bluesoul

$info_location = "inf-bin/bil/$current.dat"; if(!file_exists($info_location)) { /* display fallback image */ } else { /* do the other stuff */ }

echo $m[0];

$_GET is typically used for variables in a query string at the end of a page. index.php?do=foo would assign $_GET['do'] = "foo";

I'm not braining very well today (I blame the weather), I meant consecutive queries. If you don't append or die(mssql_get_last_message()) you could probably miss that message. I read an article when I was first getting acclimated to MSSQL and it presented some really bizarre scenario that could make it not work. I don't have the link anymore but I don't think it's anything to fret over either, lol.

Yeah, it sounds weird but in practice it works the same when used with die() or exit(). Only if you're doing concurrent queries will you introduce the possibility of it not displaying correctly and if that's going on you should probably rethink your code.

your use of or die() doesn't make sense in this context. It'll still return a result, only with 0 rows, if the query is built correctly. But your query needs to look like this: $query = "SELECT * FROM table WHERE username = '$username' and password = '$password'"; $result = mysql_query($query,$dbh) or die(mysql_error());

mssql_get_last_message() is no less reliable than mysql_error(). I've never had a problem with it.

You wouldn't have to modify any code, it's simply a matter of convenience to have the username stored as a variable. It's not overwriting your 'priv' element.

Although you may be right, if javascript is turned off, anyone can submit anything to that page without having it validated. More than likely, but I've had scant luck getting PHP to pop-up validation errors on-the-fly. Either way, the OP needs to at least take a stab at making it work.

Something tells me it has to do with your use of ch$count, PHP isn't gonna know what that is. Perhaps ch.$count will work but I think you'll need to rethink your logic there. Also you can use $PositiveFirstCriteria++ instead of += 1. Same thing for $count.

JavaScript is much more useful than PHP in this as you won't have to submit the page and then fool with variables and stuff. See this for form validation.

<?php include("config.inc.php"); $result = mysql_query("SELECT * FROM gallery_photos"); $i = 0; While($row = mysql_fetch_array($result)){ if($i == 3) { echo "<br />"; $i = 0; } //change 3 to however many you want per row echo "<a href='photos/" . $row['photo_filename'] . "'><img src='photos/tb_" . $row['photo_filename'] . "' border='1' /></a>"; $i++; } ?>

Take a look at date() and you should find the exact method of displaying that you want.

$query = "SELECT Question, Answer, Number FROM table ORDER BY Number";

I tried it and got Well there's the problem obviously.

See my signature and let me know what happens.

It sounds like you're going to need to select all the rates along with the country codes and use JavaScript to populate the text field with the correct data. JavaScript ain't my thing so maybe someone else on here can get you going but it doesn't sound terribly difficult.

ORDER BY should be the last statement in your query, after any WHEREs.

<?php include("config.inc.php"); $result = mysql_query("SELECT * FROM gallery_photos"); While($row = mysql_fetch_array($result)){ echo "<a href='photos/" . $row['photo_filename'] . "'><img src='photos/tb_" . $row['photo_filename'] . "' border='0' /></a><br />"; } ?>

How would you do that? What is a configuration file? You're creating a physical PHP file that has the salt as a string. You can then include() the file as necessary and make use of the salt that way. So I could create a file called salt.php and salt.php could be something as simple as $salt = "some value"; ? Absolutely. Just make sure it's a PHP file and not plain text, so it gets processed instead of displayed to the web. (ie, salt.php and not salt.html)

How would you do that? What is a configuration file? You're creating a physical PHP file that has the salt as a string. You can then include() the file as necessary and make use of the salt that way.

With regards to quotes, you should add this line immediately after your else statement: $keyword = mysql_real_escape_string($keyword);

Oddly enough vBulletin stores the unique salt for each user as well, but in it's own field as opposed to prepended to the password. From a security standpoint I can't see how that's any safer than no salt at all.

Right. A good tip with mysql_error() is to look immediately before the error string it provides, which would be your comma. Commas work in UPDATE statements across multiple fields but to qualify a search result you need to use WHERE artist='$cd_artist' AND title='$cd_title' AND...etc.

Replace your query with this and rerun it and see where the error is. $result = mysql_query("SELECT * FROM tProducts WHERE artist='$cd_artist', title='$cd_title', genre='$cd_genre', year='$cd_year', type='$cd_type'") or die(mysql_error()); But, to the point, you need to replace your commas with the AND statement.