imdead

Yep I Don't Get Anything, Logged in or out with that

Fatal error: Function name must be a string in C:\xampp\htdocs\footer.php on line 3 Also If I Add This <?php if(session_is_registered('username')){ $sql = mysql_query("SELECT * FROM users"); if (mysql_num_rows($sql) == 1){ $row = mysql_fetch_assoc($sql); $userlevel = $row['userlevel']; if ($userlevel == '1'){ echo"<a href='admin.php'>Admin Panel</a> // "; } } }else{ echo 'blah blah not logged in'; } ?> When Your Not logged in, you get blah blah not logged in

Nope Still echo'ing nothing

Hey Guys, Whats Wrong With This, I Cant Spot The Error. It's Not Echo'ing Anything Out > <?php if(session_is_registered('username')){ $sql = mysql_query("SELECT * FROM users"); if (mysql_num_rows($sql) == 1){ $row = mysql_fetch_assoc($sql); $userlevel = $row['userlevel']; if ($userlevel === '1'){ echo"<a href='admin.php'>Admin Panel</a> // "; } }} ?><a href="http://jigsaw.w3.org/css-validator/check/referer">Valid CSS</a>

I Get 403 Forbidden?

]http://scott.projecth4x0r.com/beta/member.php?username[] ^ ^ ^ Layout Is Out Of Place + Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/scott/public_html/beta/connect.php on line 10

you put file_exist not exists should be $picture = 'images/thumbs/tn_'.$row[image].'.jpg'; // you may also include the path if(!file_exists($picture)) { $picture = 'images/thumbs/tn_default.jpg'; } echo '<div id="bottomImage" style="background:#ffffff; background-image:url('.$picture.'); background-repeat:no-repeat;"><a href="/viewItem.php?sku='.$row[sku].'"><img height="100px" src="/images/thumbs/tn_mini.gif" width="100px" /></a></div>';

bottom of the page in the left

htmlspecialchars($username); ?

Thats In The SWF File Though

Yeah, well if it works for that why don't you copy it then adjust it to fit your needs?

Well Not If It Doesnt Work!

You Don't Use A 'int' Collumn You Use 'datatime'

$sql = "DELETE FROM news WHERE id=$id"; shouldn't that be $sql = "DELETE FROM users WHERE id=$id";

<?php function check_form() { global $HTTP_POST_VARS, $error, $print_again; $error['error'] = false; if (($_POST["first_name"] == "") || (!preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $_POST["first_name"]))) { $error['first_name'] = true; $print_again = true; $message = "The first name field is either empty or incorrect data was input.<br>"; } if(isset($_POST["basic"])) { check_form(); } else { show_form(); } if (($_POST["last_name"] == "") || (!preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $_POST["first_name"]))) { $error['last_name'] = true; $print_again = true; $message="The last name field is either empty or incorrect data was input.<br>"; } if($_POST["club"]=="") { $error['club'] = true; $print_again = true; $message="Please select a club<br>"; } if($_POST["birthyear"]=="-DAY-") { $error['birthyear'] = true; $print_again = true; $message="Please select a dob<br>"; } if($_POST["birthmonth"]=="-MONTH-") { $error['birthmonth'] = true; $print_again = true; $message="Please select a dob<br>"; } if($_POST["birthday"]=="-YEAR-") { $error['birthday'] = true; $print_again = true; $message="Please select a dob<br>"; } if($print_again) { show_form(); } else { show_form(); $message="<span class='style1'>Your profile has been created</span>"; $id = mysql_real_escape_string( $_POST['id']); $club = mysql_real_escape_string( $_POST['club']); $first_name = mysql_real_escape_string( $_POST['first_name']); $last_name = mysql_real_escape_string( $_POST['last_name']); $gender = mysql_real_escape_string( $_POST['gender']); $birthyear = mysql_real_escape_string( $_POST['birthyear']); $birthmonth = mysql_real_escape_string( $_POST['birthmonth']); $birthday = mysql_real_escape_string( $_POST['birthday']); $dob = $birthday.'-'.$birthmonth.'-'.$birthyear; $update = "UPDATE users SET new_user='1',dob='$dob', club= '$club', first_name = '$first_name', gender = '$gender', last_name = '$last_name' WHERE id='$id' "; $result = mysql_query($update); // Check result // This shows the actual query sent to MySQL, and the error. Useful for debugging. if (!$result) { $er = 'Invalid query: ' . mysql_error() . "\n"; $er .= 'Whole query: ' . $query; die($er); }} echo ' <p class="error">' . $message . '</p>' . "\n"; } ?>

Yep Sessions Ftw

EDIT: Ohh i get it now Yeah sounds like a job for flash What i did was, make a file called view-track.php or anything else <? $id = $_GET['id']; $dbcnx = mysql_connect("localhost", "root", "password"); mysql_select_db("database"); $result = @mysql_query("SELECT * FROM tracks WHERE id=$id"); if (!$result) { echo("<b>Error performing query: " . mysql_error() . "</b>"); exit(); } while ($row = mysql_fetch_array($result) ) { $id = $row["id"]; $artist = $row["artist"]; $song = $row["song"]; echo("<center><font size=1 face=verdana>Listening To $song by $artist"); ?> <br><br><embed src="<?echo"$artist - $song";?>.mp3" width="250" height="40" autostart="true" loop="false"> </embed> <?}?>

Hey, i've changed it to below the url im getting now is testimonials_edit.php?%3Faction%3Dadd=&text=test is there anyway it can be changed to testimonials_edit.php?action=add and have the &text=test stored in POST? <?php include'modules/sides/header.php'; include"modules/sides/database.php"; ?> <table cellpadding="0" cellspacing="0" width="100%" id="mainTable"> <tr> <td class="left"> <?php include'modules/sides/left.php';?> </td> <td id="centercolumn"> <table class="cont" cellspacing="0"> <tr> <td id="centerCcolumn"> <div class="block"> <?php if(session_is_registered('username')){ if ($userlevel == '2'){ ?> <div class="blockTitle">Administration - Add/Remove Testimonials</div> <div class="blockContent"> <?php $action = $_GET["action"]; if ($action == "delete"){ $delid = $_GET['delid']; $query = "DELETE FROM testimonials WHERE id=".$delid." LIMIT 1"; $sql = mysql_query($query); echo("Testimonial succesfully deleted! [ <a href='testimonials_edit.php'>Back</a> ]"); $delid = $_GET['delid']; } if ($action == "add"){ $add = $_GET['add']; $text = $_GET['text']; $id = mysql_insert_id(); $query = "INSERT INTO testimonials (id, text) VALUES ('$id', '$text')"; $sql = mysql_query($query) or die (mysql_error()); } print("<strong>Add A New Testimonial!</strong>"); print("<br />"); print("<br />"); echo("<form name='add' method='get' action='?action=add'>"); echo("<input type='hidden' name='?action=add'>"); echo("<table class=main cellspacing=0 cellpadding=5 width=50%>"); echo("<tr><td>Testimonial: </td><td align='right'><input type='text' size=50 name='text'></td></tr>"); echo("<tr><td></td><td><div align='right'><input type='Submit'></div></td></tr>"); echo("</table>"); if($success == TRUE) { print("<strong>Success!</strong>"); } echo("<br>"); echo("</form>"); print("<strong>Existing testimonials:</strong>"); print("<br />"); print("<br />"); echo("<table class=main cellspacing=0 cellpadding=5>"); echo("<td>ID:</td><td>Text:</td><td>Delete:</td>"); $query = "SELECT * FROM testimonials WHERE 1=1"; $sql = mysql_query($query); while ($row = mysql_fetch_array($sql)) { $id = $row['id']; $text = $row['text']; echo("<tr><td><strong>$id</strong></td><td><strong>$text</strong></td><td><a href='testimonials_edit.php?action=delete&delid=$id'>Delete</a></td></tr>"); } ?></p></table> </div> </div> <?php }}else{echo'Stop hacking';}?> </td> </tr> </table> <td class="right"> <?php include"modules/sides/right.php"; ?> </td> </tr> </table> <?php include'modules/sides/footer.php';?>

oh i just realised the error is when i click submit it loads testimonials_edit.php?text=ssssss insted of testimonials_edit.php?action=add&text=ssssss Anyway to fix? also i updated the code <?php include'modules/sides/header.php'; include"modules/sides/database.php"; ?> <table cellpadding="0" cellspacing="0" width="100%" id="mainTable"> <tr> <td class="left"> <?php include'modules/sides/left.php';?> </td> <td id="centercolumn"> <table class="cont" cellspacing="0"> <tr> <td id="centerCcolumn"> <div class="block"> <?php if(session_is_registered('username')){ if ($userlevel == '2'){ ?> <div class="blockTitle">Administration - Add/Remove Testimonials</div> <div class="blockContent"> <?php $action = $_GET["action"]; if ($action == "delete"){ $delid = $_GET['delid']; $query = "DELETE FROM testimonials WHERE id=".$delid." LIMIT 1"; $sql = mysql_query($query); echo("Testimonial succesfully deleted! [ <a href='testimonials_edit.php'>Back</a> ]"); $delid = $_GET['delid']; } if ($action == "add"){ $add = $_GET['add']; $text = $_GET['text']; $id = mysql_insert_id(); $query = "INSERT INTO testimonials (id, text) VALUES ('$id', '$text')"; $sql = mysql_query($query) or die (mysql_error()); } print("<strong>Add A New Testimonial!</strong>"); print("<br />"); print("<br />"); echo("<form name='add' method='get' action='?action=add'>"); echo("<table class=main cellspacing=0 cellpadding=5 width=50%>"); echo("<tr><td>Testimonial: </td><td align='right'><input type='text' size=50 name='text'></td></tr>"); echo("<tr><td></td><td><div align='right'><input type='Submit'></div></td></tr>"); echo("</table>"); if($success == TRUE) { print("<strong>Success!</strong>"); } echo("<br>"); echo("</form>"); print("<strong>Existing testimonials:</strong>"); print("<br />"); print("<br />"); echo("<table class=main cellspacing=0 cellpadding=5>"); echo("<td>ID:</td><td>Text:</td><td>Delete:</td>"); $query = "SELECT * FROM testimonials WHERE 1=1"; $sql = mysql_query($query); while ($row = mysql_fetch_array($sql)) { $id = $row['id']; $text = $row['text']; echo("<tr><td><strong>$id</strong></td><td><strong>$text</strong></td><td><a href='testimonials_edit.php?action=delete&delid=$id'>Delete</a></td></tr>"); } ?></p></table> </div> </div> <?php }}else{echo'Stop hacking';}?> </td> </tr> </table> <td class="right"> <?php include"modules/sides/right.php"; ?> </td> </tr> </table> <?php include'modules/sides/footer.php';?>

ok code updated to <?php include'modules/sides/header.php'; include"modules/sides/database.php"; ?> <table cellpadding="0" cellspacing="0" width="100%" id="mainTable"> <tr> <td class="left"> <?php include'modules/sides/left.php';?> </td> <td id="centercolumn"> <table class="cont" cellspacing="0"> <tr> <td id="centerCcolumn"> <div class="block"> <?php if(session_is_registered('username')){ if ($userlevel == '2'){ ?> <div class="blockTitle">Administration - Add/Remove Testimonials</div> <div class="blockContent"> <? $action = $_GET["action"]; if ($action == "delete"){ $delid = $_GET['delid']; $query = "DELETE FROM testimonials WHERE id=".$delid." LIMIT 1"; $sql = mysql_query($query); echo("Testimonial succesfully deleted! [ <a href='testimonials_edit.php'>Back</a> ]"); $delid = $_GET['delid']; } if ($action == "add"){ $add = $_GET['add']; $text = $_GET['text']; $query = "INSERT INTO testimonials (text) VALUES ('$text')"; $sql = mysql_query($query) or die (mysql_error()); } print("<strong>Add A New Testimonial!</strong>"); print("<br />"); print("<br />"); echo("<form name='form1' method='get' action='?action=add'>"); echo("<table class=main cellspacing=0 cellpadding=5 width=50%>"); echo("<tr><td>Testimonial: </td><td align='right'><input type='text' size=50 name='text'></td></tr>"); echo("<tr><td></td><td><div align='right'><input type='Submit'></div></td></tr>"); echo("</table>"); if($success == TRUE) { print("<strong>Success!</strong>"); } echo("<br>"); echo("</form>"); print("<strong>Existing testimonials:</strong>"); print("<br />"); print("<br />"); echo("<table class=main cellspacing=0 cellpadding=5>"); echo("<td>ID:</td><td>Text:</td><td>Delete:</td>"); $query = "SELECT * FROM testimonials WHERE 1=1"; $sql = mysql_query($query); while ($row = mysql_fetch_array($sql)) { $id = $row['id']; $text = $row['text']; echo("<tr><td><strong>$id</strong></td><td><strong>$text</strong></td><td><a href='testimonials_edit.php?action=delete&delid=$id'>Delete</a></td></tr>"); } ?></p></table> </div> </div> <?php }}else{echo'Stop hacking';}?> </td> </tr> </table> <td class="right"> <?php include"modules/sides/right.php"; ?> </td> </tr> </table> <?php include'modules/sides/footer.php';?> Although its not print anything out with any errors, and still need inserting any data. Also is it possible to update it to a POST not GET so if its long it doesnt ruin the URL

Hey guys i've been doing a clients website and im on the last part, building them a client testimonials page. <? $action = $_GET["action"]; if ($action == "delete"){ $delid = $_GET['delid']; $query = "DELETE FROM testimonials WHERE id=".$delid." LIMIT 1"; $sql = mysql_query($query); echo("Testimonial succesfully deleted! [ <a href='testimonials_edit.php'>Back</a> ]"); $delid = $_GET['delid']; } if ($action == "add"){ $add = $_GET['add']; $text = $_GET['text']; $query = "INSERT INTO testimonials SET text = '$text'"; $sql = mysql_query($query); if($sql) { $success = TRUE; } else { $success = FALSE; } } print("<strong>Add A New Testimonial!</strong>"); print("<br />"); print("<br />"); echo("<form name='form1' method='get' action='?action=add'>"); echo("<table class=main cellspacing=0 cellpadding=5 width=50%>"); echo("<tr><td>Testimonial: </td><td align='right'><input type='text' size=50 name='text'></td></tr>"); echo("<tr><td></td><td><div align='right'><input type='Submit'></div></td></tr>"); echo("</table>"); if($success == TRUE) { print("<strong>Success!</strong>"); } echo("<br>"); echo("</form>"); print("<strong>Existing testimonials:</strong>"); print("<br />"); print("<br />"); echo("<table class=main cellspacing=0 cellpadding=5>"); echo("<td>ID:</td><td>Text:</td><td>Delete:</td>"); $query = "SELECT * FROM testimonials WHERE 1=1"; $sql = mysql_query($query); while ($row = mysql_fetch_array($sql)) { $id = $row['id']; $text = $row['text']; echo("<tr><td><strong>$id</strong></td><td><strong>$text</strong></td><td><a href='testimonials_edit.php?action=delete&delid=$id'>Delete</a></td></tr>"); } ?> Everything there works although the only thing that doesnt work atm is the Add. i cant seem to get it to work, any chance you guys could give it ago?

goto http://www.poke-mania.net/pic.php?id=1 << loads image 1 or goto http://www.poke-mania.net/pic.php?id=2 << loads image 2 NOTE: not tested <?php $id = $_POST['id']; // Load the sprite into memory $imgTorso=imageCreateFromPng("http://www.poke-mania.net/sprites/dp/$id.png"); $imgBlend=imageCreateFromPng("http://www.poke-mania.net/sprites/dp/$id.png"); // Load his clone too // Load the height and width of the image $sx=imagesx($imgBlend); $sy=imagesy($imgBlend); // Output for Browser imagecopymerge($imgTorso,$imgBlend,0,0,0,0,$sx,$sy,50); imagefill($imgTorso,0,0,$background); imagecolortransparent($imgTorso,$background); header("Content-type: image/png"); imagePng($imgTorso); ?>

ah dont worry i figured that part out header("Location:index.php"); exit(); ob_flush(); } header was in the wrong place EDIT: Lol you beat me

Thats weird it works for the else statement? if i enter the password wrong it redirects me to login.php else{ header("Location:login.php"); }

ok thanks, i've done this <?php ob_start(); session_start(); $conn = mysql_connect("localhost","root",""); $db = mysql_select_db("pete"); if(isset($_POST['submit'])) { $username = htmlspecialchars($_POST['username'], ENT_QUOTES); $password = htmlspecialchars($_POST['password'], ENT_QUOTES); $password = ($password); $username = addslashes($username); $password = addslashes($password); $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); if(mysql_num_rows($sql)>0) { $_SESSION['password'] = $password; $_SESSION['username'] = $username; $sessionid = session_name(); mysql_query("UPDATE users SET sessionid='$sessionid' WHERE username='$username' and password='$password' LIMIT 1"); ob_start(); exit(); ob_flush(); header("Location:index.php"); } if (mysql_num_rows($sql)>1){ $row = mysql_fetch_assoc($sql); $userlevel = $row['userlevel']; } else{ header("Location:login.php"); } } ob_flush(); ?> Which still seems to log me in fine and with no error although its not redirecting me to the index page anymore :S