Muddy_Funster

$product is an array. just add up the values.

Could we see the full code for the form and the update pages?

you know, something to work with that's a bit more informative than "it's not working" is always appreciated...

without your current code theres nothing specific that can be given to you. a generic example would be along the lines of : $count = $_GET['numOfMenus']; $menuList = array(); $sql = "SELECT menuItems FROM menuTable WHERE targetValue = 'Beach House'"; $result = mysql_query($sql) or die(mysql_error()); while ($row = mysql_fetch_assoc($result)){ $menuList[] = $row['menuItems']; } for($i=0;$i<=$count;$i++){ echo "<select name=\"menu{$i}\" id=\"menu{$i}\">" foreach($menuList as $menuItem =>$menuValue){ echo "<option value=\"{$menuValue}\">{$menuValue}</option>"; } echo "</select>"; }

So...you want a custom JQuery function given to you, as well as instructions how to integrate it with php variables? You posted in the wrong section - you need to go to the freelance board.

Then you didn't do a very good job of explaining the functionality that you were looking for. You said nothing about the sender still having visiblity of the message after it was sent, or having a read flag on the sender side (I assume you want that just incase they typed the message with their eyes closed?) I know it sounds like were all being a bit harsh and getting on your back here, but it is for your benefit that we are doing it. It's one of the most frustrating things (I personaly would put it right up there with a baby crying for no good reason) in the word when you get an unclear or ambiguous job spec. Please try and be as explicit and verbose about what you are looking for as you can be. That said - you gave the impression that you needed a single flag : you were then told to insert a single enum column (although bit would be just as good) - It turns out that you actulay want two flags.......

You need to use javascript if you want to have page elements be interactive without the use of a submit button. If you haven't used any javascript before, and this is functionality that you expect to use a lot of, I'd recomend at some point soon that you get the JQuery library (free download and you just link the page header to it much as you would a css file) and looking up some online tutorials - nettuts has a series of video tutorials here if that's what you like. PHP doesn't interface directly with the user, it runs on the server side. As such it has no connection with mouse clicks or keyboard commands and it has no idea what values have been chosen or entered into forms untill they are sent back to the server. It can react conditionaly to a request from a web page (normaly via a submit button or a javascript function) and produce results accordingly, but it can't react to user input directly.

Normaly you would use single quotes to address array key names aswell. Have you tried assigning the $_POST value to a varialbe and passing that into the array? Are there any conditions that the api places on string format for comments? (sorry, I Fking hate facebook so know very little about it). Have you tried passing the same generic comment through the form to see if it works then? any chance of some examples of things you have tried so far?

erm.....this has what to do with PHP?

you would need to return the value from the method, something like $this->userid = $valid['userid']; inside the userLogin method. that will overwrite the value, if there is one, in the object parameter, if you don't want to do that just add another param' and assign it to that.

probably because I missed one of the "S"'s out of SESSION....typo, sorry but if your getting errors, it's always best to tell us what they are!

just create a variable to hold the user name and then echo it into the value="" of the name input element : <?php session_start(); if(isset($_SESSION['MM_Username'])) { $MM_Username = $_SESION['MM_Username']; echo "Welcome ".$_SESSION['MM_Username'].""; //<<------Be aware you are echoing this inside the html head, not the body. } else { $MM_Username = ''; echo "why you dont register?"; //<<--------This too } ?> <style type="text/css"> <!-- .style1 {color: #FFFF00} .style4 {color: #00FFFF} .style8 {color: #00FF00} .style9 {color: #FFFFFF} .style10 { font-size: 18px; color: #FFFFFF; } body { background-image: url(wallpaper%20system.jpg); } body {background-attachment:fixed} body {background-repeat:no-repeat} --> </style> </head> <body> <form name="form1" method="post" action="order_product_process.php"> <p align="center" class="style10"> </p> <p align="center" class="style10"> </p> <p align="center" class="style10"> </p> <p align="center" class="style10"> </p> <p align="center" class="style10">Order Form:</p> <div align="center"> <table width="249" border="1" bgcolor="#000000"> <tr> <td width="54"><span class="style1">Name</span></td> <td width="179"><input name="name" type="text" id="name" maxlength="30" value="<?php echo $MM_Username; ?>"></td> </tr> <tr> <td><span class="style4">Address</span></td> <td><textarea name="address" id="address"></textarea></td> </tr> <tr> <td><span class="style1">Phone</span></td> <td><input name="phone" type="text" id="phone" maxlength="30"></td> </tr> <tr> <td><span class="style9">IC Number </span></td> <td><input name="ic" type="text" id="ic" maxlength="30"></td> </tr> <tr> <td><span class="style8">Product Name </span></td> <td><input name="product_name" type="text" id="product_name" maxlength="30"></td> </tr> <tr> <td><span class="style1">Quantity</span></td> <td> <input name="quantity" type="text" id="quantity" maxlength="30"></td> </tr> <tr> <td> </td> <td><input type="submit" name="Submit" value="Order"> <input name="Reset" type="reset" id="Reset" value="Reset"></td> </tr> </table> </div> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> </form> </body> </html>

how about some info about your site and current security measures?

OK, if you don't mind re-populating the table then you can give this a go : 1st, change the signup to: $pass = crypt($pass, 'salthere'); $sql = <<<SQL INSERT INTO members ( `first`, `last`, `email`, `username`, `password` ) VALUES ( '$first', '$last', '$email', '$user', $pass ) SQL; mysql_query($sql) or die(mysql_error()); Notice I droped the id field from the insert? You never insert anything, at all, ever into an auto_inc field. Next change the login to the following: $user=$_POST['user']; $pass=$_POST['pass']; $salt = 'salthere'; $user = stripslashes($user); $user = mysql_real_escape_string($user); $pass = crypt($pass, $salt); $sql=<<<SQL SELECT COUNT(*) as check FROM $tbl WHERE ( username='$user' AND password=$pass SQL; $result=mysql_query($sql); $count=mysql_fetch_assoc($result); if($count['check']==1){ session_register("user"); // <------Not sure what you are doing on session_register("pass"); // <------ these two lines. header("location:loginsuccess.php"); } else { echo "Wrong Username or Password"; } I have marked two lines which I'm unsure what you are doing in, it looks like you want to add $user and $pass to the session array, but aprear to in fact be passing "user" and "pass" string literals. At no point ever should you need or want to maintain password information in a session. let me know how that goes for you.

That's fair enough then and I can accept that's how you ment it, and now that were all cleared up I suppose the polite thing to do would be for me to stop hijacking the thread and let the OP hopefully get back to us with how the provided solutions are shaping up for them. p.s. I, personaly, would re-order your preffered method to 1=3 2=1 3=4 4=2 I hate dot concats. I used to use them all the time, but as soon as you take your eye off the ball it can be a royal pain to find that missing . or " now I just escape as I go if it's a single line. heredoc and nowdoc blocks seem to be PHP's dirty little secret. They are grossly overlooked from what I have seen, dispite being perfect for holding html and SQL code in a far more readable (and debug friendly) format. Anyway....enough! back to the OP!......

you likely need to set the character encoding to utf-8/utf-16 for the table.

No one will be changing my code, when did I even talk about my code? You have chosen to make this unnessiceraly personal - and so be it - when all I asked was that you justify your statement. It's not an unresonable thing to do when somone comes marching along throwing opinions about like they are hard facts. So it's a convention that you work to, and a recomendation, at best, outside that. Well backed up, I must say - perticulatly how you sited the recomendation and paid attention to the refference to handling markup generated thorugh php....oh wiat, you must have missed that bit when you got all pissy about things. It's good to know that all the employment you have had has made you so astute to the use of single quotes in html that you completly ignore the fact that the form element is missing all together, which would be, in my opinion, far more important for decent code than the single quotes thing...but hell, what do I know? My interpretation of someone new to php, posting for help in a php forum, showing only php code, stating that it is for an internal script that only has to work and mentioning nothing what so ever about Javascript, JQuery or AJAX is that the OP is looking for a PHP solution NOT a JS one, as they very likely don't know or are not comfortable with javascript. However, rather than make a rash decission on the fact I preffer to get more information from people before throwing code at them that may in fact make things take longer to resolve, and end up teaching them nothing. This is a help forum, not a personal critique of others practices. If you can't answer questions without getting agresivly personal with people when challenged then you should probably find something else to pass your time with.

First up, don't select * from a user table. Well, don't select * from any table, but especialy not a user table with personal info and passwords in it. 2nd, PHP's crypt() is a better function for encrypting hashes, and has stronger encryption options than ye olde sha1. However, your direct problem is that you are storing the sha1 hash of the password and when you come to compare it, you are using the raw password info. You need to add the sha1() hashing function to $salt.$password for the lookup aswell as for the insert. $sql="SELECT * FROM $tbl WHERE username='$user' and password=sha1('$salt.$pass')"; The other thing is, you are using the mysql sha1 to genarate the hash, this meens that if the database server is not the webserver, the information is being passed from the webserver to the db server is unencrypted.

you could redirect to a page with a hidden div / iframe that you use to run the mail script. this should keep the ui flow smooth and let the mail be processed "in the background" so to speek. Only problem would be if the page they end up on is closed or navigated away from before the sendmail is completed, then it may not send at all.

really? do please justify that statement if you will, especialy in refference to html generated through the use of php echo's, because every time I have used it - it's passed the w3c validation without a single problem. Also, the OP didn't say anthing what so ever about needing or wanting ajax functionality so where did you get that idea?

Normaly you would use the values passed from the form checkboxes to generate the where clause in an update statement. We will need more info about your table and form structure to give more detail.

hmmm....smells like a session issue then

I really hope all this is a "just for fun" project...

Here's a snip that I found lying about, it's a function that uses one of my custom db classes, but the SQL is still there. function updateLog($uid){ $con = new MyCon("intra"); $qry = "UPDATE com_log SET prevLogin = lastLogin WHERE uID = $uid"; $uDate = $con->qry($qry); $reply = $con->message; return $reply; } you should be able to easily replace the custom class code with whatever you use.