Muddy_Funster

well neither do I, as you didn't actualy say you were having one. Could you describe the problem in detail?

echo it before it's executed: $q = "SELECT * " ."FROM ".TBL_MEMBERS." WHERE leader = '$myUname'"; die($q);

why not just add a 4th range for the hyperlink?

sounds like a white space issue, try using trim() on your $myUname also, echo out your $q and post up what it contains.

you either pull information out of your database, or push information in, you can't do both at the same time. There is nothing wrong with the way you are doing it.

what cart program are you using that you need to hack the code to change the shipping for each country?

@ Jesi My point stands - you never return a password during a login script. If choices are between running a second query because someone has been an idiot or opening up my entire table to someone who has some skill and too much time on their hands, i'll take the hit of the query. How much more frustrated is the user going to be when they find out that their entire account has been hijacked and the email address they registered with is now and forever more flooded with spam because I wanted to save a couple milliseconds of sever load? Security and usability are not inversly related, as you seem to think, good security should have little impact on an end user - bad security can have a huge one. If you do it right there is no trade-off, consider this much simplified login query: SELECT CASE WHEN (SELECT uid FROM my_users AS firstCheck WHERE user_name = '$varName' AND user_password = '$encPass') THEN 'success' WHEN (SELECT uid FROM my_users AS nameCheck WHERE user_name = '$varName') THEN 'nameOnly' ELSE 'fail' END AS login_Status

You want to use an if to check if there is anything in descrtiption and then display on true, or not on false: if(!empty($companydescription)){ echo "<a href=\"$describelink\" target=\"_blank\"><img src=".$logo_dir."/".$logopath." width=\"15%\"></a>"; } else { echo "<img src=".$logo_dir."/".$logopath." width=\"15%\">"; }

what security concerns? all your cookie needs to include is a hash value that you can check. As for not having cookies enabled, I don't think there is a browser out now that doesn't alow for site specific exeptions to cookies - just put up a message saying cookies for your site must be enabled, like FaceBook does (and an actual security bonus of cookies is that the don't populate through proxies). If you're going down the paranoid route, just keep everything in the database. Create a new table that has an encrypted key and timestamp with ON UPDATE CURRENT_TIMESTAMP(), only carry the key through the session, refreshing it on every page and with every action and check active times against the timestamp in the table.

Not sure what's going on with your data, or exactly what you want to get from your query, however: GROUP BY company ASC Is this supposed to be ORDER BY? have you tried adding GROUP BY company to your 1st query?

like this? SELECT CONCAT( (SUM(TIMESTAMPDIFF(DAY, chemicalweighing_dateEntry, NOW()))), 'day(s) ', ((SUM(TIMESTAMPDIFF(HOUR, chemicalweighing_dateEntry, NOW()))) - (SUM(TIMESTAMPDIFF(DAY,chemicalweighing_dateEntry, NOW())) * 24)), 'hr(s) ago' )AS age_day FROM kanban_data;

Why don't you have error capture on your query? change this line to the following and run it again, it will point you to the error $results = sqlsrv_query($conn, $describeQuery) or die (print_r(sqlsrv_errors()));

I don't get why you are setting and unsetting the SESSION['msg'] on the same page. for debugging, can you change to this and let us know what you get back: if(mail($to, $subject, $content, $headers)) { $msg = '<div class="message"><h1>Form Sent</h1><br />Your form has been sent to us. We endevour to respond to all booking requests with 2 working days. If you have not heard from us in that time please contact us on 01462 893620. If you chose to confirm by post please allow 5 working days before contacting us.</div>'; die( "success message = $msg"); } else { $msg = '<div class="message"><h1>Technical Issues</h1><br />We appologise but the website is currently experiencing technical difficulties. Please try again later or print this form out and post / fax it to us. Alternatively you can call us on 01462 893620.</div>'; die("tech fault message = $msg"); } } else { $msg = '<div class="message"><h1>Incomplete Form<h1><br />Please make sure to complete all fields of the form before submitting your booking request.</div>'; die("bad form message = $msg"); }

to add to Vel's comment - never use select * from a user info table. There is no reason on this planet (or any other one that you'd care to visit) that you would need or want to pull password information out of the database during login.

depends on your scenario, is your webserver also your db server or do you create a remote connection?

Best thing you could do is store the logged_in as a cookie, not a session variable. when you say all the $_SESSION variables are there on the index page of the new window, have you actualy done a var_dump($_SESSION) on this page to verify that every variable is set as you would expect it? I have to confess, in all the lines of code I've done, i've never once had a problem caused by using == in string comparison (a couple of issues with === but none with ==).

I have no knowledge of that software. without the offending code there's not much I can offer.

SQLSRV runs without any issue in a standard apache setup, no need to set up IIS at all. XAMPP comes with it bundled if you want a useable development example. What I will say is that it is hugely important to make sure that you structure your SQLServer tables and schemas properly, using views and - as CPD touched on - stored proc's for the complex lookups. Another thing to think about is bandwidth, if your using PHP and a local server you will be allmost gauanteed to benfit from a properly cached model, if the SQL server is going to be hosted you will also find huge issues linking access to it over an internet connection for anything more than adding a single record. The other thing you will find is that Access has it's own ideas on what the SQL language is, and doesn't seem to have the first clue about optimistic locking on remote data sources (either on a LAN or WAN setup) so expect to get a lot of timeouts and "already opened exclusivly by another user" messages. Personaly I suggest taking Access and having a little bonfire in the carpark with it, and use a web interface for everything on a user controlled basis. There are a lot of good, cheep (as in less than it would cost for 10 copies of access 2010) ERP programs out there that run a propper multi-user interface over an SQL backend that will make things go much more smoothly in the long term.

can we see all of the code for the query execution, return and output please?

have you googled "php mysql crosstab table scripts"? because unless you have some code to show us it's very likley going to get you further than posting here will. This forum is for support for people who have problems with their own existing code. The other thing you could do is post in the freelance section and see how much someone will charge to write it for you.

no problem, glad I could help. Just remember - error messages are there for a reason

no problem, glad you got it worked out.

can you post up the headers from one of the accounts that is recieving the message?

This works for me: <?php if(!function_exists('getMyText')) { function getMyText($item) { $text = explode(" | ", $item); return $text; //outputs array(4) { [0]=> string(5) "hello" [1]=> string(3) "out" [2]=> string(5) "there" [3]=> string( "everyone" } } } $m = getMyText("hello | out | there | everyone"); var_dump($m); ?> I changed the function name because getText is already a PHP function name : http://uk3.php.net/manual/en/function.gettext.php whych is why I assume you are using the if(!function_exists(...)). Please try to avoid any atempts to overwrite php stored functions at runtime, nothing good will come from it.

not sure exactly what the issue is here, but have you tried html_entity_decode() before sending the link to the page?