hoogie

It looks like the problem is that you have this line in your query: WHERE id = $id But the variable $id is not set anywhere in the update page. This means that your query is trying to update all rows that have an empty id field, and since you probably don't have any rows with an empty id field, it's not updating anything. You need to pass the id to the update form using a hidden field, or some other method.

One last question. Is this considered 'good' code?: return another_function('argument 1') && $compare || another_function('argument 2'); It seems unnecessarily obfuscated to me, but maybe that's because I'm just learning about it now. If your employee wrote something like that, would you consider it good code because it's simple, or would you want something more readable?

Ok, this makes sense. I checked, and that function is NOT returning a boolean value, so that must be the problem. Thanks for the explanation!

While going through an instructional book, I ran across some code that I didn't immediately understand. I've stripped it down to the relevant bits: function example($object_a, $object_b) { $compare = $object_a->id == $object_b->id; return another_function('argument 1') && $compare || another_function('argument 2'); } My first confusion was this line: $compare = $object_a->id == $object_b->id; Does this set $compare to TRUE if the ids match and FALSE if they do not? And the second confusion: return another_function('argument 1') && $compare || another_function('argument 2'); What is returned if the ids match? What is returned if they are different? When I try testing this out on my machine, it returns both functions whether or not the ids match, but I know that's not what's supposed to happen. Can anyone break this down for me? Thanks.

PHP has some chart libraries, but from what I've seen they aren't as pretty as what you posted. I'd take a look at jQuery plugins or the Google Chart API. Here's a few places to start: http://www.jscharts.com/home http://www.jqplot.com/ http://code.google.com/apis/chart/

I've just been looking in the online PHP manual. But it's not clear why there are two different escape functions for mysql, or what they do differently.

I apologize if this has been asked before. I'm trying to find out what exactly is the difference between mysql_real_escape_string() and mysqli_real_escape_string(), and haven't had much luck. So far I know that mysqli supports OOP, but mysql does not - are there other differences? Does mysqli escape % and _ characters (I don't think mysql does). I'm not working in an OOP environment, so does it matter which I use? Thanks.

I might not be understanding your question, but here goes: If you want to filter by price range, your code is pretty close to working. On the page with the link, your link should look like this: <a href="www.domain.com.php?product=television&price=1-100">Price (1-100)</a> The code you posted should be changed to this: ini_set('display_errors', 1); error_reporting(-1); $query = "SELECT * FROM productfeed"; if(isset($_GET['description']) && !empty($_GET['description'] )) { $description = $_GET['description']; $query .= " WHERE description like '%$description%'"; } if(isset($_GET['price']) && !empty($_GET['price'])) { $price = explode('-', $_GET['price']); $lowPrice = (int)$price[0]; $highPrice = (int)$price[1]; $query .= " AND price BETWEEN $lowPrice AND $highPrice"; } $query .= " LIMIT 0, 10"; $result = mysql_query($query); while($row = mysql_fetch_assoc($result)) { $id = $row['id']; $image = $row['awImage']; $link = $row['link']; $description = $row['description']; $fulldescription = $row['fulldescription']; $price = $row['price']; echo "<div class='productdisplayshell'> <div class='productdisplayoutline'> <div class='productborder'><center> <a href='$link' target='_blank'><img src='$image' width=\"95%\" /></a> </center> </div></div> <div class='productdescriptionoutline'> <div class='productdescriptionbox'> <a href='$link' target='_blank' >$description</a> </div> <div class='productfulldescriptionbox'>$fulldescription</div> </div> <div class='productpriceoutline'> <div class='productpricebox'> <center>&#163; $price</center> </div> <div class='productbuybutton'> <center><a href='$link' target='_blank' ><img src=/images/buybutton.png /></a></center> </div> </div> </div>"; } if ($_GET['description'] == $description ) { echo 'Sorry, this product is not available. Please visit our <a href="http://www.ukhomefurniture.co.uk">Homepage</a>.'; } if( !$result = mysql_query($query) ) { echo "<br>Query string: $query<br>Produced error: " . mysql_error() . '<br>'; } ?> <?php function sanitizeString($string) { return mysql_real_escape_string($string); } $description = sanitizeString($_GET['description']); $query .= " WHERE description like '%$description%' LIMIT 0, 10"; ?>

At first glance, your problem might be that "LIMIT 0, 10" needs to go at the end of the query. You're tacking on the price AND statement AFTER your LIMIT statement.

It might be time to show some of your code so we can see what's going on.

I think using a mysql database would generally be faster than reading and writing text files - especially if the site gets heavy usage, or if you are going to end up storing a lot of data (saved chats, etc). Another thing to think about is that only one process can write to a file at a time, so if you have 10 users who all do something at about the same time, the person who clicked last will have to wait until all the other users' code has been processed before his will be. My vote would be for mysql.

No, unfortunately not. That would be in the PHP source code, which we can't see. You could always try contacting the owner of the site - if they're not too worried about competition maybe they'd be willing to tell you what they're using.

You can certainly do it this way if you like. To me it would make more sense to use a "sort" variable to the URL instead of a "price" variable. That way you could use one variable for all your links: www.domain.com.php?product=television&sort=price www.domain.com.php?product=television&sort=title www.domain.com.php?product=television&sort=date etc. Just keep in mind that it's really easy for users to enter malicious code in your URL, so be sure to escape these variables before using them in your database.

A lot of times these sorts of sites get their data from a database that is maintained by a third party. For instance, my friend has a website where you can book hotel rooms. It has deals on hotels all across the country. But he doesn't get information from every hotel site or anything like that, he just pays this other company to use a database that they have put together with the information from all of those hotels. When the hotels want to add or change a deal, they just contact that company, the company changes their database, and then every website that uses their database updates automatically. Anyone who is willing to pay can use this database for their site, which is why so many hotel deals sites have the same deals listed. I'm assuming that this site uses something similar.

Just create a new .php file and put the connection information in there. For added security, you can save it outside your document root (more info on that here if you're interested: http://www.tuxradar.com/practicalphp/17/1/3). Then, when you need to run a query, just include that file before the query is run.

Yeah generally you put your database connection information in it's own script and include it when you need to connect. It also makes things a lot easier if the password to your database ever changes.

I guess I just figured that it doesn't hurt. I know it's nearly impossible to fake session data, but I've heard that if you run your website off a shared server that it's technically possible to do so in some instances. Might as well escape it and not have to worry.

He took out the escape and also grabbed the user name from your session info rather than from your form info. If you want to escape the session info (a good idea), just use this code: <?php session_start(); mysql_connect("*************", "*****************", "***************"); mysql_select_db("***********************"); $time = time(); //this checks to see if the $_SESSION variable has been not set //or if the $_SESSION variable has been not set to true //and if one or the other is not set then the user gets //sent to the login page if (!isset($_SESSION['username'])) { header('Location: http://***************.com/login.php'); } $query = "INSERT INTO messages VALUES( NULL, '". mysql_real_escape_string($_POST['message']) ."', '". mysql_real_escape_string($_SESSION['username']) ."', '$time' )";if( $result = mysql_query($query) ) { if(mysql_affected_rows() > 0 ) { echo "Message Posted.<br><a href='messageboard.php'>Return</a>"; } else { echo 'There was an error posting your message. Please try again later.'; } } else { echo "There was a database error."; // comment out next line for live site. echo "<br>Query string: $query<br>Returned error: " . mysql_error() . '<br>'; } ; Then you can safely get ride of the username textbox on your form. This is the simple fix to your problem. The advantage is that it's easy and doesn't require you to change your database structure. The disadvantage is that if your user ever changes their username, it won't change the username on their past messages. If you want it to change those automatically, you'll have to use the userid number instead. This would mean adding a userid field to your message table and then linking the two tables together in your queries. It's up to you how you want to proceed. If you need help rewriting queries, I'm sure people here can assist you.

Yeah, looks like you need the slash in there. Try this: if ($_SERVER['PHP_SELF'] != "/signup.php") { include('login_leftside.tpl'); }

something like this if ($_SERVER['PHP_SELF'] != "signup.php") { include('login_leftside.tpl'); } You might want to test the output of the PHP_SELF first to make sure it's what you want. It might be something like /path/to/signup.php instead. To test it you can simply put this somewhere in your signup.php file, and then load it in your web browser and see what it says. echo $_SERVER['PHP_SELF'];

It means that IF there is exactly one row in the variable $data3 THEN it will execute the rest of the code in the IF block. If $data3 has less or more than 1 row, it will not execute the code and will go instead to the ELSE block. I think the others are right, though - it sounds like you may need to do a little more research to understand how these things work. If you need a good place to start learning, I really like this guide: http://www.tuxradar.com/practicalphp It's easy to read and will give you a good idea of why things work the way they do.

Try: echo mysqli_num_rows($data3); This will show you the number of rows being returned. My guess is that you are getting the error message because your query is returning more than one row with the same tutor_id. Right now your code will only execute if your query returns one row and one row only. Looking at your code, I think that maybe instead of this: if (mysqli_num_rows($data3) == 1) { you might want this: if (mysqli_num_rows($data3) > 0) { But maybe I'm not understanding what you're trying to do.

Holy Moly, PHP has a function for everything! I'm still waiting for the awesome_website() function. Just pass it a variable that says what kind of website you want (music, store, information), and it will put it together for you.

Ok, that's what I thought. First query the comments table for the comment and dtime. Put that into an array. Then query the wallposts table for the wallpost and dtime and put that into the same array. Then you can sort that array according to dtime, and viola, you have an array with all of the comments and wallposts sorted by time. Then you can loop that array and make it look any way you want. Sorry I don't have time to write out the code right now. Hopefully that description makes sense.

I think I'm misunderstanding something - I thought you wanted them all to be in one table, sorted by time. Do you also want there to be some sort of visual cue that shows if they were a comment or a wallpost? I didn't see anything like that in your original code. If that's what you want, you could add another field to the array and set the value to "comment" for all the records from the comment table, and "wallpost" for all the records from the wallpost table, or something like that. Is that what you were thinking of?