nbbcj

Any help any body ??

Hi thank you for your reply and sorry about the delay in getting back to you. im new to smarty i am going to split the code in to 2 tpl's, just for ease of coding i stuck it all in. so im thinking file1.tpl has this {include file="$template/inc/$pagetitle.tpl"} <<< this is smarty tag and file2.tpl has this {php} $q1= strpos($_GET['action'], "products"); if($q1!== false) { echo '<h2>My Products & Services</h2><p> These are all the services you have registered in this account.</p>'; } $q1 = strpos($_GET['action'], "domains"); if($q1!== false) { echo '<h2>My Domains</h2><p> View & manage all the domains you have registered with us from here...</p>'; } {/php} then in the main tpl file that did hold the above code will now have some thing like this {php} if($_GET['action'] !== false) { {include file="$template/inc/file1.tpl"} } else{ {include file="$template/inc/file2.tpl"} } {/php} Sub question does if($_GET['action'] !== false) mean if action is not in the url then run {include file="$template/inc/file1.tpl"} or will it just look for ?action=false in the url. im a bit noobish and have jumped in right at the deep end trying to custom a WHMCS script. thanks for any help you can provide

hay all, im not sure if im right to post here as this is a smarty and php question, but here goes. i have this bit of code in a .tpl file {include file="$template/inc/$pagetitle.tpl"} <<< this is smarty tag {php} $q1= strpos($_GET['action'], "products"); if($q1!== false) { echo '<h2>My Products & Services</h2><p> These are all the services you have registered in this account.</p>'; } $pos = strpos($_GET['action'], "domains"); if($q1!== false) { echo '<h2>My Domains</h2><p> View & manage all the domains you have registered with us from here...</p>'; } {/php} what im trying to do is if the url is somefile.php then include the smarty tag but if the url is somefile.php?action=products then run the if code. at the min if the url is somefile.php?action=products the page shows the include and the if code any help please thanks in advance kaine

sorted it silly me i had the db config setup wrong lol my bad thanks for the help tho nbbcj

Ow yer for got bout that one ill give it a go c what error i get thx

Yer have a db called dragdrop :S Thanks

Hi all i downloaded and read the how to from this site http://www.webresourcesdepot.com/dynamic-dragn-drop-with-jquery-and-php/ seems it the main one that comes up on google and its what i need for a backend project iv been working on for about a year now learning as i go but dont get much time now a days, but any way.. lol i cant get it to work get this Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/sites/nbbcj.co.uk/public_html/4291/dnd/index.php on line 67 and im stumped this is the part of the code <div id="container"> <div id="list"> <div id="response"> </div> <ul> <?php error_reporting(E_ALL); ini_set('display_errors', '1'); include("connect.php"); $query = "SELECT id, text FROM dragdrop ORDER BY listorder ASC"; $result = mysql_query($query); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $id = stripslashes($row['id']); $text = stripslashes($row['text']); ?> <li id="arrayorder_<?php echo $id ?>"><?php echo $id?> <?php echo $text; ?> <div class="clear"></div> </li> <?php } ?> </ul> </div> </div>

hi all im a noob and still learning but this sql inject rattles my brain lol will this protect me $add_pn = mysql_real_escape_string($_POST['pro_name']); and what do i use with this $id=mysql_result($result,$i,"id");

got it working by removing the mysql_close($con) at the end if script now got a new problem lol but il save that for a diff post lol thanks all

HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfil the request.

Hi all, i have been working on a form preview be for submit the info to the db iv got the preview but to work but when i add me sql insert i get page errors can any one help. Iv been racking my brain for days now i am using this to error report but am just getting the server error msg and no more info ini_set('display_errors',1); error_reporting(E_ALL); here is my form code <form method='POST' action='add_form.php' enctype="multipart/form-data" name="form1" id="form1"> <p>Project Name: <input class="addp" name="pro_name" type="text" size="40" maxlength="40" /> Category: Brand Identity: <input name="bi" type="checkbox" value="1" checked /> Print: <input name="print" type="checkbox" value="1" checked /> Online: <input name="online" type="checkbox" value="1" checked /> </p> <p>Short Details: <input class="addp" name="short_details" type="text" size="100" maxlength="100"/> </p> <p>Full Details: <textarea class="tinymce" name="full_details" cols="100" rows="1"></textarea> </p> <p>Thumbnail: <input type="hidden" name="MAX_FILE_SIZE" value="1029120"/> <input class="addp" name="ufile[]" type="file" id="ufile[]" size="50" /> </p> <p> Image 1: <input type="hidden" name="MAX_FILE_SIZE" value="1029120"/> <input class="addp" name="ufile[]" type="file" id="ufile[]" size="30" /> Image 2: <input type="hidden" name="MAX_FILE_SIZE" value="1029120"/> <input class="addp" name="ufile[]" type="file" id="ufile[]" size="30" /> </p> <p>Image 3: <input type="hidden" name="MAX_FILE_SIZE" value="1029120"/> <input class="addp" name="ufile[]" type="file" id="ufile[]" size="30" /> Image 4: <input type="hidden" name="MAX_FILE_SIZE" value="1029120"/> <input class="addp" name="ufile[]" type="file" id="ufile[]" size="30" /> <input name="submit" type="submit" value="Submit""> <input name="preview" type="submit" value="Preview""> </p> </form> here is my php ////////////this code works if(isset($_POST['preview'])) { $path1= "../thumbnails/".$_FILES['ufile']['name'][0]; $path2= "../images/".$_FILES['ufile']['name'][1]; $path3= "../images/".$_FILES['ufile']['name'][2]; $path4= "../images/".$_FILES['ufile']['name'][3]; $path5= "../images/".$_FILES['ufile']['name'][4]; $add_pn=$_POST['pro_name']; $add_sd=$_POST['short_details']; $add_fd=$_POST['full_details']; $add_bi=$_POST['bi']; $add_print=$_POST['print']; $add_online=$_POST['online']; //copy file to where you want to store file if(!($_FILES['ufile']['tmp_name'][0] == NULL)) { copy($_FILES['ufile']['tmp_name'][0], $path1); } if(!($_FILES['ufile']['tmp_name'][1] == NULL)) { copy($_FILES['ufile']['tmp_name'][1], $path2); } if(!($_FILES['ufile']['tmp_name'][2] == NULL)) { copy($_FILES['ufile']['tmp_name'][2], $path3); } if(!($_FILES['ufile']['tmp_name'][3] == NULL)) { copy($_FILES['ufile']['tmp_name'][3], $path4); } if(!($_FILES['ufile']['tmp_name'][4] == NULL)) { copy($_FILES['ufile']['tmp_name'][4], $path5); } print "<pre>"; print "Preview button pressed.."; print_r($_REQUEST); print "$add_pn $add_sd $add_fd $add_bi $add_print $add_online"; print "</pre>"; if(!($_FILES['ufile']['tmp_name'][0] == NULL)) { print "<img src=\"$path1\" width=\"100\" height=\"100\" align=\"textop\">"; } if(!($_FILES['ufile']['tmp_name'][1] == NULL)) { print "<img src=\"$path2\" width=\"100\" height=\"100\" align=\"textop\">"; } if(!($_FILES['ufile']['tmp_name'][2] == NULL)) { print "<img src=\"$path3\" width=\"100\" height=\"100\" align=\"textop\">"; } if(!($_FILES['ufile']['tmp_name'][3] == NULL)) { print "<img src=\"$path4\" width=\"100\" height=\"100\" align=\"textop\">"; } if(!($_FILES['ufile']['tmp_name'][4] == NULL)) { print "<img src=\"$path5\" width=\"100\" height=\"100\" align=\"textop\">"; } } ///////////////// this bit errors if(isset($_POST['submit'])) { print "<pre>"; print "Submit button pressed.."; print_r($_REQUEST); print "</pre>"; include ("../includes/db_config.php");//////////////////try'd this bit of code at the start of the page $con = mysql_connect($db_hostname,$db_username,$db_password);//////////////////try'd this bit of code at the start of the page @mysql_select_db($db_database) or die( "Unable to select database");//////////////////try'd this bit of code at the start of the page ////////////////// im not sure if this is needed again ????? $add_pn=$_POST['pro_name']; $add_sd=$_POST['short_details']; $add_fd=$_POST['full_details']; $add_bi=$_POST['bi']; $add_print=$_POST['print']; $add_online=$_POST['online']; ////////i have used this insert code on other pages and it works so not sure why its not now $sql="INSERT INTO $db_table (pro_name, thumbnail, short_details, full_details, bi, print, online, image1, image2, image3, image4) VALUES ('$add_pn','".$_FILES['ufile']['name'][0]."','$add_sd','$add_fd','$add_bi','$add_print','$add_online','".$_FILES['ufile']['name'][1]."','".$_FILES['ufile']['name'][2]."','".$_FILES['ufile']['name'][3]."','".$_FILES['ufile']['name'][4]."')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) }

hi all i have a problem here, Iv got a form that uploads images to a folder and updates the db with the name of that image, that work ok but if one of the upload field are left blank then the script updates the db with empty values how can i get it to only update the db with only submitted form field data???? here is the form <?php if (isset($_GET['id'])) { $id = $_GET['id']; } ?> <form action="ud_image.php?id=<? echo "$id"?>" method="post" enctype="multipart/form-data" name="form1" id="form1"> <table class="udp"> <tr> <th>Thumbnail:</th> <td><input type="hidden" name="MAX_FILE_SIZE" value="1029120" /> <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <th>Image 1:</th> <td><input type="hidden" name="MAX_FILE_SIZE" value="1029120" /> <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <th>Image 2:</th> <td><input type="hidden" name="MAX_FILE_SIZE" value="1029120" /> <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <th>Image 3:</th> <td><input type="hidden" name="MAX_FILE_SIZE" value="1029120" /> <input name="ufile[]" type="file" id="ufile[]" size="50" /></td> </tr> <tr> <th>Image 4:</th> <td><input type="hidden" name="MAX_FILE_SIZE" value="1029120" /> <input name="ufile[]" type="file" id="ufile[]" size="50" /><input type="submit" name="Submit" value="Upload" /></td> </tr> </table> </form> and here is the processing page <?php include("protect/password_protect.php"); error_reporting(E_ALL); include ("../includes/db_config.php"); $con = mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $path1= "../thumbnails/".$_FILES['ufile']['name'][0]; $path2= "../images/".$_FILES['ufile']['name'][1]; $path3= "../images/".$_FILES['ufile']['name'][2]; $path4= "../images/".$_FILES['ufile']['name'][3]; $path5= "../images/".$_FILES['ufile']['name'][4]; //copy file to where you want to store file copy($_FILES['ufile']['tmp_name'][0], $path1); copy($_FILES['ufile']['tmp_name'][1], $path2); copy($_FILES['ufile']['tmp_name'][2], $path3); copy($_FILES['ufile']['tmp_name'][3], $path4); copy($_FILES['ufile']['tmp_name'][4], $path5); ?> <html> <head> <title>Update Project Images</title> <link rel="stylesheet" type="text/css" href="../../project/backend/style.css" /> </head> <body> <table class="udip"> <tr> <th><? echo "<img src=\"$path1\" width=\"150\" height=\"150\">";?></th> <th><? echo "<img src=\"$path2\" width=\"150\" height=\"150\">";?></th> <th><? echo "<img src=\"$path3\" width=\"150\" height=\"150\">";?></th> <th><? echo "<img src=\"$path4\" width=\"150\" height=\"150\">";?></th> <th><? echo "<img src=\"$path5\" width=\"150\" height=\"150\">";?></th> </tr> <tr> <td><? echo "File Name :".$_FILES['ufile']['name'][0]."<BR/>";?></td> <td><? echo "File Name :".$_FILES['ufile']['name'][1]."<BR/>";?></td> <td><? echo "File Name :".$_FILES['ufile']['name'][2]."<BR/>";?></td> <td><? echo "File Name :".$_FILES['ufile']['name'][3]."<BR/>";?></td> <td><? echo "File Name :".$_FILES['ufile']['name'][4]."<BR/>";?></td> </tr> <tr> <td><?echo "File Size :".$_FILES['ufile']['size'][0]."<BR/>";?></td> <td><?echo "File Size :".$_FILES['ufile']['size'][1]."<BR/>";?></td> <td><?echo "File Size :".$_FILES['ufile']['size'][2]."<BR/>";?></td> <td><?echo "File Size :".$_FILES['ufile']['size'][3]."<BR/>";?></td> <td><?echo "File Size :".$_FILES['ufile']['size'][4]."<BR/>";?></td> </tr> <tr> <td><? echo "File Type :".$_FILES['ufile']['type'][0]."<BR/>";?></td> <td><? echo "File Type :".$_FILES['ufile']['type'][1]."<BR/>";?></td> <td><? echo "File Type :".$_FILES['ufile']['type'][2]."<BR/>";?></td> <td><? echo "File Type :".$_FILES['ufile']['type'][3]."<BR/>";?></td> <td><? echo "File Type :".$_FILES['ufile']['type'][4]."<BR/>";?></td> </tr> </table> </body> </html> <? $filesize1=$_FILES['ufile']['size'][0]; $filesize2=$_FILES['ufile']['size'][1]; $filesize3=$_FILES['ufile']['size'][2]; $filesize4=$_FILES['ufile']['size'][3]; $filesize5=$_FILES['ufile']['size'][4]; if($filesize1 && $filesize2 && $filesize3 && $filesize4 && $filesize5 != 0) { echo "We have recieved your files<p>"; } else { echo "Error in you images check and try again Database has been updated to blank images so no images will be shown on details page."; } $query = "UPDATE $db_table SET thumbnail = '".$_FILES['ufile']['name'][0]."', image1 = '".$_FILES['ufile']['name'][1]."', image2 = '".$_FILES['ufile']['name'][2]."', image3 = '".$_FILES['ufile']['name'][3]."', image4 = '".$_FILES['ufile']['name'][4]."' WHERE id = '".$_GET['id']."'"; if (!mysql_query($query,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) ?>

hay all thanks for you input iv moved on now and have a other problem lol can only c 2 more problems till this project is done thanks again

Cool the for that iv changed :D col name now n it works

It's to set the order of displaying my projects on the work page its so project 2 can be shown 1st or 5th or last

how can i have 2 AUTO_INCREMENT colloums ? i need my id column and my position column to Auto increment. i cant use the id column to set my position as i need to change the val and as i no u cant change ur prim key auto increment column ???? so any forts how i can get a drop down list box to show the content of column `position` (in format 1,2,3,4,5,6,7ect ) and auto increment when adding a new project. my idea when adding is to get the form page to read the bottom of the `position` column for the number and then add one and set that val to a read only text field on the project add page. is there an easy or better way to do this and how would one go about doing this ??? as im a noobie but getting there how-tos or code samples will help a lot people and im wanting to learn as well so any good php tutorial sites send them ,my way thanks

YES that did the trick thank you

yer im thinking that to

hi all me again i have this bit of code mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $whereClauses = array(); if(isset($_GET['bi'])) { $whereClauses[] = "bi=1"; } if(isset($_GET['print'])) { $whereClauses[] = "print=1"; } if(isset($_GET['online'])) { $whereClauses[] = "online=1"; } $query = "SELECT * FROM `project` ORDER BY `project`.`position` ASC "; if(count($whereClauses)) { $query .= " WHERE " . implode(" AND ", $whereClauses); } with this error msg There was a problem with the SQL query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE online=1' at line 3 I get this kinda error a lot as im still learning is there any way to better find out whats going wrong i use error_reporting(E_ALL); ini_set('display_errors', '1'); at the start of my scripts but it dont tell me a lot. i can work out it some thing to do with the $whereClauses as the page displays ok on show all. Im bit stumped here not even sure what to call the prob is it sql query error or php array problem thanks for any help

Hi all me again thank god for sites like this here is my prob i have a page that edits then sends the info to a processing page to update the db but after i added a new bit i get a error Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order = '6', bi = '1', print = '1', online = '1', short_details = 'asdasda', ful' at line 1 im using get in my forms till its all working so i can see what is being passed to the processing page here is my code the update page <? //Set no caching header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); ?> <? include("protect/password_protect.php"); ?> <?php error_reporting(E_ALL); include ("../includes/db_config.php"); mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $query="SELECT * FROM `$db_table` WHERE `id` ='".$_GET['id']."'"; $result=mysql_query($query); $num=mysql_num_rows($result); mysql_close(); $i=0; while ($i < $num) { $id=mysql_result($result,$i,"id"); $order=mysql_result($result,$i,"order"); $pro_name=mysql_result($result,$i,"pro_name"); $short_details=mysql_result($result,$i,"short_details"); $full_details=mysql_result($result,$i,"full_details"); $bi=mysql_result($result,$i,"bi"); $print=mysql_result($result,$i,"print"); $online=mysql_result($result,$i,"online"); ?> <table width="515" height="315" > <form name="form1" method="get" action="runupdate.php?id=<? echo"$id"?>"> <tr> <th width="22%" scope="row"><p>Id</p></th> <td width="78%"><input class="udp" name="id" type="text" id="id" value="<? echo "$id" ?>" size="3" maxlength="3" readonly="readonly"> Ordering: <select name="order"> <option value="<? echo"$order"?>" selected>Is Now<? echo"$order"?></option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> </select> </td> </tr> <tr> <th scope="row"><p>Project Name</p></th> <td><input class="udp" name="pro_name" type="text" id="pro_name" value="<? echo "$pro_name" ?>" size="40" MAXLENGTH="40"></td> </tr> <tr> <th scope="row"><p>Category</p></th> <td> Brand Identity:<input <?php if (!(strcmp("$bi",1))) {echo "checked=\"checked\"";} ?> name="bi" type="checkbox" value="1" /> Print:<input <?php if (!(strcmp("$print",1))) {echo "checked=\"checked\"";} ?> name="print" type="checkbox" value="1" /> Online:<input <?php if (!(strcmp("$online",1))) {echo "checked=\"checked\"";} ?> name="online" type="checkbox" value="1" /></td> </tr> <tr> <th scope="row"><p>Short Details</p></th> <td><input class="udp" name="short_details" type="text" value="<? echo "$short_details" ?>" size="50" MAXLENGTH="60"/></td> </tr> <tr> <th height="163" valign="top" scope="row"><p>Full Details</p></th> <td><textarea class="udp" name="full_details" cols="50" rows="10" id="full_details"><? echo "$full_details"?> </textarea> <input class="udp" type="submit" name="Update" id="Update" value="Update" /></td> </tr> <tr> <th scope="row"> </form></th> </tr> </table> <? $i++; } ?> and this is the processing page can any one help with the sql injection protection here please just an example will do thanks. <?php error_reporting(E_ALL); include ("../includes/db_config.php"); $con = mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $bi=mysql_result($result,$i,"bi"); $print=mysql_result($result,$i,"print"); $online=mysql_result($result,$i,"online"); $ud_pn=$_GET['pro_name']; $ud_sd=$_GET['short_details']; $ud_fd=$_GET['full_details']; $ud_bi=$_GET['bi']; $ud_print=$_GET['print']; $ud_online=$_GET['online']; $ud_order=$_GET['order']; //// when i add order = '$ud_order' to the query it errors and i dont no why as it is layed out the same as pro_name and bi and print ect. $query = "UPDATE $db_table SET pro_name = '$ud_pn', order = '$ud_order', bi = '$ud_bi', print = '$ud_print', online = '$ud_online', short_details = '$ud_sd', full_details = '$ud_fd' WHERE id = '".$_GET['id']."'"; if (!mysql_query($query,$con)) { die('Error: ' . mysql_error()); } echo "$ud_pn record updated<p>With:<p>Short Details:<p>$ud_sd<p>Full Details:<p>$ud_fd<p>Category:<p>Brand Identity:$ud_bi</br> Print:$ud_print</br> Online:$ud_online</br><p> Ordering:$ud_order</br> "; mysql_close($con) ?>

my dum ass lol its all working i just didnt have the 1 and 0 set right in the data base :S here is the full working code it filters and displays the results in a 4x6 grid filter links code (clean code so anyone can use ) SIDE note i now use POST not GET as it does not show in the url <form id="form1" name="filter" method="GET" action="index1.php"> <ul> <li><a href="/work/"title="Show All">Show All</a></li> <li>Brand Identity:<input name="bi" type="checkbox" value="1" /></li> <li>Print:<input name="print" type="checkbox" value="1" /></li> <li>Online:<input name="online" type="checkbox" value="1" /></li> </ul> <input type="submit" name="" id="filter" value="Filter" /> </form> and the display code <table class="table" id="home_index_tb"> <tr class="results_bg"> <?php error_reporting(E_ALL); $db_hostname = 'localhost'; // database host (usually 'localhost') $db_username = ''; // database username $db_password = ''; // database password $db_database = ''; //database name $db_table = ''; //table name mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $whereClauses = array(); if(isset($_GET['bi'])) { $whereClauses[] = "bi=1"; } if(isset($_GET['print'])) { $whereClauses[] = "print=1"; } if(isset($_GET['online'])) { $whereClauses[] = "online=1"; } $query = "SELECT * FROM `$db_table`"; if(count($whereClauses)) { $query .= " WHERE " . implode(" AND ", $whereClauses); } $result = mysql_query($query) or die("There was a problem with the SQL query: " . mysql_error()); if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 4; // SET THE AMOUNT OF column while($row = mysql_fetch_array($result)) { extract($row); if($i == 0) echo "<tr>"; // change pro_name to the name of the column you want to count if($pro_name != "" && $pro_name != null) // change pro_name to the name of the column you want to count echo "<td class=\"YOUR CLASS\"><a href=\"details.php?id=$row[id]\"><img src=\"THUMBNAIL DIR/$row[thumbnail]\" alt=\"$row[thumbnail]\" height=\"155\" width=\"155\" /><br><h2>$row[THE COLUMN YOU WANT TO DISPLAY]<br></a></h2><p>$row[THE COLUMN YOU WANT TO DISPLAY]</p></td>"; if(++$i == $max_columns) { echo "</tr>"; $i=0; } } } if($i = 0){ for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>';} ?></table></td> </tr> </table> i hope all that is understandable and im no way a DEV just some one trying to get on in this big bad world. ALSO there is no sql inject protection as im now learning this and i be leave this page dont need it ?????? hum comments any one thanks CJ

EDIT again with error reporting on i get this notice Notice: Undefined variable: i in /home/sites/loveidee.com/public_html/work/index1.php on line 145 line 145 is this if($i > 0){ for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>';} ?></table></td> im going to have a play with the code c if i can work fix it but any help would be good thanks

cool thank you so much ppl ill give it a go now and report back EDIT its all running good when one filter is selected but with more than one filter i get no display any idea url is /index1.php?print=1&online=1 no display but /index1.php?print=1 or bi=1 or online=1 all fine any help please iv looked at the code but i cant work out whats up. thanks CJ

Hay Psycho thank you for your reply, i have tried what you said but Im running in to a problem i now get a display with the index1.php page but a error mas when i try to filter. here is the error msg. There was a problem with the SQL query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 i have changed my DB now and added the bi,prit,online as you suggested and i was thinking that would be a better way to do it, so when i add new cats it will be easy thank you once again if you could take a look at the code and let me no what iv done wrong please. And can you offer any advice on sql inject protection like a link to a good noobies how to or just more info about it please thank you thank you thank you <div id="right_column"> <table class="table" id="home_index_tb"> <tr class="results_bg"> <?php error_reporting(E_ALL); include ("includes/db_config.php"); mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $whereClauses = array(); if(isset($_GET['bi'])) { $whereClauses = "bi=1"; } if(isset($_GET['print'])) { $whereClauses = "print=1"; } if(isset($_GET['online'])) { $whereClauses = "online=1"; } $query = "SELECT * FROM `$db_table`"; if(count($whereClauses)) { $query .= " WHERE " . implode(" AND ", $whereClauses); } $result = mysql_query($query) or die("There was a problem with the SQL query: " . mysql_error()); if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 4; while($row = mysql_fetch_array($result)) { extract($row); if($i == 0) echo "<tr>"; if($pro_name != "" && $pro_name != null) echo "<td class=\"results\"><a href=\"details.php?id=$row[id]\"><img src=\"/work/thumbnails/$row[thumbnail]\" alt=\"$row[thumbnail]\" height=\"155\" width=\"155\" /><br><h2>$row[pro_name]<br></a></h2><p>$row[short_details]</p></td>"; if(++$i == $max_columns) { echo "</tr>"; $i=0; } } } if($i > 0){ for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>';} ?></table></td> </tr> </table> </div><!--END RIGHT_COLUMN --> and the filter box code <form id="form1" name="filter" method="GET" action="index1.php"> <ul> <li><a href="/work/"title="Show All"<?php if ($_SESSION['section'] == 'all') { echo "class=\"selected\""; }?>>Show All</a></li> <li>Brand Identity<input name="bi" type="checkbox" value="1" /></li> <li>Print <input name="print" type="checkbox" value="1" /></li> <li>Online<input name="online" type="checkbox" value="1" /></li> </ul> <input type="submit" name="" id="filter" value="Filter" /> </form>

Hi there I have a DB of design work all the work is categorise as Brand Identity, print or online Some are a mix so project 1 is categorised as brand identity and online Project 2 is print and online Im trying to filter my results by using checkbox so when brand identity and online are checked and the filter button is clicked there val is sent to the display page, i am passing the val ok as i get this in the url bar (index1.php?cid=bi&cid2=online) but is not displaying only entry's with cat brand identity and online. its not displaying any thing but error msg In my DB I have 3 columns cid, cid1, cid2. cid= bi cid1= print cid2= online I have 2 problems if anyone can help please. 1, I get no results on the display page(index1.php) when no filter is slected ie show all i think this part needs a IF empty run this query if not empty ie filters have been passed to the page run this query ####################### i get this error There was a problem with the SQL query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''' at line 1 ####################### 2, I cant get the filters to filter so no display again (cant seam to get the sql select command to work right and fetch the results i need i just get the above error Thank you for any help im still noobish but getting there slowly very slowly lol Anymore info needed let me know nav code (iv used method get to see what is being passed to index1.php the display page) <form id="form1" name="filter" method="get" action="index1.php"> <ul> <li><a href="/work/"title="Show All"<?php if ($_SESSION['section'] == 'all') { echo "class=\"selected\""; }?>>Show All</a></li> <li>Brand Identity <input name="cid" type="checkbox" value="bi" /></li> <li> Print <input name="cid1" type="checkbox" value="print" /></li> <li>Online<input name="cid2" type="checkbox" value="online" /></li> </ul> <input type="submit" name="" id="filter" value="Filter" /> </form> display page code <?php error_reporting(E_ALL); include ("includes/db_config.php"); mysql_connect($db_hostname,$db_username,$db_password); @mysql_select_db($db_database) or die( "Unable to select database"); $cid= $_GET['cid']; $cid1= $_GET['cid1']; $cid2 = $_GET['cid2']; $query="SELECT * from `$db_table` WHERE `cid`='".$cid."' or `cid1`='".$cid1."' or `cid2`'".$cid2."'"; $result = mysql_query($query) or die("There was a problem with the SQL query: " . mysql_error()); if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 4; while($row = mysql_fetch_array($result)) { extract($row); if($i == 0) echo "<tr>"; if($pro_name != "" && $pro_name != null) echo "<td class=\"results\"><a href=\"details.php?id=$row[id]\"><img src=\"/work/thumbnails/$row[thumbnail]\" alt=\"$row[thumbnail]\" height=\"155\" width=\"155\" /><br><h2>$row[pro_name]<br></a></h2><p>$row[short_details]</p></td>"; if(++$i == $max_columns) { echo "</tr>"; $i=0; } } } if($i > 0){ for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>';} ?></table></td> </tr> </table>