paulsinclair

You were correct. once I found it everything was perfect. Thanks for your help and thanks to all who took the trouble to read my problem.

<? include("include/session.php"); // End function #mysql_evaluate if (!$session->logged_in) { header("Location: index.php"); } else { include("include/common.php"); include("header.php"); ----- deleted irrelevant stuff. ----- switch ($_REQUEST['action']) { case "replace"; { $origprodid = mysql_real_escape_string($_REQUEST['origprodid']); $newprodid = mysql_real_escape_string($_REQUEST['newprodid']); $database->replaceproduct($origprodid, $newprodid); } case "del"; { $database->addlog($username, $processname, "Can access database", 0); $prodidisused = $database->prodisused($prodid); echo "Prodidused is ".$prodidisused."<br>"; if ($prodisused) { echo "<H2>Replace Product</H2>"; echo "<form action=create_product.php method=get>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; echo "<tr><td></td><td></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=action value=\"replace\"></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=origprodid></td>".$prodid."</tr>"; echo "<tr><td><b>Product:</b></td><td class=tabclearright> <select name=\"newprodid\">"; $sql = "SELECT `id`, `description` FROM `products` WHERE `client` = " . $client . " ORDER BY description;"; $products = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($products)) { echo "<option value='" . $row['id'] . "'>" . $row['description'] . "</option>"; } echo "<tr><td></td><td class=tabclearright><input type=submit border=0 value=\"Submit\"></td></tr>"; } else { $sql = "DELETE from `products` WHERE prodid = '" . $prodid . "'"; // echo $sql."<BR>"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { } $database->addlog($username, $processname, "Delete product #" . $prodid, 0); break; } } } echo "<H2><p align=\"center\">Select Product Type</p></H2>"; echo "<H3><p align=\"center\"><a href=\"print_stage_sort_order.php\"><img src=images/printer.png width=20 height=20></a></p></H3>"; if ($session->isSysAdmin()) { $sql = "SELECT `client`, `id`,`description` FROM `prodtype` ORDER BY `client`, seq, description"; } else { $sql = "SELECT `id`,`description` FROM `prodtype` WHERE `client` = '" . $client . "' ORDER BY seq, description"; } // echo $sql; $prodtypes = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; while ($row = mysql_fetch_array($prodtypes)) { if ($i > 0) { echo "<tr valign=bottom>"; echo "<td background='images/strichel.gif' colspan=1><img src=images/blank.gif width=1 height=1></td>"; echo "</tr>"; } echo "<tr>"; if ($session->isSysAdmin()) { echo "<td class=tabclearleft><img src=images/blank.gif width=2 height=10>" . $row['client'] . "</td>"; } echo "<td class=tabclearleft><img src=images/blank.gif width=2 height=10><a href=\"create_product.php?action=list&id=" . $row['id'] . "\">" . $row['description'] . "</a></td><td>"; echo "</tr>"; } echo "</table>"; echo "<br>"; include ("include/footer.php"); ?> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> var pageTracker = _gat._getTracker("UA-5409736-1"); pageTracker._trackPageview(); </script> </BODY> </HTML> <? } ?> database.php is called from session.php <? /** * Session.php * * The Session class is meant to simplify the task of keeping * track of logged in users and also guests. * * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC) * Last Updated: August 19, 2004 */ include("database.php"); include("mailer.php"); include("form.php"); if(class_exists('Session') != true) { class Session { var $username; //Username given on sign-up var $client; //Client of username var $dealer; //Dealer of username var $userid; //Random value generated on current login var $userlevel; //The level to which the user pertains var $time; //Time user was last active (page loaded) var $logged_in; //True if user is logged in, false otherwise var $userinfo = array(); //The array holding all user info var $url; //The page url current being viewed var $referrer; //Last recorded site page viewed /** * Note: referrer should really only be considered the actual * page referrer in process.php, any other time it may be * inaccurate. */ /* Class constructor */ ------ deleted stuff. ------ ?>

Thanks for the suggestion, but it didn't help.

As requested, here is my MySQL class if(class_exists('MySQLDB') != true) { class MySQLDB { var $connection; //The MySQL database connection var $num_active_users; //Number of active users viewing site var $num_active_guests; //Number of active guests viewing site var $num_members; //Number of signed-up users /* Note: call getNumMembers() to access $num_members! */ /* Class constructor */ function MySQLDB() { /* Make connection to database */ $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error()); mysql_select_db(DB_NAME, $this->connection) or die(mysql_error()); /** * Only query database to find out number of members * when getNumMembers() is called for the first time, * until then, default value set. */ $this->num_members = -1; if (TRACK_VISITORS) { /* Calculate number of users at site */ $this->calcNumActiveUsers(); /* Calculate number of guests at site */ $this->calcNumActiveGuests(); } } function getActivityInfo($actid) { $q = "SELECT * FROM activities WHERE actid = '$actid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getplugtype ($id) { $q = "SELECT * FROM plugtype WHERE id = '$id'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ // $details = mysql_fetch_array($result); // $plugtype = $details['description']; $dbarray = mysql_fetch_array($result); return $dbarray; } function getSecInfo ($secid) { $q = "SELECT * FROM security WHERE secid = '$secid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCamperInfo($camperid) { $q = "SELECT * FROM campers WHERE camperid = '$camperid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCamper_ProdInfo($prodid) { $q = "SELECT * FROM campers WHERE productid = '$prodid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCC_Info($componentid) { $q = "SELECT * FROM camper_components WHERE componentid = '$componentid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCCP_Info($productid) { $q = "SELECT * FROM camper_components WHERE productid = '$productid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCCC_Info($productid, $camperid) { $q = "SELECT * FROM camper_components WHERE productid = " . $productid . " AND camperid = " . $camperid; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCustomerInfo($custid) { $q = "SELECT * FROM customers WHERE custid = '$custid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getDealerInfo($dealerid) { $q = "SELECT * FROM dealers WHERE dealerid = '$dealerid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getIssuesInfo($id) { $q = "SELECT * FROM issues WHERE id = '$id'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getMatInfo($matid) { $q = "SELECT * FROM materials WHERE id = '$matid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getSalesRepInfo($srepid) { $q = "SELECT * FROM salesreps WHERE id = '$srepid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getMatCatInfo($matcat) { $q = "SELECT * FROM mat_cat WHERE catid = '$matcat'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function prodisused($prodid) { $q = "SELECT * FROM orderitems WHERE productid = '$prodid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return false; } /* Return result array */ return true; } function gettotalretailprice($orderid) { $included = "SELECT sum( `price` * `qty`) AS `price`,orders.discount AS discount FROM `orderitems`, orders WHERE (orders.orderid = orderitems.orderid) AND `orderid` = '".$orderid."' AND std in (0,1)"; $result=mysql_query($included) or trigger_error(mysql_error().'<br />Query was:'.$included); while( $row=mysql_fetch_array($result) ) { $price = $row['price'] - $row['discount']; } $excluded = "SELECT sum(products.cost * `qty`) AS `price` FROM `orderitems`,products WHERE (`products`.`prodid` = `orderitems`.`productid` ) AND `orderid` = '".$orderid."' AND std in (3) "; $result=mysql_query($included) or trigger_error(mysql_error().'<br />Query was:'.$included); while( $row=mysql_fetch_array($result) ) { $exclusions = $row['price']; } $netprice= $price - $excluded; return $netprice; } function getodstatus($status) { $q = "SELECT * FROM od_status WHERE id = '$status'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getOrderItemInfo($orderitemid) { $q = "SELECT * FROM orderitems WHERE id = '$orderitemid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getOrderInfo($orderid) { $q = "SELECT * FROM orders WHERE orderid = '$orderid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getProductInfo($productid) { $q = "SELECT * FROM products WHERE prodid = '$productid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getProdWeekInfo($id) { $q = "SELECT * FROM prod_weeks WHERE id = '$id'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getProdSlotInfo($id) { $q = "SELECT * FROM prod_schedule WHERE id = '$id'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getStageInfo($stageid) { $q = "SELECT * FROM stage WHERE id = '$stageid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getSupplierInfo($supid) { $q = "SELECT * FROM suppliers WHERE id = '$supid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function updateslotcount($client) { $q = "select week_ending, count(*) as count from prod_schedule where client = ".$client." GROUP by week_ending"; $weeks = mysql_query($q, $this->connection); while ($week = mysql_fetch_array($weeks)) { $q2 = "UPDATE prod_weeks set slots = ".$week['count']." where id = ".$week['week_ending']; mysql_query($q2, $this->connection); } return NULL; } function getSupOrderInfo($suporderid) { $q = "SELECT * FROM supplier_orders WHERE id = '$suporderid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * confirmUserPass - Checks whether or not the given * username is in the database, if so it checks if the * given password is the same password in the database * for that user. If the user doesn't exist or if the * passwords don't match up, it returns an error code * (1 or 2). On success it returns 0. */ function confirmUserPass($username, $password) { /* Add slashes if necessary (for query) */ if (!get_magic_quotes_gpc()) { $username = addslashes($username); } /* Verify that user is in database */ $q = "SELECT password FROM " . TBL_USERS . " WHERE username = '$username'"; $result = mysql_query($q, $this->connection); if (!$result || (mysql_numrows($result) < 1)) { return 1; //Indicates username failure } /* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($password); /* Validate that password is correct */ if ($password == $dbarray['password']) { return 0; //Success! Username and password confirmed } else { return 2; //Indicates password failure } } /** * confirmUserID - Checks whether or not the given * username is in the database, if so it checks if the * given userid is the same userid in the database * for that user. If the user doesn't exist or if the * userids don't match up, it returns an error code * (1 or 2). On success it returns 0. */ function confirmUserID($username, $userid) { /* Add slashes if necessary (for query) */ if (!get_magic_quotes_gpc()) { $username = addslashes($username); } /* Verify that user is in database */ $q = "SELECT userid FROM " . TBL_USERS . " WHERE username = '$username'"; $result = mysql_query($q, $this->connection); if (!$result || (mysql_numrows($result) < 1)) { return 1; //Indicates username failure } /* Retrieve userid from result, strip slashes */ $dbarray = mysql_fetch_array($result); $dbarray['userid'] = stripslashes($dbarray['userid']); $userid = stripslashes($userid); /* Validate that userid is correct */ if ($userid == $dbarray['userid']) { return 0; //Success! Username and userid confirmed } else { return 2; //Indicates userid invalid } } /** * usernameTaken - Returns true if the username has * been taken by another user, false otherwise. */ function usernameTaken($username) { if (!get_magic_quotes_gpc()) { $username = addslashes($username); } $q = "SELECT username FROM " . TBL_USERS . " WHERE username = '$username'"; $result = mysql_query($q, $this->connection); return (mysql_numrows($result) > 0); } /** * usernameBanned - Returns true if the username has * been banned by the administrator. */ function usernameBanned($username) { if (!get_magic_quotes_gpc()) { $username = addslashes($username); } $q = "SELECT username FROM " . TBL_BANNED_USERS . " WHERE username = '$username'"; $result = mysql_query($q, $this->connection); return (mysql_numrows($result) > 0); } /** * addNewUser - Inserts the given (username, password, email) * info into the database. Appropriate user level is set. * Returns true on success, false otherwise. */ function addNewUser($username, $password, $email, $client, $dealer) { $time = time(); /* If admin sign up, give admin user level */ if (strcasecmp($username, ADMIN_NAME) == 0) { $ulevel = ADMIN_LEVEL; } else { $ulevel = USER_LEVEL; } $q = "INSERT INTO " . TBL_USERS . " VALUES ('$username', '$password', '0', $ulevel, '$email', $time, '$client', '$dealer', 1)"; return mysql_query($q, $this->connection); } /** * updateUserField - Updates a field, specified by the field * parameter, in the user's row of the database. */ function updateUserField($username, $field, $value) { $q = "UPDATE " . TBL_USERS . " SET " . $field . " = '$value' WHERE username = '$username'"; return mysql_query($q, $this->connection); } function updateOrderField($orderid, $field, $value) { $q = "UPDATE orders SET " . $field . " = '$value' WHERE orderid = ".$orderid; return mysql_query($q, $this->connection); } function replaceproduct($origprodid, $newprodid) { $q = "update orderitems set productid = ".$newprodid." where productid = ".$oldprodid; return mysql_query($q, $this->connection); } function updateProdField($prodid, $field, $value) { $q = "UPDATE products SET " . $field . " = '$value' WHERE prodid = ".$prodid; return mysql_query($q, $this->connection); } function updateProdWeeksSlots($id, $slots) { $q = "UPDATE prod_weeks SET slots = '$slots' WHERE id = '$id'"; return mysql_query($q, $this->connection); } function updateProdSchedule($id, $dealerid, $orderid) { $q = "UPDATE prod_schedule SET dealerid = '$dealerid', orderid = '$orderid' WHERE id = '$id'"; return mysql_query($q, $this->connection); } function checkProdSchedule($orderid,$ex_prodsched) { if ($ex_prodsched == 1) { $q = "UPDATE prod_schedule SET dealerid = '', orderid = '' WHERE orderid = '$orderid'"; mysql_query($q, $this->connection); $r = "UPDATE orders SET exp_completion = '' WHERE orderid = '$orderid'"; return mysql_query($r, $this->connection); } } function insertSlot($client, $week, $slot) { $q = "INSERT INTO `prod_schedule` (`id`, `client`, `week_ending`, `slot`) VALUES (NULL, ".$client.", '".$week."', '".$slot."');"; return mysql_query($q, $this->connection); } function insertProdWeek($client,$week_ending) { $q = "INSERT INTO `prod_weeks` (`id`, `client`, `week_ending`, `slots`) VALUES (NULL, ".$client.", '".$week_ending."', '0');"; $executed = mysql_query($q) or trigger_error(mysql_error() . '<br />Query was:' . $q); if ($executed) { return mysql_insert_id(); } } function updateSupOrderField($suporderid, $field, $value) { $q = "UPDATE supplier_orders SET " . $field . " = '$value' WHERE suporderid = '$orderid'"; return mysql_query($q, $this->connection); } function updateCustField($custid, $field, $value) { $q = "UPDATE customers SET " . $field . " = '$value' WHERE custid = '$custid'"; return mysql_query($q, $this->connection); } function updateOIField($orderitemid, $field, $value) { $q = "UPDATE orderitems SET " . $field . " = '$value' WHERE id = '$orderitemid'"; return mysql_query($q, $this->connection); } function updateProductsField($prodid, $field, $value) { $q = "UPDATE products SET " . $field . " = '$value' WHERE prodid = '$prodid'"; return mysql_query($q, $this->connection); } function updateBOMField($matid, $field, $value) { $q = "UPDATE materials SET " . $field . " = '$value' WHERE id = '$matid'"; return mysql_query($q, $this->connection); } function updateSupplierField($supid, $field, $value) { $q = "UPDATE suppliers SET " . $field . " = '$value' WHERE id = '$supid'"; return mysql_query($q, $this->connection); } function updateCamperField($camperid, $field, $value) { $q = "UPDATE campers SET " . $field . " = '$value' WHERE camperid = '$camperid'"; return mysql_query($q, $this->connection); } function updateCCField($componentid, $field, $value) { $q = "UPDATE camper_components SET " . $field . " = '$value' WHERE componentid = '$componentid'"; return mysql_query($q, $this->connection); } function addActivity($acttype, $narrative, $fuind, $client, $custid, $orderid, $created, $createdby, $followupdt, $dealerid) { if ($fuind == 1) { $q = "INSERT INTO `activities` (`actid`, `client`, `custid`, orderid, `created`, `createdby`, `acttype`,`comments`, `followupdt`, `dealerid`) VALUES (NULL, '" . $client . "', '" . $custid . "', '" . $orderid . "', '" . $created . "', '" . $createdby . "', '" . $acttype . "',\"" . $narrative . "\", \"" . $followupdt . "\", ".$dealerid.");"; //echo $q."<br>"; } else { $q = "INSERT INTO `activities` (`actid`, `client`, `custid`, orderid, `created`, `createdby`, `acttype`,`comments`, `dealerid`) VALUES (NULL, '" . $client . "', '" . $custid . "', '" . $orderid . "', '" . $created . "', '" . $createdby . "', '" . $acttype . "',\"" . $narrative . "\", ".$dealerid.");"; } return mysql_query($q, $this->connection); } function createorder($client, $custid, $dealerid, $today, $username, $od_type) { $sql = "INSERT INTO `orders` (`orderid`, `client`, `custid`, dealerid, `created`, `createdby` , `updatedby`, `status`, `spares_od` ) VALUES (NULL, '" . $client . "', '" . $custid . "', '" . $dealerid . "', '" . $today . "', \"" . $username . "\", \"" . $username . "\", 1, " . $od_type . ");"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { return mysql_insert_id(); } } function createsuporder($client, $supid, $today, $username) { $sql = "INSERT INTO `supplier_orders` (`id`, `client`, `supid`,created, createdby, updatedby , status) VALUES (NULL, '" . $client . "', '" . $supid . "', '" . $today . "', \"" . $username . "\", \"" . $username . "\", 1);"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { return mysql_insert_id(); } } function createcamper($client, $description, $productid, $status) { $sql = "INSERT INTO `campers` ( `camperid`, `client`, `description`, `productid`, `status`) VALUES (NULL, '" . $client . "','" . $description . "', '" . $productid . "', " . $status . ");"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { return mysql_insert_id(); } } function getheading($client, $origheading) { $q = "SELECT heading from field_headings where client = ".$client." and origheading = '".$origheading."'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return $origheading; } /* Return result array */ $headings = mysql_fetch_array($result); $heading = $headings['heading']; return $heading; } function addlog($username, $processname, $narrative, $debug) { if ($debug == 1) { if ($client_info['debug'] == 1) { $q = "INSERT INTO syslog (id, username, process, narrative) VALUES (NULL, '" . $username . "', '" . $processname . "', '" . $narrative . "');"; // echo $q."<br>"; return mysql_query($q, $this->connection); } } else { $q = "INSERT INTO syslog (id, username, process, narrative) VALUES (NULL, '" . $username . "', '" . $processname . "', '" . $narrative . "');"; return mysql_query($q, $this->connection); } } function addstagelog($client, $orderid, $stage) { $q = "INSERT INTO stage_log (id, client, orderid, stage) VALUES (NULL, " . $client . ", " . $orderid . ", " . $stage . ");"; // echo $q."<br>"; return mysql_query($q, $this->connection); } function deleteCamper($camperid) { $q = "DELETE from campers WHERE `camperid` = '" . $camperid . "'"; return mysql_query($q, $this->connection); $database->addlog($username, "fn_deletecamper", "Delete camper " . $camperid); } function deleteorder($orderid) { $q = "DELETE from orders WHERE `orderid` = '" . $orderid . "'"; return mysql_query($q, $this->connection); } function deleteslot($id) { $q = "DELETE from prod_schedule WHERE `id` = '" . $id . "'"; return mysql_query($q, $this->connection); } /** * getUserInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given username. If query fails, NULL is returned. */ function getUserInfo($username) { $q = "SELECT * FROM " . TBL_USERS . " WHERE username = '$username'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * getNumMembers - Returns the number of signed-up users * of the website, banned members not included. The first * time the function is called on page load, the database * is queried, on subsequent calls, the stored result * is returned. This is to improve efficiency, effectively * not querying the database when no call is made. */ function getNumMembers() { if ($this->num_members < 0) { $q = "SELECT * FROM " . TBL_USERS; $result = mysql_query($q, $this->connection); $this->num_members = mysql_numrows($result); } return $this->num_members; } /** * calcNumActiveUsers - Finds out how many active users * are viewing site and sets class variable accordingly. */ function calcNumActiveUsers() { /* Calculate number of users at site */ $q = "SELECT * FROM " . TBL_ACTIVE_USERS; $result = mysql_query($q, $this->connection); $this->num_active_users = mysql_numrows($result); } /** * calcNumActiveGuests - Finds out how many active guests * are viewing site and sets class variable accordingly. */ function calcNumActiveGuests() { /* Calculate number of guests at site */ $q = "SELECT * FROM " . TBL_ACTIVE_GUESTS; $result = mysql_query($q, $this->connection); $this->num_active_guests = mysql_numrows($result); } /** * addActiveUser - Updates username's last active timestamp * in the database, and also adds him to the table of * active users, or updates timestamp if already there. */ function addActiveUser($username, $time) { $q = "UPDATE " . TBL_USERS . " SET timestamp = '$time' WHERE username = '$username'"; mysql_query($q, $this->connection); if (!TRACK_VISITORS) return; $q = "REPLACE INTO " . TBL_ACTIVE_USERS . " VALUES ('$username', '$time')"; mysql_query($q, $this->connection); $this->calcNumActiveUsers(); } /* addActiveGuest - Adds guest to active guests table */ function addActiveGuest($ip, $time) { if (!TRACK_VISITORS) return; $q = "REPLACE INTO " . TBL_ACTIVE_GUESTS . " VALUES ('$ip', '$time')"; mysql_query($q, $this->connection); $this->calcNumActiveGuests(); } /* These functions are self explanatory, no need for comments */ /* removeActiveUser */ function removeActiveUser($username) { if (!TRACK_VISITORS) return; $q = "DELETE FROM " . TBL_ACTIVE_USERS . " WHERE username = '$username'"; mysql_query($q, $this->connection); $this->calcNumActiveUsers(); } /* removeActiveGuest */ function removeActiveGuest($ip) { if (!TRACK_VISITORS) return; $q = "DELETE FROM " . TBL_ACTIVE_GUESTS . " WHERE ip = '$ip'"; mysql_query($q, $this->connection); $this->calcNumActiveGuests(); } /* removeInactiveUsers */ function removeInactiveUsers() { if (!TRACK_VISITORS) return; $timeout = time() - USER_TIMEOUT * 60; $q = "DELETE FROM " . TBL_ACTIVE_USERS . " WHERE timestamp < $timeout"; mysql_query($q, $this->connection); $this->calcNumActiveUsers(); } /* removeInactiveGuests */ function removeInactiveGuests() { if (!TRACK_VISITORS) return; $timeout = time() - GUEST_TIMEOUT * 60; $q = "DELETE FROM " . TBL_ACTIVE_GUESTS . " WHERE timestamp < $timeout"; mysql_query($q, $this->connection); $this->calcNumActiveGuests(); } /** * query - Performs the given query on the database and * returns the result, which may be false, true or a * resource identifier. */ function query($query) { return mysql_query($query, $this->connection); } /** * Custom Database queries */ function getClientInfo($clientid) { $q = "SELECT * FROM clients WHERE id = '$clientid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getsupodstatus($status) { $q = "SELECT * FROM sup_od_status WHERE id = '$status'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getContactInfo($contactid) { $q = "SELECT * FROM contacts WHERE contactid = '$contactid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getQuoteInfo($quoteid) { $q = "SELECT * FROM quotes WHERE quoteid = '$quoteid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getProdTypeInfo($prodtypeid) { $q = "SELECT * FROM prodtype WHERE id = '$prodtypeid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getWSInfo($wsid) { $q = "SELECT * FROM stage WHERE id = '$wsid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getcolorInfo($id) { $q = "SELECT * FROM text_color WHERE id = '$id'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getlayoutInfo($layoutid) { $q = "SELECT * FROM camper_layout WHERE id = '$layoutid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getstages() { $q = "SELECT * FROM `stage` ORDER BY `seqno`"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getnextProdWeekid($id) { $q ="SELECT week_ending FROM prod_weeks where id =". $id; $result = mysql_query($q, $this->connection); $firstrow = mysql_fetch_array($result); $week_ending = $firstrow['week_ending']; $nextweek = strtotime(date("Y-m-d", strtotime($week_ending)) . " +7 day"); $nextweek = strftime("%Y-%m-%d", $nextweek); $q ="SELECT id FROM prod_weeks where week_ending ='". $nextweek."'"; $result = mysql_query($q, $this->connection); $nextweekid = mysql_fetch_array($result); $id = $nextweekid['id']; return $id; } function getprevProdWeekid($id) { $q ="SELECT week_ending FROM prod_weeks where id =". $id; $result = mysql_query($q, $this->connection); $firstrow = mysql_fetch_array($result); $week_ending = $firstrow['week_ending']; $prevweek = strtotime(date("Y-m-d", strtotime($week_ending)) . " -7 day"); $prevweek = strftime("%Y-%m-%d", $prevweek); $q ="SELECT id FROM prod_weeks where week_ending ='". $prevweek."'"; $result = mysql_query($q, $this->connection); $prevweekid = mysql_fetch_array($result); $id = $prevweekid['id']; return $id; } function getlastProdWeek($client) { $q ="SELECT max(week_ending) as week FROM prod_weeks where client = ".$client; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getStockAlert($orderid) { $q ="SELECT count(*) as 'Result' FROM orderitems, products where (orderitems.productid = products.prodid) and orderid = ".$orderid." and orderitems.std <> '2' and products.stockalert = 1"; // echo $q."<br>"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getRetailPrice($client, $dealer, $prodid) { $q ="SELECT price FROM retail_price where client = ".$client." and dealer = ".$dealer." and prodid = ".$prodid; // $this->addlog('session', 'getRetailPrice', $q, 0); // echo $q."<br>"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return 0; } /* Return result array */ $retailprice = mysql_fetch_array($result); $price = $retailprice['price']; return $price; } function updateRetailPrice($client, $dealer, $prodid, $price) { $q ="SELECT price FROM retail_price where client = ".$client." and dealer = ".$dealer." and prodid = ".$prodid; // $this->addlog('session', 'getRetailPrice', $q, 0); $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { $q = "INSERT INTO retail_price (id, client, dealer, prodid, price) VALUES (NULL, " . $client . ", " . $dealer . ", " . $prodid . ", " . $price.");"; // echo $q."<br>"; } else { $q= "UPDATE retail_price set price = ".$price." WHERE client = ".$client." AND dealer = ".$dealer." AND prodid = ".$prodid; } return mysql_query($q, $this->connection); } function deleteorderitem($orderitemid, $std) { if ($std == 1) { $q = "UPDATE orderitems set std = 3 where id = " . $orderitemid; } else { $q = "DELETE from orderitems WHERE `id` = '" . $orderitemid . "'"; } return mysql_query($q, $this->connection); } function updateQuotePrice($orderid) { // $q = "UPDATE orderitems set orderitems.price = retail_price.price from orderitems INNER JOIN retail_price on orderitems.productid = retail_price.prodid where orderitems.orderid = ".$orderid." AND retail_price.dealer = ".$dealer; $q = "SELECT orderitems.id as id, orders.dealerid as dealerid, orders.client as client, orderitems.productid as prodid from orderitems, orders where orders.orderid = orderitems.orderid and orderitems.orderid = ".$orderid." and std = 0"; $items = mysql_query($q, $this->connection); while ($item = mysql_fetch_array($items)) { $newprice = $this->getRetailPrice($item['client'], $item['dealerid'], $item['prodid']); $q2 = "UPDATE orderitems set price = ".$newprice." where id = ".$item['id']; mysql_query($q2, $this->connection); } $q = "SELECT sum( price * qty) as price FROM `orderitems` WHERE orderid = ".$orderid." and std = 0"; $totals = mysql_query($q, $this->connection); $pricecalc = mysql_fetch_array($totals); $price= $pricecalc['price']; $order_info = $this->getOrderInfo($orderid); if ($order_info['discount'] = '') { $discount = 0 ; } else { $discount = $order_info['discount']; } $discprice = $price - $order_info['discount']; $q2 = "UPDATE orders set price = ".$price.", discprice = ".$discprice." where orderid = ".$orderid; mysql_query($q2, $this->connection); return NULL; } } } /* Create database connection */ $database = new MySQLDB; ?>

Yes. The addlog function that is works is also in the class MySQLDB

I am having trouble getting a function to work. The function I am having trouble with is in a database.php include file that I am using successfully already. In this particular case I have had it read a function in the same file immediately before, with no problem. Here is the code. $database->addlog($username, $processname, "Can access database", 0); $prodidisused = $database->prodisused($prodid); and the error I am getting is Fatal error: Call to undefined method MySQLDB::prodisused() in /home/paulsinc/public_html/testcrm/create_product.php on line 217 The function which is in database.php is function prodisused($prodid) { $q = "SELECT * FROM orderitems WHERE productid = '$prodid'"; $result = mysql_query($q, $this->connection); /* Error occurred, return given name by default */ if (!$result || (mysql_numrows($result) < 1)) { return false; } /* Return result array */ return true; } As you can see, the function addlog which is also in database.php is working. Thanks for all suggestions.

Thanks. There was still another problem. I was comparing the wrong field, but I was only able to find it after resolving that issue. Thank you to you and all who read this.

OK. I thought I was making it easier but will do. Thank you. <? include("include/session.php"); if (!$session->logged_in) { header("Location: index.php"); } else { include("header.php"); ?> <HTML> <HEAD> <? echo "<title>" . PROJECT_NAME . "</title>"; $req_user = trim($session->username); $req_user_info = $database->getUserInfo($req_user); $userlevel = $req_user_info['userlevel']; echo "<link href=\"" . $stylesheet . "\" rel=\"stylesheet\" type=\"text/css\">"; ?> </HEAD> <BODY> <? $dealer = $req_user_info['dealer']; $dealer_info = $database->getdealerInfo($dealer); $client = $req_user_info['client']; $client_info = $database->getClientInfo($client); $stylesheet = $client_info['css']; $prodtype_info = $database->getProdTypeInfo($_REQUEST['prodtype']); $product_info = $database->getProductInfo($_REQUEST['prodid']); $custid = mysql_real_escape_string($_REQUEST['custid']); $cust_info = $database->getCustomerInfo($custid); $pricing = $cust_info['pricing']; $req_user = trim($session->username); $req_user_info = $database->getUserInfo($req_user); $username = $req_user_info['username']; $orderid = mysql_real_escape_string($_REQUEST['orderid']); $layoutid = mysql_real_escape_string($_REQUEST['layout']); $order_info = $database->getOrderInfo($orderid); $todaydisplay = date('d-m-Y'); $today = date('Y-m-d'); $camper_info = $database->getCamperInfo($order_info[camper]); echo "<H2><p align=\"center\">Order for " . $cust_info['customername'] . " - " . $camper_info['description'] . "</p></H2>"; include("include/cust_buttons.php"); switch ($_REQUEST['action']) { // Action Selection Start case "select"; { $sql = "INSERT INTO `orders` (`orderid`, `client`, `custid`, `created`, `createdby` , `updatedby`, `status`) VALUES (NULL, '" . $client . "', '" . $custid . "', '" . $today . "', \"" . $username . "\", \"" . $username . "\", '1');"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { $orderid = mysql_insert_id(); } $followupperiod = $client_info['quote_expiry_warning']; $followupdt = time() + $followupperiod * 24 * 60 * 60; //quote expiry followup days from client record. $followupdt = strftime("%Y-%m-%d", $followupdt); $database->addActivity(1, "Quote # '" . $orderid . "' created", 1, $client, $custid, $today, $username, $followupdt); break; } case "updatelayout"; { $database->updateOrderField($orderid, 'layout', $layoutid); break; } case "insertmisc"; { $description = mysql_real_escape_string($_REQUEST['description']); $price = mysql_real_escape_string($_REQUEST['price']); $prodid = 999999; $sql = "INSERT INTO `orderitems` (`id`, `orderid`, `productid`, `description`, `price`, `created`, `createdby`, `qty`) VALUES (NULL, '" . $orderid . "', '" . $prodid . "', '" . $description . "', '" . $price . "', '" . $today . "', \"" . $username . "\", '1')"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { } $sql = "SELECT `price`, `discprice`, `lineitems` FROM `orders` WHERE `orderid` = '" . $orderid . "'"; $orders = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($orders)) { $cum_price = $row['price']; $cum_disc_price = $row['discprice']; $totalitems = $row['lineitems']; } // **Problem with the price and the cumulative price. Poss confusion with discount price. $totalprice = $cum_price + $price; $totaldiscprice = $cum_disc_price + $price; $totalitems = $totalitems + 1; $database->updateOrderField($orderid, 'price', $totalprice); $database->updateOrderField($orderid, 'discprice', $totaldiscprice); $database->updateOrderField($orderid, 'lineitems', $totalitems); break; } case "displaycategory"; { // Display all products in the selected category as a form to select an item. if ($prodtype_info['misc'] == 1) { echo "<form action=create_order.php method=post>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; echo "<tr><td><input type=hidden size=20 name=action value=\"insertmisc\"></td></tr>"; echo "<tr><td><input type=hidden size=20 name=custid value='" . $custid . "'></td></tr>"; echo "<tr><td><input type=hidden size=20 name=orderid value='" . $orderid . "'></td></tr>"; echo "<tr><td><b>Description:</b></td><td><input type=text size=30 name=description></td></tr>"; echo "<tr><td><b>Price:</b></td><td><input type=text size=10 name=price></td></tr>"; echo "<tr><td></td><td><input type=submit border=0 value=\"Submit\"></td></tr>"; echo "</table>"; echo "</form>"; echo "<br>"; } else { echo "<br>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; $prodtype = $_REQUEST['prodtype']; // echo "Pricing is ".$pricing."<br>"; switch ($pricing) { case 2; { $sql = "SELECT `prodid`, `description`, `wholesale` AS `price` FROM `products` WHERE `prodtype` = '" . $prodtype . "'"; break; } default; { $sql = "SELECT `prodid`, `description`, `retailprice` AS `price` FROM `products` WHERE `prodtype` = '" . $prodtype . "'"; break; } } $products = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($products)) { echo "<tr><td><a href=\"create_order.php?action=additem&orderid=" . $orderid . "&custid=" . $custid . "&prodid=" . $row['prodid'] . "\">" . $row['description'] . "</a></td><td><img src=images/blank.gif width=20 height=10></td><td class=tabclearright>" . $row['price'] . "</td>"; $sql2 = "SELECT `id` FROM `orderitems` WHERE `orderid` = '" . $orderid . "'"; $orderlist = mysql_query($sql2) or trigger_error(mysql_error() . '<br />Query was:' . $sql2); $orderarray = array(); while ($orderitem = mysql_fetch_array($orderlist)); ( $orderarray[] = $orderitem['id']; ) $prodid=$row['prodid']; if (in_array($prodid, $orderarray)) { echo "<td> In.</td>"; } else { echo "<td> Out.</td>"; } echo "</tr>"; } echo "<tr><td><img src=images/blank.gif width=20 height=10></td></tr>"; echo "<tr><td class=tabclearcenter><a href=\"create_order.php?action=select&custid=" . $custid . "\">Back</a></td><td><img src=images/blank.gif width=20 height=10></td><td class=tabclearright>" . $row['retailprice'] . "</td></tr>"; echo "</table>"; } exit; } // Loop through all items in selection - END case "additem"; { // Insert Line item to database // Find price of item and add price to entry. $prodid = $_REQUEST['prodid']; $sql = "SELECT `retailprice`,`wholesale` FROM `products` WHERE `prodid` = '" . $prodid . "'"; $products = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($products)) { switch ($pricing) { case 2; { $price = $row['wholesale']; break; } default; { $price = $row['retailprice']; break; } } } $sql = "INSERT INTO `orderitems` (`id`, `orderid`, `productid`, `price`, `created`, `createdby`, `qty`) VALUES (NULL, '" . $orderid . "', '" . $prodid . "', '" . $price . "', '" . $today . "', \"" . $username . "\", '1')"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { $prodtype_info = $database->getProdTypeInfo($product_info['prodtype']); if ($prodtype_info['camper'] == 1) { $sql = "select camper_components.productid from camper_components,campers where campers.camperid = camper_components.camperid and campers.productid = '" . $prodid . "'"; $stditems = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($stditems)) { $stdproduct_info = $database->getProductInfo($row['productid']); $sql = "INSERT INTO `orderitems` (`id`, `orderid`, `productid`, `price`, `created`, `createdby`, `qty`, `std`) VALUES (NULL, '" . $orderid . "', '" . $stdproduct_info['prodid'] . "', '0', '" . $today . "', \"" . $username . "\", '1', '1')"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { } } $camper_info = $database->getCamper_ProdInfo($prodid); $database->updateOrderField($orderid, 'camper', $camper_info['camperid']); } } $cum_price = $order_info['price']; $cum_disc_price = $order_info['discprice']; $totalitems = $order_info['lineitems']; $totalprice = $cum_price + $price; $totaldiscprice = $cum_disc_price + $price; $totalitems = $totalitems + 1; $database->updateOrderField($orderid, 'price', $totalprice); $database->updateOrderField($orderid, 'discprice', $totaldiscprice); $database->updateOrderField($orderid, 'lineitems', $totalitems); $order_info = $database->getOrderInfo($orderid); break; } case "delitem"; { // Need to update order header record and delete line item. $orderitemid = $_REQUEST['orderitemid']; $product_info = $database->getProductInfo($_REQUEST['prodid']); $retailprice = $product_info['retailprice']; $sql = "DELETE FROM `orderitems` WHERE `id` = '" . $orderitemid . "'"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { $prodtype_info = $database->getProdTypeInfo($product_info['prodtype']); if ($prodtype_info['camper'] == 1) { $sql1 = "delete from orderitems where std = 1 and orderid = '" . $orderid . "'"; //echo $sql1; $executed = mysql_query($sql1) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { $database->updateOrderField($orderid, 'camper', 0); } } } $cum_price = $order_info['price']; $cum_disc_price = $order_info['discprice']; $totalitems = $order_info['lineitems']; $totalprice = $cum_price - $retailprice; $totaldiscprice = $cum_disc_price - $retailprice; $totalitems = $totalitems - 1; $database->updateOrderField($orderid, 'price', $totalprice); $database->updateOrderField($orderid, 'discprice', $totaldiscprice); $database->updateOrderField($orderid, 'lineitems', $totalitems); $order_info = $database->getOrderInfo($orderid); break; } case "listorder"; { break; } case "updateorderitem"; { $orderitemid = mysql_real_escape_string($_REQUEST['orderitemid']); $sql = "UPDATE `orderitems` SET `price` = '" . $_REQUEST['price'] . "', `qty` = '" . $_REQUEST['qty'] . "' WHERE `id` = '" . $orderitemid . "'"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { include("include/recalc_order.php"); } //update order total. break; } case "editorderitem"; { $custid = mysql_real_escape_string($_REQUEST['custid']); $orderid = mysql_real_escape_string($_REQUEST['orderid']); $orderitemid = mysql_real_escape_string($_REQUEST['orderitemid']); $sql = "SELECT `id`, `orderid`, `products`.`description` AS `description`, `price`, `qty` FROM `orderitems`,`products` WHERE `orderitems`.`productid` = `products`.`prodid` AND `id` = '" . $orderitemid . "'"; $result = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($result)) { echo "<form action=create_order.php method=get>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; echo "<tr><td></td><td></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=action value=\"updateorderitem\"></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=custid value='" . $custid . "'></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=orderid value='" . $orderid . "'></td></tr>"; echo "<tr><td></td><td><input type=hidden size=20 name=orderitemid value='" . $orderitemid . "'></td></tr>"; echo "<tr><td><b>Description:</b></td><td>" . $row['description'] . "</td></tr>"; echo "<tr><td><b>Price:</b></td><td><input type=text size=20 name=price value=\"" . $row['price'] . "\"></td></tr>"; echo "<tr><td><b>Qty:</b></td><td><input type=text size=10 name=qty value=\"" . $row['qty'] . "\"></td></tr>"; echo "<tr><td></td><td><input type=submit border=0 value=\"Submit\"></td></tr>"; echo "</table>"; echo "</form>"; echo "<br>"; } exit; } case "editorder"; { // Create form to add discount and validate, and change the status of a order. echo "<H2><p align=\"center\">Edit order #" . $_REQUEST['orderid'] . "</p></H2>"; $client_info = $database->getClientInfo($client); $layout = $order_info['layout']; $layout_info = $database->getlayoutInfo($layout); echo "<form action=create_order.php method=post>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; echo "<tr><th><input type=hidden size=20 name=action value=\"update\">"; echo "<tr><th><input type=hidden size=20 name=custid value='" . $custid . "'>"; echo "<tr><th><input type=hidden size=20 name=orderid value='" . $orderid . "'></td></tr>"; echo "<tr><th rowspan=\"16\"><a href=\"select_camper_layout.php?custid=" . $custid . "&orderid=" . $orderid . "\"><img src=images/blank.gif width=20 height=10><img src=camper_layouts/" . $layout_info['file_location'] . " width=180 height=300 border = 2 alt=\"Select Layout\"></a><img src=images/blank.gif width=20 height=10>"; echo "<tr><td><b> Sales Rep:</b></td><td> <select name=\"salesrep\">"; $selectedsalesrep = $order_info['salesrep']; $sql = "SELECT `id`, `lastname` FROM `salesreps` WHERE `client` = " . $client . " ORDER BY `lastname`;"; $salesreps = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($salesrep = mysql_fetch_array($salesreps)) { if ($salesrep['id'] == $selectedsalesrep) { echo "<option selected value='" . $salesrep['id'] . "'>" . $salesrep['lastname'] . "</option>"; // echo "<option selected value='".$type['id']."'>Selected</option>"; } else { echo "<option value='" . $salesrep['id'] . "'>" . $salesrep['lastname'] . "</option>"; } } echo "<tr><td><b> Quote #:</b></td><td>" . $order_info['quoteid']; echo "<tr><td><b> Created by:</b></td><td>" . $order_info['createdby']; echo "<tr><td></td><td><input type=hidden size=20 name=price value='" . $order_info['price'] . "'></td></tr>"; echo "<tr><td><b>Price:</b></td><td>" . $order_info['price'] . "</td></tr>"; echo "<tr><td><b>Discount:</b></td><td><input type=text size=30 name=discount value=\"" . $order_info['discount'] . "\"></td></tr>"; echo "<tr><td><b>Discount Price:</b></td><td>" . $order_info['discprice'] . "</td></tr>"; echo "<tr><td><b>Line Items:</b></td><td>" . $order_info['lineitems'] . "</td></tr>"; echo "<tr><td><b>Show Standard:</b></td><td> <select name=\"showdetail\">"; switch ($order_info['showdetail']) { ; case 0; { echo "<option selected value='0'>No</option>"; echo "<option value='1'>Yes</option></td></tr>"; } case 1; { echo "<option value='0'>No</option>"; echo "<option selected value='1'>Yes</option></td></tr>"; } } echo "<tr><td><b>Status:</b></td><td> <select name=\"status\">"; $selectedstatus = $order_info['status']; $sql = "SELECT `id`, `description` FROM `od_status` WHERE `status` = '1' ORDER BY `description`;"; $statuses = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($status = mysql_fetch_array($statuses)) { if ($status['id'] == $selectedstatus) { echo "<option selected value='" . $status['id'] . "'>" . $status['description'] . "</option>"; // echo "<option selected value='".$type['id']."'>Selected</option>"; } else { echo "<option value='" . $status['id'] . "'>" . $status['description'] . "</option>"; } } echo "<tr><td><b>Stage:</b></td><td> <select name=\"stage\">"; $selectedstage = $order_info['stage']; $sql = "SELECT `id`, `factory_description` FROM `stage` ORDER BY `seqno`;"; $stages = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($stage = mysql_fetch_array($stages)) { if ($stage['id'] == $selectedstage) { echo "<option selected value='" . $stage['id'] . "'>" . $stage['factory_description'] . "</option>"; } else { echo "<option value='" . $stage['id'] . "'>" . $stage['factory_description'] . "</option>"; } } echo "<tr><td><b>Expected Delivery Date:</b></td><td><input type=text size=30 name=exp_delivery value=\"" . $order_info['exp_delivery'] . "\"></td></tr>"; echo "<tr><td><b>Actual Delivery Date:</b></td><td><input type=text size=30 name=act_delivery value=\"" . $order_info['act_delivery'] . "\"></td></tr>"; echo "<tr><td><b>Customer Reference:</b></td><td><input type=text size=30 name=custref value=\"" . $order_info['custref'] . "\"></td></tr>"; echo "<tr><td><b>VIN:</b></td><td><input type=text size=30 name=VIN value=\"" . $order_info['VIN'] . "\"></td></tr>"; echo "<tr><td></td><td><input type=submit border=0 value=\"Submit\"></td></tr>"; echo "</table>"; echo "</form>"; echo "<br>"; exit; } case "update"; { $sql = "SELECT `status` FROM `orders` WHERE `orderid` = '" . $orderid . "'"; // echo $sql; $orders = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($orders)) { $currentstatus = $row['status']; } $discount = mysql_real_escape_string($_REQUEST['discount']); $showstd = mysql_real_escape_string($_REQUEST['showdetail']); $price = $_REQUEST['price']; $stage = $_REQUEST['stage']; if ($price > 0) { $discrate = $discount / $price; } else { $discrate = 0; } if ($discrate < 0.10) { $discprice = $price - $discount; } $orderid = $_REQUEST['orderid']; // echo "Order is ".$orderid; $sql = "UPDATE `orders` SET `discount` = '" . $discount . "', `discprice` = '" . $discprice . "', `showdetail` = '" . $showstd . "', `status` = '" . $_REQUEST['status'] . "', `stage` = '" . $_REQUEST['stage'] . "', `exp_delivery` = '" . $_REQUEST['exp_delivery'] . "',`act_delivery` = '" . $_REQUEST['act_delivery'] . "',`custref` = '" . $_REQUEST['custref'] . "',`VIN` = '" . $_REQUEST['VIN'] . "',`updatedby` = '" . $username . "' WHERE `orderid` = '" . $orderid . "'"; // echo $sql; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { } if ($_REQUEST['action'] <> $currentstatus) { switch ($_REQUEST['status']) { // Status Selection Start //Open case 1; { } // Order Taken case 2; { } // Withdrawn case 3; { } // Expired case 4; { } // Paid case 6; { $followupperiod = $client_info['quote_followup']; $followupdate = time() + $followupperiod * 24 * 60 * 60; //quote followup days from client record. $followupdate = strftime("%Y-%m-%d", $followupdate); $sql = "INSERT INTO `activities` (`actid`, `client`, `custid`, `created`, `createdby`, `acttype`,`comments`,`followedup`) VALUES (NULL, '" . $client . "', '" . $custid . "', '" . $today . "', '" . $username . "', '2',\"Order # " . $orderid . " Paid\",'1');"; $executed = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); if ($executed) { } break; } } //End Switch on Status } // End If Current status has changed } // End Switch on Update break; } // End Update include ("include/display_order.php"); // include ("display_production_sheet.php"); echo "<br>"; echo "<table border=0 cellpadding=0 cellspacing=0 align=center>"; $sql = "SELECT `id`, `description` FROM `prodtype` WHERE `client` = " . $client . " ORDER BY `id`;"; $prodtypes = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($prodtypes)) { echo "<tr><td><a href=\"create_order.php?action=displaycategory&orderid=" . $orderid . "&custid=" . $custid . "&prodtype=" . $row['id'] . "\">" . $row['description'] . "</a></td></tr>"; } echo "</table>"; echo "<br>"; include ("include/footer.php"); ?> </BODY> </HTML> <? } ?>

Here is the earlier code, but I have verified that $prodid is being correctly created. switch ($pricing) { case 2; { $sql = "SELECT `prodid`, `description`, `wholesale` AS `price` FROM `products` WHERE `prodtype` = '" . $prodtype . "'"; break; } default; { $sql = "SELECT `prodid`, `description`, `retailprice` AS `price` FROM `products` WHERE `prodtype` = '" . $prodtype . "'"; break; } } $products = mysql_query($sql) or trigger_error(mysql_error() . '<br />Query was:' . $sql); while ($row = mysql_fetch_array($products)) {

Hi. I am trying to test to see if a particular record id (int) is included in array. This is the code I am using $sql2 = "SELECT `id` FROM `orderitems` WHERE `orderid` = '" . $orderid . "'"; $orderlist = mysql_query($sql2) or trigger_error(mysql_error() . '<br />Query was:' . $sql2); $orderarray = array(); while ($orderitem = mysql_fetch_array($orderlist)); ( $orderarray[] = $orderitem['id']; ) $prodid=$row['prodid']; if (in_array($prodid, $orderarray)) { echo "<td> In.</td>"; } else { echo "<td> Out.</td>"; } Every case is outputting "Out" even though some should pass. I have verified that the variables are outputting the correct thing, but am not sure about the array. I am just a beginner, so i am hoping there is something really obvious I am doing wrong. Thanks for reading this.