jcbones

What is your full table structure? I'll attempt to get something working for you without it, but this query may not work. SELECT a.*,b.* FROM orderdetails AS a JOIN orders AS b ON a.DetailOrderID = b.OrderID MySQL table JOIN syntax

Have you tried? <?php echo '<a href="http://localhost/swb/fleet.php?recordID='.$row_Fleet['FleetName'].'" onclick="play_multi_sound(\'multiaudio1\');"> <IMG SRC="',$pic1,'" WIDTH="12" HEIGHT="10" BORDER="0" ALT="" CLASS="fmoncalamari"></a>'; ?>

Using AbraCadaver's suggestion, then dis-able the edit option, until either the timeout expires, or the user has finished the edit.

Sanitation is making sure that no illegal characters are submitted. This includes things that could hi-jack your database, inject code into your database, insert cross site scripts into your pages, or upload files to your server. Validation is making sure that you are getting the desired results. Numbers should be numbers, letters should be letters, emails should follow the email format, dates should follow the date format, etc.

Not a n00b mistake at all, it catches all of us from time to time. Sometimes staring at the monitor for to long, just gets to ya. 1.) Yes, the function is fine, but I would add mysql_real_escape_string() to the variable, if I was inserting to a mysql database. 2.) Yes, perfectly secure. Although it is less coding to run it straight through.

^correct, way to many hours looking at pixels.

Did you save the username and password in your browser password manager?

Are you looking at your browser window, or at the page source file for the 'It did not strip the markup characters'. You do know that the browser will display the markup char, by their given entities?

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Prac 3 Task 3</title> </head> <body> <?php $conn = mysql_connect("localhost", "twastudent", "prac3"); mysql_select_db("warehouse", $conn) or die ('Database not found ' . mysql_error() ); $sql = "select * from orders"; //you need to add a where clause that contains the customer ID that is pulled via the $_GET array. $rs = mysql_query($sql, $conn) or die ('Problem with query' . mysql_error()); ?> <?php $custid = $_GET["custID"]; ?> //should be moved higher so that you can extract the right rows. <?php $row= mysql_fetch_array($rs); //should be wrapped in a while loop to get all of the records. if ($custid == $row) //has no bearings on this application, and is bad form as there is no curly brace behind it. ?> <table border="1" summary="Customer Details"> <tr> <th>cID</th> <th>Order number</th> <th>Order Date</th> <th>Shipped</th> </tr> <?php { //curly brace for the if statement, which should immediately follow it.?> <tr> <td><?php echo $row["customerID"] ?></td> <td><?php echo $row["orderNumber"] ?></td> <td><?php echo $row["orderDate"]?></td> <td><?php echo $row["shipped"]?></td> </tr> <?php } //close the if statement. mysql_close($conn); ?> </table></body></html>

How is it NOT working? How are you determining that it is NOT working? Not working can mean many things! I bet if you would look at "page source" you would find that your string is indeed, translated to html chars.

$TotalTime = floor((time() - $Submission_ts)/(60*60*24)) . ' days';

Ah, I missed that when I looked at array_splice. I would have worked up a very long winded, and complicated approach.

Is your first query executing?

There isn't a function to do that, but there are ways to do it. We would need to know the context of what is needed before even beginning. Like, what is in the array, how the arrangement is to be assigned, what is the expected output.

Cannot help you, as there are many reasons that you would get a blank page. I KNOW that you have all error reporting set on HIGH!!!

In laymens terms, it is a short way to write an if/else statement. $var = (condition) ? true : false; So it means "if staff_id is in the post array, the assign it to $current_staff_id, else define $current_staff_id as NULL". Ternary Operator

That is how it should work, as the while statement will never run, being that it will return false on row 0. You MUST put the mysql_num_rows() function BEFORE the while statement.

//notice the following line: echo "<a href='http://maps.google.com/maps/api/staticmap?zoom=15&size=400x400&markers=color:blue|label:EXAMPLE|.str_replace(' ','+',$row['postcode'])&sensor=false'>"; //<-the brackets around $row['postcode'] doesn't look right. //Now, notice this line: echo "<a href='http://maps.google.com/maps/api/staticmap?zoom=15&size=400x400&markers=color:blue|label:EXAMPLE|.str_replace(' ','+',{$row['postcode']})&sensor=false'>"; //<-brackets look right now. This is because of how php handles array values in double quoted strings. //you can either break out of the string, or you can enclose them in curly braces, or you can just not put the key inside of single quotes. Any of the 3 will work.

He means like this: <?php $staff_display_query = "SELECT staff_info.id, staff_info.fname, staff_info.lname FROM staff_info, staff_projects WHERE staff_info.id = staff_projects.staff_id AND staff_projects.proj_id = '$c_project_id'"; $staff_display_sql = mysql_query($staff_display_query) or die (mysql_error()); while ($row = mysql_fetch_array($staff_display_sql)) { $current_staff_id = $row['id']; $staff_fname = $row['fname']; $staff_lname = $row['lname']; $list_staff .= ' ' . $current_staff_id . '<br /> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox(' . $current_staff_id . ');">' . $staff_fname . ' ' . $staff_lname . '</a> <div class="hiddenDiv" id="' . $current_staff_id . '" style="border:#FFF 2px solid; width:553px;"> <form action="" method="post"> <input type="hidden" name="staff_id" value="' . $current_staff_id . '" /> <!--TASK 1--> <div id="task_1_permissions" class="task_permissions"> <input name="permissions_1" type="radio" value="1"/> <input name="permissions_1" type="radio" value="2" /> <input name="permissions_1" type="radio" value="3" /> <input name="permissions_1" type="radio" value="0" /> </div> <!--TASK 2--> <div id="task_2_permissions" class="task_permissions"> <input name="permissions_2" type="radio" value="1"/> <input name="permissions_2" type="radio" value="2" /> <input name="permissions_2" type="radio" value="3" /> <input name="permissions_2" type="radio" value="0" /> </div> <!--TASK 3--> <div id="task_3_permissions" class="task_permissions"> <input name="permissions_3" type="radio" value="1"/> <input name="permissions_3" type="radio" value="2" /> <input name="permissions_3" type="radio" value="3" /> <input name="permissions_3" type="radio" value="0" /> </div> <!--TASK 4--> <div id="task_4_permissions" class="task_permissions"> <input name="permissions_4" type="radio" value="1"/> <input name="permissions_4" type="radio" value="2" /> <input name="permissions_4" type="radio" value="3" /> <input name="permissions_4" type="radio" value="0" /> </div> <input name="submit_user_permissions" type="submit" value="Submit Permissions" /> </form> </div> </div> <br /><br /> '; } if (isset($_POST['submit_user_permissions'])) { $permissions_1 = $_POST['permissions_1']; $permissions_2 = $_POST['permissions_2']; $permissions_3 = $_POST['permissions_3']; $permissions_4 = $_POST['permissions_4']; $current_staff_id = (isset($_POST['staff_id'])) ? $_POST['staff_id'] : NULL; $query = "UPDATE staff_projects SET task_1='$permissions_1', task_2='$permissions_2', task_3='$permissions_3', task_4='$permissions_4' WHERE proj_id='$c_project_id' AND staff_id='$current_staff_id'"; $sql = mysql_query($query) or die (mysql_error()); echo 'Permissions set successfully.<br />'; }

Hope you are not using the free hosting:

Did you try: markerGroups[<?php echo $item->tid; ?>].push(marker);

So, do you have a database set up? What is the error you are getting?

Your best bet is to contact your host. They will have access to the SMTP error logs, and could help you much faster than we could.

Yes, just remove the javascript that dis-ables the form, it allows you to submit image after image.

I have used, and have suggested wizecho before. It is easy to customize, and has cool features.