CroNiX

Did you check your server and php error logs?

I'm sure there is some documentation somewhere for that script you are using that probably has a method to do that.

The thing I noticed is your expiration time. It's a unix timestamp. If I enter echo date('Y-m-d H:i:s', 9999999999); I get 2014-09-06 21:50:07 So it means the cookie is already expired.

<?php $iplogfile = '../logs/ip-address-contactform.txt'; $ipaddress = $_SERVER['REMOTE_ADDR']; //load the file $file = file_get_contents($iplogfile); //check to see if the ipaddress is already in the file if ( ! preg_match("/$ipaddress/", $file )) { //nope, log it! $webpage = $_SERVER['SCRIPT_NAME']; $timestamp = date('m/d/Y h:i:s'); $browser = $_SERVER['HTTP_USER_AGENT']; $fp = fopen($iplogfile, 'a+'); chmod($iplogfile, 0777); fwrite($fp, '['.$timestamp.']: '.$ipaddress.' '.$browser. "\r\n"); fclose($fp); } ?> Haven't tested it

something like: $selected = ''; $selected_value = (isset($_POST['view'])) ? $_POST['view'] : ''; foreach($result as $row){ if ($row[0] == $selected_value) { $selected = ' selected="selected"'; } echo "<option value='$row[0]'$selected>$row[2], $row[1]</option>"; } ?> </select>

} elseif($_POST['update']) { echo 'Attendee ID is '.$id; // $id is gone at this point $stmt = $db->prepare('UPDATE attendees SET fname = :fname, etc, etc WHERE attendeeid = :id'); } You don't bind the parameters or execute the query, at least you didn't show that part if you do. Very hard to troubleshoot incomplete code

Pretty self explanatory....you are using a variable, $sql, that you haven't defined. So your query fails.

What does this have to do with the Apache server, which is the forum you posted this in?

You can also put it in between <pre> tags to view the raw HTML output before your browser converts the entities back to their respective symbols.

That means your form is incorrect somehow. Show us your entire form, including the form open/close tags. Did you change the form back to using POST? also, if you implemented the braces I showed you you shouldn't get that error you mentioned, unless you didn't show us all of the code.

Also, if you put this at the very TOP of results.php for debugging echo '<pre>'; print_r($_POST); echo '</pre>'; die(); What do you get?

Try wrapping the whole thing in braces so it will only execute if $_POST['keyword'] exists. if (isset($_POST['keyword'])) { //add brace $keyword = $_POST['keyword']; $search_sql="SELECT * FROM new_equip WHERE itemname LIKE '%" .$keyword. "%'"; $search_query=mysql_query($search_sql); if(mysql_num_rows($search_query)!=0) { $search_rs=mysql_fetch_assoc($search_query); } $eid = $row['id']; $itemname = $row['itemname']; } //add brace

I think it was fine using POST. I think the problem was here in your results.php: if (!isset($_POST['keyword'])) $keyword = $_POST['keyword']; //... You're saying if the $_POST['keyword'] IS NOT SET, to USE $_POST['keyword'] which obviously you can't since it doesn't exist Try removing the ! from the isset (which makes it NOT isset())

If I hover over a name in a post, there is a "Flag as Spammer" icon next to the "Add as friend" in the popup. Do I as a Guru have more privs than you as an admin?

That's very normal for a website. It's a malicious bot trying to find common weaknesses in your app. No point in blocking it really. There are thousands out there roaming the net looking for vulnerabilities in websites. This is why we stress security and building secure apps so much around here.

It's just what Ch0cu3r said, the mysqli_prep() function had no knowledge of the $connection variable, as it was defined outside of the function but not passed to the function where it was used. Ch0cu3r also posted links explaining variable scope.

But your problem is you are inserting this: $val[0] when $val is no longer an array. It's a value FROM the array that you are looping through. Just use $val there.

why not have it show the actual mysql_error() instead of a 'fail insert', which tells you basically nothing? Also, the mysql extension is deprecated and will be removed from a future version of PHP. Best to use PDO or MySQLi if you want your code to run on future versions of php.

Doesn't matter if it works. Did you implement the changes I suggested and check the browsers console to see if you actually got a response back?

You can also just use jQuery and the $("a:visited") selector to override that browser behavior. $("a:visited").css('font-weight', 'bold');

How do you know it submits fine? You don't check anything returned from your ajax call like the error messages you are sending if there is a problem. Try changing your ajax success method to this and check the browser console for anything returned. success: function(data) { console.log(data); //..rest of success code

That url in the ajax call seems a little odd. Are you sure the ajax post is making it to your contact_me.php script? Do you receive any of the error messages back?

It would be: $title = $rowart["Article_Title"] . ': Article - mixrevu.com'; and $title = $rowart["Article2_Title"] . ': mixrevu.com - Audio Blog';

Sorry to be a stickler, but functions should be named for what they do. Your "test_input()" function does not test a thing and is misleading

By default, php only gets executed/parsed in .php files, not .html files. If you want it to parse .html (or .htm) files you'd have to setup your webserver up to do that. But there is not advantage, seo or otherwise, to have .html over .php. Best to just stick to .php