TeNDoLLA

I don't see any problem using isset($_POST['variable']) as long as you don't check it against the value in the submit button. Because if the form ever was submitted and you got some vars in it, they will exists no matter what (except the value in submit button, in case of IE and enter pressing).

Well then you just add the search terms in the queries, BOTH queries. The one where you get the total rows for counting total pages AND the one where you get the actual results for the current page (with LIMIT 5). Example for gettin the total results $search = mysql_real_escape_string($_POST['search']); $sql = "SELECT COUNT(id) AS total FROM table WHERE someField LIKE '%$search%'"; // Or depending the situation what you want to achieve $sql = "SELECT COUNT(id) AS total FROM table WHERE someField ='$search'";

The errors you are getting is produced probably because the file you uploaded was in your blacklist, which leads to that the file WILL NOT GET MOVED/UPLOADED. And then you try to use the moved image file in your scripts some elsewhere (which does not exist). If I recall correctly from your earlier topics, you are also using a SimpleImage class or something similar. I suggest you try to make things simple and work simple before you dive into someone else's written image classes. You need to understand the basics and the logic flow in the code ALL THE TIME. You just cant get pieces and classes from here and there and put them together and expect everything to work smoothly. Not that the class was very advanced what I looked it day or two ago, but just a note.

Why not just make SELECT COUNT(id) AS total FROM table; // Gets the count of rows, this if where you count the total pages. Then when user clicks page say for example page 5 you would define start and offset for the result query using the LIMIT to get the results for page 5 based on the first query. As I understood you think I meant two queries for counting the rows, that is not what I meant. One query for counting rows total and one query to get the results based on page the user is on. You just CAN'T use one query only, it is impossible to get total pages and search results for LIMIT 5 in same query. And as mentioned, you can't use the LIMIT in the query where you get the total row count. And if you need to get the paging for some search results, you just add the search conditions in the query I provided above. Then it gets the total pages for the current search results.

Maybe do something like this.. function uploadFile($file, $uploadPath) { $max_size = 5242880; $path = $uploadPath . $file['name']; $blacklist = array(".php", ".jpg", ".jpeg", ".php.gif", ".php.png", ".phtml", ".php3", ".php4", ".html"); $file_type = array("image/gif","image/jpg","image/jpeg","image/png"); $patterns = implode('|', $blacklist); if (preg_match('('. $patterns .')', $file['name'])) { return 'File is blacklisted.'; } else if ($file['size'] > $max_size) { return 'File is too large.'; } else if (!in_array($file['type'], $file_type)) { return 'File type is not allowed.'; } else if (move_uploaded_file($file['tmp_name'], $path)) { return "The file was uploaded successfully."; } else { return "The file was not uploaded successfully. Error code: " . $file['error']; } }

Well, one thing is for sure. THERE IS NO ERROR IN THE CODE YOU PROVIDED IN THE LAST POST. 100% fact.

Apparently you cant use the LIMIT in the query that defines the total pages math. You use two queries, one to get all records and count the total pages. Then you run another query with the search results and LIMIT it and print out the results for the current page.

Can't see anything wrong in there. Maybe I am blind? Maybe you got something else going on some elsewhere?

From the comments in the manual, maybe this is some help?

To the original problem, echo out your $query variable before running it, and see if it has all the values in place as they should be and there is nothing bizarre in the query. The error tells you there is SYNTAX error in SQL query.

Try this function uploadFile($file, $uploadPath) { $path = $uploadPath . $file['name']; $allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg"); if (in_array($file['type']), $allowedTypes) { if (move_uploaded_file($file['tmp_name']), $path) { echo 'Image uploaded succesfully.'; } else { echo 'Error saving image.'; } } else { echo 'Invalid file type.'; } } And this can be done to separate the output from the logic function uploadFile($file, $uploadPath) { $path = $uploadPath . $file['name']; $allowedTypes = array("image/gif","image/jpg","image/png","image/jpeg"); $msg = ''; // Message to be returned from the function. if (in_array($file['type']), $allowedTypes) { if (move_uploaded_file($file['tmp_name']), $path) { $msg = 'Image uploaded succesfully.'; } else { $msg = 'Error saving image.'; } } else { $msg = echo 'Invalid file type.'; } return $msg; // Use the return value to print the message elsewhere. }

Maybe the error is inside your validEmail() function which you are using in this code, and which is the part associated with this code that we can't see.

Apparently you can't use an array as value for SQL. You could create the extra part for the sql query manually and then add it to the SQL-clause. e.g. $name = array('test', 'test2', 'test3'); $sqlExtra = "AND ("; foreach ($name as $val) { $sqlExtra .= "name LIKE '%$val%' OR "; } $sqlExtra = substr($sqlExtra, 0, -4) . ')'; var_dump($sqlExtra); // Outputs AND (name LIKE '%test%' OR name LIKE '%test2%' OR name LIKE '%test3%') $sql = "SELECT *, ( 3959 * acos( cos( radians($lat) ) * cos( radians( loc_LAT_centroid ) ) * cos( radians( loc_LONG_centroid ) - radians($lon) ) + sin( radians($lat) ) * sin( radians( loc_LAT_centroid ) ) ) ) FROM allStores AS distance WHERE distance <= '$miles' $sqlExtra ORDER BY distance"

You are not executing it twice. You execute it once, depending on the IF condition.

When I look the source code of the page you gave in that link. I see you have not included jQuery library at all. If you wanna use jQuery functions you need to include jQuery library file first. Also what is happening in banner_heder.php, are you returning anything from it (meaning you have to output the banner in there)? Using firebug you can see few JavaScript errors on that page.

So what's up now? What debug you have done? Any errors? Suggestions to what?

That will not be empty. It will contain error data in case there was no uploaded file. Actually you could do it with is_uploaded_file() like WebStyles mentioned much earlier. if (is_uploaded_file($_FILES['image']['tmp_name'])) { // Save to db }

Check this out, there is explained why it does not work like that and what you could possible do about it. http://stackoverflow.com/questions/822707/php-generate-file-for-download-then-redirect

Can't you just check against the $_FILES array values if there is image or not? e.g Check against $_FILES['image']['size'] > 0 or check the $_FILES['image']['error'] if it exists etc. in IF condition. And do not save the data in database if everything is not all right. You can see more info about the upload errors here: http://php.net/manual/en/features.file-upload.errors.php . Pseudo if (image data is good) { // save to db. } else { // dont save and show error or something.. }

yeah $file is only used in function declaration, he passes the $_FILES -array as parameter later to that function. I would start debugging from the if's echo something inside the IF where you run the query and see if the script ever goes inside it. If it doesn't then next you would debug the variables in the condition for what they contain. If they don't contain what you expect them to be, then you debug further why that happens.

I really can't believe it that a web host would have such a shitty service that it would empty people's mysql databases. As mentioned before you are being SQL injected most likely. That does not mean if the tables are not dropped that you don't have SQL injection in your code. If your code makes injection possible people can run _ANY_ SQL code they want e.g "DELETE * FROM table" which will empty the tables but not drop the tables. If it really is a hosting issue then I suggest you change your hosting company, because the current one is total crap.

This is the solution

First of all turn your error reporting on and see if you get some errors. ini_set('display_errors', 'On'); ini_set('display_startup_errors', 'On'); error_reporting(-1);

You can't as already mentioned in the posts above, mysql_insert_id() returns the ID from the last query u ran in your scripts. To get the latest row in some table you should use: SELECT * FROM some_table ORDER BY id DESC LIMIT 1

More like should be $sql = "select * from users where user = '$user'"; You gonna need that semicolon in the end of you will get parse error from PHP.