Drummin Posted April 5, 2012 Share Posted April 5, 2012 Sorry man, get rid of that quote. <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea> Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334744 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Its still there after i deleted the quote?  <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description">   <?php   if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea>  right at the ending ?> tag? Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334745 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 The text area looks right. Might need a page reload.  I noticed the variable $upload in the image section isn't defined. Add it to this section. /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334747 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 <?PHP session_start(); include('db.php'); /* set some validation variables */ if (isset($_POST['Submit'])){$error_message = ""; /* DEFINE THE FUNCTION */ /* ============================================== */ /* ============================================== */ /* DO NOT MODIFY THIS FUNCTION */ function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) { $s_path = trim($s_path); $o_path = trim($o_path); $save = $s_path . $save; $file = $o_path . $file; $ext = strtolower(end(explode('.',$save))); list($width, $height) = getimagesize($file) ; if(($width>$t_w) OR ($height>$t_h)) { $r1 = $t_w/$width; $r2 = $t_h/$height; if($r1<$r2) {  $size = $t_w/$width; } else {  $size = $t_h/$height; } } else { $size=1; } $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; switch ($ext) { case 'jpg': case 'jpeg': $image = imagecreatefromjpeg($file) ; break; case 'gif': $image = imagecreatefromgif($file) ; break; case 'png': $image = imagecreatefrompng($file) ; break; } imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; return;} /* END OF RESIZE FUNCTION */ //This is the directory where images will be saved $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); // Connects to your Database // session_start(); // include ('db.php'); //This gets all the other information from the form /* ============================================== */ /* ============================================== */ /* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */ if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['company_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid company name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";} /* END validating company_name */ /* =============================================== */ if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['contact_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid contact name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";} /* END validating contact_name *//* =============================================== */ if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid phone<br>"; $error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>"; } else{ $phone = trim($_POST['phone']); } /* END validating phone */ /* =============================================== */ /* =============================================== */ /* validating the email */ /* create a function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) { $error_message = $error_message . "You must enter a valid email address<br>"; $error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>"; } /* END validating email */ /* =============================================== */ if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street1'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";} /* END validating street1 */ /* =============================================== */ if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street2'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";} /* END validating street2 */ /* =============================================== */ if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['premiumuser_description'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>";} /* END validating premiumuser_description */ /* =============================================== */ /*this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores*/ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";} /* END validating username */ /* =============================================== */ /* =============================================== */ /*this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['password'] is NOT set 2) if length of password is less than 5 3) if password has anything other than letter, numbers or underscores*/ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";} else{ $password = trim($_POST['password']);} /* END validating password */ /* =============================================== */ /* =============================================== */ /* check to see if username is already taken */ $username = mysql_real_escape_string(trim($_POST['username'])); $query1 = "SELECT username from companies WHERE username = '$username'"; $result1 = mysql_query($query1) or die(mysql_error()); $count = mysql_num_rows($result1); if($count>0) { $error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";} /* =============================================== * //* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ /*NOT USED IN THIS EXAMPLE*/ if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; // header("Location: register00.php"); // exit();} /* =============================================== */ $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg");$do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */$thumbDir = "/images/thumbs"; /* thumbnail folder */$thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* ============================================== */ /* ============================================== */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = preg_replace('/\s+/', '', $_FILES['upload']['name']); $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* ============================================== */ /* ============================================== */ /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); //Tells you if its all ok /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; } else { //Gives and error if its not /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "Sorry, there was a problem uploading your file."; } /* =============================================== */ /* PREPARE DATA FOR INSERTION INTO TABLE */ /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3);} //Writes the information to the database /* ============================================== */ /* ============================================== */ /* ALWAYS WRITE YOUR QUERIES AS STRINGSTHAT WAY WHEN TESTING, YOU CAN MAKESURE THAT THE VALUES CONTAIN WHAT YOU EXPECT*/ if(empty($error_message)){ $salt = createsalt();$password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $username = mysql_real_escape_string(trim($_POST['username'])); $email = mysql_real_escape_string(trim($_POST['email'])); $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')" ;$result = mysql_query($query) or die(mysql_error()); } // if(empty($error_message)) /* =============================================== */ /*at this point we can send an email to the admin as wellas the user. DO NOT send the user's password to ANYONE!!!! */ { // if (isset($_POST['submit']))?><html><body>   <?php   if (!empty($error_message)){ echo $error_message; }?>   <form enctype="multipart/form-data" method="post" action="register00.php">   <table width="316" height="120" border="0"> <tr><td colspan=2>   <h1>Register/Sign Up</h1></td></tr> <tr><td>Company Name:</td><td>   <input name="company_name" type="text" id="company_name" value="   <?php   if (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" />   </td></tr> <tr><td>Contact Name:</td><td>   <input name="contact_name" type="text" id="contact_name" value="   <?php   if (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" />   </td></tr> <tr><td>Contact Number:</td><td>   <input name="phone" type="number" id="phone" value="   <?php   if (isset($_POST['phone'])){ echo $_POST['phone']; } else{ echo "incl. area code";} ?>" />   </td></tr> <tr><td>Address line 1:</td><td>   <input name="street1" type="text" id="street1" value="   <?php   if (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" />   </td></tr> <tr><td>Address line 2:</td><td>   <input name="street2" type="text" id="street1" value="   <?php   if (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" />   </td></tr> <tr><td>Area:</td><td>   <input name="location" type="text" id="location" value="   <?php   if (isset($_POST['location'])){ echo $_POST['location']; } ?>" />   </td></tr> <tr><td>City:</td><td>   <input name="city" type="text" id="city" value="   <?php   if (isset($_POST['city'])){ echo $_POST['city']; } ?>" />   </td></tr> <tr><td>Postcode:</td><td>   <input name="postcode" type="text" id="postcode" value="   <?php   if (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" />   </td></tr> <tr><td>Username:</td><td>   <input name="username" type="text" id="username" value="   <?php   if (isset($_POST['username'])){ echo $_POST['username']; } ?>" />   </td></tr> <tr><td>Password:</td><td>   <input name="password" type="password" class="style7" id="password" value="   <?php   if (isset($_POST['password'])){ echo $_POST['password']; } ?>" />   </td></tr> <tr><td>Email:</td><td>   <input name="email" type="text" class="style7" id="email" value="   <?php   if (isset($_POST['email'])){ echo $_POST['email']; } ?>" />   </td></tr> <tr><td>Company Logo:</td><td>   <input name="upload" type="file" class="style7" id="upload">   </td></tr> <tr><td>Company Description:</td><td>   <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php   if (isset($_POST['premiumuser_description'])){echo $_POST['premiumuser_description']; }?></textarea>   </td></tr> <tr><td>   <input name="Submit" type="submit" value="Register" />   </td></tr> </table>   </body>   </html>  In the form at the bottom on the </textarea> im getting a syntax error on line: 307. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334748 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Try this copy. <?PHP session_start(); include('db.php'); /* set some validation variables */ if (isset($_POST['Submit'])){ $error_message = ""; /* DEFINE THE FUNCTION */ /* ============================================== */ /* ============================================== */ /* DO NOT MODIFY THIS FUNCTION */ function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) { $s_path = trim($s_path); $o_path = trim($o_path); $save = $s_path . $save; $file = $o_path . $file; $ext = strtolower(end(explode('.',$save))); list($width, $height) = getimagesize($file) ; if(($width>$t_w) OR ($height>$t_h)) { $r1 = $t_w/$width; $r2 = $t_h/$height; if($r1<$r2) {  $size = $t_w/$width; }else{  $size = $t_h/$height; } }else{ $size=1; } $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; switch ($ext) { case 'jpg': case 'jpeg': $image = imagecreatefromjpeg($file) ; break; case 'gif': $image = imagecreatefromgif($file) ; break; case 'png': $image = imagecreatefrompng($file) ; break; } imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; return; } /* END OF RESIZE FUNCTION */ //This is the directory where images will be saved $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); // Connects to your Database // session_start(); // include ('db.php'); //This gets all the other information from the form /* ============================================== */ /* ============================================== */ /* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */ if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['company_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid company name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>"; } /* END validating company_name */ /* =============================================== */ if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['contact_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid contact name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>"; } /* END validating contact_name */ /* =============================================== */ if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid phone<br>"; $error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>"; }else{ $phone = trim($_POST['phone']); } /* END validating phone */ /* =============================================== */ /* =============================================== */ /* validating the email */ /* create a function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) { $error_message = $error_message . "You must enter a valid email address<br>"; $error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>"; } /* END validating email */ /* =============================================== */ if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street1'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>"; } /* END validating street1 */ /* =============================================== */ if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street2'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>"; } /* END validating street2 */ /* =============================================== */ if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['premiumuser_description'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>"; } /* END validating premiumuser_description */ /* =============================================== * /* =============================================== */ /* this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores */ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>"; } /* END validating username */ /* =============================================== */ /* =============================================== */ /* this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['upassword'] is NOT set 2) if length of upassword is less than 5 3) if upassword has anything other than letter, numbers or underscores */ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>"; }else{ $password = trim($_POST['password']); } /* END validating password */ /* =============================================== */ /* =============================================== */ /* check to see if username is already taken */ $username = mysql_real_escape_string(trim($_POST['username'])); $query1 = "SELECT username from companies WHERE username = '$username'"; $result1 = mysql_query($query1) or die(mysql_error()); $count = mysql_num_rows($result1); if($count>0) { $error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>"; } /* =============================================== */ /* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ /* NOT USED IN THIS EXAMPLE if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; // header("Location: register00.php"); // exit(); } */ /* =============================================== */ $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* ============================================== */ /* ============================================== */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* ============================================== */ /* ============================================== */ /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); //Tells you if its all ok /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; }else { //Gives and error if its not /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "Sorry, there was a problem uploading your file."; } /* =============================================== */ /* PREPARE DATA FOR INSERTION INTO TABLE */ /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } //Writes the information to the database /* ============================================== */ /* ============================================== */ /* ALWAYS WRITE YOUR QUERIES AS STRINGS THAT WAY WHEN TESTING, YOU CAN MAKE SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT */ if(empty($error_message)){ $salt = createsalt(); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $username = mysql_real_escape_string(trim($_POST['username'])); $email = mysql_real_escape_string(trim($_POST['email'])); $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); }//if(empty($error_message)) /* =============================================== */ /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ }//if (isset($_POST['submit'])) ?> <html> <body> <?php if (!empty($error_message)){ echo $error_message; } ?> <form enctype="multipart/form-data" method="post" action="register00.php"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> <tr><td>Company Name:</td><td> <input name="company_name" type="text" id="company_name" value="<?php if (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" /> </td></tr> <tr><td>Contact Name:</td><td> <input name="contact_name" type="text" id="contact_name" value="<?php if (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" /> </td></tr> <tr><td>Contact Number:</td><td> <input name="phone" type="number" id="phone" value="<?php if (isset($_POST['phone'])){ echo $_POST['phone']; }else{ echo "incl. area code";} ?>" /> </td></tr> <tr><td>Address line 1:</td><td> <input name="street1" type="text" id="street1" value="<?php if (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" /> </td></tr> <tr><td>Address line 2:</td><td> <input name="street2" type="text" id="street1" value="<?php if (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" /> </td></tr> <tr><td>Area:</td><td> <input name="location" type="text" id="location" value="<?php if (isset($_POST['location'])){ echo $_POST['location']; } ?>" /> </td></tr> <tr><td>City:</td><td> <input name="city" type="text" id="city" value="<?php if (isset($_POST['city'])){ echo $_POST['city']; } ?>" /> </td></tr> <tr><td>Postcode:</td><td> <input name="postcode" type="text" id="postcode" value="<?php if (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" /> </td></tr> <tr><td>Username:</td><td> <input name="username" type="text" id="username" value="<?php if (isset($_POST['username'])){ echo $_POST['username']; } ?>" /> </td></tr> <tr><td>Password:</td><td> <input name="password" type="password" class="style7" id="password" value="<?php if (isset($_POST['password'])){ echo $_POST['password']; } ?>" /> </td></tr> <tr><td>Email:</td><td> <input name="email" type="text" class="style7" id="email" value="<?php if (isset($_POST['email'])){ echo $_POST['email']; } ?>" /> </td></tr> <tr><td>Company Logo:</td><td> <input name="upload" type="file" class="style7" id="upload"> </td></tr> <tr><td>Company Description:</td><td> <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea> </td></tr> <tr><td> <input name="Submit" type="submit" value="Register" /> </td></tr> </table> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334750 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Noticed you're not using the "basicpackage_description" yet you're inserting to DB. Also escaped all values before insert on this copy.  <?PHP session_start(); include('db.php'); /* set some validation variables */ if (isset($_POST['Submit'])){ $error_message = ""; /* DEFINE THE FUNCTION */ /* ============================================== */ /* ============================================== */ /* DO NOT MODIFY THIS FUNCTION */ function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) { $s_path = trim($s_path); $o_path = trim($o_path); $save = $s_path . $save; $file = $o_path . $file; $ext = strtolower(end(explode('.',$save))); list($width, $height) = getimagesize($file) ; if(($width>$t_w) OR ($height>$t_h)) { $r1 = $t_w/$width; $r2 = $t_h/$height; if($r1<$r2) {  $size = $t_w/$width; }else{  $size = $t_h/$height; } }else{ $size=1; } $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; switch ($ext) { case 'jpg': case 'jpeg': $image = imagecreatefromjpeg($file) ; break; case 'gif': $image = imagecreatefromgif($file) ; break; case 'png': $image = imagecreatefrompng($file) ; break; } imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; return; } /* END OF RESIZE FUNCTION */ //This is the directory where images will be saved $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); // Connects to your Database // session_start(); // include ('db.php'); //This gets all the other information from the form /* ============================================== */ /* ============================================== */ /* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */ if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['company_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid company name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>"; } /* END validating company_name */ /* =============================================== */ if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['contact_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid contact name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>"; } /* END validating contact_name */ /* =============================================== */ if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid phone<br>"; $error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>"; }else{ $phone = trim($_POST['phone']); } /* END validating phone */ /* =============================================== */ /* =============================================== */ /* validating the email */ /* create a function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) { $error_message = $error_message . "You must enter a valid email address<br>"; $error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>"; } /* END validating email */ /* =============================================== */ if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street1'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>"; } /* END validating street1 */ /* =============================================== */ if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street2'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>"; } /* END validating street2 */ /* =============================================== */ if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['premiumuser_description'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>"; } /* END validating premiumuser_description */ /* =============================================== * /* =============================================== */ /* this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores */ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>"; } /* END validating username */ /* =============================================== */ /* =============================================== */ /* this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['upassword'] is NOT set 2) if length of upassword is less than 5 3) if upassword has anything other than letter, numbers or underscores */ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>"; }else{ $password = trim($_POST['password']); } /* END validating password */ /* =============================================== */ /* =============================================== */ /* check to see if username is already taken */ $username = mysql_real_escape_string(trim($_POST['username'])); $query1 = "SELECT username from companies WHERE username = '$username'"; $result1 = mysql_query($query1) or die(mysql_error()); $count = mysql_num_rows($result1); if($count>0) { $error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>"; } /* =============================================== */ /* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ /* NOT USED IN THIS EXAMPLE if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; // header("Location: register00.php"); // exit(); } */ /* =============================================== */ $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* ============================================== */ /* ============================================== */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* ============================================== */ /* ============================================== */ /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); //Tells you if its all ok /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; }else { //Gives and error if its not /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "Sorry, there was a problem uploading your file."; } /* =============================================== */ /* PREPARE DATA FOR INSERTION INTO TABLE */ /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } //Writes the information to the database /* ============================================== */ /* ============================================== */ /* ALWAYS WRITE YOUR QUERIES AS STRINGS THAT WAY WHEN TESTING, YOU CAN MAKE SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT */ if(empty($error_message)){ $salt = createsalt(); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name'])); $contact_name = mysql_real_escape_string(trim($_POST['contact_name'])); $location = mysql_real_escape_string(trim($_POST['location'])); $postcode = mysql_real_escape_string(trim($_POST['postcode'])); $street1 = mysql_real_escape_string(trim($_POST['street1'])); $street2 = mysql_real_escape_string(trim($_POST['street2'])); $city = mysql_real_escape_string(trim($_POST['city'])); $phone = mysql_real_escape_string(trim($_POST['phone'])); $email = mysql_real_escape_string(trim($_POST['email'])); //$basicpackage_description = mysql_real_escape_string(trim($_POST['basicpackage_description'])); $premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description'])); $salt = mysql_real_escape_string($salt); $upload = mysql_real_escape_string($upload); //$username = mysql_real_escape_string(trim($_POST['username'])); /* $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); */ $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); }//if(empty($error_message)) /* =============================================== */ /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ }//if (isset($_POST['submit'])) ?> <html> <body> <?php if (!empty($error_message)){ echo $error_message; } ?> <form enctype="multipart/form-data" method="post" action="register00.php"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> <tr><td>Company Name:</td><td> <input name="company_name" type="text" id="company_name" value="<?php if (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" /> </td></tr> <tr><td>Contact Name:</td><td> <input name="contact_name" type="text" id="contact_name" value="<?php if (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" /> </td></tr> <tr><td>Contact Number:</td><td> <input name="phone" type="number" id="phone" value="<?php if (isset($_POST['phone'])){ echo $_POST['phone']; }else{ echo "incl. area code";} ?>" /> </td></tr> <tr><td>Address line 1:</td><td> <input name="street1" type="text" id="street1" value="<?php if (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" /> </td></tr> <tr><td>Address line 2:</td><td> <input name="street2" type="text" id="street1" value="<?php if (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" /> </td></tr> <tr><td>Area:</td><td> <input name="location" type="text" id="location" value="<?php if (isset($_POST['location'])){ echo $_POST['location']; } ?>" /> </td></tr> <tr><td>City:</td><td> <input name="city" type="text" id="city" value="<?php if (isset($_POST['city'])){ echo $_POST['city']; } ?>" /> </td></tr> <tr><td>Postcode:</td><td> <input name="postcode" type="text" id="postcode" value="<?php if (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" /> </td></tr> <tr><td>Username:</td><td> <input name="username" type="text" id="username" value="<?php if (isset($_POST['username'])){ echo $_POST['username']; } ?>" /> </td></tr> <tr><td>Password:</td><td> <input name="password" type="password" class="style7" id="password" value="<?php if (isset($_POST['password'])){ echo $_POST['password']; } ?>" /> </td></tr> <tr><td>Email:</td><td> <input name="email" type="text" class="style7" id="email" value="<?php if (isset($_POST['email'])){ echo $_POST['email']; } ?>" /> </td></tr> <tr><td>Company Logo:</td><td> <input name="upload" type="file" class="style7" id="upload"> </td></tr> <tr><td>Company Description:</td><td> <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea> </td></tr> <tr><td> <input name="Submit" type="submit" value="Register" /> </td></tr> </table> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334758 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Okay, theres still a syntax error on<textarea></textarea>.... Â I will try the most recent one you uploaded and get back to you. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334764 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Im not using basicpackage_description so i've got rid... Â I don't know why the error around textarea is still there though? Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334765 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 I just noticed you don't have an </form> tag. Man I'm not seeing the textarea error.  How about with this one. I normally use quotes around my echo's like this. I removed them because of jesirose's comment. <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo "{$_POST['premiumuser_description']}"; } ?></textarea> Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334766 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Just added the </form> tag... plus uploaded the textarea error. 17974_.doc Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334767 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 I noticed you are putting the php on a new line. Don't. Keep it as I posted. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334774 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea>  That's exactly how it is now and still, the error :'( Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334775 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Hmm. Not sure what to say. This really goes for ALL those "values". You don't want to be adding a line return with every post. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334778 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 When using this site's 'select' feature, it paste's the code without spaces, so i've just added them where i thought neccessary.. Â i will now change the space/new line just like the previous time and report back. Â Thanks so far. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334780 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Also remove height from table element, phone type should be type="text"and street2 id should be id="street2" Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334782 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Also remove height from table element, phone type should be type="text"and street2 id should be id="street2" Â Say what? where's the table element? surley phone type should be number, for telephone nnumbers? and im not sure what you meant with street2 id? Â I've attatached the file were looking at. 17975_.php Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334783 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 I guess type="number" is now a valid type with HTML5, but was throwing syntax error in my Tidy W3C validator. Probably because missing doc type. Still input field for street2 has an id of street1.  Here's my version <?PHP session_start(); include('db.php'); /* set some validation variables */ if (isset($_POST['Submit'])){ $error_message = ""; /* DEFINE THE FUNCTION */ /* ============================================== */ /* ============================================== */ /* DO NOT MODIFY THIS FUNCTION */ function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) { $s_path = trim($s_path); $o_path = trim($o_path); $save = $s_path . $save; $file = $o_path . $file; $ext = strtolower(end(explode('.',$save))); list($width, $height) = getimagesize($file) ; if(($width>$t_w) OR ($height>$t_h)) { $r1 = $t_w/$width; $r2 = $t_h/$height; if($r1<$r2) {  $size = $t_w/$width; }else{  $size = $t_h/$height; } }else{ $size=1; } $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; switch ($ext) { case 'jpg': case 'jpeg': $image = imagecreatefromjpeg($file) ; break; case 'gif': $image = imagecreatefromgif($file) ; break; case 'png': $image = imagecreatefrompng($file) ; break; } imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; return; } /* END OF RESIZE FUNCTION */ //This is the directory where images will be saved $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); // Connects to your Database // session_start(); // include ('db.php'); //This gets all the other information from the form /* ============================================== */ /* ============================================== */ /* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */ if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['company_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid company name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>"; } /* END validating company_name */ /* =============================================== */ if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['contact_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid contact name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>"; } /* END validating contact_name */ /* =============================================== */ if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid phone<br>"; $error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>"; }else{ $phone = trim($_POST['phone']); } /* END validating phone */ /* =============================================== */ /* =============================================== */ /* validating the email */ /* create a function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) { $error_message = $error_message . "You must enter a valid email address<br>"; $error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>"; } /* END validating email */ /* =============================================== */ if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street1'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>"; } /* END validating street1 */ /* =============================================== */ if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street2'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>"; } /* END validating street2 */ /* =============================================== */ if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['premiumuser_description'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>"; } /* END validating premiumuser_description */ /* =============================================== * /* =============================================== */ /* this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores */ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>"; } /* END validating username */ /* =============================================== */ /* =============================================== */ /* this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['upassword'] is NOT set 2) if length of upassword is less than 5 3) if upassword has anything other than letter, numbers or underscores */ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>"; }else{ $password = trim($_POST['password']); } /* END validating password */ /* =============================================== */ /* =============================================== */ /* check to see if username is already taken */ $username = mysql_real_escape_string(trim($_POST['username'])); $query1 = "SELECT username from companies WHERE username = '$username'"; $result1 = mysql_query($query1) or die(mysql_error()); $count = mysql_num_rows($result1); if($count>0) { $error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>"; } /* =============================================== */ /* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ /* NOT USED IN THIS EXAMPLE if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; // header("Location: register00.php"); // exit(); } */ /* =============================================== */ $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* ============================================== */ /* ============================================== */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* ============================================== */ /* ============================================== */ /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); //Tells you if its all ok /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; }else { //Gives and error if its not /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "Sorry, there was a problem uploading your file."; } /* =============================================== */ /* PREPARE DATA FOR INSERTION INTO TABLE */ /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } //Writes the information to the database /* ============================================== */ /* ============================================== */ /* ALWAYS WRITE YOUR QUERIES AS STRINGS THAT WAY WHEN TESTING, YOU CAN MAKE SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT */ if(empty($error_message)){ $salt = createsalt(); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name'])); $contact_name = mysql_real_escape_string(trim($_POST['contact_name'])); $location = mysql_real_escape_string(trim($_POST['location'])); $postcode = mysql_real_escape_string(trim($_POST['postcode'])); $street1 = mysql_real_escape_string(trim($_POST['street1'])); $street2 = mysql_real_escape_string(trim($_POST['street2'])); $city = mysql_real_escape_string(trim($_POST['city'])); $phone = mysql_real_escape_string(trim($_POST['phone'])); $email = mysql_real_escape_string(trim($_POST['email'])); $premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description'])); $salt = mysql_real_escape_string($salt); $upload = mysql_real_escape_string($upload); $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); /* =============================================== */ /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ }//if(empty($error_message)) }//if (isset($_POST['submit'])) ?> <html> <body> <?php if (!empty($error_message)){ echo $error_message; } ?> <form enctype="multipart/form-data" method="post" action="register00.php"> <table width="316" border="0"> <tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> <tr><td>Company Name:</td><td> <input name="company_name" type="text" id="company_name" value="<?php if (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" /> </td></tr> <tr><td>Contact Name:</td><td> <input name="contact_name" type="text" id="contact_name" value="<?php if (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" /> </td></tr> <tr><td>Contact Number:</td><td> <input name="phone" type="number" id="phone" value="<?php if (isset($_POST['phone'])){ echo $_POST['phone']; }else{ echo "incl. area code";} ?>" /> </td></tr> <tr><td>Address line 1:</td><td> <input name="street1" type="text" id="street1" value="<?php if (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" /> </td></tr> <tr><td>Address line 2:</td><td> <input name="street2" type="text" id="street2" value="<?php if (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" /> </td></tr> <tr><td>Area:</td><td> <input name="location" type="text" id="location" value="<?php if (isset($_POST['location'])){ echo $_POST['location']; } ?>" /> </td></tr> <tr><td>City:</td><td> <input name="city" type="text" id="city" value="<?php if (isset($_POST['city'])){ echo $_POST['city']; } ?>" /> </td></tr> <tr><td>Postcode:</td><td> <input name="postcode" type="text" id="postcode" value="<?php if (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" /> </td></tr> <tr><td>Username:</td><td> <input name="username" type="text" id="username" value="<?php if (isset($_POST['username'])){ echo $_POST['username']; } ?>" /> </td></tr> <tr><td>Password:</td><td> <input name="password" type="password" class="style7" id="password" value="<?php if (isset($_POST['password'])){ echo $_POST['password']; } ?>" /> </td></tr> <tr><td>Email:</td><td> <input name="email" type="text" class="style7" id="email" value="<?php if (isset($_POST['email'])){ echo $_POST['email']; } ?>" /> </td></tr> <tr><td>Company Logo:</td><td> <input name="upload" type="file" class="style7" id="upload"> </td></tr> <tr><td>Company Description:</td><td> <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php if (isset($_POST['premiumuser_description'])){ echo "{$_POST['premiumuser_description']}"; } ?></textarea> </td></tr> <tr><td> <input name="Submit" type="submit" value="Register" /> </td></tr> </table> </form> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334789 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 for the purpose of you seeing what i see (errors) on my side, ive only added space where copying and pasting pushes the code together. Â I have left the other error's for you to look at. Â I wonder if its something to do with me using dreamweaver and you W3c editor? 17982_.php Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334801 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Still not using my code. You have header("location") on line 149, the code if (isset($_POST['submit']))?> on line 239, not to mention a whole repeat of coding going on after the </html> tag. Use the copy I posted.  EDIT: And by the way, I just created a DB table for this and tested the code and it inserted as expected. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334803 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Drummin, i copied your post. Â pasted it underneath the original. that is why the numbers dont add up. from 1 - 270 is original. from there onwards is the pasted code. Â I'm really not sure what i'm doing wrong on this side for it not to insert? Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334805 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Even the bottom section isn't my code. Have you tried using my version without making any changes or with any other code? Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334806 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 this is how it gets copied:  <?PHPsession_start();include('db.php');/* set some validation variables */ if (isset($_POST['Submit'])){$error_message = "";/* DEFINE THE FUNCTION */ /* ============================================== */ /* ============================================== *//* DO NOT MODIFY THIS FUNCTION */function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) { $s_path = trim($s_path); $o_path = trim($o_path); $save = $s_path . $save; $file = $o_path . $file; $ext = strtolower(end(explode('.',$save))); list($width, $height) = getimagesize($file) ; if(($width>$t_w) OR ($height>$t_h)) { $r1 = $t_w/$width; $r2 = $t_h/$height; if($r1<$r2) {  $size = $t_w/$width; }else{  $size = $t_h/$height; } }else{ $size=1; } $modwidth = $width * $size; $modheight = $height * $size; $tn = imagecreatetruecolor($modwidth, $modheight) ; switch ($ext) { case 'jpg': case 'jpeg': $image = imagecreatefromjpeg($file) ; break; case 'gif': $image = imagecreatefromgif($file) ; break; case 'png': $image = imagecreatefrompng($file) ; break; } imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; imagejpeg($tn, $save, 100) ; return;}/* END OF RESIZE FUNCTION *///This is the directory where images will be saved $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); // Connects to your Database // session_start();// include ('db.php');//This gets all the other information from the form /* ============================================== */ /* ============================================== *//* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['company_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid company name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";}/* END validating company_name *//* =============================================== */if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['contact_name'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid contact name<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";}/* END validating contact_name *//* =============================================== */ if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid phone<br>"; $error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>";}else{ $phone = trim($_POST['phone']);}/* END validating phone *//* =============================================== *//* =============================================== *//* validating the email *//* create a function */function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);}if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) { $error_message = $error_message . "You must enter a valid email address<br>"; $error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>";}/* END validating email *//* =============================================== */if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street1'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";}/* END validating street1 *//* =============================================== */if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['street2'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";}/* END validating street2 *//* =============================================== */if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", trim($_POST['premiumuser_description'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid address<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>";}/* END validating premiumuser_description *//* =============================================== */* =============================================== *//*this section of code will set up an error message for theusername if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores*/if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";}/* END validating username *//* =============================================== *//* =============================================== *//*this section of code will set up an error message for thepassword if ANY of the conditions occur 1) checks to see if $_POST['upassword'] is NOT set 2) if length of upassword is less than 5 3) if upassword has anything other than letter, numbers or underscores*/if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";}else{ $password = trim($_POST['password']);}/* END validating password *//* =============================================== *//* =============================================== *//* check to see if username is already taken */$username = mysql_real_escape_string(trim($_POST['username']));$query1 = "SELECT username from companies WHERE username = '$username'";$result1 = mysql_query($query1) or die(mysql_error());$count = mysql_num_rows($result1);if($count>0) { $error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";}/* =============================================== *//* if any of the post variables are invalid *//* set the session variable and send back to the form page *//*NOT USED IN THIS EXAMPLEif(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message;// header("Location: register00.php");// exit();}*//* =============================================== */$uploadDir = 'images/COMPANIES'; /* main picture folder */$max_height = 450; /* largest height you allowed; 0 means any */$max_width = 450; /* largest width you allowed; 0 means any */$max_file = 2000000; /* set the max file size in bytes */$image_overwrite = 1; /* 0 means overwite; 1 means new name *//* add or delete allowed image types */$allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg");$do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */$thumbDir = "/images/thumbs"; /* thumbnail folder */$thumb_prefix = ""; /* prefix for thumbnails */$thumb_width = 90; /* max thumb width */$thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* ============================================== */ /* ============================================== */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* ============================================== */ /* ============================================== */ /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); //Tells you if its all ok /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; }else { //Gives and error if its not /* ============================================== */ /* ============================================== */ /* PROVIDE A WAY FOR THEM TO GO SOMWHERE */ echo "Sorry, there was a problem uploading your file."; }/* =============================================== *//* PREPARE DATA FOR INSERTION INTO TABLE *//* FUNCTION TO CREATE SALT */function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3);} //Writes the information to the database /* ============================================== */ /* ============================================== *//* ALWAYS WRITE YOUR QUERIES AS STRINGSTHAT WAY WHEN TESTING, YOU CAN MAKESURE THAT THE VALUES CONTAIN WHAT YOU EXPECT*/if(empty($error_message)){ $salt = createsalt();$password = trim($_POST['password']);$hash = hash('sha256', $salt, $password);$approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name']));$contact_name = mysql_real_escape_string(trim($_POST['contact_name']));$location = mysql_real_escape_string(trim($_POST['location']));$postcode = mysql_real_escape_string(trim($_POST['postcode']));$street1 = mysql_real_escape_string(trim($_POST['street1']));$street2 = mysql_real_escape_string(trim($_POST['street2']));$city = mysql_real_escape_string(trim($_POST['city']));$phone = mysql_real_escape_string(trim($_POST['phone']));$email = mysql_real_escape_string(trim($_POST['email']));$premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description']));$salt = mysql_real_escape_string($salt);$upload = mysql_real_escape_string($upload); $query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";$result = mysql_query($query) or die(mysql_error()); /* =============================================== *//*at this point we can send an email to the admin as wellas the user. DO NOT send the user's password to ANYONE!!!!*/ }//if(empty($error_message))}//if (isset($_POST['submit']))?><html><body><?phpif (!empty($error_message)){ echo $error_message; }?><form enctype="multipart/form-data" method="post" action="register00.php"><table width="316" border="0"> <tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> <tr><td>Company Name:</td><td> <input name="company_name" type="text" id="company_name" value="<?phpif (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" /></td></tr><tr><td>Contact Name:</td><td> <input name="contact_name" type="text" id="contact_name" value="<?phpif (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" /></td></tr><tr><td>Contact Number:</td><td> <input name="phone" type="number" id="phone" value="<?phpif (isset($_POST['phone'])){ echo $_POST['phone']; }else{ echo "incl. area code";} ?>" /></td></tr><tr><td>Address line 1:</td><td> <input name="street1" type="text" id="street1" value="<?phpif (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" /></td></tr><tr><td>Address line 2:</td><td> <input name="street2" type="text" id="street2" value="<?phpif (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" /></td></tr><tr><td>Area:</td><td> <input name="location" type="text" id="location" value="<?phpif (isset($_POST['location'])){ echo $_POST['location']; } ?>" /></td></tr><tr><td>City:</td><td> <input name="city" type="text" id="city" value="<?phpif (isset($_POST['city'])){ echo $_POST['city']; } ?>" /></td></tr><tr><td>Postcode:</td><td> <input name="postcode" type="text" id="postcode" value="<?phpif (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" /></td></tr><tr><td>Username:</td><td> <input name="username" type="text" id="username" value="<?phpif (isset($_POST['username'])){ echo $_POST['username']; } ?>" /></td></tr> <tr><td>Password:</td><td> <input name="password" type="password" class="style7" id="password" value="<?phpif (isset($_POST['password'])){ echo $_POST['password']; } ?>" /> </td></tr> <tr><td>Email:</td><td> <input name="email" type="text" class="style7" id="email" value="<?phpif (isset($_POST['email'])){ echo $_POST['email']; } ?>" /></td></tr> <tr><td>Company Logo:</td><td> <input name="upload" type="file" class="style7" id="upload"></td></tr><tr><td>Company Description:</td><td> <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?phpif (isset($_POST['premiumuser_description'])){ echo "{$_POST['premiumuser_description']}"; } ?></textarea></td></tr><tr><td><input name="Submit" type="submit" value="Register" /> </td></tr> </table> </form></body></html>  it therefore has a syntax error on line 1....  can you send the correct one in a file, or email this. to check the difference? Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334808 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Hopefully this works. 17983_.php Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334809 Share on other sites More sharing options...
andy_b_1502 Posted April 5, 2012 Author Share Posted April 5, 2012 Theres good news and bad news.... Â The good news: Â theres no syntax errors, on test seemed to appear to have worked with the following message: Â "The file 360transportheader2012.jpg has been uploaded, and your information has been added to the directory You must enter a valid username Valid names are min 5 characters and use letters, numbers and underscores only. Your invalid name was: TEST" Â The images seems to have been place correctly in the right folder on my cpanel and moved itself to my thumbs folder too! Â Â The bad news: Â It has not uploaded to mySQL database, so its not showing up in my admin area. It doesnt show in the display table. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334811 Share on other sites More sharing options...
Drummin Posted April 5, 2012 Share Posted April 5, 2012 Well if there is any arror, i.e "Valid names are min 5 characters and use letters, numbers and underscores only.", then the insert doesn't happen. Quote Link to comment https://forums.phpfreaks.com/topic/260391-possible-query-issue/page/2/#findComment-1334813 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.