PHP - What Did I Do Wrong?
Code: [Select]
<?php include('connection.php'); $test1=$_POST('firstname'); $test2=$_POST('lastname'); $test3=$_POST('username'); if (!eregi("([^A-Za-z0-9]"),$test1)){ if (!eregi("([^A-Za-z0-9]"),$test2)){ if (!eregi("([^A-Za-z0-9]"),$test3)){ $query="SELECT * FROM vendors WHERE username = '$_POST(username)'" $result=mysql_query($query); $num=mysql_num_rows($result); if ($num == 0) { $query1="SELECT * FROM vendors WHERE email = '$_POST(email)'" $result1=mysql_query($query2); $num1=mysql_num_rows($result1) if ($num1 == 0) { if (($_POST['password']==$_POST['password1'])&&($_POST['email']==$_POST['email1'])) { $name=strip_tags($_POST['username']); $first=strip_tags($_POST['firstname']); $last=strip_tags($_POST['lastname']); $pass=strip_tags($_POST['password']); $country=strip_tags($_POST['country']); $address=strip_tags($_POST['address']); $email=strip_tags($_POST['email']); $city=strip_tags($_POST['city']); $zip=strip_tags($_POST['zipcode']); $state=strip_tags($_POST['state']); $phone=strip_tags($_POST['phonenumber']); $aql="INSERT INTO vendors SET username='$name', firstname='$first', lastname='$last', email='$email', Country='$country', zipcode='$zip', password='$pass', city='$city', state='$state', phonenumber='$phone', address='$address'" $result=mysql_query($sql) if ($result){ header(location:http://www.digitaldesignersmall.com/ffx.html) } else { header(location:http://www.digitaldesignersmall.com/fff.html) } } else( header(location:http://www.digitaldesingersmall.com/afx.html) } } else { Header(location:http://www.digitaldesingersmall.com/afx.html) } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html") } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html") } } else{ header("location:http://www.digitaldesignersmall.com/cxs.html") } ?> Similar TutorialsI am querying... $sql = "SELECT `messages_inbox`.`message_id`, `users`.`firstname`, `users`.`lastname`, `users`.`username` AS `from`, '${user_info['username']}' AS `to`, `subject`, LENGTH(`files`) AS `len`, 'inbox' AS `box`, DATE_FORMAT(`messages_inbox`.`time` ,'%T %D-%M-%Y') AS `time` "; $sql .= "FROM `messages_inbox` INNER JOIN `users` ON `messages_inbox`.`from_id` = `users`.`id` WHERE `to_id` = ${user_info['uid']} AND `messages_inbox`.`deleted` = 0 ORDER BY `messages_inbox`.`message_id` DESC"; and I am trying to output $displayName = ucwords("${message['firstname']} ${message['lastname']}"); by using $messages = pm_fetch_all($_GET['box']); I know my fetch works but for some reason firstname and lastname are only returning the logged in users first name and last name, not the person who sent the message. What an Earth is wrong with this code? Code: [Select] $query = "select sizes from products where id='$id'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if ($row == 0) {echo "";} else {echo "Small - $row['sizes']";} PHP Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title>Send Data Form</title> </head> <body> <?php if(!$_POST) exit; $email = $_POST['Email']; $name = $_POST['Name']; $telephone = $_POST['Telephone']; $comments = $_POST['Comments']; //$error[] = preg_match('/\b[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b/i', $_POST['email']) ? '' : 'INVALID EMAIL ADDRESS'; if(!eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*" ."@"."([a-z0-9]+([\.-][a-z0-9]+)*)+"."\\.[a-z]{2,}"."$",$email )){ $errors=1; } if($errors==1) echo $error; else{ $values = array ('Name','Email','Telephone','Comments'); $required = array('Name','Email','Telephone','Comments'); $your_email = "****************"; $email_subject = "Comment posted from website:"; foreach($values as $key => $value){ if(in_array($value,$required)){ if ($key != 'Name' && $key != 'Comments' && $key != 'Telephone') { if( empty($_POST[$value]) ) { echo 'Please go back and complete all fields, thank you.'; exit; } } $email_content .= $value.': '.$_POST[$value]."\n"; } } } $headers = "From: $email\r\n"."Reply-To: $email\r\n".'X-Mailer: PHP/' . phpversion(); mail($your_email, $email_subject, $email_content, $headers); if($send_contact){ echo "Thank you for your submission"; } else { echo "ERROR, your comment was not sent"; ?> </body> </html> MOD EDIT: [code] . . . [/code] tags added. mysql_query("UPDATE categories SET active=0 WHERE id=$id"); What am I doing wrong here to get: Parse error: syntax error, unexpected T_STRING ??? ok so before this.. if there isnt description for the company..the logo cant be click..only can be clicked if there is description added..im confused.. Code: [Select] <? if(isset($_GET[ttid])) { $ttid = $_GET[ttid]; } $connection=mysql_connect("$server", "$username", "$password") or die("Could not establish connection"); mysql_select_db($database_name, $connection) or die ("Could not select database"); $query = "select master_event.* , (DATE_FORMAT(event_datefrom, '%d %M %Y')) as datefrom, (DATE_FORMAT(event_dateto, '%d %M %Y')) as dateto, ucase(event_name) as eventname from master_event where master_event.event_id = '$ttid '"; $result=mysql_query($query); while($row = mysql_fetch_array($result)){ $eventname = $row['eventname']; $eventdesc = $row['event_desc']; //$companydescription = $row['company_description']; $eventvenue = $row['event_venue']; $eventfee = $row['event_fee']; $datefrom = $row['datefrom']; $dateto = $row['dateto']; echo "<font color='#000000' face='arial' ><b> $eventname </b> </font> <br>"; echo "<font color='#000000' face='arial' ><i>Date</i> : $datefrom - $dateto <br>"; echo "<i>Venue</i> : $eventvenue <br>"; $querypstype = "SELECT DISTINCT master_pstype.pstype_id, pstype_desc FROM master_pstype INNER JOIN master_psevent ON master_psevent.pstype_id= master_pstype.pstype_id where master_psevent.event_id = '$ttid' ORDER BY pstype_order"; $resultpstype=mysql_query($querypstype); while($rowpstype = mysql_fetch_array($resultpstype)){ $pstypeid = $rowpstype['pstype_id']; $pstypedesc = $rowpstype['pstype_desc']; echo "<br><font color='#8B3A3A' size='1' face='georgia' ><b><i>$pstypedesc</i></b></font> <br>"; $queryps = "SELECT master_psevent.*, pstype_desc, company_name, company_link, company_description, logo_filename FROM master_psevent LEFT JOIN master_pstype ON master_psevent.pstype_id = master_pstype.pstype_id LEFT JOIN master_ps ON master_ps.ps_id = master_psevent.ps_id WHERE master_psevent.event_id = '$ttid' and master_pstype.pstype_id= '$pstypeid' ORDER BY pstype_desc,company_name "; $resultps=mysql_query($queryps); while($rowps = mysql_fetch_array($resultps)){ $companyname = $rowps['company_name']; $companyid = $rowps['ps_id']; $companylinkori = $rowps['company_link']; $companydescription = $rowps['company_description']; $logopath = $rowps['logo_filename']; $describelink = "index.php?ttid=$ttid&content=describe&pstypeid=$pstypeid&psid=$companyid"; echo "<a href=\"$describelink\" target=\"_blank\"><img src=".$logo_dir."/".$logopath." width=\"15%\"></a>"; ?> <br> <? } echo "<br>"; } } ?> im new..so to make it simple..the problem is ..i want it to be (if there is description = logo can be click, if no = otherwise) I did a big upgrade to my CMS and now the editing of an upload doesn't seem to work. The id is pulled from a list on the previous page and is functional. Here is the form: $id=$_GET['id']; $data = mysql_query("SELECT * FROM headerimg WHERE id = '$id'") or die(mysql_error()); while($info = mysql_fetch_array( $data )) { echo " <div id='edit'> <form method='post' action='headerimgeditprocess.php?id=".$id ."' enctype='multipart/form-data'> <fieldset> <legend>".$info['title'] ."</legend> <table> <tr><td colspan='2' style='text-align:center'><img src='../upload/headerimg/".$info['image'] ."' width='300'><br /><br /></tr></td> <td> Title:</td> <td> <input type='text' name='title' value='".$info['title'] ."'> </td></tr> <tr><td> Image: </td><td> <input type='file' name='image'></td></tr> </table> <br/> <br/> <input TYPE='submit' name='upload' title='Add data to the Database' value='Submit'/> </fieldset> </form> Here is the processor: $target = "/var/chroot/home/content/87/6409087/html/upload/headerimg/"; //This gets all the other information from the form $title=$_POST['title']; $id=$_GET['id']; if ($image != ''){ $image = ($_FILES['image']['name']); foreach($_FILES as $file) { move_uploaded_file($file['tmp_name'], $target . $file['name']); } mysql_query("UPDATE headerimg SET image ='$image' WHERE id ='$id'"); } //Writes the information to the database mysql_query("UPDATE headerimg SET title = '$title' WHERE id ='$id' "); ?> <p>Update Successful... <a href="../main.php">click here</a> to return to the administration area.</p> When the webpage loads it inserts all its information via xml into the database. This all works fine and perfect untill i reload the page again then it starts screwing up all the data im not sure what im doing wrong i know this isnt much info but is there a common mistake im making? I am trying to create a very basic object but am having troubles. Code: [Select] <?php class item{ public $name; public $price; function __construct($name,$price){ $this->name=$name; $this->price=$price;} function getName(){ return $this->name; } } $object = new item("car",400); echo $object->getName(); ?> The HTML output is: name=$name; $this->price=$price;} function getName(){ return $this->name; } } $object = new item("car",400); echo $object->getName(); ?> I'm sure that this code is clean but for some reason will not output the desired result! any help would be great. thanks. Hi all. I always create my sql queries like below. $user = "user"; $pass = "123456"; $host = "localhost"; $base = "test"; $cn = mysql_connect($host, $user, $pass) or trigger_error("SQL", E_USER_ERROR); mysql_select_db($base,$cn) or trigger_error("SQL", E_USER_ERROR); $QUERY = mysql_query("SELECT id FROM someTable", [size=14pt][color=red][b]$cn[/b][/color][/size]) or die(mysql_error()); while ($list = mysql_fetch_assoc($QUERY)){ echo "Some Text over loop"; } Okay here is the question (or problem). What if i have 5000 records in my Table. Doesn't this code connect DB 5000 times? If yes, then how can i optimize it? I am trying to create a log in page but all that comes up is Please enter a username and password
<?php session_start () ; $username = $_POST ['username'] ; $password = $_POST ['passowrd'] ; if ($username&&$password) { define ('DB_HOST' , 'localhost') ; define ('DB_USER' , 'root') or die ("Could not connect!") ; define ('DB_PASSWORD', "") or die ("Could not find DB!") ; define ('DB_DATABASE', 'joke') ; } else die ("Please enter a username and password") ; $query = mysql_query ("SELECT * FROM Joke WHERE username = '$username'") ; $numrow = mysql_num_rows ($query) ; if ($numrows!=0) { //code to login While ($row= mysql_fetch_assoc($query)) { $dbusername = $row ['username'] ; $dbusername = $row ['password'] ; } //check if they match if ($username==$dbusername&&$password==$dbpassword) { echo "You're inn! <a href=member.php> Click here to enter member page" ; $_SESSION['username']=$dbusername ; } else echo "incorrect password!" ; } else die("That user does'nt exist") ; echo $numrows; ?> Ok I have this code.. it logs into my myspace accounts and grabs some info.. it is supposed to log into each account and write the info to a file.. what it does is logs into the first account and writes the info to the file then when it signs into the second account it doesnt write the info on the new line it just overwrites the info from the previous account.. here is some of the code for($i=0; $i!=count($account_data); $i++){ echo "\n::: ".strtoupper($account_data[$i][0])." :::\n"; if($account_data[$i][1] != "" && stristr($account_data[$i][0], "@") && stristr($account_data[$i][0], ".")){ list($place[0],$place[1],$place[2],$place[3]) = authorize($account_data[$i], $game_link); if($place[2] > 1 && strlen($place[3]) == 40){ $filename = 'auth-keys.txt'; $fp = file($filename,'a+'); $data = $place[2]." ".$place[3]."\r\n"; file_put_contents($filename, $data); echo $data;}}} sleep(10000); heres a pic Any help would be greatly appreciated So this appears when I try and go on my index.php...
Warning: require_once(/TZ/v3/includes/db.php) [function.require-once]: failed to open stream: No such file or directory in /home/*REMOVED*/public_html/TZ/v3/index.php on line 5 Fatal error: require_once() [function.require]: Failed opening required '/TZ/v3/includes/db.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/*REMOVED*/public_html/TZ/v3/index.php on line 5It's saying there's no file there but there is! Thanks Edited by rizmah, 14 September 2014 - 08:20 AM. Hey, did something happen with the Facebook login for the phpFreaks forum recently? Been trying to log in for some time now but I kept receiving errors. Glad it's back working now!
it's supposed to check the file, to see if it's available for download, the code below looks okay to me, what's wrong? if($row[2]==2) // 4shared check { $row[1]="http://www.".$row[1]; $index=getpage($row[1]); preg_match("/Download ([^<]+)<\/div>/",$index,$match); if(strpos($index,"The file is shared for public access and download.")===false || !$match) { mysql_query("UPDATE `v2links` SET `checked`='-1',`lastcheck`=NOW() WHERE `id`=".$row[0]); print "bad link\n"; logstr("log-c.txt","bad link\n"); } else { $words=trim($match[1]); $words=preg_split("/[_\.\-\s]/",$words); $lastword=array_pop($words); $words=implode(" ",$words); $words=preg_replace("/\s{2,}/"," ",$words); $caption=mysql_real_escape_string($words); unset($words); unset($match); preg_match("/<td>Size\:<\/td><td>([^<]+)<\/td>/",$index,$match); $fsize=$match[1]; unset($match); print "$caption :: $fsize\n"; logstr("log-c.txt","$caption :: $fsize\n"); mysql_query("UPDATE `v2links` SET `checked`='1',`lastcheck`=NOW(),`fsize`='$fsize',`caption`='$caption' WHERE `id`=".$row[0]); if(mysql_errno()) print mysql_error()."\n"; } } I'm wondering if the sharing website has changed anything, because for rapidshare it works fine, code: if($row[2]==1) // rapidshare check { $index=getpage($row[1]); if(strpos($index,"<p><script>alert(\"File not found.\")</script>File not found.</p>")===false && strpos($index,"This file has been deleted.")===false) { preg_match("/<form action=\"([^\"]+)\" method=\"post\">/",$index,$match); //print $index; if($match[1]) { $fpath=$match[1]; $index=getpage($fpath,"dl.start=Free",$row[1]); preg_match("/<\/font> \(([^\(]+)\)\.<\/p>/",$index,$match); $fsize=0; if($match[1]) $fsize=mysql_real_escape_string(strip_tags($match[1])); print $fsize."\n"; logstr("log-c.txt",$fsize."\n"); mysql_query("UPDATE `v2links` SET `checked`='1',`fsize`='$fsize',`lastcheck`=NOW() WHERE `id`=".$row[0]); if(mysql_errno()) print mysql_error()."\n"; } else { print "bad link\n"; logstr("log-c.txt","bad link\n"); mysql_query("UPDATE `v2links` SET `checked`='-1',`lastcheck`=NOW() WHERE `id`=".$row[0]); if(mysql_errno()) print mysql_error()."\n"; } } else { print "bad link\n"; logstr("log-c.txt","bad link\n"); mysql_query("UPDATE `v2links` SET `checked`='-1',`lastcheck`=NOW() WHERE `id`=".$row[0]); if(mysql_errno()) print mysql_error()."\n"; } } any help would be appreciated! or should I say can you tell me WHAT is wrong? getting error on line 19 Parse error: syntax error, unexpected '[' in /home/heaven/public_html/tester/view_thread2.php on line 19 <?php include("connect.php"); mysql_select_db("heaven_forum") or die ("Could Not Select Database"); $recent = mysql_query("SELECT phpbb_posts.id AS post_id, phpbb_posts.topic_id AS topic_id, phpbb_posts.forum_id AS forum_id, phpbb_posts.poster_id AS poster_id, phpbb_topics.topic_title AS title, phpbb_users.username AS usernameFROM phpbb_posts, phpbb_topics ON phpbb_posts.topic_id=phpbb_topics.id, users ON phpbb_posts.poster_id=users.idORDER BY post_time DESC LIMIT 5"); //pull array $recent_row = mysql_fetch_assoc($recent); //set varibles pulled $topic_name = $recent ['title']; $poster = $recent['usernameFROM']; echo $topic_name; echo "Posted By: $poster"; ?> Can someone please take a look and see if you can point out what error i made. Everything on the form side is functioning except it doesn't seem to post since its looping back to the form rather than the redirect. Also, within the actual form table, i had to change the section that says Business Hours from a textarea because I couldn't get it to echo the data from the field in the database. Any ideas on that would be greatly appreciated. Sorry if its a bit sloppy, I'm no expert. Code: [Select] <?php include "config.php"; mysql_connect("$dbhost","$dbusr","$dbpass"); mysql_select_db("$dbname"); session_start(); if (isset($_SESSION['user'])) { } else { header ('location: login.php'); } // creates the edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($id, $username, $location, $address, $city, $zip, $county, $website, $map, $email, $phone, $bhours, $ptimes, $pspecials, $vspecials, $error) { echo "<center><strong>Edit Location Information</strong></center>"; // if there are any errors, display them if ($error != '') { echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>'; } echo " <center> <form action='' method='POST'> <table border='0' frame='box'> <tr> <td width='96'><div align='right'>Venue ID:</div></td> <td colspan='2'><input type='hidden' name='id' value='$id'>$id</td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Username:</font></div></td> <td colspan='2'><input type='text' name='r_username' value='$username'></td> </tr> <tr> <td>Business Name:</td> <td colspan='2'><input type='text' name='r_location' value='$location'></td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Address:</font></div></td> <td colspan='2'><input type='text' name='r_address' value='$address'></td> </tr> <tr> <td><div align='right'>City/State:</div></td> <td><input type='text' name='r_city' value='$city'></td> <td>Format = City, St</td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Zip:</font></div></td> <td colspan='2'><input type='text' name='r_zip'value='$zip'></td> </tr> <tr> <td><div align='right'>County:</div></td> <td colspan='2'><input type='text' name='r_county'value='$county'></td> </tr> <tr> <td><div align='right'>Website:</div></td> <td colspan='2'><input type='text' name='r_website' value='$website'></td> </tr> <tr> <td><div align='right'>Directions:</div></td> <td colspan='2'><input type='text' name='r_map' value='$map'></td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>E-mail:</font></div></td> <td colspan='2'><input type='text' name='r_email' value='$email'></td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Phone #::</font></div></td> <td colspan='2'><input type='text' name='r_phone' value='$phone'></td> </tr> <tr> <td height='80'><div align='right'><font size='2' face='arial'>Business Hours:</font></div></td> <td width='287'><input type='text' name='r_bhours' cols='45' rows='3' value='$bhours'></td> <td width='244'><p>**You must enter </br> after each line to display in rows:</p> <p>Mon - Fri 11am to 10pm</br></p> <p>Sat - Sun 1PM to 3am</br></p></td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Poker Times:</font></div></td> <td colspan='2'><input type='text' name='r_ptimes' value='$ptimes'></td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Poker Specials:</font></div></td> <td><input type='text' name='r_pspecials' value='$pspecials'></td> <td> </td> </tr> <tr> <td><div align='right'><font size='2' face='arial'>Location Specials:</font></div></td> <td><input type'text' name='r_vspecials' cols='45' rows='3' value='$vspecials'></td> <td><p>**You must enter </br> after each line to display in rows:</p> <p>Mon - $0.10 Wings</br></p> <p>Fri - 2 for 1 Happy hour</br></p></td> </tr> <tr> <td></td> <td colspan='2'><div align='center'><font size='2' face='arial'><a href='edituser.php'>Cancel</a> - </font><input type='submit' value='Update Location'></div></td> </tr> </table> </form> </center> "; } // check if the form has been submitted. If it has, process the form and save it to the database if (isset($_POST['submit'])) { // confirm that the 'id' value is a valid integer before getting the form data if (is_numeric($_POST['id'])) { // get form data, making sure it is valid $id = $_POST['id']; $username = mysql_real_escape_string(htmlspecialchars($_POST['username'])); $location = mysql_real_escape_string(htmlspecialchars($_POST['loc_name'])); $address = mysql_real_escape_string(htmlspecialchars($_POST['address'])); $city = mysql_real_escape_string(htmlspecialchars($_POST['city'])); $zip = mysql_real_escape_string(htmlspecialchars($_POST['zip'])); $county = mysql_real_escape_string(htmlspecialchars($_POST['county'])); $website = mysql_real_escape_string(htmlspecialchars($_POST['website'])); $map = mysql_real_escape_string(htmlspecialchars($_POST['map'])); $email = mysql_real_escape_string(htmlspecialchars($_POST['email'])); $phone = mysql_real_escape_string(htmlspecialchars($_POST['phone'])); $bhours = mysql_real_escape_string(htmlspecialchars($_POST['hours'])); $ptimes = mysql_real_escape_string(htmlspecialchars($_POST['ptime'])); $pspecials = mysql_real_escape_string(htmlspecialchars($_POST['pspecial'])); $vspecials = mysql_real_escape_string(htmlspecialchars($_POST['vspecial'])); // check that username field is filled in if ($username == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; //error, display form renderForm($id, $username, $location, $address, $city, $zip, $county, $website, $map, $email, $phone, $bhours, $ptimes, $pspecials, $vspecials, $error); } else { // save the data to the database mysql_query("UPDATE vusr SET username='$username', loc_name='$location', address='$address', city='$city', zip='$zip', county='$county', website='$website', map='$map', email='$email', phone='$phone', hours='$bhours', ptime='$ptimes', pspecial='$pspecials', vspecial='$vspecials' WHERE id='$id'") or die(mysql_error()); // once saved, redirect back to the view page header("Location: edituser.php"); } } else { // if the 'id' isn't valid, display an error echo 'Error!'; } } else // if the form hasn't been submitted, get the data from the db and display the form { // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0) if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0) { // query db $id = $_GET['id']; $result = mysql_query("SELECT * FROM vusr WHERE id=$id") or die(mysql_error()); $row = mysql_fetch_array($result); // check that the 'id' matches up with a row in the databse if($row) { // get data from db $id = $row['id']; $username = $row['username']; $location = $row['loc_name']; $address = $row['address']; $city = $row['city']; $zip = $row['zip']; $county = $row['county']; $website = $row['website']; $map = $row['map']; $email = $row['email']; $phone = $row['phone']; $bhours = $row['hours']; $ptimes = $row['ptime']; $pspecials = $row['pspecial']; $vspecials = $row['vspecial']; // show form renderForm($id, $username, $location, $address, $city, $zip, $county, $website, $map, $email, $phone, $bhours, $ptimes, $pspecials, $vspecials, ''); } else // if no match, display result { echo "No results!"; } } else // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error { echo 'Error!'; } } ?> MOD EDIT: code tags added. Here is code I have, I can't seem to figure this error out, I bet it is obvious, but I clearly am not seeing it..... Here is error: Problem with the query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3 (not really that good of an error, but maybe help getting started?) Code: [Select] <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ www.flashbuilding.com -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $userid = $_SESSION['id']; // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE userid='$userid' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $name = $row["name"]; $phone = $row["phone"]; $username = $row["username"]; $address = $row["address"]; $city = $row["city"]; $state = $row["state"]; $zip = $row["zip"]; $cell = $row["cell"]; $email = $row["email"]; $accounttype = $row["accounttype"]; $rank = $row["rank"]; $badges = $row["badges"]; } // Set error message as blank upon arrival to page $errorMsg = ""; // First we check to see if the form has been submitted if (isset($_POST['name'])){ $name = ereg_replace("[^A-Z a-z0-9]", "", $_POST['name']); // filter everything but numbers and letters $phone = ereg_replace("[^A-Z a-z0-9]", "", $_POST['phone']); // filter everything but spaces, numbers, and letters $username = ereg_replace("[^A-Z a-z0-9]", "", $_POST['username']); // filter everything but spaces, numbers, and letters $address = ereg_replace("[^A-Z a-z0-9]", "", $_POST['address']); // filter everything but spaces, numbers, and letters $city = ereg_replace("[^A-Za-z0-9]", "", $_POST['city']); // filter everything but lowercase letters $state = ereg_replace("[^A-Za-z0-9]", "", $_POST['state']); // filter everything but lowercase letters $zip = ereg_replace("[^A-Za-z0-9]", "", $_POST['zip']); // filter everything but lowercase letters $cell = ereg_replace("[^A-Za-z0-9]", "", $_POST['cell']); // filter everything but lowercase letters $accounttype = ereg_replace("[^A-Z a-z0-9]", "", $_POST['accounttype']); // filter everything but lowercase letters $email = stripslashes($_POST['email']); $email = strip_tags($email); $email = mysql_real_escape_string($email); $password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters // Check to see if the user filled all fields with // the "Required"(*) symbol next to them in the join form // and print out to them what they have forgotten to put in if((!$name) || (!$username) || (!$password)){ $errorMsg = "You did not submit the following required information!<br /><br />"; if(!$name){ $errorMsg .= "--- Name"; } else if(!$username){ $errorMsg .= "--- Username"; } else if(!$Password){ $errorMsg .= "--- Password"; } } else { // Database duplicate Fields Check $sql_username_check = mysql_query("SELECT userid FROM members WHERE username='$username' LIMIT 1"); $username_check = mysql_num_rows($sql_username_check); if ($username_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside our system. Please try another."; } else { // Add MD5 Hash to the password variable $hashedPass = md5($password); // Add user info into the database table, claim your fields then values $sql = mysql_query("INSERT INTO members (name, phone, username, address, city, state, zip, cell, email, accounttype, password ) VALUES('$name','$phone','$username','$address','$city','$state','$zip','$cell','$email','$accounttype','$hashedPass'") or die ("Problem with the query: $sql<br>" . mysql_error()); printf("Records updated: %d\n", mysql_affected_rows()); echo mysql_error(); echo '<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/success.php">'; exit(); // Exit so the form and page does not display, just this success message } // Close else after database duplicate field value checks } // Close else after missing vars check //Close if $_POST } ?> |