mrMarcus

And the conditions within the following block of code will return TRUE every time as you are not using a comparison operator: <?php include "content/base.php"; if($_SESSION['LoggedIn'] = true) { }else{ echo "click <a href = ../index.php> here </a> to login"; } if($_SESSION['userType'] = "admin") { echo "You're logged in as an admin"; }else { } ?> if($_SESSION['LoggedIn'] = true) Will always validate. You need to use the following when checking specific variable types: if($_SESSION['LoggedIn'] === true) That will check that $_SESSION['LoggedIn'] is of the same value AND type. Otherwise, simply using a double operator like so: if($_SESSION['LoggedIn'] == true) Will only test the value and not the type, so: if($_SESSION['LoggedIn'] == true) Woudl return validate if $_SESSION['LoggedIn'] was TRUE or 'true' (Boolean or string). However, simply using the following: if($_SESSION['LoggedIn']) Will help you get things going. Same is applicable for the second condition in that block: if($_SESSION['userType'] = "admin")

Anytime you're working with sessions you must first start the session by placing this at the top of your script (or at least before any use of $_SESSION comes into play): session_start(); It appears you are including base.php with each file, so it might be wise to place session_start(); in there. You also don't seem to have a firm grasp of how queries work. In your 'verify login' page, for example: $_SESSION['userID'] = mysql_query("SELECT cUserID FROM tuser WHERE cUserName = '". $username ."'"); mysql_query() returns a resource on success and FALSE on failure. You go on to pull from the `tuser` table ~4 times within that script. OK - so place session_start(); in your base.php file, and remove it from this block: if(!isset($_SESSION)) { session_start(); // REMOVE session_id(); $_SESSION['username']= ""; $_SESSION['LoggedIn'] = false; $_SESSION['userID']= ""; $_SESSION['userType'] = ""; } Try this for your 'verify login' page: <head> <title>Registration</title> <link rel="stylesheet" href="../style.css" type="text/css" /> </head> <body> <div id="main"> <?php include ('../content/base.php'); // make sure to include session_start(); in base.php $username = $_POST['username']; $password = $_POST['password']; $sql = "SELECT * FROM tuser WHERE (cUserName = '" . mysql_real_escape_string($username) . "') AND (cUserPassword = '" . md5($password) . "') LIMIT 1"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_assoc($result)) { $_SESSION['LoggedIn'] = true; $_SESSION['username'] = $username; $_SESSION['userID'] = $row['cUserID']; $_SESSION['userType'] = $row['cUserType']; if ($row['cUserType'] == "user") { echo "Welcome to our user portal ".$_SESSION['username']; echo '<META HTTP-EQUIV="Refresh" Content="2; URL=../usercp.php">'; } else { header('Location: ../adminCP.php'); } } } else { echo "Login failed<br />"; echo "Go <a href='index.php'>try again now</a> or wait for automatic refresh"; echo '<META HTTP-EQUIV="Refresh" Content="2; URL=../index.php">'; } } else { trigger_error(mysql_error()); } ?> </div> </body> I removed mysql_real_escape_string() from $password in the query as you're already hashing the password using md5(). Both are not necessary. Avoid mixing <meta refresh> within PHP. Just use header('Location: /some_file.php');

filemtime might be what you're looking for.

The column type in MYSQL is "DATE" format. Just checking. Barand's code will do the trick. Edit: obviously replacing .... with your subsequent code as well as adding in your additional GROUP BY and such

The error is referring to 'parameters' not being defined anywhere in your code: ajaxRequest.open("POST", url, true); ajaxRequest.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); ajaxRequest.setRequestHeader("Content-length", parameters.length); ajaxRequest.setRequestHeader("Connection", "close"); ajaxRequest.send(parameters); What your function save() is supposed to do, by the looks of things, is save data to a database (I'm merely assuming that's what happens in save_barcode.php). 'parameters' would be a set of, well, parameters that contain values based on what your form is doing, and the overall intentions of your application. I have no idea what your application is doing to be honest, and I'm wondering the same about you. parameters should be something along the following, but obviously specific to what you're trying to achieve and based off values from your form (perhaps?): var parameters = 'foo1=bar1&foo2=bar2'; Those values will be sent to 'save_barcode.php' to be processed.

In addition, I find it's easier to close your PHP portion and write the HTML so it's more legible than echo'ing each instance of HTML markup: <?php include('init.php'); $sql = "SELECT * FROM `info`"; if ($result = mysql_query($sql)) { echo "<table border='1'>"; echo "<tr> <th>Name</th> <th>Last Name</th> <th>Address</th> <th>City</th> </tr>"; // keeps getting the next row until there are no more to get while ($row = mysql_fetch_array($result)) { // Print out the contents of each row into a table ?> <tr> <td><?php echo $row['first_name']; ?></td> <td><?php echo $row['last_name']; ?></td> <td><?php echo $row['address']; ?></td> <td><?php echo $row['city']; ?></td> </tr> <?php } echo "</table>"; } else { trigger_error(mysql_error()); // for development only; remove when in production }

Your HTML is the issue. You have your <tr>'s firing too soon.

How are you storing `Date` in your table? What is the column type?

Post your updated version of that function please.

To what? $query = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'email' = '$email'"); Should be: $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'");

Remove the parenthesis () from your UserProfile() class: class UserProfile { ... }

For starters: $date = date('d'); // equals the current day $day = end(explode('-', $date)); // also returns the day from a stored variable in that format

target="paypal" should just open the link in a new window called paypal. The target attribute in HTML has set values: _blank, _self, _parent, _top, as well as to reference a <frame> within the same document. "paypal" is not one of them. Chrome must just be insanely picky. Regardless, target="paypal" is not valid.

Checking a variable against null using the == comparison operator is not recommended: $quantity == null will return TRUE in this case, even though $quantity is not a true NULL value. .. || is_null($quantity) will return FALSE, as will: $quantity === null Instead, use isset or empty, depending on situation, to check whether a variable has been set or contains a value, respectively. Edit: if you are worried about a certain value not being set, or a combination of a value maybe not being set AND not having a value, use a combo of isset() and empty(): <?php if (!isset($quantity) || empty($quantity)) { continue; } Or, if you're certain that variable has been set at some point in your code already, you can simply use empty(): <?php if (!empty($quantity)) { continue; } empty covers a solid range of possibilities which replaces the need to do multiple checks that are basically the same: if( $quantity <= 0 || $quantity == '' || $quantity == null ){ continue; } Is like saying, "if $quantity is <= 0 OR if $quantity contains no value/is empty OR $quantity has an unknown value" When empty() will replace all that jazz in one swoop.

Replace that bottom chunk with: <?php $sql = "SELECT * FROM commenttable ORDER BY id DESC"; if ($getquery = mysql_query($sql)) { while ($rows=mysql_fetch_array($getquery)) { $id=$rows['id']; $name=$rows['name']; $comment=$rows['comment']; $dellink="<a href=\"delete.php?id=" . $id . "\"> Delete </a>"; echo $name . '' . '<br />' . $comment . '<br />' . '<hr/>'; } } else { trigger_error(mysql_error()); }

You really shouldn't have that second UPDATE query run without validating that the first UPDATE query was successful, especially if you want to keep your data correct. Should the first fail for whatever reason, and the second fire successfully, you will end up with undesired results. As said, remove single-quotes from ('antall * pris'), and while you're at it, assuming `ID` is a primary INT, remove the single-quotes from it, too: WHERE ID='{$id}' becomes: WHERE ID={$id}

$feature2 = explode(",", $features); $feature3 = implode(',', $feature2); This hurts my brain. $feature3 is actually just $features. No need to convert to an array only to immediately convert back to string. You really need to lose the practice of incrementing your variable names, ie. $features, $features2, $features3, $features4, etc...... Once you start making some larger scale systems, you will drive yourself insane. And please wrap your code in [ code ][ / code ] tags. Also, indenting your code will help with clarity as I cannot look at code that is left-aligned and often, just to help someone out, have to put it into an editor and straighten it out (which = time). I don't see an explode() on $feature3 anywhere in your script. To be perfectly honest, your code has many issues with it that will not allow it to run. $f_id = $row['f_id']; $f_name=$row['f_name']; $row has not yet been defined in your code, and therefore, $f_id and $f_name will have no value. Having $feature3 = array($row['f_id']); within a while() loop makes no sense whatsoever. Each iteration clears the $feature3 array() with another single value ($row['f_id']). <?php $feature3 = array(); while($row = mysql_fetch_assoc ($result)) { $feature3[] = $row['f_id']; } foreach($feature3 as $var) { echo '<div class="cbwrapper"><label><input type="checkbox" '; if($feature3){echo $feature3. ' checked ';}elseif($feature3 !=$row['f_id']){echo ''; }; echo 'name="features[]" value="'.$row["f_id"].'">'.$row["f_name"].', '.$row['f_id'].'</label></div>'; $i++; if(($i%4) == 0) { echo '<div class="clearboth"></div>'; } } } Something like that ^ makes more sense, but you're still not using $var and are clearly trying to echo an array (echo $feature3): if($feature3){echo $feature3. ' checked ';}elseif($feature3 !=$row['f_id']){echo ''; }; Honestly, I really can't help you as I would have to completely rewrite your entire code, and to be honest, I'm still not 100% what it is you're trying to accomplish.

You are simply writing the image path to the screen, and not placing it within <img> tags: <?php ... while($row = mysql_fetch_assoc($res)) { echo '<div class="title"><h1><a href="index.php?id=' . $row['id'] . '">' . $row['title'] . '</a></h1></div>'; echo '<div class="date"><p>' . $row['date'] . '</p></div>'; echo '<div class="photo"><p><img src="' . $row['photo'] . '" width="<WIDTH>" height="<HEIGHT>"/></p></div>'; echo '<div class="txt"><p>' . $row['body'] . '</p></div>'; } Replace <WIDTH> and <HEIGHT> accordingly, obviously.

Sounds like there's a permissions issue with accessing the table. No longer a PHP issue, but an Access issue.

Sorry, I shouldn't have laughed. See Integer Types for more info. Or present your table schema to the MySQL board for relevant help as your structure is out of whack. Perhaps your CRON is running first, you're then checking the results in the browser, but the INSERT query is no longer running as the record in question has already been inserted and the UPDATE query is now running. Could that be the case? Regardless of whether your INSERT or UPDATE query are firing, you're returning a message that reads that the record has been 'inserted'. Perhaps you should integrate separate messages for each query type, ie. UPDATE query: echo $id . " has been updated.<br />"; INSERT query: echo $id . " has been inserted.<br />"; So you can be clear as to what is happening.

Just noticed, too, that you have your table name encapsulated in single-quotes. That will not work. Same for 'ItemNumber' in your GROUP BY. Either leave without, or use ticks (better practice is to use ticks ` as MySQL haa reserved keywords that will most likely creep in at some point in time): $query ="SELECT ItemNumber, MAX(`Date`) as `max_date` FROM `FT9_FUEL_TAX_PRICE_LINES` WHERE ItemNumber = 'E-10 NL GAS' AND TableCode = 'CITA' GROUP BY `ItemNumber`"; Edit: table names, field/column names cannot be surrounding with quotes of any kind. Leave them alone, or as recommended, use ticks.

No, nothing silly about an INT(255) lmao. If you are running a CRON job, nothing will be printed to the browser. Where/how is it saying that the record has been inserted?

That's because you're doing it wrong Add an alias to the MAX(Date) in your query like so: $query =("SELECT ItemNumber, MAX(`Date`) as `max_date` FROM 'FT9_FUEL_TAX_PRICE_LINES' WHERE ItemNumber = 'E-10 NL GAS'AND TableCode = 'CITA' GROUP BY 'ItemNumber'"); And change your echo result to reflect that alias: echo "The most recent date is: " .$row['max_date']; Get it? Same as if you wanted to print `ItemNumber`, you do: echo $row['ItemNumber'];

Well, in the case you have provided, declaring those variables is redundant as if $_POST['submit'] is not reached, those variable will not be given any values, and therefore, will not be used in the remainder of the script (or can simply be checked using isset(). <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; ... stuff ... } echo (isset($username) ? $username : ''); // checks to see if $username has been set;

I meant view-source from the browser. PHP is not biased to any browser. If the image is not showing up in Firefox, it's because what you're outputting must not be jiving.