coupe-r

Wow. I really appreciate the time it took you to work this out for me... I will try this when I get home from work today. Thanks again!!

I got it working with 3 different queries, but if someone could still help with a single query, that would be great. Here are the 3 queries that work right now: SELECT firstname, lastname, email, level, deactivated_on, updated_on, created_on, created_by, updated_by FROM users WHERE user_id = '".$page_user_id."' AND deleted_on IS NULL AND client_id = '".$_SESSION['client_id']."' SELECT CONCAT(firstname,' ', lastname) AS createdBy FROM users WHERE user_id = '".$row['created_by']."' AND deleted_on IS NULL AND client_id = '".$_SESSION['client_id']."' SELECT CONCAT(firstname,' ', lastname) AS UpdatedBy FROM users WHERE user_id = '".$row['updated_by']."' AND deleted_on IS NULL AND client_id = '".$_SESSION['client_id']."'

Hi All, I have a page where you can create or edit user data. When you click the edit button, a box displays and tells you who and when that user was created AND who and when the user was updated last. The issue is that the 'createdBy' and 'updatedBy' names are not correct, because of my query. I'm guess this is because all this data is within the same table and I'm not joining any tables? Also, the created_by and updated_by fields are user_id's of the user who created or updated it. Thanks for the help in advance. SELECT firstname, lastname, email, level, deactivated_on, updated_on, created_on, (SELECT CONCAT( firstname,' ', lastname) FROM users WHERE user_id = created_by AND deleted_on IS NULL) As createdBy, (SELECT CONCAT( firstname,' ', lastname) FROM users WHERE user_id = updated_by AND deleted_on IS NULL) As UpdatedBy FROM users WHERE user_id = '".$page_user_id."' AND deleted_on IS NULL AND client_id = '".$_SESSION['client_id']."' -- USERS Table -- user_id INTEGER client_id INTEGER firstname VARCHAR(25) lastname VARCHAR(30) email VARCHAR(55) password VARCHAR(40) level TINYINT deactivated_on DATETIME* created_on DATETIME created_by INTEGER updated_on DATETIME* updated_by INTEGER* deleted_on DATETIME* deleted_by INTEGER*

Hi All, I would like to have my submit button disabled on click, so the button cannot be pressed over and over again. I try using: onclick="this.disabled=true;return true;" But then nothing posts... Any ideas? If it isn't too much trouble, how would I change the value of the button to "processing..." AND disabled onClick? Thanks

Look are your <form> You don't have it set to POST or GET...

Of course I was only kidding. I can post some when I get home from work...

Wow.... 590 posts and you havn't picked up this stuff yet....

In other script, look for anything with /upload/pictures, or something that looks like a path. Replace that with a variable, which is set by your drop down box. For instance, if your dropdown box has 1 value, say Family. The value for Family would be /upload/family. Now, instead of upload/pictures being the root directory, /upload/family would be. Make sense?

1. No 2. No. Depending on the application, you could see a ton of queries per page. I have 10-15 queries per page with what I work on. 3.I just used IP as an example. But more than likely wouldn't change while they are logged in. 4.Sure, it will tell you what browser they use. Each string is different for each browser. 5.We cannot do the code for you, but will help with the code you provide.

try making your form action action="", instead of action="login_attempt.php".

If your button name is submit, as soon as you press the button, you should see "here" in the top left of your browser...

Just a SESSION variable, kinda. Sessions can be hijacked. If you have a session variable and then check it against your DB on each page, it is a lot more secure, especially if you check it against IP address and web browser.

Try if(isset($_POST['submit'])) { echo 'here'; } if you see "here" on your page, you know you are inside the condition and you can then continue to code inside. You should then set your vars and anything else you need. Always make sure the condition works before you start anything else.

Well, for starters... -- Hash your passwords as well as using a very good salt. -- On successful login, create a sessions record in a sessions table as well as a $_SESSION variable that passes around to your site. Each page can check to make sure the same person is logged in based on the fields in your variable / database, such as IP address, Web Browser, Session ID, etc. If anything differs, immediately log off. IF they get logged of for this reason, you can insert a record in an error_log table for you to track. There is a ton of stuff out there.

Without seeing more code, just do the following to make sure you are getting the right values in each variable: echo $username; echo '<br />'; echo $password; Once you confirm the values are right, then dig into your if statement. something like: if ( ($username==$dbusername) && ($password==$dbpassword) ) { echo 'Im Here'; } If you see Im Here on your page, you know you are inside the if statement and on the right track.