PHP - Session Variables Sending Specific Variable From A While Loop

Hello all,  I'm new to PHP and new to this forum (although I have benefitted from your help already -cheers!). However,  this time I cannot find the answer I need/recognise/understand..

I have a form and want to conduct tests on each field returning an error message as a session variable if the test fails. The test will be different for some of the fields, and the error message is specific to each field. If there is an error in any one of the fields I want to be redirected to a failure page where all of the error messages are displayed,  otherwise I am sent on to another page.

I have already written and tested a function to sanitise the incoming form data,  so that's not a problem - it's just how to loop through and test.

I can guess that there are many ways to do this but I need to understand why one option is better than another,  and follow the syntax used (it's all part of my steep learning curve)

The approach I have thought to use is to create an array holding the field name, the test and the message,  then loop through using foreach, applying the array values into the test and creating the error message....but it's not working for me.

The other method is to declare a variable $Stop='No' and if the loop identifies an error, part of the output is to change this to 'yes' and through that redirect to the error page.

I'd really welcome your advice and tuition....cheers.. my code so far is...

Code: [Select]
$Stop='No';
$StaffPassCheck=sanitisealphanum($_POST['PasswordCheck']);

$Errors[0]['value']= sanitisealphanum($_POST['FirstName']);
$Errors[0]['message']='Please re-enter your name';
$Errors[0]['test']=($StaffFname="");

$Errors[1]['value']= sanitisealphanum($_POST['Surname']);
$Errors[1]['message']='Please re-enter your surname';
$Errors[1]['test']=($StaffSname="");

$Errors[2]['value']= sanitisealphanum($_POST['Post']);
$Errors[2]['message']='You must select an option';
$Errors[2]['test']=($StaffPost="Select Value");

$Errors[3]['value']= sanitisealphanum($_POST['Username']);
$Errors[3]['message']='You must select an option';
$Errors[3]['test']=($StaffUser="");

$Errors[4]['value']= sanitisealphanum($_POST['Password']);
$Errors[4]['message']='Please re-enter your password';
$Errors[4]['test']=($StaffPass="");

$Errors[5]['value']= sanitisealphanum($_POST['PasswordCheck']);
$Errors[5]['message']='Sorry, your passwords do not match';
$Errors[5]['test']=($StaffPass===$StaffPassCheck);

foreach ($Errors as $key => $Value){
if ( $Errors['test']=true ){
$Stop='Yes';
return $_SESSION[$key]=$Value['message'];
}
}

if ($Stop='Yes'){
header('Location.test.php');
die();
}else{
header('Location.indexp.php');
}

First page adds a new job number, then the order page loaded with the job number id as a get id. Basically there is a while loop in the order page which shows products/services client can order and he chooses what he requires 'one or eight services' (8 in total) and some other variables like date of order and client name etc. Here is the order item code

The first sql statement executes fine, but in the second sql query nothing happens


$sql="insert into job_order(order_num,order_date,order_customer_id, order_remarks) values(".$_GET['id'].",NOW(),".$_POST['companyBox'].",'".$_POST['remarkBox']."');"; $res=mysql_query($sql);  $id=mysql_insert_id();   foreach($_POST as $key => $value) {          if(!empty($value)) {           $key.' => '.trim(strip_tags($value));            $order="INSERT INTO orderprod (order_num,prod_id,order_amount,teeth_amount) VALUES ('$_GET[id]','$value','$value','$value');"; $orderres=mysql_query($order) or die(mysql_error()); } }?>$sql="insert into job_order(order_num,order_date,order_customer_id,
order_remarks)
values(".$_GET['id'].",NOW(),".$_POST['companyBox'].",'".$_POST['remarkBox']."');";
$res=mysql_query($sql);

$id=mysql_insert_id();


foreach($_POST as $key => $value) {


        if(!empty($value)) { 
 
         $key.' => '.trim(strip_tags($value));  
     
         $order="INSERT INTO orderprod (order_num,prod_id,order_amount,teeth_amount) VALUES
('$_GET[id]','$value','$value','$value');";
$orderres=mysql_query($order) or die(mysql_error());
}
}
?>



=============

This is the formI have removed parts which are irrelevant. Please note that dateBox and companyBox are not required to be looping as they are only for first table,



echo "<form action=".$config_basedir."./vieworder.php?id=".$_GET['id']."  name=form1 method=post>";?><table><tr><td><h4>JOB ORDER</H4></TD><TD></TD></TR><TR><TD>ORDER NUMBER</TD><TD><?PHP ECHO $_GET['id'] ?></td></tr><tr><td>ORDER DATE</td><td><input type=text name=dateBox></td></tr> <tr><td>COMPANY NAME</td><td><?PHP$sql="select * from customers";$res=mysql_query($sql);echo "<select name=companyBox><option value=''>Please select</option>";WHILE($fetch=mysql_fetch_assoc($res)){ echo "<option value='".$fetch['id']."'>".$fetch['cust_name']."</option>";} echo "</select>"; echo "</td></tr>"; ?>   </table> <table><tr><th>ITEM</th><th>QUANTITY</th><th>N0. of Teeths</th></tr><tr><?PHP$sql="select * from products";$res=mysql_query($sql); WHILE($fetch=mysql_fetch_assoc($res)){ echo "<td><input type=text name=desBox value='".$fetch['prod_id']."'>".$fetch['prod_name']."</td><td><input type=text name=quantBox></td><td><input type=text name=teethBox></td>";echo "</tr>";}echo "</table>";?>echo "<form action=".$config_basedir."./vieworder.php?id=".$_GET['id']."  name=form1 method=post>";
?>
<table>
<tr>
<td><h4>JOB ORDER</H4></TD><TD></TD>
</TR>
<TR>
<TD>ORDER NUMBER</TD><TD><?PHP ECHO $_GET['id'] ?></td>
</tr>
<tr>
<td>ORDER DATE</td><td><input type=text name=dateBox></td>
</tr>

<tr>
<td>COMPANY NAME</td><td>
<?PHP
$sql="select * from customers";
$res=mysql_query($sql);
echo "<select name=companyBox><option value=''>Please select</option>";
WHILE($fetch=mysql_fetch_assoc($res)){

echo "<option value='".$fetch['id']."'>".$fetch['cust_name']."</option>";}
echo "</select>";
echo "</td></tr>";
?>



</table>

<table>
<tr>
<th>ITEM</th><th>QUANTITY</th><th>N0. of Teeths</th>
</tr>
<tr>
<?PHP
$sql="select * from products";
$res=mysql_query($sql);

WHILE($fetch=mysql_fetch_assoc($res)){

echo "<td><input type=text name=desBox value='".$fetch['prod_id']."'>".$fetch['prod_name']."</td>
<td><input type=text name=quantBox></td>
<td><input type=text name=teethBox></td>";
echo "</tr>";}
echo "</table>";
?>



HERE IS THE IMAGE showing the populated services.
http://dubads.com/images/order.jpg

Hi there,

First I will say my experience in PHP is rather limited. Before posting on here I have searched a lot on Google to try and find the code. Nothing I have used seems to work... but I know what I want to do is simple.

Basically I have two pages on my website: Page1.php and Page 2.php

I do not want someone to be able to view Page2.php until they have viewed Page1.php. So I think I need to start a session on Page 1 which is checked on Page 2. This is the code I'm looking to find. If someone could help out or point me to something that would assist me, I'd greatly appreciate.

This is what I was working with:

Page 1:
Code: [Select]
<?php
session_start();
 $_SESSION['name']="test";
 ?>

<a href="page2.php"> click here </a>
Page 2:
Code: [Select]
<?php
if ( !isset( $_SESSION['test'])) {
Header("Location: page1.php");
}
?>

Test Content
Thank so much for any help at all!

Hi there im trying to destroy a specific session i have been looking through  many different ways on google but have yet to find one the reason i want to do this is because my website part of the website that is being made has to have a login to view everything and this login ontop to view restricted content, so far my logout has destroyed both sessions and i cant find an answer, all the nessecory scripts are listed below
Login:
<?php
if(isset($_POST['code']))
{
$host="***********"; // Host name 
$username="*************"; // Mysql username 
$password="************"; // Mysql password 
$db_name="******"; // Database name 

// Connect to server and select databse.
mysql_connect($host, $username, $password);
mysql_select_db($db_name);

// username and password sent from form 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// encrypt password 
$encrypted_mypassword=md5($mypassword);

$sql="SELECT * FROM members WHERE username='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:jncomenu.php");
}
else {
echo "Wrong Username or Password";
}
}
?>
Check session:
<? 
session_start();
if(!session_is_registered(myusername)){
header("location:JNCOlogin.php");
}
?>
Logout:
<? 
session_start(myusername);
session_destroy(myusername);
header("location:index.php");
?>

The first session is the same script bar [php][session_register("username");
session_register("password"); /php]

Any help will be greatly appriciated.

Thank,

Blink359

I'm not sure if this question is better asked here or in the 'other' category in client side but that category of forums has less traffic so i'm posting here.

I am trying to mix php, mysql, and flash all togather.

In mysql ive got a table with information regarding my photo gallery (columns are like 'id' 'location' 'date' 'uploader' ect)
I am using php to pick 5 random pictures and return those 5 picture locations into 5 different php variables.

NOW MY ISSUE: How can I send those 5 php variables into flash (as3) as 5 as3 variables???

Any help would be appreciated!

Mind you, I've altered and butchered my code several times trying to find why it's not sending anything even though it says it does.   geo.html

navigator.geolocation.getCurrentPosition(GetLocation);
function GetLocation(location) {
var usr_lat = location.coords.latitude;
var usr_long = location.coords.longitude;
$.ajax({
url: 'local_settings.php',
type: 'POST',
data: { user_lat : usr_lat, user_long : usr_long },
success: function(data)
                    {
                       alert("success! user_lat:" + data);
                    }
});
}

I have this script which I will post below.. the problem is that the following script only works with number..

when I use this script the error.txt will only write numbers and if I send text like... ?trueId=hey   nothing happens

but ?trueId=1 works just fine.. heres the script


Code: [Select]
<?php
$handle = fopen('error.txt', 'r+');
$trueId = $_GET[trueId];
$nextLine = false;
$realText = false;
while(!feof($handle) && $realText != $trueId)
  {
  $nextLine = fgets($handle);
  $realText = $nextLine + "\n";
  }
  
if($realText != $trueId){
$break = "\n";
$text = $trueId;
fwrite($handle, $break);
fwrite($handle, $text);
fclose($handle);
?>
THANK YOU! Appreciate the help!

Here are the project of files: So the problem I'm running into is, while php ---> php is fine (it's recovering all of my variables, I've tested with echo), the problem seems to be where I have made a command  ./createlisting.sh $itemno $title $header $description $image It reads in $itemno, $title, $header $description just fine, but it fails when I try to send an image. Again I've echoed it out and my $image variable contains the correct image name. When it gets sent to the bash script and the bash script sends it to a "log.txt" it only shows $1 thru $4, excluding the $5. When I try to use the img src to create the image on the page, the outputting echo on the page is   <img src ="/images/" /> Which of course is going to result in nothing.

What advice can you guys offer me?

Thanks!

createPage.php:

<html>
<body>
<form enctype="multipart/form-data" action="submitForm.php" method="post">
Item#: <input type="text" name="itemno" value="1" /><br />
Title: <input type="text" name="title" value="My Listing" /><br />
Header: <input type="text" name="header" value="ENTER YOUR LISTING" /><br />
<textarea name="description" cols="60" rows="20">
You will have to use quotes on anything that has more than one word. Sorry!
</textarea><br><br /></p>
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose an image to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Submit" />
</form>
</body>
</html>



submitForm.php:
<?php
$itemno =  $_POST["itemno"];
$title =  $_POST["title"];
$header = $_POST["header"];
$description = $_POST["description"];
// Where the file is going to be placed
$target_path = "/home/images/";

/* Add the original filename to our target path. 
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$image =  basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
$command = "." . "/" . "createlisting.sh";
$param = $itemno . " " . $title . " " . $header . " " . $description;
$finalimage = $image . "";
$final = $command . " " . $param . " " . $finalimage;
passthru($final);

createlisting.sh:

#!/bin/bash

#Create the page based on the information
   cd logs     
   echo $1 > log.txt
   echo $2 >> log.txt
   echo $3 >> log.txt
   echo $4 >> log.txt
        echo $5 >> log.txt
   cd ..
   ./createNewDir.sh $(date +%m%d%Y)
   cd ..
   cd listings
   cd $(date +%m%d%Y)
   mkdir $1
   cd $1
   echo "<HTML>" > listing.html
   echo "<Head>" >> listing.html
   echo "<Title>" >> listing.html
   echo "$2" >> listing.html
   echo "</title>" >> listing.html
   echo "</head>" >> listing.html
   echo "<body>" >> listing.html
   echo "<h1>$3</h1><br>" >> listing.html
        echo "<img src=\"/images/$5\" />"
   echo "$4" >> listing.html
   echo "</body>" >> listing.html
   echo "</html>" >> listing.html
   cd ..
   cd ..
   cd ..
   cd scripts
        echo $(date +%d%m%Y);

Good afternoon everyone, probably just a quick one this one!

I have a reg form, and once the user has been added to the database then it is meant to send them an email with their username and password.

The email works fine, received as it should, however the place where I am trying to echo variables is blank.

For instance
Code: [Select]
<style type='text/css'>
h3 {
font-family: Tahoma, Geneva, sans-serif;
font-size: 24px;
font-style: oblique;
color: #00F;
}
</style>
<body>
<img src='https://www.buy2earn.co.uk/images/logo.png' width='240' height='100'>
<hr>
<h3>Welcome to buy2earn.co.uk!</h3>
<p>
Welcome <?php echo $username:?>
just shows Welcome ...................

How do I send the variables in the email?

Cheers

...to obtain an id_item users doesn´t know and I need to send to the DB   I got this

<?php require_once('Connections/conexxion.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO movimiento (venta, compra, taller, regula_mas, regula_menos, id_lente, id_cil, id_esf) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['venta'], "int"),
                       GetSQLValueString($_POST['compra'], "int"),
                       GetSQLValueString($_POST['taller'], "int"),
                       GetSQLValueString($_POST['regula_mas'], "int"),
                       GetSQLValueString($_POST['regula_menos'], "int"),
                       GetSQLValueString($_POST['id_lente'], "int"),
                       GetSQLValueString($_POST['id_cil'], "int"),
                       GetSQLValueString($_POST['id_esf'], "int"));

  mysql_select_db($database_conexxion, $conexxion);
  $Result1 = mysql_query($insertSQL, $conexxion) or die(mysql_error());
}

mysql_select_db($database_conexxion, $conexxion);
$query_lente = "select id_lente, lente from lentes";
$lente = mysql_query($query_lente, $conexxion) or die(mysql_error());
$row_lente = mysql_fetch_assoc($lente);
$totalRows_lente = mysql_num_rows($lente);

mysql_select_db($database_conexxion, $conexxion);
$query_esfera = "SELECT  * FROM esfera";
$esfera = mysql_query($query_esfera, $conexxion) or die(mysql_error());

mysql_select_db($database_conexxion, $conexxion);
$query_cilindro = "SELECT * FROM cilindro";
$cilindro = mysql_query($query_cilindro, $conexxion) or die(mysql_error());

$query_item = "select id_item from item
inner join rx on rx.id_rx = item.id_rx
inner join cilindro on cilindro.id_cil = rx.id_cil
inner join esfera on esfera.id_esf = rx.id_esf
where cilindro = ".$_POST['sel_cil']." and esfera = ".$_POST['sel_esf']." and id_lente =". $_POST['sel_lente'];
$idlente = mysql_query($query_lente, $conexxion) or die (mysql_error());


?>

<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
  <table align="center">
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Venta:</td>
      <td><input type="text" name="venta" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Compra:</td>
      <td><input type="text" name="compra" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Taller:</td>
      <td><input type="text" name="taller" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Regula_mas:</td>
      <td><input type="text" name="regula_mas" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Regula_menos:</td>
      <td><input type="text" name="regula_menos" value="" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">lente:</td>
      <td><?php echo "<select name='sel_lente'>";
while($row= mysql_fetch_array($lente)){?>
<option value=" <?php echo $row['id_lente'] ;?> " > <?php echo $row['lente']; ?> </option>
    <?php } ?> </select>
    <label for="id_lente"></label></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">cilindro:</td>
      <td><?php echo "<select name='sel_cil'>";
while($row= mysql_fetch_array($cilindro)){?>
<option value=" <?php echo $row['id_cil'] ;?> " > <?php echo $row['cilindro']; ?> </option>
    <?php } ?> </select>
    <label for="id_cil"></label></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Esfera:</td>
      <td><?php echo "<select name='sel_esf'>";
while($row= mysql_fetch_array($esfera)){?>
<option value=" <?php echo $row['id_esf'] ;?> " > <?php echo $row['esfera']; ?> </option>
    <?php } ?> </select></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">id_lente</td>
      <td><label for="id_lente3"></label>
      <input type="text" name="id_lente" id="id_lente3" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">&nbsp;</td>
      <td><input type="submit" value="Insert record" /></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1" />
</form>
<?php
mysql_free_result($esfera);

mysql_free_result($cilindro);

mysql_free_result($lente);
?>

and with this query

$query_item = "select id_item from item
inner join rx on rx.id_rx = item.id_rx
inner join cilindro on cilindro.id_cil = rx.id_cil
inner join esfera on esfera.id_esf = rx.id_esf
where cilindro = ".$_POST['sel_cil']." and esfera = ".$_POST['sel_esf']." and id_lente =". $_POST['sel_lente'];
$idlente = mysql_query($query_lente, $conexxion) or die (mysql_error());

I would obtain the id_item, but , how?, because the form it´s not procesed and I´m getting no variable values.      

i have problem :

I have a page(page1) that sends details to the login page(page2) to check if the details are correct checks these and if there is a match it directs them to the next page.(page 3)

The page1 sends 3 details to the page 2 that are stored into variavles but as there is no submittion when they check the details how do i then send these details onto the page 3 ?

does anyone know how to decode this XML variable value into string values? I also need to know the oposite way: creating variable values into xml. I've tried several code examples but they did filter the requested data.

Code: [Select]
$xml='<?xml version="1.0" encoding="utf-8"?>
<elements>
<text identifier="ed9cdd4c-ae8b-4ecb-bca7-e12a5153bc02">
  <value/>
</text>
<textarea identifier="a77f06fc-1561-453c-a429-8dd05cdc29f5">
  <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p>]]></value>
</textarea>
<textarea identifier="1a85a7a6-2aba-4480-925b-6b97d311ee6c">
  <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy  eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed  diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum.  Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor  sit amet.</p>]]></value>
</textarea>
<image identifier="ffcc1c50-8dbd-4115-b463-b43bdcd44a57">
  <file><![CDATA[images/stories/red/cars/autobedrijf.png]]></file>
  <title/>
  <link/>
  <target/>
  <rel/>
  <lightbox_image/>
  <width><![CDATA[250]]></width>
  <height><![CDATA[187]]></height>
</image>
<text identifier="4339a108-f907-4661-9aab-d6f3f00e736e">
  <value><![CDATA[Kramer 5]]></value>
</text>
<text identifier="ea0666d7-51e3-4e52-8617-25e3ad61f8b8">
  <value><![CDATA[6000 RS]]></value>
</text>
<text identifier="90a18889-884b-4d53-a302-4e6e4595efa0">
  <value><![CDATA[Eindhoven]]></value>
</text>
<text identifier="410d72e0-29b3-4a92-b7d7-f01e828b1586">
  <value><![CDATA[APK Pick up and return]]></value>
</text>
<text identifier="45b86f23-e656-4a81-bb8f-84e5ea76f71f">
  <value><![CDATA[15% korting op grote beurt]]></value>
</text>
<text identifier="3dbbe1c6-15d6-4375-9f2f-f0e7287e29f3">
  <value><![CDATA[Gratis opslag zomerbanden]]></value>
</text>
<text identifier="2e878db0-605d-4d58-9806-8e75bced67a4">
  <value><![CDATA[Gratis abonnement of grote beurt]]></value>
</text>
<text identifier="94e3e08f-e008-487b-9cbd-25d108a9705e">
  <value/>
</text>
<text identifier="73e74b73-f509-4de7-91cf-e919d14bdb0b">
  <value/>
</text>
<text identifier="b870164b-fe78-45b0-b840-8ebceb9b9cb6">
  <value><![CDATA[040 123 45 67]]></value>
</text>
<text identifier="8a91aab2-7862-4a04-bd28-07f1ff4acce5">
  <value/>
</text>
<email identifier="3f15b5e4-0dea-4114-a870-1106b85248de">
  <value/>
  <text/>
  <subject/>
  <body/>
</email>
<link identifier="0b3d983e-b2fa-4728-afa0-a0b640fa34dc">
  <value/>
  <text/>
  <target/>
  <custom_title/>
  <rel/>
</link>
<relateditems identifier="7056f1d2-5253-40b6-8efd-d289b10a8c69"/>
<rating identifier="cf6dd846-5774-47aa-8ca7-c1623c06e130">
  <votes><![CDATA[1]]></votes>
  <value><![CDATA[1.0000]]></value>
</rating>
<googlemaps identifier="160bd40a-3e0e-48de-b6cd-56cdcc9db892">
  <location><![CDATA[50.895711,5.955427]]></location>
</googlemaps>
</elements>';

My login script stores the user's login name as $_SESSION[ 'name'] on login. For some unapparent reason, i'm getting errors stating that $user  and $priv are  undefined variables, though I've attempted to define $user as being equal to $_SESSION['name'], using $user to look up the the user's privilege level (stored as the su column ) in the SQL table, and then where the result of the sql query is $priv which is then evaluated in an if statement. I can't seem to figure out why this might not be working.

The code I'm using:

<?php
session_start();
function verify() {
	//verify that the user is logged in via the login page. Session_start has already been called. 
	if (!isset($_SESSION['loggedin'])) {
	header('Location: /index.html'); 
	exit;
	}
	//if user is logged in, we then lookup necessary privleges. $_SESSION['name'] was written with the login name upon login. Privleges   // are written in db as a single-digit integer of of 0 for users, 1 for administrators, and 2 for special users. 
        $user === $_SESSION['name'];
    //Connect to Databse
	$link = mysqli_connect("127.0.0.1", "database user", "password", "database");
	if (!$link) {
  	  echo "Error: Unable to connect to MySQL." . PHP_EOL;
    	echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    	echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    	exit;
        }
        //SQL Statement to lookup privlege information. 
       if ($result = mysqli_query($link, "SELECT su FROM accounts WHERE username = $user", MYSQLI_STORE_RESULT)) {
         //LOOP TO CYCLE THROUGH SQL RESULTS AND STORE Privlege information as vairable $priv.
            while ($row = $result->fetch_assoc()) {
           $priv === $row["su"];
            }
        }
        // close SQL connection.
        mysqli_close($link);

 // Verify privleges and take action. Only a privlege of "1" is allowed to view this page. A privlege of "2" indicates special 
//accounts used in other scripts that have certain indermediate additional functions, but are not trusted administrators. 

        if ($priv !== 1) {
        echo $_SESSION['name'];
        echo "you have privlege level of $priv";
        echo "<br>";
        echo 'Your account does not have the privleges necessary to view this page';
        exit;
        }
        
}
verify();
?>

 

I'm new to PHP and I have an html page I would like to pull specific data into certain areas on the page that I will modified for php.

Here are some details. The page is a static html page that has the prices of 40+ products in a standard <li> list. When I update the prices in our database through our shopping cart, I have to change these prices manually in the html. https://www.novon.co...mic_mixers.html. It would be great if I could link the field for Base_Price in the products table to each affiliated <li> tag,

I am pulling all the data I need into ($results) and can display it all but I don't know how to get just the single products Base_Price in my <li> tag. <?=$row['Base_Price'] ?>

I know this code is not correct but to get the point across, can I create a variable that I define in each <li> tag with a statement like,,,, <?=$row['Base_Price with Product_Code=123456'] ?>

I could create a new SQL query for each <li> like "SELECT Base_Price from Products WHERE Product_Code='123456' ", but that's a lot of calls to the DB and a lot of code on the page.

And just so I weed out the hard core coders, I can not rebuild the entire page. This is too big of a project for me and my limited coding with PHP.

Can anyone help??
Thanks in advance
Michael