revraz

I wouldn't "clean" the password, since you are hashing it.

Why are you selecting all records in the database? Select only the record where the userid and pw matches the row. "SELECT * FROM logins where 'username' = $useranme and 'password' = $password" You should also be hashing the password as well as sanitizing the username.

You can ask the user how many items they wish to enter, then dynamically create that many form boxes, then just use a Insert statement to enter them one row at a time, but let it cycle for as many rows as you have.

And the syntax error was..

Please keep your questions to just 1 thread.

In regards to your 3 Email Variables, since they are the exact same name, all you are doing is overwriting the previous one with the next one, you need 3 different email variables or an array. Second, you are missing your $ variable character here for Name, Phone_Number and Email. Also, you are using a double quote instead of a single quote after Name. function validate_form ( ) { valid = true; if ( 'Name" == "" ) { alert ( "Please Enter Your Name." ); valid = false; } else if ( 'Phone_Number' == "" ) { alert ( "Please Enter Your Phone Number." ); valid = false; } else if ( 'Email" == "" ) { alert ( "Please Enter Your Email" ); valid = false; } return valid; } All your errors are Typos, and if you used a editor with syntax highlighting or even used this forum's PHP code tags, you would see your errors.

My advice... First, indent your code to make it easier to read. Second, don't sanitize the password, once you hash it, sql injection can't happen. When you sanitize it, you are actually changing the password by removing certain characters if they are being used. Third, try to put session_start() at the top of each script that you use sessions, this will avoid output to the screen before your session is started.

I don't actually see a question or know quite what you are asking. Without seeing code on what you are doing now and what you want to do, it's hard to answer.

Either one of those solutions would work. Just give it a try, that's how you learn.

Posting the errors sure helps

echo $update and post what it returns.

Put your query in a string, then echo it to validate it. Put single quotes around your variables in your insert statement. Use mysql_error after your query to diagnose sql errors. We also don't see your form code, so hard to say if you're doing that part right as well.

So basically you want to remove this chunk? <tr><td class="main"><?php echo '<b><a href="' . tep_href_link(FILENAME_YES,'products_name=' .$product_info['products_name']) . '">' .TEXT_STOCK . '</a></b>';?></td></tr>

I would set a session instead of a cookie, unless you want it to remain the same if they return later directly

drop the seperate day/month/year fields and just use a datetime field.

Change your query to search based on both username and pw, not just pw. Change your update the same way. Try it and post the code you try and we'll help you. BTW, that sounds like a bad tutorial if that's what they proposed.

Sounds like you are looking for Pagination. Try searching for that and see if it's what you are looking for.

I would compare to the PW to a Username's PW, not just the first PW that matches. What if two people have the same PW? Same with the UPDATE, update the Username's row, not by a where clause on the Password.

Suggestion is to add that after any query, also to echo your $query variable to insure all your variables are populated.

When troubleshooting queries, you should use mysql_error after them to check for errors. Suggestion is to add that after any query, also to echo your $query variable to insure all your variables are populate. Your mysql_query parameters are incorrect, dont use $db as a parameter, use mysql_query($query) and an optional $link parameter if so desired.

You start and end PHP code way too much. This is sitting out by itself ('No Comments »', '1 Comment »', '% Comments »'); ?>

SHA is not encryption, it's a hash.

Actually, it should be hashed and not escaped, since it's a PW.

Use a text editor and delete it. How are you uploading your files?

Could also store this in a database and read it from there if you already have one setup.