garfee

Hi gristoi. On submit, it takes me to the feedback_form.php. So it is thinking I am trying to access the script directly. Can you think of anything obvious I am missing ? Racking my brains but cannot think why it would be doing this. ***************Update********************* Having removed the if statement that redirects to feedback_form.php, on submit it redirects to the error_message.php page. So it is assuming the fields are empty. Not sure if it is relevant but I am using XXAMP testing server.

Thanks for your help guys. I was wondering if I posted the code I have, if you could possibly let me know if I am on the right lines ? The Javascript that calculates the totals is below: <tr> <td colspan="6" style="text-align: right;">Product Subtotal: <input type="text" class="total-box" value="£0" id="product-subtotal" disabled="disabled"></td> </tr> </table> <div id="totals"> <!-- <div class="clear"></div>--> <!-- <div style="text-align: right;">--> <span>ORDER TOTAL: </span> <input type="text" class="total-box" value="£0" id="order-total" disabled="disabled"></div> <br /> <form class="mailOrder" action="mail_order.php" method="post" accept-charset="utf-8" id="mail-order-form"> <input type="hidden" name="name" value="Multi Product Order" /> <input type="hidden" id="fc-price" name="price" value="0" /> <input type="submit" value="Submit Order" class="submit" /> </form> </div> <div id="shiptable"> <table id="shipping-table"> <tr> <!-- <th>Total Qty.</th>--> <th>Shipping Rate</th> <th style="text-align: right;">Shipping Total</th> </tr> <tr> <!-- <td id="total-pallets"><input id="total-pallets-input" value="0" type="text" disabled="disabled"></td>--> <td id="shipping-rate">0.00</td> <td style="text-align: right;"><input type="text" class="total-box" value="£0" id="shipping-subtotal" disabled="disabled"></td> </tr> </table></div> And of course the php: <?php // This function checks for email injection. Specifically, it checks for carriage returns - typically used by spammers to inject a CC list. function isInjected($str) { $injections = array('(\n+)', '(\r+)', '(\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)' ); $inject = join('|', $injections); $inject = "/$inject/i"; if(preg_match($inject,$str)) { return true; } else { return false; } } // Load form field data into variables. $order_total = $_REQUEST['order-total'] ; $product_subtotal = $_REQUEST['product-subtotal'] ; // If the user tries to access this script directly, redirect them to feedback form, if (!isset($_REQUEST['order-total'])) { header( "Location: feedback_form.php" ); } // If the form fields are empty, redirect to the error page. elseif (empty($order_total) || empty($product_subtotal)) { header( "Location: error_message.php" ); } // If email injection is detected, redirect to the error page. elseif ( isInjected($email_address) ) { header( "Location: error_message.html" ); } // If we passed all previous tests, send the email! else { mail( "name@example.com", "Feedback Form Results", $order_total, "From: $email_address" ); header( "Location: thank_you.php" ); } ?> Any further pointers on this would be greatly appreciated. I am still learning as I go. Thanks in advance.

Hi there. Just a question I have at the moment, but will post my code if needed. I currently have an order form that I have been developing in php. However, it also uses javascript to calculate totals in real time, without the need to refresh the page. These totals are then passed to a html form and displayed. My goal is to pass these totals into a php mail function so they can be emailed once the html form submit button has been clicked. So my question is......... Is it possible to pass javascript variables to php ?? Code will follow if requested. Thanks in advance.

Guys I cannot thank you enough for the advice. Problem fixed. Both solutions worked. Thanks for your advice also ginerjm. Sincere regards.

Hi there. I am trying to hide duplicate rows that are generated in my while loop. My php is this: <?php // Start looping rows in mysql database. $prev_category_name = false; while($rows=mysql_fetch_array($result)) { $category_name = ($rows['category_id']); $items = ($rows['items']); $price = ($rows['price']); if ($category_name == $prev_category_name) { $category_name = ''; } ?> <table> <th><?php echo "$category_name"?></th> <tr> <td><?php echo "$items"?></td> <td><?php echo "$price"?></td> </tr> </table> <?php $prev_category_name = $category_name; } ?> However. It only hides the duplicate if I have 2 or more items listed. For example, it would ouput this: SHOES Brown £25.00 Red £25.00 SHOES Yellow £25.00 When what I need it to output is this: SHOES Brown £25.00 Red £25.00 Yellow £25.00 I am guessing it is doing this because the php is only testing the previous row for a duplicate, but I am not sure how to test all rows for a duplicate. Or even if this is the right thing to be doing. Could anyone offer some advice and point me in the right direction. Many thanks in advance. ps. I am aware that DISTINCT in my SQL statement may solve the issue, but I want to be able to solve it using php.

Thanks Premiso and Ricmetal. Problem solved. Sometimes I surprise myself with my own stupidty !!! Cheers guys.

'Should fix you up.' Thanks for your reply Premiso. I changed the code but when I do it does not build the string including the variables. ie. I only get the hyphen and when hovered over it does not add the id number to the link. So basically my link looks like this - Here is the entire code: <? /* Include Files *********************/ session_start(); include("database.php"); include("login.php"); /*************************************/ ?> <?php $host="localhost"; $username="username"; $password="password"; $db_name="db"; $tbl_name="tbl"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM $tbl_name ORDER BY author DESC"; $result=mysql_query($sql); while($rows=mysql_fetch_array($result)){ ?> <? } mysql_close(); ?> <? if($logged_in){ echo '<a href="tex.php?id=' . $rows['id'] . '">' . $rows['title'] . ' - <i>'.$rows['author'].'</i></a>'; }else{ echo '<p class="logintext"><a href="main.php">Login / Register</a></p>'; } ?>

I have a php string that I want to display if a user has logged in to my website. I cannot get it to work however. I think it is because I have php embedded within php tags. The code is below. Does anyone know how I could re arrange this to get it to work? Many thanks. <? if($logged_in){ echo '<a href="tex.php?id=<?PHP echo $rows['id'] ?>"><?PHP echo $rows['title']." - <i>".$rows['author']."</i>" ?></a>'; }else{ echo '<p class="logintext"><a href="main.php">Login / Register</a></p>'; ?>

Hi there. I am about as new to PHP and SQL and you can get so please go easy on me. If my question looks stupid it is because I have very little experience and am just starting out. Basically, I am building a website that has written articles stored in a database. I really need to echo a list of the article title's on one page and use them as hyper links. When these links are clicked, I need the next page to show the title, article and author. This is info held on the database. However, I only want to drag the raw data from the database tables and print it each time on a single static html page that has some design to it. So basically I want the site information to come from the sql database but only be printed on one page each time. A friend of mine gave me some code which uses a Gid but I cannot seem to get it to work. The article title is displayed as a hyperlink but when I click on it nothing happens. Can somebody help me or point me in the right direction please. Any help will be greatly appreciated. The code that I am using is below. The php page is called selected.php <?PHP $con = mysql_pconnect ("localhost", "username", "password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db ("db_name", $con); if (!$Gid) { $result = mysql_query ("SELECT * FROM table_mysql"); $nRows = mysql_num_rows($result); ?> <h1>Selected Article</h1> <?PHP for ($i=0; $i< $nRows; $i++){ $row = mysql_fetch_array($result); ?> <a href="selected.php?Gid=<?PHP echo $row['id'] ?>"><?PHP echo $row['title']." - <i>".$row['author']."</i>" ?></a><br /> <?PHP } } else { $result = mysql_query ("SELECT * FROM table_mysql WHERE id = ".$Gid.""); $nRows = mysql_num_rows($result); for ($i=0; $i< $nRows; $i++){ $row = mysql_fetch_array($result); $entry = str_replace(chr(10), '<br />', $row['entry']); ?> <h1><?PHP echo $row['title'] ?></h1> <p><?PHP echo $entry ?></p> <p>©<?PHP echo $row['author'] ?></p> <?PHP } } mysql_close($con); ?>