Posts by cereal

It can be done through Java Web Start: http://en.wikipedia.org/wiki/Java_Web_Start

You don't need PHP for this. To interact directly with software, instead, in Windows you can use the COM objects: http://php.net/manual/en/book.com.php

Hi, you can do:

Redirect::to('profile')->with('fname', Auth::user()->firstname);

Or:

Session::put('fname', Auth::user()->firstname);
Redirect::to('profile');

Then you have to get the value from session:

$data['items'] = DB::table('item_tbl')->get();
$data['fname'] = Session::get('fname');
return View::make('profile')->with('items', $data);

But:

1. when using with() the value is flashed to session, and won't be available in the next request

2. you can get the value directly in the controller:

   $data['fname'] = Auth::user()->firstname;
   

And also it always return false when i use Auth::check()

Can you show the login process (form and receiving route)? To restrict the access to the profile controller use the auth filter:

class ProfileController extends BaseController {

    public function __construct()
    {
        $this->beforeFilter('auth');
    }

To restrict the single method you can apply the same or at route level:

Route::get('profile', array(
    'before' => 'auth',
    'uses'   => 'ProfileController@showProfile'
    ));

Try Linfo:

• http://linfo.sourceforge.net/
• https://github.com/jrgp/linfo

You can customize the output.

I am having website error that I still do not know what causes it. In several of my users browsers (firefox), some words in the website content that I build turn into a blue link and also there is a Java ads in it.

Another one, index.html turns into index.css and the user cannot browse the website. Page not found.

It seems that some code was injected into your website. Check the source of the pages and the contents of Javascript and CSS files. Sometimes, these attacks happens through the FTP client, for example:

You're using filezilla, the passwords are saved in clear into an XML file, if a worm or a virus reads the contents of this file, it can connect to the remote web server and inject code, rewrite and delete files.

If your computer is virus free, then it could be your client computer, or a previous developer computer. It's reasonably to think it's not related to your computer, otherwise you would see this problem in all your websites, perform the check anyway. Sometimes the password is not changed for years, a bad practice that expose to these kind of issues.

If you cannot check the logs of the webserver then open a ticket to the hosting and ask them to check. If they confirm the problem comes from FTP, then you must ask for a password change otherwise the virus will overwrite the website again.

So, to repeat:

1. check the logs
2. if confirmed it …

You can use group_concat():

SELECT group_concat(DISTINCT MONTH(postDate) ORDER BY postDate) as months, YEAR(postDate) as year FROM posts GROUP BY year;

with DISTINCT will return unique values, then you can explode the values in the month column and loop them in the sub list:

while($row = $stmt->fetch())
{
    $months = explode(',', $row['months']);
    echo '<li>' . $row['year'];
    echo '<ul class="sub1">';

    foreach($months as $month)
    {
        $slug = 'a-'.$month.'-'.$row['year'];
        $monthName = date("F", mktime(0, 0, 0, $month, 10));

        echo "<li><a href='$slug'>$monthName</a></li>";
    }

    echo '</ul>';
    echo '</li>';

}

Otherwise you can loop the results into an array of years as keys and months as arrays, to create the same of below and then print the result:

$rows[2013] = array(3,5,6);
$rows[2014] = array(2,3,7,8);

Add errorInfo() as suggested in my first post. From there you can see why the query fails.

@pritaeas
Whoops, I didn't saw your reply!

With Gmail you can use AUTH LOGIN, but you need an application-specific password before you can go further, read this:

• https://support.google.com/mail/answer/1173270?hl=en

Then generate the password from here:

• https://www.google.com/accounts/IssuedAuthSubTokens?hide_authsub=1

And then embed this password in your script, as example:

<?php

    require './PHPMailerAutoload.php';

    $mail = new PHPMailer;

    $mail->isSMTP();
    $mail->SMTPDebug = 2;
    $mail->SMTPAuth = TRUE;
    $mail->Host     = 'ssl://smtp.gmail.com:465;tls://smtp.gmail.com:587';
    $mail->Username = '*******@gmail.com';
    $mail->Password = '*******';

    $mail->From = '*******@gmail.com'; # it must be the username
    $mail->FromName = 'Your Name';
    $mail->WordWrap = 50;

    # to
    $mail->addAddress('*******@domain.tld', 'Name and Surname');

    $mail->Subject  = 'Test';
    $mail->Body     = 'Hello World';

    echo ! $mail->send() ? 'Error: ' . $mail->ErrorInfo : 'Success!';

More information about Gmail SMTP here:

• https://support.google.com/mail/answer/78799
• https://support.google.com/mail/answer/78775?hl=en

But, it generates error.

Which error?

It could be the definition of the columns, for example userrole.userid here is BIGINT but in users.id is INT, the same applies to the other constraint. Then the constraint label must be unique over the database, so if you have another constraint fk_userid into another table, you have to change it.

For more information check the documentation:

• http://dev.mysql.com/doc/refman/5.5/en/create-table-foreign-keys.html

Read this article:

• http://www.xaprb.com/blog/2006/12/07/how-to-select-the-firstleastmax-row-per-group-in-sql/

Standing to the examples, you can try a query like this:

set @num := 0, @type := '';

select site, cat, title, content,
      @num := if(@type = concat(site, cat), @num + 1, 1) as row_number,
      @type := concat(site, cat) as dummy
from news
group by cat, site, title
having row_number <= 3;

Live example: http://sqlfiddle.com/#!9/097fc/10

So this should work, correct?

$forSplitProduct = 'productA,productB';
$values = explode(',', $forSplitProduct);

foreach($values as $value)
{
    echo "<input type='text' name='item[]' value='$value' />";
}

By setting item[] you get an array of results, otherwise you have to set unique names for each input field.

Also, if you still want one query to return them all, you could use union in a subquery:

select id, email, tablename from (select u.id, u.email, 'users' as tablename from users as u union select c.id, c.email, 'contacts' as tablename from contacts as c) as sub group by email;

It will return something like this:

+----+-------------------+-----------+
| id | email             | tablename |
+----+-------------------+-----------+
|  2 | contact2@site.tld | contacts  |
|  3 | random3@site.tld  | contacts  |
|  1 | user1@site.tld    | users     |
|  2 | user2@site.tld    | users     |
|  3 | user3@site.tld    | users     |
+----+-------------------+-----------+
5 rows in set (0.00 sec)

Avoiding duplicates between the two tables, and in case one of the two is deleted, the following query will display the result from the other table, so you don't have to keep track of changes:

delete from users where id = 1;

select id, email, tablename from (select u.id, u.email, 'users' as tablename from users as u union select c.id, c.email, 'contacts' as tablename from contacts as c) as sub group by email;

+----+-------------------+-----------+
| id | email             | tablename |
+----+-------------------+-----------+
|  2 | contact2@site.tld | contacts  |
|  3 | random3@site.tld  | contacts  |
|  1 | user1@site.tld    | contacts  | <- note the difference
|  2 | user2@site.tld    | users     |
|  3 | user3@site.tld    | users     |
+----+-------------------+-----------+
5 rows in set (0.00 sec)

Live example: http://sqlfiddle.com/#!9/c8c13/2

But I'm not sure this …

In the last line there's a missing semi-column:

if(isset($_POST['domain_name'])) echo $msg;

A part that, your code seems fine. Here's a live example:

• http://runnable.com/U-achB2oeFpCIQko/basic-dns-check-for-php

Just click run for testing.

@DJ

I suppose the OP question is related to his previous thread, check here:

• http://www.daniweb.com/web-development/databases/mysql/threads/482938/update-cart-problem

bye! ;)

Hi,

you have to set the namespace that defines slash, so:

<?php

$feed = file_get_contents("http://www.trenologi.com/feed/");
$xml = new SimpleXmlElement($feed);
$xml->registerXPathNamespace('slash', 'http://purl.org/rss/1.0/modules/slash/');

$result = $xml->xpath('//slash:comments');

foreach($result as $pcount)
{
    echo $pcount;
}

Documentation:

• http://php.net/manual/en/simplexmlelement.registerxpathnamespace.php

I made a mistake in my previous post, this:

if ($_Session['roleID'] == 1)

Should be:

if ($_SESSION['roleID'] == 1)

Uppercase! About this: Parse error: syntax error, unexpected 'if' (T_IF) in... read the full error code. It can happen because of a missing ;, for example:

<?php

echo 'hello'

if(1 == 1) echo ' world';

Will return: Parse error: syntax error, unexpected T_IF, expecting ',' or ';' in .... So check if the code in the config file is correct.

If you want to check the session status just try this in a test page:

<?php

    session_start();

    echo "<pre>";
    print_r($_SESSION);
    echo "</pre>";

It will return all the values saved in the current session.

The variable session must be always uppercase, so $_Session is not correct, change it to $_SESSION:

$_SESSION['roleID']

The session_start(); is included in the config file?

Also, in the IF statement you have to compare, not assign a value, so this:

if ($_Session['roleID']=1)

Becomes:

if ($_Session['roleID'] == 1)

When you're testing booleans, instead, use === as explained here:

• http://php.net/manual/en/language.operators.comparison.php

Apply the same to the ELSEIF statement.

Hi, dont' use + to concatenate strings like in javascript, use dots:

die ("Cannot delete data from the database! " . mysql_error());

Hi, check the name index:

$_FILES['datafile']['name']

Below you can read the full array structure returned by $_FILES:

• http://php.net/manual/en/features.file-upload.post-method.php

If you simply paste the url into the html output, then it will be the client (i.e. the browser of the user) to execute the request to the remote server, your server in this case won't be involved.

But there are at least two problems with your approach:

1. a user, can change the content of the original linked image to embed client side scripts, so as an attacker, he could collect the cookies of the other users of your website or replace some contents;

2. remote servers will slow down because you're hotlinking their contents, you should ask permission to do so, otherwise use a CDN.

It generally happens when you output something before the header() function, for example:

<?php

    echo 'hey!';
    header('Location: /');

You should write your script to avoid these situations or, if you can modify your php.ini, then you can change the output_buffering directive to 4096 or to On, for more information check this:

• http://php.net/output-buffering

Try with appendImages(), like in this example:

<?php

$list = array(
    './i/001.jpg',
    './i/002.jpg',
    './i/003.jpg',
    './i/004.jpg'
    );

# first image to start Imagick()
$im = new Imagick($list[0]);
$ilist = array();

# loop the others
for($i = 1; $i < count($list); $i++)
{
    $ilist[$i] = new Imagick($list[$i]);
    $im->addImage($ilist[$i]);
}

$im->resetIterator();
$combined = $im->appendImages(false);
$combined->setImageFormat("png");
header('Content-Type: image/png');
echo $combined;

To create the list you can use glob() instead of an hardcoded array:

$list = glob('./i/*.jpg');

Docs: http://php.net/manual/en/imagick.appendimages.php

Bye!

In addition read this thread:

• http://www.daniweb.com/web-development/databases/threads/473598/is-better-store-images-in-a-blob-or-in-directories

Sorry for the late update, but I realized I wrote something very wrong in my last post. I wrote:

On line 31 you wrote:

if(crypt($_POST["curpassword"], $row["hash"]) != $row["hash"]))

You're using the hash as second argument of crypt, i.e. as salt, but this will always compare different unless $_POST["curpassword"] is blank. Correct version should be:

if(crypt($_POST["curpassword"]) != $row["hash"])

but the OP crypt() implementation is correct. I don't know what I was thinking, my excuses for the wrong information.

As example test:

$post = 'secret';
$salt = '$5$rounds=5000$yd792hcQbEOMHmfi$'; # sha256

# generate hash
$row = crypt($post, $salt);

# check hash
echo crypt($post, $row) == $row ? 'true' : 'false';

Will return true. Bye.

If the condition doesn't match then redirect with an error message, for example:

<?php

session_start();

if($_POST['submit'])
{
    $db = /* connection to database */
    $stmt = $db->prepare("SELECT username FROM users WHERE username = ?");
    $stmt->execute(array($_POST['username']));
    $row = $stmt->fetch(PDO::FETCH_NUM);

    # if FALSE then the username does not exists
    if($row === false)
    {
        # continue the registration process
    }

    else
    {
        # redirect with error message
        $_SESSION['error'][] = 'Username already in use';
        header('Location: ' . $_SERVER['HTTP_REFERER']);
    }
}

And in your form page:

<?php
    # always on top of file
    session_start();

And below, in your page, you display the errors:

<?php
    if($_SESSION['error'])
    {
        foreach($_SESSION['error'] as $err)
        {
            echo "<p>{$err}</p>";
        }

        # unset error messages
        $_SESSION['error'] = null;
    }
?>

Then it's up to you when validate the other submitted data (before or after verifying the username), but you should never rely on javascript, even using AJAX: it can be disabled.

Ok, change your javascript to:

element1.name="chk[]";
element2.name="txt[]";
element3.name="qty[]";

that will generate this structure:

Array
(
    [chk] => Array
        (
            [0] => on
            [1] => on
            [2] => on
        )

    [txt] => Array
        (
            [0] => item 1
            [1] => item 2
            [2] => item 3
        )

    [qty] => Array
        (
            [0] => 17
            [1] => 34
            [2] => 23
        )

    [submit] => Submit
)

And it should work fine.

The unique index works on the combination of all four columns, so it's the equivalent of the select query proposed by Ancient Dragon, if the key combination does not exists there will be an INSERT, else there will be an update. Check this live example:

• http://sqlfiddle.com/#!2/f20c3f/2

Or I'm missing something?

Do you have write permissions on songs directory?

It seems possible by adding a filter, read the documentation:

• http://codex.wordpress.org/Custom_Queries
• http://codex.wordpress.org/Function_Reference/add_filter
• http://codex.wordpress.org/Plugin_API/Filter_Reference
• http://codex.wordpress.org/Plugin_API/Filter_Reference/posts_orderby

Are you using Eloquent? If yes, right after you save something call the id property, for example:

$post        = new Post;
$post->title = 'Title';
$post->body  = 'Bla bla bla...';
$post->save();

$post->id; // <- last inserted id

Otherwise use the insertGetId() method:

$id = DB::table('users')->insertGetId(
    array('email' => 'john@example.com', 'votes' => 0)
);

As suggested here: http://laravel.com/docs/queries#inserts

Create a script, for example display.php:

$f = $_GET['image'];
header("Content-type: image/jpeg");
echo base64_decode($f);

Now your link becomes:

<a href="display.php?image=<?php echo $img_str; ?>">

    <img src="data:image/jpeg;base64,<?php echo $img_str; ?>" width=150 height=150 />

</a>

You could use foreign keys constraints:

• http://dev.mysql.com/doc/refman/5.5/en/create-table-foreign-keys.html

If you have doubts, show us the tables schema.

Hi,

It seems you're using some user defined functions: apologize(), query(), render() and redirect() are not PHP functions, so we cannot help much. Check the included file at the top of the script, it should contain those functions and the instructions on their results.

Anyway, on line 51 you wrote:

crypt($_POST["newpassword"], $row["hash"] = $row["hash"]);

if you're referring to the crypt() function in PHP then you need to save the result to a variable and then use an update query, also crypt takes two arguments: string and salt (which is optional), here should be:

crypt($_POST["newpassword"]);

Or for a compare:

crypt($_POST["newpassword"]) == $row["hash"];

But it seems your code just redirects after this action, it should be something like:

$newpwd = crypt($_POST["newpassword"]);
query("UPDATE ...", $newpwd);

But this seems already done in one of the elseif conditions:

else if (query("UPDATE users SET hash = (?) WHERE username = (?)", crypt($_POST["newpassword"]), $_POST["username"]) === false)

On line 31 you wrote:

if(crypt($_POST["curpassword"], $row["hash"]) != $row["hash"]))

You're using the hash as second argument of crypt, i.e. as salt, but this will always compare different unless $_POST["curpassword"] is blank. Correct version should be:

if(crypt($_POST["curpassword"]) != $row["hash"])

Docs:

• http://www.php.net//manual/en/function.crypt.php

Hope it helps!

@arunmagar

Hi, mexabet is correct, since PHP 5.4 you can use the short array syntax, as Python lists:

$a = ['a', 'b', 'c'];

Ref: http://www.php.net//manual/en/migration54.new-features.php

It means $grupa_select (which was $grupa_select2 in your original script) is not defined.

Ok, mysql_query() accepts two parameters, the first is mandatory, the second is optional. This:

$pregled = mysql_query("select * from koncerti where grupa_id = ".$grupa_id['id']."");
if (!mysql_query($pregled,$grupa_id,$selektovanje))
{
    die('Error: ' . mysql_error());
}

Should be:

$pregled = mysql_query("select * from koncerti where grupa_id = ".$grupa_id['id']) or die(mysql_error());

Note that at the end of the query I removed the double quotes, that's the reason of the second error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near " at line 1

If you need quotes because the value to compare is a string then write:

$pregled = mysql_query("select * from koncerti where grupa_id = '" . $grupa_id['id'] . "'");

Spot the difference:

grupa_id = '" . $grupa_id['id'] . "'"

Instead of:

grupa_id = " . $grupa_id['id'] . ""

Hi, define the error you get on line 42 and add mysql_error() to this query and to the previous.

It could be line 3 instead of the json_decode function, print_r requires brackets, so change it to:

print_r($data);

Try to use the row() method:

$row = $cnt->row();
$new_cnt = $row->Counter_field + 1;

But you could also run a single query:

$this->db->query("UPDATE Job_Description SET Counter_field = Counter_field + 1 WHERE id = ?", array($id));

Docs:

• http://ellislab.com/codeigniter/user-guide/database/results.html
• http://ellislab.com/codeigniter/user-guide/database/queries.html

@jKidz

can you explain more please?

ok, if you open a conditional statement, before going to the next condition, you need to declare where you want to stop the execution of the code, you can do this by using a semicolon:

$num = rand(0,1);

if($num == 0)
    echo "empty";
else
    echo "not empty";

But in this case you cannot use more than a line of code for each condition. Then you can use colon:

if($num == 0):
    echo "empty";
else:
    echo "not empty";
endif;

But it's not much used. When you use parentheses it looks like:

if($num == 0)
{
    echo "empty";
}

else
{
    echo "not empty";
}

Now if you add a loop:

if($num == 0)
{
    echo "empty";

    while(true)
    {
        echo " loop";
        break;
    }

} // <-- this was missing in your code

else
{
    echo "not empty";
}

Pritaeas suggested you to align the curly brackets, because indenting correctly your code, helps to read and find problems easily.

Read:

• http://www.php.net//manual/en/control-structures.if.php
• http://www.php.net/manual/en/control-structures.elseif.php
• http://www.php.net/manual/en/control-structures.alternative-syntax.php
• http://www.php.net/manual/en/control-structures.while.php

@Sikander

you have to use the folder name.this is only work in css.

Hi, not correct, you can use relative paths in PHP and also with the include() function:

• http://php.net/manual/en/function.include.php

Bye!

At line 17 you're closing the paranthesis of the while loop, so add another one:

    } // close while loop

} // close if

else {

Hi, there are few errors here:

$query = "SELECT arCompanyname, arAddress FROM ar WHERE $dropdown like'$search'" or die (mysql_error());

$result = mysql_query($query) or die (mysql_error());
$num=mysql_numrows($result);

$query is a string, so do not include or die(mysql_error()) otherwise the mysql_query() will return FALSE. Then, mysql_numrows() does not exists, the correct function is mysql_num_rows(). If you still get errors then paste them here.

Last, but not least: since you're still learning, I strongy suggest you to avoid the MySQL API: it is deprecated and will be removed from PHP; learn MySQLi or PDO, for more information read this link:

• https://php.net//manual/en/mysqlinfo.api.choosing.php

Hi, you can use substr():

<?php

$reportID = 'MPS141';

echo substr($reportID, 5);

Will return all the characters after MPS14, but you can also create a function to return an array of all the elements of the reportID, an example:

function reportToArray($id)
{
    $data['CompanyName']    = substr($id, 0, 2);
    $data['Article']        = substr($id, 2, 1);
    $data['Year']           = substr($id, 3, 2);
    $data['ID']             = substr($id, 5);
    return $data;
}

print_r(reportToArray($reportID));

Returns:

Array
(
    [CompanyName] => MP
    [Article] => S
    [Year] => 14
    [ID] => 1
)

Docs: http://www.php.net/manual/en/function.substr.php

maybe i could do this with aliases?

Hmm, no, because the ErrorLog directive can be set only once for each domain. The easiest solution is to create subdomains for each website and configure indipendent directives.

The CustomLog is used to trace the requests to the server, so it's the access log, you could use an environment variable to trace each website and assign indipendent custom logs, check:

• http://httpd.apache.org/docs/current/mod/mod_log_config.html#customlog
• http://httpd.apache.org/docs/current/env.html
• http://httpd.apache.org/docs/current/mod/mod_env.html
• http://httpd.apache.org/docs/current/mod/directive-dict.html#Context

Not tested, but something like this in server or virtual context, should work:

<Directory site1>
    SetEnv subwebsite1
</Directory>

<Directory site2>
    SetEnv subwebsite2
</Directory>

CustomLog ${APACHE_LOG_DIR}/site1.log combined env=subwebsite1
CustomLog ${APACHE_LOG_DIR}/site2.log combined env=subwebsite2

Hi,

set a slave for the log database, then stop the replication, read the data you need and restart the replication:

• http://dev.mysql.com/doc/refman/5.6/en/replication.html

It is probably localhost, but check in your Account Manager as suggested here:

• http://support.godaddy.com/help/article/3323/locating-your-database-connection-strings

Hi,

assuming you're using method GET for your form, you need to read the value assigned to $_GET['grupa_select'] and to use it as condition in your select query. So, something like:

$values = array(
    $_GET['grupa_select']
);

$sql = "SELECT * FROM concerts WHERE groupnaziv = ?";

$query = $pdo->prepare($sql);
$query->execute($values);

$result = $query->fetchAll();

foreach($result as $row)
{
    echo $row['mesto'];
    echo $row['datum'];
    echo $row['karte'];
}

Now, when you write:

in database they are called place=mesto, date=datum, and tickets=karte

Do you mean that these are the table or the column names? Please, show us the table structure.

In my example I'm using PDO, because the MySQL API is deprecated and will be removed, I suggest you to read this:

• https://php.net/manual/en/mysqlinfo.api.choosing.php

Hi,

You can use the required attribute:

<form method="post" action="">

    <label for="fruits">Choose an option:</label>

    <select name="fruits" required>

        <option value="">------</option>
        <option value="fujiapple">Apple</option>
        <option value="vanillaorange">Orange</option>
        <option value="pandoracherry">Cherries</option>

    </select>

    <input type="submit" name="submit" value="submit" />
</form>

By adding an empty option the form will not be submitted. You could also add a javascript check, but you will always need a server-side validation: you cannot trust what is sent by the client.

Related post:

• http://www.daniweb.com/web-development/php/threads/474309/registration-using-php#post2072284

Hello, try with:

.dropdown-menu {
    max-height: 450px;
    overflow-y: auto;
    overflow-x: hidden;
}

Source:

• https://github.com/twbs/bootstrap/issues/1989

Sorry for the update, I just noticed that you are using ZF1, the situation is similar, but the code is different and it refers to MySQL, check lines 83 and 104:

/**
 * Creates a PDO object and connects to the database.
 *
 * @return void
 * @throws Zend_Db_Adapter_Exception
 */
protected function _connect()
{
    if ($this->_connection) {
        return;
    }

    if (!empty($this->_config['charset'])
        && version_compare(PHP_VERSION, '5.3.6', '<')
    ) {
        $initCommand = "SET NAMES '" . $this->_config['charset'] . "'";
        $this->_config['driver_options'][1002] = $initCommand; // 1002 = PDO::MYSQL_ATTR_INIT_COMMAND
    }

    parent::_connect();
}

• https://github.com/zendframework/zf1/blob/99125b079f49a7240149ef942a877bbe9d74796c/library/Zend/Db/Adapter/Pdo/Mysql.php#L104

When they get PHP versions lower than 5.3.6, it seems, they rewrite the driver_options with the value of charset. It seems like that value in the application.ini is a default value, it probably could be empty.

From the PHP docs:

charset
The character set. See the character set concepts documentation for more information.
Prior to PHP 5.3.6, this element was silently ignored. The same behaviour can be partly replicated with the PDO::MYSQL_ATTR_INIT_COMMAND driver option, as the following example shows.

• https://php.net/manual/en/ref.pdo-mysql.connection.php
• https://php.net/pdo_mysql
• https://bugs.php.net/bug.php?id=47224
• https://github.com/zendframework/zf1/blob/95833f748fc5e7de4584ffa7e06d55d1743ab8e0/documentation/manual/en/module_specs/Zend_Db_Adapter.xml#L358

If the invoice numbering goes, for example, from 2009/04/01 to 2010/03/31 then the column year should take both years or the full date string, something like:

2009-2010

Or:

20090401-20100331

Then it can work as you desire:

create table invoices(
    years char(9) not null,
    invoice_number int unsigned not null auto_increment,
    primary key(years, invoice_number)
) engine = myisam;

insert into invoices (years) values('2009-2010'), ('2009-2010'), ('2009-2010');
insert into invoices (years) values('2010-2011'), ('2010-2011');

select * from invoices;
+-----------+----------------+
| years     | invoice_number |
+-----------+----------------+
| 2009-2010 |              1 |
| 2009-2010 |              2 |
| 2009-2010 |              3 |
| 2010-2011 |              1 |
| 2010-2011 |              2 |
+-----------+----------------+
5 rows in set (0.00 sec)

Note: this works on MyISAM engine, but it will not work on InnoDB because this engine requires the auto_increment column in the first position of the primary index key, so:

primary key(invoice_number, years)

To automatically switch the years segments you could use a function, for example this will check if the submitted date is previous of the current 1st of April:

drop function if exists currentyear;
delimiter //
CREATE FUNCTION currentyear(dt datetime)
RETURNS char(9) deterministic
BEGIN
DECLARE result CHAR(9);
CASE WHEN DATEDIFF(dt, CONCAT(YEAR(dt), '-', '04-01')) >= 0 THEN SET result := CONCAT(YEAR(dt), '-', YEAR(DATE_ADD(dt, INTERVAL 1 YEAR)));
ELSE SET result := CONCAT(YEAR(DATE_SUB(dt, INTERVAL 1 YEAR)), '-', YEAR(dt));
END CASE;
RETURN result;
END//
delimiter ;

> select currentyear(now());
+--------------------+
| currentyear(now()) |
+--------------------+
| 2014-2015          |
+--------------------+
1 row in …

Hi,

is the URL helper automatically loaded? By enabling the log in CI you should be able to get more information about the error, just check into application/logs/. Try also to prefix the redirect link with a slash, for example:

redirect('/login');