justAnoob

I tried a few things and couldn't get it to work... I'll just change the way this is done using 2 pages for now. I'll keep this open incase you do have sometime to mess around with it.

int(0) int(0)

no errors,, but the script displays nothing at all ,,, not table.

Here is everything from the script to the end of the page <form id="form2" name="form2" method="post" action="updatetrade.php"> <?php session_start(); include "connection.php"; echo '<form id="form2" name="form2" method="get" action="updatetrade.php">'; $pageno = isset($_GET['pageno'])? intval($_GET['pageno']) : 1; $findit = intval($_SESSION['id']); $result = mysql_query('SELECT m.id, COUNT(*) AS count FROM abcxyz a INNER JOIN members m ON m.id = a.user_id WHERE m.username="' . $findit .'" LIMIT 1') or trigger_error('User not found.', E_USER_ERROR); $member_info = mysql_fetch_row($result); $member_id = intval($member_info[0]); $numrows = intval($member_info[1]); $rows_per_page = 1; $_SESSION['rid_of_delete_button'] = $lastpage = ceil($numrows/$rows_per_page); $_SESSION['last_page'] = $_SERVER['PHP_SELF']; $prevpage = $pageno-1; $nextpage = $pageno+1; if ($pageno > $lastpage) $pageno = $lastpage; else if ($pageno < 1) $pageno = 1; $limit = 'LIMIT '. ($pageno * $rows_per_page) . ',' . $rows_per_page; $sql = <<<QUERY SELECT id, category, imgpath, imgpath2, imgpath3, imgpath4, imgpath5, item_name, description, in_return FROM abcxyz WHERE user_id = $member_id $limit; QUERY; $result = mysql_query($sql) or trigger_error('Select SQL failed - ' . mysql_error(), E_USER_ERROR); if ($lastpage === 0) { echo '<div align="center">You currently have no pics.<br />Post your first pic now!</div>'; exit; } ?> <table width='954' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#000000' bgcolor='#BBD4E1'> <?php // $dropdown[img_id] = img_name $dropdown = array(); // for performance sake, just run another query even though $sql already selects the data we want. // this will be faster than for PHP to do. $dropdown_sql = 'SELECT id, item_name FROM abcxyz WHERE user_id = ' . $member_id; $dropdown_result = mysql_query($dropdown_sql) or trigger_error('Select SQL failed.', E_USER_ERROR); $dropdown_menu = '<select name="pageno">'; while ($row = mysql_fetch_assoc($dropdown_result)) { $dropdown_menu .= '<option value="' . $row['id'] . '">' . $row['item_name'] . '</option>'; } while ($row = mysql_fetch_assoc($result)) { $dropdown[$row['id']] = $row['item_name']; echo '<tr>'; for ($e = 2; $e < 6; $e++) { echo '<td width="188" height="180"><div align="center"><img src="' . $row['imgpath'] . '" width="125" alt="image 1" /></div></td><td width="188"><div align="center">'; echo empty($row['imgpath' . $e])? '<a href="picure2.php"><img src="images/uploadanother.png" border="0"></a>' : '<img src="' . $row['imgpath' . $e] . '" width="125" alt="" /><a href="delete_image' . $e . '.php"><span style="color: red;"> X</span></a>'; echo '</div></td>'; } echo '</tr><tr><td height="43" colspan="4"><strong>Item Name:</strong><input type="text" name="item_name" value="' . $row['item_name'] . '" size="50" /> &nbsp'; echo $pageno == 1? ' Previous Item ' : '<a href="' . $_SERVER['PHP_SELF'] . '"?pageno=' . $prevpage . '"> Previous </a>(' . $pageno . ' of ' . $lastpage . ')'; echo $pageno == $lastpage? ' Next Item ' : '<a href="' . $_SERVER['PHP_SELF'] . '"?pageno=' . $nextpage . '"> Next </a>'; ?> </td> <td><div align="center"><input type="hidden" name="id" value="<?php echo $row['id']; ?>" size="25" /></div></td> </tr> <tr> <td height="116" colspan="4"><strong>Description:</strong> <textarea name="description" cols="75" rows="5"><?php echo $row['description']; ?></textarea></td> <td><div align="center"><input type="submit" name="submit" id="submit" value="Update Item"></div></td> </tr> <tr> <td height="124" colspan="4"><strong>Seeking:</strong> <textarea name="in_return" cols="75" rows="5"><?php echo $row['description']; ?></textarea></td> <td><div align="center">'; <?php if(isset($_SESSION['updatecomplete'])) { unset($_SESSION['updateerror']); echo $_SESSION['updatecomplete']; } if(isset($_SESSION['updateerror'])) { unset($_SESSION['updatecomplete']); echo $_SESSION['updateerror']; } if(isset($_SESSION['picupload'])) { unset($_SESSION['updatecomplete']); unset($_SESSION['updateerror']); echo $_SESSION['picupload']; } ?> </div><td> </tr> <tr> <td colspan="4"><input type="hidden" name="category" value="<?php echo $row['category']; ?>" size="25" /></td> </tr> </table> } </form> <?php $_SESSION['move_id'] = $row['id']; $_SESSION['move_category'] = $row['category']; $_SESSION['path_1'] = $row['imgpath']; $_SESSION['path_2'] = $row['imgpath2']; $_SESSION['path_3'] = $row['imgpath3']; $_SESSION['path_4'] = $row['imgpath4']; $_SESSION['path_5'] = $row['imgpath5']; ?> <form id="form3" name="form3" method="post" action="deletetrade.php"> <div align="center"> <?php $no_trades = $_SESSION['rid_of_delete_button']; if($lastpage != 0) { echo '<input type="submit" name="submit" id="submit" value="Delete Selected Item" />'; } else { echo ""; } ?> </div> <?php if(isset($_SESSION['item_deleted_error'])) { unset($_SESSION['item_deleted']); unset($_SESSION['updateerror']); unset($_SESSION['updatecomplete']); unset($_SESSION['picupload']); echo $_SESSION['item_deleted_error']; } if(isset($_SESSION['item_deleted'])) { unset($_SESSION['item_deleted_error']); unset($_SESSION['item_deleted']); unset($_SESSION['updateerror']); unset($_SESSION['updatecomplete']); unset($_SESSION['picupload']); echo $_SESSION['item_deleted']; } ?> </form> </div> <br /> </td> </tr> </table> <p><br /> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> </body> </html>

I think I will just a temporarily down sign on my search box. LoL.

Also,, after the closing tag for the form,, you have a new php tag and then a closing bracket.. Is that right?

Parse error: syntax error, unexpected $end on line 355 which is the very last line of the page. I'll take a look. Is there something in the script you changed that would cause this?

again,, i can search the word "a" and 3 of the 4 pictures show up,, but when i enter any of the words that are in the name or description, nothing appears,, not even the echo $search var

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource on line 238 the commented line below...... <?php $dropdown_sql = 'SELECT id, item_name FROM abcxyz WHERE user_id = ' . $member_id; $dropdown_result = mysql_query($dropdown_sql) or trigger_error('Select SQL failed.', E_USER_ERROR); $dropdown_menu = '<select name="pageno">'; while ($row = mysql_fetch_assoc($dropdown_result)) { $dropdown_menu .= '<option value="' . $row['id'] . '">' . $row['item_name'] . '</option>'; } while ($row = mysql_fetch_assoc($sql)) ////this one ?>

Fatal error: Select SQL failed - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-1,1'

I don't get this at all. ,,, I made the changes you suggested.. But if I type in the letter "a",, 3 of 4 pictures show up... But if I type in something that is in one of the columns that I'm searching, I get nothing. <?php session_start(); include( "connection.php" ); include( "class.inputfilter_clean.php" ); if(isset($_POST['submit'])) { $search = $_POST['myFilter']; $myFilter = new inputfilter( ); $search = $myFilter->process( $search ); $search = str_replace( "\"", " ", $search ); $search = str_replace( "?", " ", $search ); $search = str_replace( ">", " ", $search ); $sql_search_id = strip_tags( $search ); $sql=("SELECT * FROM abcxyz WHERE item_name like '%".$sql_search_id."%' OR description like '%".sql_search_id."%' "); $result = mysql_query($sql); echo "<table border='0' CELLPADDING=5 STYLE='font-size:16px'>"; while ($row = mysql_fetch_array($result)) { echo "<tr><td align='center'>"; echo '<a href="viewitem.php?sendto='.$row['id'].'"><img src="' . $row['imgpath'] . '" width="125" border="0" alt=""></a>'; echo "</td><td align='center'>"; echo "".substr($row['item_name'],0,50),""; echo "</td><td align='center'>"; echo substr($row['description'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...more</a>'; echo "</td><td align='center'>"; echo substr($row['in_return'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...</a>'; echo "</td><td align='center'>"; echo "</td></tr>"; echo '<tr><td height="19" colspan="4">'; echo '<hr width="550">'; echo "</td></tr>"; } echo "</table>"; } else { echo "No search results."; } ?>

error on this line <?php $result = mysql_query($sql) or trigger_error('Select SQL failed - ' . mysql_error(), E_USER_ERROR); ?>

errors happen right around here, Is that really considered cleaned up.. To me it seems more confusing. $sql = <<<QUERY SELECT id, category, imgpath, imgpath2, imgpath3, imgpath4, imgpath5, item_name, description, in_return FROM abcxyz WHERE user_id = $member_id $limit QUERY; $result = mysql_query($sql) or trigger_error('Select SQL failed.', E_USER_ERROR);

ok,, I am back to having the search work for a couple times and then it after the 2nd or 3rd search it keeps telling me there are no results when I know that it is in the database under the 2 columns that I'm searching. What is going on now? <?php session_start(); include( "connection.php" ); include( "class.inputfilter_clean.php" ); if(isset($_POST['submit'])) { $search = $_POST['myFilter']; $myFilter = new inputfilter( ); $search = $myFilter->process( $search ); $search = str_replace( "\"", " ", $search ); $search = str_replace( "?", " ", $search ); $search = str_replace( ">", " ", $search ); $sql_search_id = strip_tags( $search ); $sql=("SELECT item_name FROM abcxyz WHERE item_name like '%".$sql_search_id."%' OR description like '%".sql_search_id."%' group by item_name "); $result = mysql_query($sql); echo "<table border='0' CELLPADDING=5 STYLE='font-size:16px'>"; while ($row = mysql_fetch_array($result)) { echo "<tr><td align='center'>"; echo '<a href="viewitem.php?sendto='.$row['id'].'"><img src="' . $row['imgpath'] . '" width="125" border="0" alt=""></a>'; echo "</td><td align='center'>"; echo "".substr($row['item_name'],0,50),""; echo "</td><td align='center'>"; echo substr($row['description'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...more</a>'; echo "</td><td align='center'>"; echo substr($row['in_return'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...</a>'; echo "</td><td align='center'>"; echo "</td></tr>"; echo '<tr><td height="19" colspan="4">'; echo '<hr width="550">'; echo "</td></tr>"; } echo "</table>"; } else { echo "No search results."; } ?>

ok,,, if I type something in like "fkldsjsdgtaphdfh",,,,, it will echo out that mumble jumble... but if i type in something like "good", it will not echo that out. It seems like it is choosing what it wants to echo. Something with the filter file is blocking certain things...

I just echoed $search and again,,, the first time i try it,, it echoes out what I type in,, after that,, it says nothing.

It keeps saying that there are no search results.. Actually I typed part of a picture name in and it displayed that picture,, after that I am not able to get any kind of results.

Sorry for the misunderstanding.. my drop down box is inside a form already(which already has an action) And I can't put the drop down box outside the form because that is where all my data is displayed. I'm getting tired... Here is the whole script with a commented spot where I would like to put the drop down box at.. Again, sorry for the confusion. If you any spare time, could you please take anothe look. Oh yeh,, I would still like to keep the pagination in case the user just wants to browse his/her pics. Just want the drop down box there so they can go straight to a picture. Thanks. <?php session_start(); include "connection.php"; if (isset($_GET['pageno'])) { $pageno = $_GET['pageno']; } else { $pageno = 1; } $findit = $_SESSION['id']; $result = mysql_query("SELECT id FROM members WHERE username = '$findit' LIMIT 1"); $e_row = mysql_fetch_assoc($result); $query = mysql_query("SELECT count(*) FROM abcxyz WHERE user_id = " . $e_row['id']) or die(mysql_error()); $query_data = mysql_fetch_row($query); $numrows = $query_data[0]; $rows_per_page = 1; $lastpage = ceil($numrows/$rows_per_page); $pageno = (int)$pageno; $prevpage = $pageno-1; $nextpage = $pageno+1; if ($pageno > $lastpage) { $pageno = $lastpage; } if ($pageno < 1) { $pageno = 1; } $limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page; $sql = mysql_query("SELECT id, category, imgpath, imgpath2, imgpath3, imgpath4, imgpath5, item_name, description, in_return FROM abcxyz WHERE user_id = " . $e_row['id'] . " $limit"); $_SESSION['rid_of_delete_button'] = $lastpage; if($lastpage != 0) { echo "<table width='954' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#000000' bgcolor='#BBD4E1'>"; while ($row = mysql_fetch_array($sql)) { echo "<tr><td width='188' height='180'><div align='center'>"; echo '<img src="' . $row['imgpath'] . '" width="125" alt="" />'; echo "</div></td><td width='188'><div align='center'>"; if(empty($row['imgpath2'])) { echo '<div align="center"><a href="picture2.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath2'])) { echo ""; } else { echo '<img src="' . $row['imgpath2'] . '" width="125" alt="" /><a href="delete_image2.php"><font color="red"> X</a>'; } } echo "</div></td><td width='188'><div align='center'>"; if((empty($row['imgpath3'])) and (!empty($row['imgpath2']))) { echo '<div align="center"><a href="picture3.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath3'])) { echo ""; } else { echo '<img src="' . $row['imgpath3'] . '" width="125" alt="" /><a href="delete_image3.php"><font color="red"> X</a>'; } } echo "</div></td><td width='188'><div align='center'>"; if( (empty($row['imgpath4'])) and (!empty($row['imgpath3'])) and (!empty($row['imgpath2'])) ) { echo '<div align="center"><a href="picture4.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath4'])) { echo ""; } else { echo '<img src="' . $row['imgpath4'] . '" width="125" alt="" /><a href="delete_image4.php"><font color="red"> X</a>'; } } echo "</div></td><td width='190'><div align='center'>"; if( (empty($row['imgpath5'])) and (!empty($row['imgpath4'])) and (!empty($row['imgpath3'])) and (!empty($row['imgpath2'])) ) { echo '<div align="center"><a href="picture5.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath5'])) { echo ""; } else { echo '<img src="' . $row['imgpath5'] . '" width="125" alt="" /><a href="delete_image5.php"><font color="red"> X</a>'; } } echo "</div></td></tr><tr><td height='43' colspan='4'>"; echo '<strong>Item Name:</strong> <input type="text" name="item_name" value="' . $row['item_name'] . '" size="50" /> '; if ($pageno == 1) { echo " Previous Item "; } else { echo "<a href='{$_SERVER['PHP_SELF']}?pageno=$prevpage'> Previous </a>"; } echo "($pageno of $lastpage)"; if ( $pageno == $lastpage ) { echo " Next Item "; } else { echo "<a href='{$_SERVER['PHP_SELF']}?pageno=$nextpage'> Next </a>"; } ///////////////////////////////////////////// Drop down box here ////////////////////////////// echo "</td><td><div align='center'>"; echo '<input type="hidden" name="id" value="' . $row['id'] . '" size="25" />'; echo "</div></td></tr><tr><td height='116' colspan='4'>"; echo '<strong>Description:</strong> <textarea name="description" cols="75" rows="5">' . $row['description'] . '</textarea>'; echo "</td><td><div align='center'>"; echo '<input type="submit" name="submit" id="submit" value="Update Item">'; echo "</div></td></tr><tr><td height='124' colspan='4'>"; echo '<strong>Seeking:</strong> <textarea name="in_return" cols="75" rows="5">' . $row['in_return'] . ' </textarea>'; echo "</td><td><div align='center'>"; if(isset($_SESSION['updatecomplete'])) { unset($_SESSION['updateerror']); echo $_SESSION['updatecomplete']; } if(isset($_SESSION['updateerror'])) { unset($_SESSION['updatecomplete']); echo $_SESSION['updateerror']; } if(isset($_SESSION['picupload'])) { unset($_SESSION['updatecomplete']); unset($_SESSION['updateerror']); echo $_SESSION['picupload']; } echo "</div></td></tr><tr><td colspan='4'>"; echo '<input type="hidden" name="category" value="' . $row['category'] . '" size="25" />'; //echo "</td><td><div align='center'>"; //echo ''; echo "</td></tr>"; $_SESSION['move_id'] = $row['id']; $_SESSION['move_category'] = $row['category']; $_SESSION['path_1'] = $row['imgpath']; $_SESSION['path_2'] = $row['imgpath2']; $_SESSION['path_3'] = $row['imgpath3']; $_SESSION['path_4'] = $row['imgpath4']; $_SESSION['path_5'] = $row['imgpath5']; $_SESSION['last_page'] = $_SERVER['PHP_SELF']; } echo "</table>"; } else { echo '<div align="center">You currently have no pictures.<br />Post your first item now!</div>'; } ?> </form>

Ok,, so I wanted to try this out,, my results are not appearing... Here is what I got. Form <?php <form id="form99" name="form99" method="post" action="search.php"> <div id="search"> <table width="500" height="36" border="0" cellpadding="0" cellspacing="0"> <tr> <td><input type="text" name="myFilter" size=50 id="myFilter"> <input type="submit" name="submit" value=" Search " id="submit"></td> </tr> </table> </div> </form> ?> search.php <?php session_start(); include( "connection.php" ); include( "class.inputfilter_clean.php" ); if(isset($_POST['submit'])) { $myFilter = new inputfilter( ); $search = $myFilter->process( $search ); $search = str_replace( "\"", " ", $search ); $search = str_replace( "?", " ", $search ); $search = str_replace( ">", " ", $search ); $sql_search_id = strip_tags( $search ); $sql=("SELECT id, imgpath, item_name, description, in_return FROM abcxyz WHERE item_name like '%".$sql_search_id."%' OR description like '%". $sql_search_id."%' group by item_name "); $result = mysql_query($sql); echo "<table border='0' CELLPADDING=5 STYLE='font-size:16px'>"; while ($row = mysql_fetch_array($result)) { echo "<tr><td align='center'>"; echo '<a href="viewitem.php?sendto='.$row['id'].'"><img src="' . $row['imgpath'] . '" width="125" border="0" alt=""></a>'; echo "</td><td align='center'>"; echo "".substr($row['item_name'],0,50),""; echo "</td><td align='center'>"; echo substr($row['description'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...more</a>'; echo "</td><td align='center'>"; echo substr($row['in_return'],0,50).'<a href="viewitem.php?sendto='.$row['id'].'" class="view_item"> ...</a>'; echo "</td><td align='center'>"; echo "</td></tr>"; echo '<tr><td height="19" colspan="4">'; echo '<hr width="550">'; echo "</td></tr>"; } echo "</table>"; } else { echo "No search results."; } } ?>

don't mind the extra tags in there,, sorry about that,, they got put in there by accident when i posted this topic. not really in the script.

I do not see that line anywhere.,,,,Anyways after the sql select statement could I use a header statement to then post all the results from the search?

Below I have a page that displays some records from mysql through a pagination setup only allowing 1 row per page. That works great. What I am also trying to do is add a drop down box with a list of records for each user so the user can pick a row out instead of hitting the next button 50 times to get to there 50th picture. I have a drop down box on the page(which i put in a separate code bracket below) The question is how would I go about having it so when the user clicks on one of the rows in the drop down box, it then shows that picture? <?php <form id="form2" name="form2" method="post" action="updatetrade.php"> <?php session_start(); include "connection.php"; if (isset($_GET['pageno'])) { $pageno = $_GET['pageno']; } else { $pageno = 1; } $findit = $_SESSION['id']; $result = mysql_query("SELECT id FROM members WHERE username = '$findit' LIMIT 1"); $e_row = mysql_fetch_assoc($result); $query = mysql_query("SELECT count(*) FROM abcxyz WHERE user_id = " . $e_row['id']) or die(mysql_error()); $query_data = mysql_fetch_row($query); $numrows = $query_data[0]; $rows_per_page = 1; $lastpage = ceil($numrows/$rows_per_page); $pageno = (int)$pageno; $prevpage = $pageno-1; $nextpage = $pageno+1; if ($pageno > $lastpage) { $pageno = $lastpage; } if ($pageno < 1) { $pageno = 1; } $limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page; $sql = mysql_query("SELECT id, category, imgpath, imgpath2, imgpath3, imgpath4, imgpath5, item_name, description, in_return FROM abcxyz WHERE user_id = " . $e_row['id'] . " $limit"); $_SESSION['rid_of_delete_button'] = $lastpage; if($lastpage != 0) { echo "<table width='954' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#000000' bgcolor='#BBD4E1'>"; while ($row = mysql_fetch_array($sql)) { echo "<tr><td width='188' height='180'><div align='center'>"; echo '<img src="' . $row['imgpath'] . '" width="125" alt="" />'; echo "</div></td><td width='188'><div align='center'>"; if(empty($row['imgpath2'])) { echo '<div align="center"><a href="picture2.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath2'])) { echo ""; } else { echo '<img src="' . $row['imgpath2'] . '" width="125" alt="" /><a href="delete_image2.php"><font color="red"> X</a>'; } } echo "</div></td><td width='188'><div align='center'>"; if((empty($row['imgpath3'])) and (!empty($row['imgpath2']))) { echo '<div align="center"><a href="picture3.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath3'])) { echo ""; } else { echo '<img src="' . $row['imgpath3'] . '" width="125" alt="" /><a href="delete_image3.php"><font color="red"> X</a>'; } } echo "</div></td><td width='188'><div align='center'>"; if( (empty($row['imgpath4'])) and (!empty($row['imgpath3'])) and (!empty($row['imgpath2'])) ) { echo '<div align="center"><a href="picture4.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath4'])) { echo ""; } else { echo '<img src="' . $row['imgpath4'] . '" width="125" alt="" /><a href="delete_image4.php"><font color="red"> X</a>'; } } echo "</div></td><td width='190'><div align='center'>"; if( (empty($row['imgpath5'])) and (!empty($row['imgpath4'])) and (!empty($row['imgpath3'])) and (!empty($row['imgpath2'])) ) { echo '<div align="center"><a href="picture5.php"><img src="images/uploadanother.png" border="0"></a></div>'; } else { if(empty($row['imgpath5'])) { echo ""; } else { echo '<img src="' . $row['imgpath5'] . '" width="125" alt="" /><a href="delete_image5.php"><font color="red"> X</a>'; } } echo "</div></td></tr><tr><td height='43' colspan='4'>"; echo '<strong>Item Name:</strong> <input type="text" name="item_name" value="' . $row['item_name'] . '" size="50" /> '; if ($pageno == 1) { echo " Previous Item "; } else { echo "<a href='{$_SERVER['PHP_SELF']}?pageno=$prevpage'> Previous </a>"; } echo "($pageno of $lastpage)"; if ( $pageno == $lastpage ) { echo " Next Item "; } else { echo "<a href='{$_SERVER['PHP_SELF']}?pageno=$nextpage'> Next </a>"; } echo "</td><td><div align='center'>"; echo '<input type="hidden" name="id" value="' . $row['id'] . '" size="25" />'; echo "</div></td></tr><tr><td height='116' colspan='4'>"; echo '<strong>Description:</strong> <textarea name="description" cols="75" rows="5">' . $row['description'] . '</textarea>'; echo "</td><td><div align='center'>"; echo '<input type="submit" name="submit" id="submit" value="Update Item">'; echo "</div></td></tr><tr><td height='124' colspan='4'>"; echo '<strong>Seeking:</strong> <textarea name="in_return" cols="75" rows="5">' . $row['in_return'] . ' </textarea>'; echo "</td><td><div align='center'>"; if(isset($_SESSION['updatecomplete'])) { unset($_SESSION['updateerror']); echo $_SESSION['updatecomplete']; } if(isset($_SESSION['updateerror'])) { unset($_SESSION['updatecomplete']); echo $_SESSION['updateerror']; } if(isset($_SESSION['picupload'])) { unset($_SESSION['updatecomplete']); unset($_SESSION['updateerror']); echo $_SESSION['picupload']; } echo "</div></td></tr><tr><td colspan='4'>"; echo '<input type="hidden" name="category" value="' . $row['category'] . '" size="25" />'; //echo "</td><td><div align='center'>"; //echo ''; echo "</td></tr>"; $_SESSION['move_id'] = $row['id']; $_SESSION['move_category'] = $row['category']; $_SESSION['path_1'] = $row['imgpath']; $_SESSION['path_2'] = $row['imgpath2']; $_SESSION['path_3'] = $row['imgpath3']; $_SESSION['path_4'] = $row['imgpath4']; $_SESSION['path_5'] = $row['imgpath5']; $_SESSION['last_page'] = $_SERVER['PHP_SELF']; } echo "</table>"; } else { echo '<div align="center">You currently have no pics.<br />Post your first pic now!</div>'; } ?> </form> ?> <?php $droppy="SELECT id, item_name FROM abcxyz WHERE user_id = " . $e_row['id'] . ""; $catch = mysql_query($droppy); echo "<select name=student value=''>xxxxx</option>"; while($xxx=mysql_fetch_array($catch)) { echo "<option value=$xxx[id]>$xxx[item_name]</option>"; } echo "</select>"; ?> And yes,, I use a lot of sessions.

Wow,,,, ok. Isn't there a lot of lines in the filter php file that I would have to change to see how it works(with my setup) I don't want to just copy and paste something into my site. Although it looks pretty impressive from a newbie point of view. I was hoping of something a little more basic, just to start off with.

I also heard that it is very easy for a hacker to enter something in the search box to destroy the database... Someone told me that the % was dangerous to enter in the search box also. What do I need to be carefull so I can add a search bar to my site for anyone to use?

I already know about selecting everything from a database... I'll keep looking.