ialsoagree

The coding of this is going to depend on your HTML form variables and the databse you're using and how it is designed. Assuming you use "search_by" as the name of the radio buttons, and their values correspond to age, area, skill_level, and the input box/select box is named "search" and you use these 3 names for the table column, and you're using a MySQL database: // Connect to mysql database and assign connection to $db $search_by = $_POST['search_by']; $search = $_POST['search']; if ($search_by != 'age' && $search_by != 'area' && $search_by != 'skill_level') { die('Invalid search type.'); } if ($search_by == 'age') { $search = (int)$search; // I'm assuming your database age column is an int } else { $search = '\''.mysql_real_escape_string(trim($search)).'\''; } $query = "SELECT * FROM table_name WHERE $search_by = $search"; $query_result = mysql_query($query, $db); if ($query_result === FALSE) { die(mysql_error()); }

Could you show the HTML form that's used to add items to the cart, edit items in the cart, or delete items in the cart?

Alternatively, you could use is_numeric(), which is meant to determine if a variable is an integer, or if it is a string variable with only a number (which can include a sign, decimal, exponential, or can be in hex form without sign, decimal, or exponential).

I noticed you have: $action = $_GET['action']; Where do you ever set the get variable action? <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> It's not in the form action, so when you submit the form you're submitting it with no get action set. Perhaps this is your problem? I'd really like to help you more, but you've provided absolutely NO formatting to your code, which makes it beyond hard to read. I can't tell when I'm inside an if statement, when I'm in a loop, or where I am! If you could add tabbing or spaces so that your code was more legible it would be a LOT easier to help you.

Are you storing basket as 1 long string? For example, if I ordered items 1 3 and 7, and ordered sizes S/M, S/M, and M/L, would "basket" become a string reading "1-1, 3-1,7-2"? If so, might I suggest using an array instead of a string? It would be easier to store items using: $_SESSION['basket'][$item_id] = $item_size So for example, my orders of 1, 3, 7 above would work out like so: echo '1-'.$_SESSION['basket'][1]; // "1-1" echo '3-'.$_SESSION['basket'][3]; // "3-1"; echo '7-'.$_SESSION['basket'][7]; // "7-2"; Is it possible for you to change your program to do something like this? Would you like helping changing it?

Your html form tag: <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> Appears inside your loop: while($wrow = mysql_fetch_array($ww)) { If you can do so without breaking your logic, remove the form tag from the loop (so all the inputs are included in a single form) and all your updates will get submitted instead of just the 1 update inside the 1 form that's submitted. That being said, I really only glossed over the code. While I'm certain this is the problem, the exact fix may be more complicated.

The last part of the "problem" is confusing. "You have a number of hashes "to crack""? Okay, what number? 0? 10,000? I assume 5 because that's what was stated earlier? As for the snippet, why do I need to write a function to echo the alphabet? That seems entirely unrelated to the problem. So, ignoring that, you want to do something like this... Assuming $array_of_passwords is an array of the databases's md5 hashes, with indexes 1-5 (that is, $array_of_passwords[1], $array_of_passwords[2], etc.) foreach ($array_of_passwords as $key => $value) { $i=0; do { $i++; $possible_password = md5('m'.$i); } while ($possible_password != $value && $i < 10000) $decrypted_password[$key] = 'm'.$i; } $decrypted_password will be an array (with indexes 1-5) of the decrypted passwords, where the indexes in $decrypted_password correspond to the encrypted passwords in the indexes 1-5 of $array_of_passwords. My solution doesn't deal with the possibility that the password is not of the form 'm' + a number between 1 and 10000, but from the problem description this is not a possibility.

In the edit file, you're not telling the SQL to search for the post you selected to edit: $strSQL = "SELECT * FROM text"; Should be: $strSQL = "SELECT * FROM text WHERE id=$_GET[newsID]"; But that's also incorrect, because you should validate $_GET['newsID'] before you run it in an SQL, otherwise you leave yourself vulnerable to SQL injection or other abuse. One method would be to static cast the ID as an integer, validate that it's a valid ID (possibly greater than 0?), and then use it in the SQL.

What are the permissions on redir.php on the file server?

Well, for starters: mysql_query("INSERT INTO lab2('name', 'regnum') VALUES(NULL, '$name', '$regnum')") or die(mysql_error()); echo "User Added To Database"; You're telling the insert that you're going to add values to 2 columns, 'name' and 'regnum'. You then insert 3 values: "...VALUES(NULL, '$name', '$regnum')..." If name is your primary key, or has an index, you're inserting a null value and that won't work. Regardless, you can't insert 3 values if you've only specified 2 columns to insert into.

Variables are in RAM memory while a script is running on your local server. They will become unaccessible as soon as your script stops running (IE. the http request was fulfilled) and they are never accessible by remote servers. If the issue is passing information on to another vendor, how does their API work exactly? You could provide the information to them via XML, that's what XML is intended for. Alternatively, if XML is not an option due to their API, you might consider building a POST request to send to them.

The iTunes API provides the sample under the return key "previewUrl" in which the key references a URL to a preview of the song. It will only return this key for "track" type results and they can only be played using Quicktime or iTunes (or their plugins).

I'm not all that familiar with GD, but this might help you: http://stackoverflow.com/questions/22259/how-do-i-resize-and-convert-an-uploaded-image-to-a-png-using-gd Note they're converting to a png, but you should be able to accomplish the same thing by using imagejpeg instead of imagepng under "output to a temp file".

Thanks for the clarification, I usually wind up making the index's named for the ID and allow them to be set to checked if they were check to avoid the issue entirely since I can never remember.

Actually, I may have made an error. I particularly hate trying to use the value attribute with checkboxes specifically because it can lead to this error. I typically try to avoid this type of logic because I can never remember if an unchecked checkbox whose name is a PHP array with an incrementing index will make a new array entry and set it to the boolean false. In fact, I think this is what it will do, and a heads up to your logic when processing the response: you'll have to make sure the ID you're getting back isn't equal to (==) the empty string ( '' ) because unchecked checkboxes will probably make a new array index that is set to the empty string.

It might have to do with the fact that you're telling PHP to echo the image within a new table row: echo "<tr>... Without ever having actually declared a table in HTML with <table>.

There's two possible ways to handle this. One involves javascript (and possibly AJAX, depending on how exactly you want to tackle the problem), the other is simpler if you don't know javascript but requires two pages. For the latter, write a web page that looks how you want it to look if the hyperlink isn't clicked, then write a web page that looks how you want it to look if the hyperlink is clicked. Then have the hyperlink from the 1st page link to the 2nd page. For javascript solutions, you should really inquire in the javascript section of the forums. Suffice it to say, one way to solve the problem with javascript and without AJAX is to replace the text of the table (or whatever the text your trying to replace is contianed in) with the results of the query, preformatted via PHP and included in the javascript sent to the browser after the PHP script runs. Using AJAX, you do essentially the same thing, but instead of running the query when the page first loads and loading the results into javascript, you have the javascript call a PHP page that does the query upon request, formats the data, and then have javascript update the current page with the data from the AJAX request.

Give all the checkboxes an array name such as: <input type="checkbox" name="checkBoxArray[]" ... Then give each individual checkbox a unique value corresponding to the row ID: <input type="checkbox" name="checkBoxArray[]" value="<?php echo $rowIDarray[1]; ?>" /> <input type="checkbox" name="checkBoxArray[]" value="<?php echo $rowIDarray[2]; ?>" /> Where $rowIDarray would be an array of all the unique row ID's the user can select. Then, to process the response, you simply need to loop through checkBoxArray, each of it's corresponding values with be the ID of a row which was checked. If it's empty, no items were checked.

I'm feeling exceptionally nice today. Your problem is exactly where I said it was: $text = mysql_real_escape_string($_POST[text]); // text is an undefined constant, therefor $text has not been given a value $text = htmlentities($_POST[text]); // text is still an undefined constant, therefor $text has STILL NOT BEEN GIVEN A VALUE $text = trim($_POST[text]); // Well! What do you know! text is an undefined constant, therefor $text has STILL NOT BEEN GIVEN A VALUE, noticing a pattern yet? Because it's not defined properly, your SQL syntax looks like this: $insert = "INSERT INTO comment (comment_name,comment_datetime,comment_text,news_id,comment_ip) VALUES ('".$_SESSION['u_nick']."',NOW(),'','".$id."','".$ip."')"; It looks like this because $text contains no string: echo '" '.$text.' "'; // this would echo: " " because you didn't put any text into the variable $text echo strlen($text); // this would echo: 0 because $text has no string in it, it's just an empty variable Also, you're not formatting the string properly, you keep overriding the previous formats when you try to reassign $text. You might try this if you actually want to get it to work. MY SOLUTION: $text = mysql_real_escape_string(htmlentities(trim($_POST['text']))); If it's not blatantly obvious, look at the color of the word "text" in the $_POST index when I copied your code, and look at it when I modified your code, see the difference? One is a constant (yours, and I imagine you haven't defined it) and one is a string (mine). You're looking for the index that has the string "text" so mine will probably work, while yours is obviously not working. I don't mean to be mean but here's the thing, you came here looking for help from people who volunteer their time through their own good will. If you're going to turn around and complain about the answers they give you while not even trying them to see if they work, why should we be bothered to waste our time helping you? I gave you your answer yesterday, perhaps if you had been grateful enough to try it your program would be working now. I highly suggest you at least try my solution now, I guarantee you it can't be any worse than what your program is currently doing.

It might be easier to troubleshoot if we could see where the array is being given values.

Try using trim first? echo var_dump(trim($precip_array[0]));

If you're formatting the input data, it's always a good idea to run your validation on the formatted data. For username and password, I might do something like this: function set_character_limits($type, &$min, &$max) { switch ($type) { case 'name': $min = 3; $max = 25; break; case 'password': $min = 6; $max = 32; break; default: $min = 0; $max = 0; break; } } $error_array = array(); $name = strip_tags($_POST['name']); $password = strip_tags($_POST['password']); foreach ($_POST as $key => $value) { $min = 0; $max = 0; set_character_limits($key, $min, $max); switch ($key) { case 'name': case 'password': if (strlen($value) < $min || strlen($value) > $max) { $error_array[$key] = TRUE; } break; } } if (!empty($error_array)) { /* Write the HTML for the form here, using my tip above to include error messages next to the erroring element */ } else { /* Do stuff as though there was no error here */ } The logic here is pretty straight forward if you know the syntax of a switch. http://php.net/manual/en/control-structures.switch.php

The if would look like: if (strlen($_POST['name']) < 3 || strlen($_POST['name']) > 25) { $error_array['name'] = TRUE; } As for the other fields, yes you would have to do the same. I tend to use a custom function to gather the string lengths, a foreach loop, and a switch. If you're interested, I can post it in a bit (getting food right now).

Try setting your errors using: /* Some if statement to check for errors in the 'name' field */ { $error_array['name'] = TRUE; } Then when you go to write you form: <label for='name'>Name:</label><?php (($error_array['name']) ? ' <span style="color:red;">The name you entered is invalid</span>' : ''); ?>

It is related to your problem. Given your general rudeness, I will not be responding further. You're welcome.