waynewex

The code: $query2 = "insert into complaint(complain,d_name,complainant_id) values ('$complain_det','$comp_name','{$row['complainant_id']}')"; mysql_query($query2); $the_auto_id_that_was_just_created = mysql_insert_id(); if (mysql_query($query2)) { echo "<script>alert('Complaint Added Successful')</script>"; } The issue: You construct your INSERT query. You execute it. You retrieve the primary key of the last inserted row. Then, you do this: if (mysql_query($query2)) { echo "<script>alert('Complaint Added Successful')</script>"; } Which basically runs the query again because it calls the mysql_query function. Change your code to something like: $query2 = "insert into complaint(complain,d_name,complainant_id) values ('$complain_det','$comp_name','{$row['complainant_id']}')"; $inserted = mysql_query($query2); $the_auto_id_that_was_just_created = null; if ($inserted) { $the_auto_id_that_was_just_created = mysql_insert_id(); echo "<script>alert('Complaint Added Successful')</script>"; }

You should be recommending trigger_error instead of die.

echo ($banned === 1) ? 'Yes' : 'No';

Created a stock market game that is still in on-going development. My plan is to gradually add more features as time goes on. My validation file can be found at: http://disbottle.com/phpfreaks.txt Site is at http://disbottle.com

Swap your single quotes and double quotes around and see if it works. Example: Change: $query1 = "channel/item[title='$p']/title"; to $query1 = 'channel/item[title="'.$p.'"]/title'; You can't escape apostrophes in XPath, as far as I'm aware. Properly formed XML shouldn't contain apostrophes, by the way. The following characters should be escaped: In this case, ' should be used instead of '

The function eregi is deprecated as of PHP 5.3.0. This piece of code is not future proof. I'd advise you to find a newer script instead of trying to modify one that was originally released for PHP 4.3. The site phpfreebies was made back in 2005. That's nearly 8 years ago. Use at your own risk.

This is happening because by default, PDO emulates prepared statements with sprintf. This means that you're not actually communication with the database server when you prepare your statement. Thus, the statement cannot be validated. This will work because I've changed the PDO::ATTR_EMULATE_PREPARES attribute to FALSE: <?php try { $DBH = new PDO("mysql:host=localhost;dbname=libertc0_lr", 'libertc0_vadmin', '*****'); $DBH->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION ); $DBH->setAttribute( PDO::ATTR_EMULATE_PREPARES, false ); $DBH->prepare('DELECT name FROM people'); } catch(PDOException $e) { echo "I'm sorry, Dave. I'm afraid I can't do that."; file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND); }

Check if magic_quotes are enabled on your server by running: if(get_magic_quotes_gpc()({ echo 'Please disable magic quotes.'; } http://php.net/manua...-quotes-gpc.php

The discount processing should be on your side, not Paypal's. A discount should be applied on a per-item basis, simply because you might want to tweak the discount on a per-item basis (change discount rates and exclude certain products etc). This sounds like more of a UX problem than a PHP one, to be honest. A final discount figure should be shown at the end. However, you could also provide discount figures beside each product so that users know what discounts apply to each product. Have a look at Amazon and other major online retailers for some ideas on how to actually display this information in the cart.

while($run = mysql_fetch_array($result)){ echo "<tr> <td>{$run['vinNumber']}</td> <td>{$run['carYear']} {$run['carModel']}</td> <td><img src='franchises/franchise_id_{$franchise_id}/lotImages/dealer_id_{$dealer_id}/lot_id_{$run['id']}/wheelFL.jpeg'></td> </tr>"; } should work. Edit: Formatting has become a challenge.

He's saying that you don't need to run the SELECT query because the data you're inserting is available to the rest of your script. Although one could argue that you should be using the Post/Redirect/Get pattern: http://en.wikipedia.org/wiki/Post/Redirect/Get

Just an example page you could link to.

Barand is right: <?php $conn = mysql_connect("localhost", "root", ""); $select = mysql_select_db("project", $conn); $title = mysql_real_escape_string($_POST['title'], $conn); $pic = $_FILES['pic']['tmp_name']; $pic2 = $_FILES['pic']['name']; $desc = mysql_real_escape_string($_POST['desc'], $conn); $path = mysql_real_escape_string("upload/".$pic2, $conn); $themove = move_uploaded_file($pic,$path); $sqlqry = mysql_query("INSERT INTO media(title,pic,desct) VALUES ('$title','$path','$desc')", $conn); $id = mysql_insert_id($conn); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>New Uploaded Page</title> </head> <body> <h1> <a href="blurb.php?id=<?php echo $id; ?>"> <?php echo htmlentities($title, ENT_QUOTES, "utf-8"); ?> </a> </h1> <br /> <br /> <img src="<?php echo htmlentities($path, ENT_QUOTES, "utf-8"); ?>" /><br /> <p> <br /> <?php echo htmlentities($desc, ENT_QUOTES, "utf-8"); ?> </p> </body> </html> One less query...

Change <a href="#"><h1><?php echo $burp['title']; ?></h1></a> to <h1><a href="blurb.php?id=<?php echo $hmmm; ?>"><?php echo $burp['title']; ?></a></h1> Note that you'll have to create a page called blurb.php

You should look into using the function http_build_query: <?php $query = array( 'my' => 'milkshake', 'brings' => 'all', 'the' => 'boys', 'to' => 'the', 'yard' => 'and', 'they\'re' => 'like', 'it\'s' => 'better than yours!' ); echo http_build_query($query); ?> It'll spit out a URL-encoded query string.