Posts by simplypixie

Remove the float: left; from your center div and set it's left and right margins to match the width of your left and right divs

SELECT * FROM table_name WHERE column_name LIKE 'R%' AND colum_name LIKE '%Y'

It looks to me like you are already calling session_start() somewhere - maybe in your header.php file.

.leftDiv{
	 float: left;
     margin-right: 80px;
}

Why have you got your links in a form?

Sorry, I thought you wanted the background to be white. I have just re-read and see you want ti to match the background of the page (presumably not white). Therefore just change the ul #nav style to have the background colour you want. Also apply it to the ul #nav li to make sure.

Set the background colour of ul #nav to white.

Why are you using php.ini to set permission - you should do that using CHMOD in your file manager.

No problem - please mark as solved.

Sorry, I forgot the ( ) around the values, so it should be

$insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES (' " . mysql_real_escape_string($_POST['title'])  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ')";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());

Why is you query so complex, simplify it to:

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = "INSERT INTO blog (title, specialization, message, email) VALUES ' " . mysql_real_escape_string($_POST['title')  . " ', ' " . mysql_real_escape_string($_POST['specialization']) . " ', ' " . mysql_real_escape_string($_POST['words']) . " ', ' " . mysql_real_escape_string($_SESSION['MM_Username']) . " ' ";

  mysql_select_db($database_con_reg, $con_reg);
  $Result1 = mysql_query($insertSQL, $con_reg) or die(mysql_error());
}

rotten69 - let's hope so:)

Not in the form page it isn't - there is nothing above this line of code

$query=mysql_query("select * from test_mysql where id='$id'",$con);

That declares or assigns a value to $id before it is used in the query in change_form.php

And as you said, it needs to be from the $_GET that is sent in the URL from update_form.php

I mean where is the $_GET, that is what I was trying to ask the poster - where is the value for the $id variable being obtained from.

I agree, but where is it??

Use View Source on your form page to check that there is a value for the hidden id field as $_POST will work as long as there is a value to post.

In fact, where are you getting the value for $id from anyway to use in your query in the first instance as I can't see any reference to it at all in your code?

No problem:)

Please mark your thread as solved.

Is delete an inbuilt function in mysqli so you can't use it as a column name?

The columns in your query and the syntax error don't match - where is member_type='none' come from?

Why not just echo out $_POST as that is all you are trying to do anyway. Otherwise, if you want to store the age in a session, you need to allocate your posted age to a session variable and to do that you need to do:

session_start();
$_SESSION['age'] = $_POST['age'];
echo $_SESION['age'];

What format are you expecting to get from your strtotime and what format are you using in your database for the date columns?

Also you original date format should be 13/12/2011 not 12/13/2011.

You can't have spaces in your column names, so purchaser telephone needs to be something like purchaser_telephone (at the moment you are saying select purchaser.purchaser and then have a random word telephone afterwards)

No problem

Not a problem - glad to hear it is working for you now:)

Try setting the height of your body to the height of your background image and get rid of the background-size. Though for a set image background I personally would make a wrpper div to fit the body and put the css in their and leave the body to just have margin and padding set at 0.

You are trying to get results from an INSERT query - you also need a SELCT query after your INSERT query to load results into your mysql_fetch_array and while loop

mysql_query("INSERT INTO book_tbl (title)VALUES('".$_SESSION['title']."') ");

$my_query = "SELECT title FROM book_tbl";
    $result = mysql_query($my_query) or die(mysql_error());
   

     while($row = mysql_fetch_array($result,$con))

            echo $row['title'];
}

I had tried something similar before but find that I end up with 01-01-1970 where I have '0000-00-00' in the datefield.
Some of the dates have not yet been input therefore I wish to retain them as 'nil'

With what I put, you will need to resolve this by using an if statement to ignore dates that are 0000-00-00.

I had tried something similar before but find that I end up with 01-01-1970 where I have '0000-00-00' in the datefield.
Some of the dates have not yet been input therefore I wish to retain them as 'nil'

With what I put, you will need to resolve this by using an if statement to ignore dates that are 0000-00-00.

Could really do with seeing the rest of your code (especially what you are doing before the piece of code you have already posted). However, as a start, you don't need 2 equals signs and you have put a semi-colon in your if statement which is incorrect, so should be

if (mysql_num_rows($replacing)!=0) { echo........; }

or you could use greater than:

if (mysql_num_rows($replacing)>0) { echo........; }

Simply like this:

<?php 
 $query="SELECT location,id FROM area";
$result = mysql_query ($query);
echo '<select name="location_id">';
echo '<option value="">Please Select..</option>';
while($nt=mysql_fetch_array($result)){
echo '<option value="'.$nt['id'].'">'.$nt['location'].'</option>';
}
echo '</select>'; 
 
 ?>

You could do it in PHP instead (also you have to FROM table in your query which is wrong)

$query=mysql_query("SELECT * FROM table");
$result=mysql_fetch_array($query);
while ($row = $result=mysql_fetch_array($query)) {
$datefield = date('d-m-Y', strtotime($row['datefield']));
}

Is there any script on site.php that checks if a user is logged in or logging out that could redirect back to the logout page?

If somene orders 1 product:

mysql_query("UPDATE Product SET Quantity=Quantity-1 WHERE Id='".$id."'");

Replace $id with your variable name foe the product id and if someone orders more than 1 of the same product store the total number in a variable like $total and change Quantity-1 to Quantity-'".$total."'

I would try naming your variables differently, for example in the second query use $osql, $oresult, $oquery, $oid, and see if that helps.

Can you post your form code so I can understand what you are trying to do please

No problem and sorry I forgot to close the select tag (knew I had missed something but couldn't think what it was).

A quick and dirty solution to show you how it can be done:

<?php
$sql = mysql_query("SELECT access_id FROM user WHERE id='".$userid."' LIMIT 1");
$result = mysql_fetch_array($sql);
$id = $result['access_id'];

$query = mysql_query("SELECT * FROM access");
?>
<select name='access'>
  <?php
    while ($accessrow = mysql_fetch_array($query)) {
  ?>
<option value="<?php echo $accessrow['id']; ?>" <?php if ($id == $accessrow['id']) { echo 'selected'; } ?> ><?php echo $accessrow['access']; ?></option>
<?php } ?>

If each of your right and left floats have set widths, then add the appropriate margins to the center div (i.e. if both floats are 200px wide then set the left and right margins on your center div to 200px each)

Sorry I can't quite work out what you are trying to do here - if it is a javascript issue then you may need to repost in that forum.

You don't need to use salt so I would remove all references to it and stick with just MD5 and see if that resolves your problems

It appears to me that on some of your login functions you are using md5($password).$salt to check the password but you are not applying the $salt to the query that changes the password so they will be different.

I have tweaked your code to wrap everything as I suggested - if you could try it please

<?php
    include '../dbfunctions.php';
    $link = dbConnect();
    //session_start();
    $stid = $_GET['staffref'];
    echo $stid;
     
     
    $staffs = dbGetRows("staff", "id = '".$stid."'");
    $staff = mysql_fetch_array($staffs, MYSQL_ASSOC);
     
    echo $staff['username'];
    echo $staff['password'];
     
    if (isset($_POST['Submit']))
    {
     
	    $username = mysql_real_escape_string($_POST['username']);
	    $oldpassword = mysql_real_escape_string($_POST['oldpassword']);
	    $newpassword = mysql_real_escape_string($_POST['newpassword']);
	    $confirmnewpassword = mysql_real_escape_string($_POST['confirmnewpassword']);
	     
	    // var_dump($_POST);
	     
	     
	    if($newpassword == "" )
	    {
	    	echo "New password cannot be blank!";
	    }
	    // Check if New password is confirmed
	    elseif ($newpassword != $confirmnewpassword)
	    {
	    	echo 'The "New Password" and "Confirm New Password" fields do not match, please re-enter!';
	    }
	    else
	    {
	     
		    // query username old password is not correct
		    $query = "SELECT username FROM staff WHERE username = '".$username."' LIMIT 1" or die(mysql_error());
		     
		    $result = mysql_query($query);
		    $row=mysql_fetch_array($result);
		     
		    // Check if Old username old password is not correct
		    if(!$row)
		    {
		     
		    	echo "Aw shucks! Seems like you don't exist! Please recheck your username/password dude";
		    //mysql_create_db("abcde");
		    }
		    else
		    {
		    // If everything is ok, modify the record
		   
				$query = "UPDATE staff SET password = '".md5($newpassword)."' WHERE username = '".$username."'";
		     
			    $result = mysql_query($query) or die('Error : ' . mysql_error());
			    if( $result )
			    {
			    	echo "All done!";
			    }
	     	}
	     }
	 }
	 else 
	 {
	 ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>Password Administration</title>
    <link href="../bb.css" rel="stylesheet" type="text/css">
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
     
    <body bgcolor="#FFF4DC">
    <table width="60%" border="0" cellspacing="0" cellpadding="0" align="center">
    <tr>
    <td width="32"><img src="../images/admin_03.gif"></td>
    <td width="0*" bgcolor="#FFFFFF" background="../images/admin_04.gif" style="background-repeat: repeat-x;">&nbsp;</td>
    <td width="35"><img src="../images/admin_07.gif" width="32" height="33"></td>
    </tr>
    <tr>
    <td bgcolor="#FFFFFF" background="../images/admin_15.gif" style="background-repeat: repeat-y;"></td> …

Can you post your new code so I can check agin please.

Including your login.

Break everything down, so try selecting with the username only and then the password only to see which one is causing the error. I am presuming you have used MD5 on your posted old password already?

Also add OR die(mysql_error()) to the end of your query to check the syntax is correct.

And add LIMIT 1 within your query at the end in case there are 2 usernames the same.

"SELECT username FROM staff WHERE username = '".mysql_real_escape_string($username)."' LIMIT 1" or die(mysql_error());

You need to wrap your whole code in your if (isset($_POST)) { atatement and then use and else { around your html and form

<?php 
include './dbfunctions.php';
$link = dbConnect();
session_start();
$stid = $_GET['staffref']; 
echo $stid; 


$staffs = dbGetRows("staff", "id = '".$stid."'");
$staff = mysql_fetch_array($staffs, MYSQL_ASSOC);

echo $staff['username'];
echo $staff['password'];

if (isset($_POST['Submit'])) 
  {
.
.
.
.
}
else {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Password Administration</title>
<link href="../bb.css" rel="stylesheet" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
 
<body bgcolor="#FFF4DC">
.
.
.
.
</body>
</html>
<?php } ?>

For some reason the previous poster wants you to create a database if a username doesn't exist - my previous code would have worked fine for you, did you try it?

You column references in your queries and your result rows don't match the database structure you are showing.

According to your table structure, it should be

$query = mysql_query("SELECT * FROM teamdb where sport='Basketball'");
	while($row = mysql_fetch_array($query))
	{
	echo '<option value='.$row['tid'].'>'.$row['tname'].'</option>';
	}

and

$query = mysql_query("SELECT * FROM athletedb where tid='10000'");
	while($row = mysql_fetch_array($query))
	{
	echo '<option value='.$row['aid'].'>'.$row['aname'].'</option>';
	}

You don't actually say if you are having a problem displaying your dat and if so what the problem is so further information would be useful and also your javascript for your onclick event.

No your var_dump won't show the hashed password as it hasn't been hashed at that point, you are just displaying the $_POST data. Try this (you aren't actually getting the data from the db correctly:

if(isset($_POST['Submit'])){
$query = mysql_query("SELECT username FROM staff WHERE username = '".$username."'");

//echo $username;
		$result = mysql_fetch_array($query);

	    if($result) {
	        // Check if Username exists
	        if($result['username'] != $username){ 
			echo "Aw shucks! Seems like you don't exist! Please recheck your username dude";
	       }  
	        //Check if New password if blank
	        elseif($newpassword == "" ) {
			echo "New password cannot be blank!";
			}
	                 
	        // Check if New password is confirmed
	        elseif ($newpassword != $confirmpassword) {  
			echo 'The "New Password" and "Confirm New Password" fields do not match, please re-enter!'; 
			}
			else {
	        // If everything is ok,  modify the record
			$query = "UPDATE staff SET password = '".md5(mysql_real_escape_string($newpassword)."' WHERE username = '".mysql_real_escape_string($username)."'";
			}
			$result =  mysql_query($query) or die('Error : ' . mysql_error());
			if( $result ) {
			  echo "All done!";
			}
   }
}

It is good to use existing class attributes to help you learn but only if you take the time to understand them and what they are doing so that in future you can create your own.

Sorry, I put the wrong URL in - it should have been teamtreehouse.com and they offer tutorials in all aspects of website design and development, plus exercises to 'earn badges' so they do provide what you are asking for.