PHP - Need Help Checking User Account

Hi I am currently making a site where users can upload second hand books for sale, I have everything working as i wish apart from i am having trouble creating a account page where users can review the books they have posted.

so far i use the following code to bring view a the data associated with an uploaded book based on its id

Code: [Select]
  public static function getById( $id ) {
    $conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
    $sql = "SELECT * FROM books WHERE id = :id";
    $st = $conn->prepare( $sql );
    $st->bindValue( ":id", $id, PDO::PARAM_INT );
    $st->execute();
    $row = $st->fetch();
    $conn = null;
    if ( $row ) return new Book( $row );
  }

I think i can use a similar function for my user account however, each book entered by a user has their member id attached to it, which is gained from there id in the members table which in turn is stored in $_SESSION['id']. My question is, is there a way to rework the code above to have something like select * where member_id = $_SESSION['id']. I have tried a few things and get stuck manly due to the fact i dont know what to replace the current :id with.

Thanks in advance, i hope i explained it well enough for you lot to understand.

Ian

I am developing a CMS for my clients where the login to administrate their website is through my own website. This unified back-end allows me to develop the functionality and user experience without the issue of updating each site manually with the new files or running a complicated macro etc and then uploading them all individually too.

I would also like to combine as much of the "client side" CMS code too, i.e. as many of the php files that are stored on the clients website as possible.

All of the websites (and the backend website) are located on the same VPS, running PHP V5.3, allow_url_include is not available, I could have it turned on but this causes security issues if I understand correctly?

I figure my main options a

- Turn on allow_url_include and just include via IP/Domain.

- Use a FTP system similar to the way Wordpress allows remote install of plugins and system updates.

or

- Include the files using a different /home/username/cmsincludes/ path? Is it possible to use another VPS account to include from? I have tested and it gives me a "failed to open stream" error.
Example:

Client xyz Website
Website located: /home/xyz/public_html/
CMS Included: /home/mainsite/cms/

Client 123 Website
Website located: /home/123/public_html/
CMS Included: /home/mainsite/cms/

Client xxx Website
Website located: /home/xxx/public_html/
CMS Included: /home/mainsite/cms/

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=321126.0

The html Form I'm using works successfully with this php code:

 

<?php
//check if form was sent
if($_POST){
	$to = 's@hmail.com';
	$subject = 'Form1';

	$name = $_POST['name'];
	$email = $_POST['email'];
	$message = $_POST['message'];
	$headers = $name;
	$message .= "\r\n\r\n" . $name;

if( empty($_POST["some_place"]) or $_POST['some_place'] != "glory" )
{
   header("HTTP/1.0 403 Forbidden");
   	}else{
   		mail( $to, $subject, $message, $email, $headers );
   	}
		header('Location: https://.......com');
   exit;
}
?>

The problem is that when the email is received it shows the (from) email address to be my domain account user name @ the server name, like this:
domain1@host3servername.com, where I’d prefer something more like noReply@actualdomain.com

Any help or suggested remedy will be appreciated

Hi all,

Here i have a serious problem. I want to sought it out using PHP and MySQL only.
I have a form includes fields of customer id and Account type( stored in a jump menu and includes 6 different types of accounts)


<style type="text/css">
<!--
body,td,th {
font-size: 18px;
font-weight: bold;
}
-->
</style>
<p><img src="../images/mahapitiya 1.jpg" width="1024" height="139" /></p>
<form id="form1" name="form1" method="post" action="">
  <label>
    <input type="submit" name="button" id="button" value="Logout" />
  </label>
</form>
<p>&nbsp;</p>
<form action="" method="post" name="form2" id="form2" 
onsubmit="return Validate();">
  <fieldset>
    <legend class="cap">Create an Account</legend>
    <table width="75%" border="0" cellspacing="0" cellpadding="5" align="center">
      <tr>
        <td>&nbsp;</td>
        <td class="title02">&nbsp;</td>
        <td>&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
      <tr height="30">
        <td width="10%">&nbsp;</td>
        <td width="25%" class="title02" align="left">Customer ID</td>
        <td width="55%" class="attribute1" align="left"><input type="text" name="customer_id" class="attribute1" /></td>
        <td width="10%">&nbsp;</td>
      </tr>
      <tr height="30">
        <td>&nbsp;</td>
        <td width="25%" class="title02" align="left">Account Type</td>
        <td width="55%" align="left" bgcolor="#FFFFFF" class="attribute1"><select name="account_type" id="jumpMenu" >
            <option selected="selected"></option>
            <option>Savings Investment</option>
            <option>Shakthi</option>
            <option>Surathal</option>
            <option>Abhimani Plus</option>
            <option>Yasasa Certificates</option>
            <option>Fixed Deposits</option>
          </select>&nbsp;</td>
        
        <td width="10%">&nbsp;</td>
      </tr>
    </table>
    <p align="center">&nbsp;</p>
    <p align="center">
      <input type="submit" onclick="return Validate();" name="submit" value="Submit" class="attribute1" />
      &nbsp;&nbsp;
      <input type="reset" name="reset" value="Reset" class="attribute1" />
      &nbsp;&nbsp;
      <label>
        <input type="submit" name="button2" id="button2" value="Help" />
      </label>
    </p>
  </fieldset>
  </td>
  <td width="5%">&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td align="center">&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><font color="red" size="1" ></font></td>
    <td>&nbsp;</td>
  </tr>
  </table>
</form>
<p>&nbsp;</p>

<script language = "Javascript">
  
function Validate()
{
    if (document.form2.customer_id.value == '') 
    {
        alert('Please enter the valid customer id!');
        return false;
}
else if ( document.form2.account_type.selectedIndex == '' )
    {
        alert ( "Please select an account type!." );
        return false;
    }
return true;
}
</script>



There are 6 different types of tables exist in my database representing 6 different types of accounts.Each and every table there is a field called "account number" which is auto incremented.When user clicks on submit button i want account number to be opened based on selected account type.

How this could be done?

Thanks,
Heshan.

Hi i have a simple script that functions perfect and easy but i am looking for a way to secure it a little   is there any way for me to create a simple user checking system ?   i have a mysql db with both usernames and passwords   is there any way to get the username and password from a get comand in the url and check the db to see if they exist and if they do run the rest of my code and if not throw access denied ?   i know this is not 100% secure but i its how i want it to be done   could anyone help me with this ?

I am trying to check for an admin user to access the admin panel.

I have been playing around try different things and this what I have ended up with

in my database table I have a column called usergroup and i do the follow to check for admin user.

Code: [Select]
$checkAdmin = mysql_query("SELECT * FROM  `users` WHERE email='$email' , usergroup =  'admin'");

$adminUser = mysql_num_rows($checkAdmin);

if ($adminUser == 0)
{
echo count($adminUser);
die ('You do not have permissions to access this area');

}

I do the select statement through phpmyadmin and it comes back with one row. which is basically hat i want to check for. I do have a variable called $email which is getting a value from the email cookie.

currently $adminUser Return a value of 10.

All of the count() functions is for testing purposes only.

This is something that has intrigued me, that has only recently surfaced when viewing the forum.

Which of the following methods of authenticating that a user exists would be better/faster/ect?

Example 1 - Fetching Row Data
<?PHP
  $username = 'LoserVille';
  $password = 'password';

  $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'");
  $myQuery = mysql_fetch_assoc($myQuery);

  if($myQuery) {
    /*### User Exists ###*/
  } else {
    /*### User Does Not Exist ###*/
  }
?>


Example 2 - Fetching Number of Results
<?PHP
  $username = 'LoserVille';
  $password = 'password';

  $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'");
  $myQuery = mysql_num_rows($myQuery);

  if($myQuery >= 1) {
    /*### User Exists ###*/
  } else {
    /*### User Does Not Exist ###*/
  }
?>


Just looking for some insight, not really a problem

Regards, PaulRyan.

Hi,

I'm trying to figure out the best way to determine if a user is currently downloading a file from my website.
The way my site works, is the user waits 30 seconds and views an ad. After the timer is up the download becomes available.
I heard that I could probably use a timestamp or something of the sort. I've read up on it but not sure how I could go about this.

I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload.
If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file".
When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say:

if ($duplicate==0)

instead of:

if ($duplicate!=0)

but it always shows the same error. Any ideas of what could be wrong with my code?

my sql table looks like:

Field     Type      Null     
id    int(11)    No          
userid    int(11)    No          
artist    varchar(50)    No          
title    varchar(50)    No          
file    varchar(2083)    No          
uploaded    varchar(3)    No          

Code:

<?php
session_start();

if (isset($_SESSION['username'])){

$username = $_SESSION['username'];
$submit = $_POST['submit'];

include_once('inc/connect.php');

$uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); 
$uploadrow = mysql_fetch_assoc($uploadsql); 

$userid = $uploadrow['id']; 
$folder = "sheets/fromusers/";

if (isset($submit)){

// Name of file
$name = $_FILES["location"]["name"];
// Type of file (video/avi) or image/jpg, etc
$type = $_FILES["location"]["type"];
//size of file
$size = $_FILES["location"]["size"];
//stores file in a temporary location
$temp = $_FILES["location"]["tmp_name"];
// if there is an error
$error = $_FILES["location"]["error"];

$artist = strtolower($_POST['artist']);
$title = strtolower($_POST['title']);

// Check if fields are filled in
if($artist&&$title){

if ($error > 0)
{
$sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>";
}
else
{

// Determine the extension of the file
// If file is This File.pdf
// Then $ext is now equal to pdf

$ext = strtolower(substr($name, strrpos($name, '.') + 1)); 

if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png")
{
if ($size <= 26214400) // If size <= 25 megabytes
{
$duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'");
$duplicate = mysql_num_rows($duplicatecheck);

if ($duplicate!=0){
$sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>";

}
else{
$sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')");

move_uploaded_file($temp, $folder.$name);

$success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>";
}

}
else{
$sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>";
}
}
else
{
$sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>";

}
}
}
else{
$sheeterror = "<div id='messageerror'>Fill In All Fields</div>";
}
}
}
else{
$sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>";
}

?>

 <html>
 <head>
 <title>Add Sheet</title>
 <style>
 #container{
width: 350px;
height: 150px;
margin-left: auto;
margin-right: auto; 
background-color: #cccccc;
 }
  
 #formhold{
width: 300px;
text-align: right;
margin-right: auto; 
 }
 #messagesuccess{
background-color: #66CD00; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
  #messageerror{
background-color: #ff2211; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
 </style>
 </head>
 <body OnLoad="document.newsheet.artist.focus();">
<?php
include_once('inc/nav.php');
?>
 <center>
 <h1>Add Sheet</h1>
 <br />
 <div id="container">
 <br />
 <div id="formhold">
 <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data">
Artist: <input type="text" name="artist" size="30"><br />
Title: <input type="text" name="title" size="30"><br />
Sheet: <input type="file" name="location" size="17"><br />
 </div>
<center><input type="submit" name="submit" value="Submit"></center>
 </form>
 

 </div>
 <div id="bottomcont">
 <?php echo $success, $sheeterror; ?>
 </div>
 </center>
 </body>
 </html>

This topic has been moved to Other.

http://www.phpfreaks.com/forums/index.php?topic=318815.0

Below I am checking a user level and if they are  level one they see some of the form, and if level two they see additional options.

What they have already filled out is to show in the text field. Before I was doing the user level check it worked fine. Even now if something is put in a field it saves in the DB but it will not show in the fields on the form.

// Everyone sees
          <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldA']; ?>">
          </tr>
        <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldB']; ?>">
          </tr>
// Check if level two and display if they are.
    <?php }
if (checkUser()) {
?>
        <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['num1']; ?>">
          </tr>
        <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['num2']; ?>">
          </tr>
        <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['num3']; ?>">
          </tr>

     <?php } ?>
// Additional things everyone sees even level one.
        <tr>
            <td><input name="" type="text" id="" value="<?php echo $row_settings['num4']; ?>">
          </tr>
          <tr>

So even <?php echo $row_settings['num4']; ?> will not show/work after the <?php } ?>

Any thoughts? Thanks in advance everyone.

Hey guys and gals!

This is my first post here and needing a bit of help with my php code! So here is the deal, i have 3 tables in ms sql 2000 which i will be using on this project.

i have an employee table that has the regular information such as:

TABLE employee( uniqueid, employee_number, lastname, firstname, dob, address, city, state, zip )

TABLE employee_docs( uniqueid, employee_number, doc_type int, date_received, date_issued, date_expired )

TABLE doc_type(uniqueid, description, valid_month)


so basically from the employee_doc table, the doc_type column is an int and will have the description of the document as well as valid month column which will tell you how long the document type is valid until. the Description gives a brief description of what the product is. The uniqueid is used as what ever number is chose from the employee_docs table will represent the document type from table doc_type.

ok so now that i gave a brief explanation of the tables i am working with, I can tell you what i need.

i need a php page that will display:

employee number, lastname, firstname, doc_type, date_received, date_issued, date_expired.

Code: [Select]
select pn.empnum as employeeid, (pn.lastname + ', ' +  pn.firstname)as [Full Name],
dt.description as doc_type,
formatDate(pd.received) as [Date Received],
formatDate(pd.expired)as [Date Expired],
formatDate(pd.issued) as [Date In Service]

from personnel_document pd
left join document_types dt on (dt.uniqueid = pd.doc_type)
left join personnel pn on (pd.empnum = pn.empnum)

where pd.empnum = '$EmpNum'
now, I went ahead and did this for the html part:
 
Code: [Select]
<table border=0>
           
            <tr>
                    <td height=20px weight=1px valign=bottom><span class=underline>DESCRIPTION</span></td>
                            <td height=20px weight=1px valign=bottom><span class=underline>DATE RECEIVED</span></td>
                            <td height=20px weight=1px valign=bottom><span class=underline>LICENSE NUMBER</span></td>
                    <td height=20px weight=1px valign=bottom><span class=underline>DATE IN SERVICE</span></td>
                            <td height=20px weight=1px valign=bottom><span class=underline>DATE EXPIRED</span></td>
                    </tr>
                    <tr>
                    </tr>
                    <tr>
                            <td height=20px valign=bottom><span class=label_text>PHYSICAL EXAM</span></td>
                            <td valign=top><input class=demog_box type=text size=10 name= phexam_dr id=phexam_dr onBlur= 'formatDate(this)' value='<?php echo $phexam_dr;  ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= phexam_ln id=phexam_ln onBlur='formatDate(this)' value='<?php echo $phexam_ln;                              ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= phexam_is id=phexam_is onBlur= 'formatDate(this)' value='<?php echo $phexam_is;                            ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= phexam_ex id=phexam_ex onBlur='formatDate(this)' value='<?php echo $phexam_ex;                             ?>'>&nbsp;</td>
                    </tr>
                    <tr>
                    </tr>
                    <tr>
                            <td height=20px valign=bottom><span class=label_text>PROFESSIONAL LICENSE</span></td>
                            <td valign=top><input class=demog_box type=text size=10 name= prolic_dr id=prolic_dr onBlur='formatDate(this)' value='<?php echo $prolic_dr;                            ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= prolic_ln id=prolic_ln onBlur='formatDate(this)' value='<?php echo $prolic_ln;                            ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= prolic_is id=prolic_is onBlur='formatDate(this)' value='<?php echo $prolic_is;                            ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= prolic_ex id=prolic_ex onBlur='formatDate(this)' value='<?php echo $prolic_ex;                              ?>'>&nbsp;</td>
                    </tr>
                    <tr>
                    </tr>
                    <tr>
                            <td height=20px valign=bottom><span class=label_text>PROFESSIONAL INSURANCE</span></td>
                            <td valign=top><input class=demog_box type=text size=10 name= proins_dr id=proins_dr onBlur='formatDate(this)' value='<?php echo $proins_dr;                            ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= proins_ln id=proins_ln onBlur='formatDate(this)' value='<?php echo $proins_ln;      ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= proins_is id=proins_is onBlur='formatDate(this)' value='<?php echo $proins_is;   ?>'>&nbsp;</td>
                            <td valign=top><input class=demog_box type=text size=10 name= proins_ex id=proins_ex onBlur='formatDate(this)' value='<?php echo $proins_ex;   ?>'>&nbsp;</td>
                    </tr>
                    <tr>
                    </tr>
                    <tr>
                            <td height=20px valign=bottom><span class=label_text>DRIVER'S LICENSE</span></td>
                            <td valign=top><input class=demog_box type=text size=10 name=dl_dr id=dl_dr onBlur='formatDate(this)' value='<?php echo $dl_dr; ?>'>&nbsp;
                            </td>
                            <td valign=top><input class=demog_box type=text size=10 name=dl_ln id=dl_ln onBlur='formatDate(this)' value='<?php echo $dl_ln; ?>'>&nbsp;
                            </td>
                            <td valign=top><input class=demog_box type=text size=10 name=dl_is id=dl_is onBlur='formatDate(this)' value='<?php echo $dl_is; ?>'>&nbsp;
                            </td>
                            <td valign=top><input class=demog_box type=text size=10 name=dl_ex id=dl_ex onBlur='formatDate(this)' value='<?php echo $dl_ex; ?>'>&nbsp;
                            </td>
    </tr>
                    <tr>
                    </tr>
                    <tr>

</table>

I am now doing the the sql statement to insert into my db but i am stuck.
i basically want to get the information that the user enters for each field and save it on the employees profile.

$querydoc = "update    personnel_document
                      set empnum = '$EmpNum' , doc_type = ???, date_received = ????, date_expired = ????, date issued = ???
         where empnum = '$EmpNum' ";

The problem is that since each description has a different variable im not sure how to update it.... would I have to create a new update for each description? also I hard coded the name of each description but i believe it is better if i echo the description name from the db as i cant use taht as the doc_type... i am pretty confused, if anyone has a better way of doing this i would really appreciate it!

eventually i also want to make sure that the description is expired to to with the fields I have there and promp the user of something that is expired. Once again, any help given is much appreciated!!!

Set up:
    * XAMPP 1.7.3
    * Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l
    * MySQL 5.1.41 + PBXT engine
    * PHP 5.3.1
    * phpMyAdmin 3.2.4
    * Perl 5.10.1
    * FileZilla FTP Server 0.9.33
    * Mercury Mail Transport System 4.72

I'm trying to set up a multipage registration script. It's tuff! I've set up some basic scripts to distribute variables into the correct tables from previous forms using a session. But I want the script to check the input from form one is valid before it moves on to form 2.

Here are my scripts:
form 1:

<html>
 <head>
  <title>Register</title>
  <style type="text/css">
   td { vertical-align: top; }
  </style>
 </head>
 <body>
  <form action="form2.php" method="post">
   <table>
    <tr>
     <td><label for="name">Username:</label></td>
     <td><input type="text" name="name" id="name" size="20"
       maxlength="20" value=""/></td>
    </tr><tr>
     <td><label for="password">Password:</label></td>
     <td><input type="password" name="password" id="password" size="20"
       maxlength="20" value=""/></td>
    </tr><tr>    
     <td><label for="first_name">First name:</label></td>
     <td><input type="text" name="first_name" id="first_name" size="20"
       maxlength="20" value=""/></td>
    </tr><tr>
     <td><label for="last_name">Last name:</label></td>
     <td><input type="text" name="last_name" id="last_name" size="20"
       maxlength="20" value=""/></td>
    </tr><tr>
     <td><label for="email">Email:</label></td>
     <td><input type="text" name="email" id="email" size="20" maxlength="50"
       value=""/></td>
    </tr><tr>
     <td><label for="address">Address:</label></td>
     <td><input type="text" name="address" id="address" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
     <td><label for="city">City/Town:</label></td>
     <td><input type="text" name="city" id="city" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
 <td><label for="county">County:</label></td>
     <td><input type="text" name="county" id="county" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
 <td><label for="post">Postcode:</label></td>
     <td><input type="text" name="post" id="post" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
 <td><label for="home">Home Number:</label></td>
     <td><input type="text" name="home" id="home" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
 <td><label for="mobile">Mobile:</label></td>
     <td><input type="text" name="mobile" id="mobile" size="20" maxlength="20"
       value=""/></td>
    </tr><tr>
     <td> </td>
     <td><input type="submit" name="submit" value="Sumbit"/></td>
    </tr>
   </table>
  </form>
 </body>
</html>


Form 2:

<?php

//let's start the session
session_start();

//now, let's register our session variables
session_register('name');
session_register('password');
session_register('first_name');
session_register('last_name');
session_register('email');
session_register('address');
session_register('city');
session_register('county');
session_register('post');
session_register('home');
session_register('mobile');

//finally, let's store our posted values in the session variables
$_SESSION['name'] = $_POST['name'];
$_SESSION['password'] = $_POST['password'];
$_SESSION['first_name'] = $_POST['first_name'];
$_SESSION['last_name'] = $_POST['last_name'];
$_SESSION['email'] = $_POST['email'];
$_SESSION['address'] = $_POST['address'];
$_SESSION['city'] = $_POST['city'];
$_SESSION['county'] = $_POST['county'];
$_SESSION['post'] = $_POST['post'];
$_SESSION['home'] = $_POST['home'];
$_SESSION['mobile'] = $_POST['mobile'];

?>

<html>
 <head>
  <title>Register</title>
  <style type="text/css">
   td { vertical-align: top; }
  </style>
 </head>
 <body>
  <form action="form3.php" method="post">
   <table>
    <tr>
     <td><label for="bio">Biography:</label></td>
     <td><input type="text" name="bio" id="bio" size="400"
       maxlength="500" value=""/></td>
    </tr><tr>    
     <td> </td>
     <td><input type="submit" name="submit" value="Sumbit"/></td>
    </tr>
   </table>
  </form>
 </body>
</html>



I've also got form3.php and process_forms.php(that's where I mysql_real_escape_string and input the data) but that's probably not relevant. How would I get this to work? Are there any sites I should look at that you'd recommend? Any help appreciated.

hi everyone i was wondering if anyone has any idea how i can make my php links look like this "wwwDOTmysiteDOTcom/xxx.php?s=account" right now they look like this   "wwwDOTmysiteDOTcom/account.php" thanks...