jcbones

Try something like this: NOTICE, you will have to provide a way for the script to know who the user is. <?php require_once('connect.php'); //require a database connection, to include the selection of the database. $user = 1; //There must be a way to determine who's profile you are looking at. This will be the user. if(isset($user)) { //if we have a user. $user = mysql_real_escape_string($user); //escape them for mysql interaction. if(isset($_GET['points']) && ($_GET['points'] == 'increase' || $_GET['points'] == 'decrease')) { //if the url has 'points' set, and the = one of two things. if($_GET['points'] == 'increase') { //increase the count. $update = 'count + 1'; } elseif($_GET['points'] == 'decrease') { //decrease the count. $update = 'count - 1'; } $sql = "UPDATE counter SET count = $update WHERE user_id = '$user'"; //finalize query. mysql_query($sql); //execute query. } $increasePoints = '<a href="?points=increase">Increase</a>'; //increase points link set to variable. $decreasePoints = '<a href="?points=decrease">Decrease</a>'; //decrease points link set to variable. //Call the data from the db. $sql = "SELECT count FROM counter WHERE user_id = '$user'"; $re = mysql_query($sql); $r = mysql_fetch_row($re); $count = $r[0]; //echo the count and the variables. You can do this on the current page, or any page this code is included in. echo 'User has ' . $count . ' points!<br />Do you want to ' . $increasePoints . ' or ' . $decreasePoints . '?<br />'; ?>

Being that we know nothing about the class $ossl, or what the function do_csr() does, or what the variable $csr holds, we couldn't possibly tell you what is wrong. You do need to change 1 line though. //This line: echo "<p>CSR: <TEXTAREA Name=\"comments\" rows=\"30\" cols=\"90\" value=\"<?php echo $ossl->csr; ?>\"></TEXTAREA></p>"; //should be: echo "<p>CSR: <textarea name=\"comments\" rows=\"30\" cols=\"90\">{$ossl->csr}</textarea></p>";

Explained. <?php require_once('connect.php'); //require a database connection, to include the selection of the database. $result = mysql_query("SELECT count FROM counter WHERE user_id=".$_REQUEST['user_id']); //get the count column from the table for the requested user_id. if($result)//if there was a result returned. { $row = mysql_fetch_array($result); //get that result. $count = $row['count'];//from the count column. if($_REQUEST['mode'] == 'increase') $count += 1;//if a parameter of 'mode' is set to 'increase'. (POSSIBLY a $_GET paramenter (url), but will accept a POST as well.) increment the count. else $count -= 1; //if this mode is not set, or isn't set to increase, subtract from the count. mysql_query("UPDATE counter SET count = ".$count." WHERE user_id = ".$_REQUEST['user_id']);//save the data back to the database. } header('Location: some_page.php');//redirect to some page, you need to decide on. ?> Although, it can be much better. I'm also going to say, this isn't what you are looking for. What it does. 1. you pass it a user id. 2. it looks up that id, and gets the count. 3. it either increments the count, or de-increments the count, one of the two. 4. it saves that data to the database. 5. it re-directs to another page.

Look at this section: var ad_cnt1 = <?php echo $total_count; ?>; var ad1 = rand(ad_cnt1); var dyk1; var link1; var desc1; if(ad1 == "<?php echo $list_f['id']; ?>"); dyk1="<?php echo $list_f['dyk']; ?>"; You could also do it this way. $list_q = mysql_query("SELECT * FROM dyk") or die (mysql_error()); while($list_f = mysql_fetch_assoc($list_q)) { $storeArray[] = $list_f['dyk']; } $random_number = rand(0,(count($storeArray) - 1)); echo $storeArray[$random_number];

You could do. "SELECT likes FROM oodles WHERE likes LIKE '%$username%'"; But as has been said, you may want to look at re-designing the base.

Are you sure the $_GET variable is set, you should be checking for that. Try putting: echo $pirepid; at the top of the form page, right below the assignment of that variable.

Doesn't make any sense to me either, since PHP ignores whitespace.

To answer your question. In order to use quotes in forms you must escape the string. You should do this no matter what. Your script currently deploys ZERO string sanitation. You should check for expected input, and also strip out any javascript, or other possible malicious code. At the very least you should be running your $_POST variables through mysql_real_escape_string().

If that is all the code you have, then you should not get anything but parse errors. You have 3 un-closed brackets, one above the SQL statement, and two right below it.

Should be able to do it like: move_uploaded_file($tmp_name,'../content/photos/trips/'.$new_name);

Add echo $sql; To the script, and run the output through mysql, or phpadmin. Whatever you have, and see if it returns a row.

I would suggest This Article on the subject.

$b=0; $c=0; $d=0; $e=0; while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $d += 200; $e += 3000;?> <script>$(document).ready(function(){ setTimeout(function () {$(".p<?php print $b++?>").fadeIn("slow");}, <?php print $d ?>; setTimeout(function () {$(".p<?php print $c++?>").fadeOut("fast");}, <?php print $e ?>); });</script>

I just tested on my test server. Using a double form with no closing tag, will send the data to the first form action. In this case "Insert.php". Good eye Pik. Edit: I'm betting you see the admin.php because you have a redirect in "insert.php".

$i = $i + 3000;

Also change: $result = mysql_query($sql); To: echo 'Query: ' . $sql; $result = mysql_query($sql); Paste the print out.

Comment out this line: if(isset($_POST['delete'])) header('Location: admin.php'); // redirect Like: // if(isset($_POST['delete'])) header('Location: admin.php'); // redirect

Something like this: $wdnumber = $_POST['where']; $column = 'name' . $wdnumber; $item = $_POST['item']; $sql = "UPDATE `table` SET `$column`='$item' WHERE `username`='$user'";

This: for($i=0;$i<count($_POST['checkbox']);$i++){ if($i != 0) $sql.= "AND "; $sql .= " ID='" . $_POST['checkbox'][$i] . "'"; } Should be: for($i=0;$i<count($_POST['checkbox']);$i++){ if($i != 0) $sql.= "OR "; $sql .= " ID='" . $_POST['checkbox'][$i] . "'"; } I don't think many rows would have an id of 1 and 2 and 3 and 4 and 5.

See if this fully commented script is what you are trying to do. I tried to comment it up, so you can see what it is doing. Compare it to your current script, to see what you can change. UN-TESTED. <?php include("header.php"); ?> <body id="body"> <div id="container1"> <?php $search = $_POST['search']; $search = (isset($_GET['q'])) ? $_GET['q'] : $search; $trimmed = stripslashes(trim($search)); $limit = 10; if ($trimmed == "") { echo"<p>Please enter a search... </p>"; exit; } if (!isset($trimmed)) { echo "<p>We don't seem to have a search parameter! Please enter one!! </p>"; exit; } $safe_search = mysql_real_escape_string($trimmed); //changed it from $search to $trimmed! echo"<h4> Search results </h4>"; //-->Paganate info <-- $numberPerpage = 10; //Number you want to show per page. $sql = "SELECT COUNT(*) FROM products WHERE ProdName LIKE '$safe_search'"; //tell Mysql what you want counted. $result = mysql_query($sql); //execute query. $row = mysql_fetch_row($result); //get the result, only 1 row, no need for a loop. $numberOfrows = $row[0]; //set result to a variable. $pages = ceil($numberOfrows / $numberPerpage); //calculate number of pages. $pageNo = (isset($_GET['page'])) ? (int)$_GET['page'] : 1; //get the current page number, if it isn't set, set it to 1; $limit = 'LIMIT ' . ($pageNo - 1) * $numberPerpage . ',' . $numberPerpage; //build our limit. //-->End Paganate info <-- //Pulling info we need, from database, including limit's. if($numberOfrows > 0) { //if we have a row count. $query = mysql_query("SELECT * FROM products WHERE ProdName LIKE '$safe_search' $limit") or die('Error: ' . mysql_error()); //perform query, or die trying. echo "<p> You searched for: " ".$trimmed."a " </p>"; echo 'Showing ' . (($numberPerpage * $pageNo) - $numberPerpage) . ' - ' . ($numberPerPage * $pageNo) . ' of ' . $numberOfrows . ' results'; $count = 1 + $s; while ($row = mysql_fetch_array($result)) { //run through a loop to make sure we got all of them. $title = $row["ProdId"]; echo "$count.) $title"; $count++; } } else { // Send back 0 results, and give a google link. echo"<p>Sorry, your search for: " ".$trimmed. " " returned zero results</p>"; //google alternative echo "<p><a href=\"http://www.google.com/search?q=". $trimmed . "\" target=\"_blank\" title=\"Look up" . $trimmed . "on Google\">Click here</a> to try the search on google</p>"; } echo "<br />"; if($numberOfrows > 0) { //print links only if there is a row count. //Set pages. if($pageNo <= 1) { //If there are no pages to go back to: print just the words. echo " << Prev 10 "; } else { //If there is a link back to the previous, show a link. echo " <a href = \"?page=". ($pageNo - 1) . "&q=$search\"><< Prev 10 </a> "; } if($pageNo < $pages) { //If there are more pages to look at, show a link to the next one. echo " <a href=\"?page=" . ($pageNo + 1) . "&q=$search\"> Next 10 >> </a>"; } else { //If there is no more pages, just print the words. echo " Next 10 >>"; } } ?> </div> </body>

Your echo is above your setting of the variable. <form action="<?=$_SERVER['PHP_SELF']?>" method="post"> <input type="text" name="packs" value="" />How many packs a week do you smoke?<br> <input type="text" name="price" value="" />How much do you pay per pack?<br> <input type="text" name="months" value="" />Over how many months?<br> <?php if (isset($_POST['multiply'])) { $a = $_POST['packs']; $b = $_POST['price']; $c = $_POST['months']; $number = $a * 4.3333333 * $c * $b; } echo "$number"; ?> <input type="submit" name="multiply" value="Calculate" /> </form>

Make sure there is NOT a .htaccess file in that directory that "DENY ALL". .htaccess

I recently helped on a project that is exactly what you are trying to do. A school voting site. Here are the things that you need to consider. 1. You need to have the option of dividing up the classes into groups. ie. 8th grade, 9th grade. This is because some will use it for individual grades. 2. You need to make it flexible, so that schools can also use it for other things such as: voting for banners, shirts, uni-forms, etc. 3. You should make it where you can upload images (of the subject, or person) as well as fill in a short description/biography. 4. You should make the voting tied to the user's/ students ID, so they can only vote once per election/poll. 5. You may want to give the user an option of several different layouts. 6. You may want to give the user the option of showing the results after a vote, or waiting until the voting time limit is over. There is much more, but this was all things that the customers came back and asked to be added in. As for your code, there are a couple of things you could add to it for debugging purposes. <?php //Show all $_POST variables the page is receiving. echo '<pre>Debugging:'; print_r($_POST); echo '</pre>'; reset($_POST); //print_r() moves the array pointer to the last value, this resets it to number one. //OR, var_dump($_POST); ?>

You could always try: <?php if(isset($_GET['cmd']) && $_GET['cmd'] == 'delete') { echo 'I\'m running the delete code for ' . $_GET['id'] . '!'; } ?> <a href="?id=10&cmd=delete" onclick="return confirm('Are you sure you want to delete?');">Run the delete function</a> This will reload the page, where the function is ready to run the delete for you. Not as elegant as Ajax, but it will work.

Append it to the end of the MySQL query.