Muddy_Funster

The SQL seems fine, ran it on a test database and it made the table without a problem. All I can suggest is that you make sure that your user has create privilges for the database that you are in, and that you have chosen your database first. I aslo give strong recomendation to normalising that data structure - you should be using WAY more than one table for all that.

Change all $_REQUEST variables to $_POST and make sure that the form method is also post.

Open the .sql file with a text editor. copy and paste into PHPMyAdmin query panel and run it to perform the query, or paste it up here insode code tags if you want someone to explain what it's going to do before you run it.

thet meens that approved_date appears in more than one table in your select. Specify which table you wish to use and it fix that.

echo $getid, and $_GET['id'] and see what you get. Check the URL structure. change your query to: $query = "select lname, fname, ID from contacts where id = '$getid' "; Change the line here $numresults=mysql_query($query); to include error capture like this : $numresults=mysql_query($query) or die ($query.'<br><br> FAILED WITH THE FOLLOWING ERROR :<br><br>'.mysql_error());

What do you get back if you do a print_r($_POST['comments']

you have the line mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect to server"); To use this within other functions as $connection you will need to first assign it to $connection, so change the line to read as $connection = mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect to server"); .

We'll need to see your code to help you manipulate it.

I have found it much easier to create a new table per invoice/order with a master index table for lookup. Also - not trying to be nasty, but you're clearly not ready for this yet. Put it on the top shelf for now and work on learning rather than doing.

In addition, you should avoid using SELECT * and don't needlesly/lazily alias tables to meeningless single letters.

Are you passing your variables from a form or through the URL?

please do

you aren't looking for trim - that's for removing whitespace - you want a substing - have a look here : http://php.net/manual/en/function.substr.php

You don't want to search WHERE money = $money in the first place! search where userID = $userID (or simmilar) if you knew the value of $money you wouldn need to ask the database what is would you?

No worries, remember to mark as solved (bottom left of the page)

Short answer - No. Long Answer - Nothing is impervious to attack (if it was people wouldn't be finding ways into goverment systems as often as they do). Read up on the use of SSL, mysql_real_escape_string() and Data Sanatisation and you should be as safe as you will need to be.

I think the best 'spam' protection would be to integrate a captcha box to the page (is a bit tricky but I'm sure there is a guide for it somewhere about here...) On a personal note - <iframes> : using CSS and PHP (and sometimes AJAX if you want to be funky) they are more or less redundant.

erm...now your just being silly.

Right, the problem is that the orders table has more fields than you are using in your insert. In this case you need to explicitly tell the INSERT where to put the information into the table : INSERT INTO Orders (id, date, creditcard, expirydate) VALUES (...) Actualy, just having a second look at the code there, and you have totaly malformed the INSERT for that ( I looked at the format of the second one the first time ) Your First INSERT is formated as though you are using an UPDATE / SET query. Anyway, change to above and you should get on alright (will probably need to change the second one aswell.

You are only selecting the top level result that is returned in the array. You will need to run through the array in order to get what you want out. <div id="apdiv3"> <FORM action = "demo.php" method ="post"> <p>Course name:</p> <select name="cname"> <?php $q = "SELECT cname FROM course "; $result = mysql_query($q); WHILE ($course = mysql_fetch_array($result)){ echo "<OPTION> value='{$course['cname']}'>{$cource['cname']}</option>"; } echo " </SELECT>" Should do it. You also need to look into how to form <option>'s better.

Could you post up your table structure please? On a tangent - you are aware of the data protection and storage regulations regarding the storing of of another entities (either individual or corporate) pesonal and financial information right?

doesn't that have the potential to cause errors if magic_quotes is enabled?

No worries, let us know if you have any other issues.

start a new topic for the new problem - giving the full detail again - a lot of people will not check on solved topics (that's kind of why it is used).