Pikachu2000

Oof. I think I just threw up in my mouth a little bit. OK, it was actually a lot.

Probability of what? Your example appears to be just percentages of the amount entered.

You do have session_start(); at the top of the script, right?

The error shows that $username is empty, indicating that $_SESSION['username'] is also empty, or unset. Is there a session_start(); at the head of this script?

First, change the short open tags to the full <?php open tags, and change the quick echo <?= tags to the full syntax <?php echo $var; ?>. Then, separate the query string from the query excution, so you can echo it along with any errors. $query = "SELECT `whatever` FROM `table` WHERE `value` = 'something'"; $result = mysql_query( $query ) or die( '<br />Query string ' . $query . '<br />Produced error: ' . mysql_error() );

If you need to get the customer ID as soon as it is inserted into the database (and you're using MySQL), mysql_insert_id().

You're using all comparison ( == ) operators in the function, when 4 of them should be assignment ( = ) operators. if( $type == 'query' ) { $user = 'psquery'; $pass = 'fuji'; } // And so forth . . .

You store the files above the document root, and use a script to access them and log the downloads. There are pre-made scripts available for that purpose. No need for anything special in the .htaccess file at all.

There really isn't a single answer to that question, it all depends on what you're trying to so. At the very least, you'll probably need a user_id, username, and password fields. You need to decide what information you'll require from the user, and design the table accordingly.

Glad I could help. Please mark the topic as solved (if it is) with the 'Mark Solved' button at the lower left of the page . . .

I'm assuming all the users are registered already, and at least have a username, password, and primary key id in the database. If that's the case a regular UPDATE query should be all you need. If the field is empty, it will insert the data, if not, it will overwrite it.

Remove any passwords, etc. from the script you're using and post it here within . . . tags, and someone can probably help you out with it.

You posted some more while I was writing, I guess. In the editprofile.php script, the session_start() needs to be before any attempt to use a $_SESSION var. You should also check specifically for the $_SESSION array element you need to be set. This is untested, but it should work as written. Let me know if it doesn't . . . <?php session_start(); // UNCOMMENT NEXT LINE TO PRINT THE $_SESSION ARRAY TO THE SCREEN . . . // echo '<pre>'; print_r($_SESSION); echo '</PRE>'; if(empty($_SESSION['userID']) || $_SESSION['authorized'] != true ) { header("Location: login.php"); exit; } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/xml; charset=utf-8" /> <title>Edit Profile</title> <style type = "text/css"> table { margin: 0 auto; </style> </head> <body> <?php require_once ("dbconn.php"); $result = mysql_query("SELECT * FROM `users` WHERE `userID` = '{$_SESSION['userID']}' LIMIT 1") or die(mysql_error()); $row = mysql_fetch_array($result); $userName = $_SESSION['userID']; print ("Testing. Your ID is $userID<br /><a href=\"http://localhost/mgnml/logout.php\">Log Out</a></body></html>"); } ?>

This may or may not be applicable to your situation. ON DUPLICATE KEY UPDATE

Yes, it appears to be just fine. I have a couple suggestions though, if you're interested. If you don't actually need the data from all the fields in a database, don't use a wildcard SELECT * FROM `table` query. Specify the fields you need: SELECT `userID` FROM `users` WHERE . . . You should separate your query strings from the query execution. Store the string in a variable, $query = "SELECT whatever FROM some_table":, then use the variable in the query execution. $result = mysql_query( $query );. This gives you the ability to echo the query separately, or send it to the PHP error log when debugging is needed, and sooner or later it will be. When you're checking the mysql_num_rows result, since you're expecting exactly one record to be returned, you should check that one, and only one record is returned. Less than one is no matching record, but more than one match is ambiguous, and can be an indication of data corruption, SQL injection, etc. So if( mysql_num_rows($select_user) == 1 ) would be a better option.

Yes.

Oh, well you should store that information in the $_SESSION array when the user logs in successfully, then it will be available for use during the time they are on the site.

What information are you storing in the $_SESSION array that is associated with the user?

If you find the fact that people make an honest effort to help you bothersome, maybe you should look elsewhere for answers; I hear Google is pretty popular these days. When the question is unclear, or if there is the possibility a better, more efficient way to do something exists, then I will ask for clarification every single time. On reading your statement, "We have multiple websites that use a slightly different form, but they all collect firstname, lastname, email address and zip code.", your post sounded like all these websites belong to one organization, hence my suggestion that all forms simply insert into one database, rather than going through the convoluted nonsense of sending and parsing emails, then inserting the results of that into a database. If you were paying attention, and reading for comprehension, you would have noticed that when the fact was brought to light that these web sites were not, in fact operated by the same organization, I no longer persisted in suggesting the aforementioned method. Regarding your second post in this thread, I found a PECL package and merely suggested it in your second thread on the same topic. Nothing more, nothing less. I did read the basic information about the package, and thought you just might find it useful. Of course if you don't take the time to research it yourself, you'll never know. Now you're going to whine that I stated up front I wasn't familiar with the package? Get a life. I absolutely will not apologize for making a good faith effort to help someone on my own time and without any expectation of compensation whatsoever. If you want guaranteed answers, you should subscribe to a service and pay for them. Get off your high horse, and get over yourself. If you were that good, you wouldn't be here looking for someone to write code for you free of charge instead of taking the time to investigate and learn things on your own. If any of the moderators have a problem with the way I answered your questions, or anyone else's for that matter, I'm sure I'll hear it from one of them.

Enclose code in [nobbc] . . . [/nobc] tags, use appropriate line breaks, and if possible indenting, when posting it. Nobody wants to wade through a mess like that, at least not for free.

That was my point. It should NOT be in single quotes, which it currently is. It should be in double quotes, with all the enclosed double quotes escaped. Note the syntax highlighting. $form12 = ('<h3><em style="color: #F00"> <?php echo $wk;?> <?php echo $wknum;?> </em></h3> <form name="Picks" method="post" action="<?php echo $process; ?>"> // {SNIP} </p> </form>'); $form12 = "<h3><em style=\"color: #F00\"> <?php echo $wk;?> <?php echo $wknum;?> </em></h3> <form name=\"Picks\" method=\"post\" action=\"<?php echo $process; ?>\"> // {SNIP} </p> </form>";

Did you address this also? ^^

I don't pretend to know anything about this particular package, but there's a mailparse PECL extension. You can look at it and see if it might work for you.

I see you've tried to store that whole block of html in a variable as well. It looks as thought it's going to be an issue of it being enclosed in single quotes, and being interpreted as one literal string. The variables and <?php tags aren't being interpreted.

Change the short <? open tag near the end to a full <?php open tag.