cause they are off like they should be) I would verify the input first and make sure that file exists. To access $a now it will be $_GET['a'];

About the same, instead of updating the user_logged table, you would update a field in site_x table that has total time. Same logic, you just change that one part.

SQL is secure enough as long as you code for it. As far as encrypting the email address, that is not a good idea unless you can decrypt it. Cause if you cannot decrypt (md5 does not allow decryption) than having that email in there is useless. Probably 99% of databases leave it unencrypted, because the code should protect it. Names are the same way, if they are encrypted they do you no good if you cannot decrypt them, and if you can decrypt them someone else can too. Passwords are about the only thing that should be encrypted, with a 1-way MD5 hash. At least that is my take on it.