PHP - Having Some Trouble Finding A Problem In My Code, Any Borrow Me Some Fresh Eyes?

I'm having trouble with my code, any help would be appreciated. I'm trying to add an if statement that checks if $new =1, if it does it echos "new" else it echos "old". What is happening is if $new ="0 or 1 " it echos the same answer.
Here is partial code:


Code: [Select]
$result = mysql_query("SELECT * FROM $dbname WHERE  new = '1'") or die(mysql_error());
// store the record of the "" table into $row
$current = '';

// keeps getting the next row until there are no more to get
while($row = mysql_fetch_array( $result )) {
$id = $row['id'];
if (!$current) {
echo "<center><div><table border='0' width='520'>";
$current = $id;
echo "<img src='images/jewelry.png' alt='toveco'/><br/>";
echo "<div>";
  echo "Questions about store items use link in menu.<br/>";
  echo "Latest (".$rows5.") ";
  echo "Beads (".$rows4.") ";
  echo "Cabochons (".$rows3.") ";
echo "Earrings (".$rows1.") ";
echo "Pendants (".$rows2.") ";
echo "Rings (".$rows0.") ";
    echo "</div>";
    echo "<p><b>Click picture to enlarge.</b></p>";
echo "<hr width='520'>";
} elseif ($current != $id){
echo "</table></div><br><div><table border='0' width='520'>";
$current = $id;
echo "<hr width='520'>";
}
?>
<tr><td rowspan="9" width="110"><div class="image"><a href="<?= $row['image']; ?>" rel="lightbox" title="<?= $row['material']; ?>"><img src="<?= $row['image_th']; ?>" align="center" border="0"></a></div></td>
<td rowspan="9" width="110"><div class="image"><a href="<?= $row['image2']; ?>" rel="lightbox" title="<?= $row['material']; ?>"><img src="<?= $row['image2_th']; ?>" width="75" border="0"></a></div></td>
<tr><td>
<?php
if ($new=="0") echo "new";
else echo "old ";
?>
</td></tr>
<tr><th align="left">Item No.</th><td><?= $row['itemno']; ?></td></tr>
<tr><th align="left">Description</th><td><?= $row['description']; ?></td></tr>
<tr><th align="left">Cut</th><td><?= $row['cut']; ?></td></tr>
<tr><th align="left">Carat</th><td><?= $row['carat']; ?></td></tr>
<tr><th align="left">Material</th><td><?= $row['material']; ?></td></tr>
<tr><th align="left">Price</th><td><?= $row['price']; ?></td></tr>
<tr><th align="left">Availability</th><td><?= $row['availability']; ?></td></tr>
<tr><th></th>
<td></td>

I have an html form that is submitted to php page that alocated the data to database and automatically sends out selected data to other php page for them to be emailed. Most of it works but final few steps.

HTML form code looks like this:

<form name="thisform" method="post" action="thankyou.php">
Zip : <input name="zip" type="text" id="zip" size="5" maxlength="5">
<input type="submit" name="submit" value="Submit This Form"/>

PHP code has this, amongst others... (thankyou.php)
There is other code there as well and it works...

<?php
file_get_contents("http://otherdomain.com/azsef/email.php?zip=$zip");
?>

And the email.php has this code:

<?php
$headers = "From: myemail@gmail.com\r\n";
$headers .= "BCC: otheremail@gmail.com\r\n";
mail($_POST[''], "email", "
$_POST[zip]
", $headers);
?>

When I fill out the form submit it I get to the thankyou.php and all the data is send to the database as well as I get a blank email which can only come from email.php on otherdomain.com. Everything works, but I can not get the zip to be emailed, but I get the email.

Why?

Parse error: syntax error, unexpected '{' in /home/content/54/6407054/html/test/adupload.php on line 31
<?

include 'include/config.php';

$email = $_POST['email'];

$code = $_POST['code'];

$link = $_POST['link'];

$sql = ( "SELECT * FROM ads WHERE email='$email' and code='$code' ");

$result = mysql_query($sql);

$count = mysql_num_rows($result);



if ((($_FILES["file"]["type"] == "image/gif")

|| ($_FILES["file"]["type"] == "image/jpeg")

|| ($_FILES["file"]["type"] == "image/png")

|| ($_FILES["file"]["type"] == "image/jpg")

|| ($_FILES["file"]["type"] == "image/pjpeg"))

&& ($_FILES["file"]["size"] < 5000000))

  {

  if ($_FILES["file"]["error"] > 0)

    {

    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";

    }

  else

    {

$_FILES["file"]["name"] = str_replace(" ", "_", $_FILES["file"]["name"]);

   



    if (file_exists("images/ads/" . $_FILES["file"]["name"]))

      {

      echo $_FILES["file"]["name"] . " already exists. ";

      }

    else ($count==1)

      {

      move_uploaded_file($_FILES["file"]["tmp_name"],

      "images/ads/" . $_FILES["file"]["name"]);

  $name = $_FILES["file"]["name"];

 

}

 

  header("Location: http://www.google.com");

  

      }

  }
}
else

  {

  echo "Invalid file";

  }
  

 
?>


line 31 is here


29:  && ($_FILES["file"]["size"] < 5000000))
30:
31:     {
32:
33:   if ($_FILES["file"]["error"] > 0)

Ok, I have been coding for a long time, but recently discovered I was doing things very sloppy and not very secure because register globals was on and I didn't know better.
I am now in a globals off and having issues with a few scripts.

In this case I am using post data and trying to retrieve data from a mysql db.
The error is "Notice: Undefined variable: Item_Number in C:\wamp\www\MasterRetail\productupdate.php on line 8"
I have searched and all the help I have found has not been of help, so I think I am probably over looking something fairly trivial.

<?php
    $db = mysql_connect("localhost", "username here", "");
   mysql_select_db("tablename",$db);

// Get Variables Here.
$_POST['Item_Number'] = '$Item_Number';

if ($Item_Number) {
  if ($submit) {
     $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'";
    $result = mysql_query($sql) or die($sql.'failed because '.mysql_error());
    echo "Client Updated.";
  } else {
    // query the DB
    $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'";
    $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error());   
    $myrow = mysql_fetch_array($result);
    ?>

And here is what the URL looks like "http://sandbox/masterretail/productupdate.php?Item_Number=34240"

Please help so I can continue learning, I so far have fixed about 85% of the flaws I had in the application..

I have a simple login - logout script as it stands working fine.. I can loggin get the proper message, choose to logout get the proper message and all sessions are being destroyed proper..

problem is when I try to go back directly to the member.php page it's given me an error of

Notice: Undefined index: username in C:\wamp\www\protek\member.php on line 4

but still also telling me I have to be logged in to view this file

<?php
session_start();

if ($_SESSION['username']) {
echo "Welcome, ".$_SESSION['username']."!<BR>";
echo "<a href=\"logout.php\">LOGOUT</a>";
}
else {
die("Your Have To Be Logged In To View This Page");
}
?>

Hello,

I have this code running and I keep getting
"Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/.../search.php on line 10

Any help would be appreciated

   <table><tr><td>ID</td><td>SCHOOL NAME</td><td>TEACHER NAME</td></tr>
<?php 
  if(isset($_POST['submit'])){ 
  if(isset($_GET['go'])){ 
  if(preg_match("/^[  a-zA-Z]+/", $_POST['name'])){ 
  $name=$_POST['name']; 
  $db=mysql_connect  ("", "", "") or die ('I cannot connect to the database  because: ' . mysql_error()); 
  $mydb=mysql_select_db(""); 
  $sql="SELECT  ID, school_name, teacher_name FROM Project_Registration WHERE school_name LIKE '%" . $name .  "%'"; 
  $result=mysql_query($sql); 
  while($row = mysql_fetch_array($result, MYSQL_ASSOC)){ 
      echo 
         "<tr><td> {$row['ID']}                           </td>" .
         "<td>     {$row['school_name']}             </td>" .
         "<td>     {$row['teacher_name']}    </td></tr>";}}}}
?> 
    </table>

I have this simple form that registers schools. This year I have decide to upgrade and include a feature that checks if the school is already registered or not based on the imputed name. Here is the code (that is the only way I know how):


mysql_connect("", "", "") or die(mysql_error( '' ));
mysql_select_db("") or die(mysql_error( '' ));

$query  = "SELECT * FROM School_Registrations WHERE School_Name= '$_POST[SchoolName]' ";
$result = mysql_query($query);
if (mysql_numrows($result) > 0) {
while($row = mysql_fetch_array($result))

echo" error code here";} 

else {mysql_query("INSERT INTO `database`.`School_Registrations` (all the variables here);") 
or die(mysql_error( '' ));  
 
echo "Success Code";}



I am trying to incorporate this code somewhere into the 'else' statement but I have no luck. I am constantly getting some errors and when I fix one there is one more to take its place. I am lost. The last one I can not fix and I am not sure what it wants from me:

Fatal error: Call to undefined function getPage()

It works by itself without the if/else statement but not in the code listed above


$url = 'http://www.otherpage.com/page.php?';
$url .= 'email='.urlencode($_POST['email']);
 
$result2 = getPage('', $url, '', 15);
 
function getPage($proxy, $url, $header, $timeout) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, $header);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_PROXY, $proxy);
    curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
    curl_setopt($ch, CURLOPT_REFERER, 'http://azsef.org');
    curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
    $result2['EXE'] = curl_exec($ch);
    $result2['INF'] = curl_getinfo($ch);
    $result2['ERR'] = curl_error($ch);
    curl_close($ch);
    return $result2;
}



Can you tell me why doesn't it work?
Thanks

I am trying to update task based progress updates. I've got a very simple database that needs to be updated with:   Database name: progress 1. ID (auto increment) 2. admin (name of the project manager) 3. adminid (ID of the project manager in the project manager db) 4. member (name of the member of the project in the members db) 4. project (particular project being updated) 5. status (progress of the project as a number between 10 and 90) 6. timestamp   I have the following php script update insert a new line into my progress table:

if (!empty($_POST['progress'])) {
	if(Input::exists()) {
		if(Token::check(Input::get('token'))) {
			$adminprogress = Input::get('admin');
			$adminidprogress = Input::get('adminid');
			$memberprogress = Input::get('member');
			$projectprogress = Input::get('project');
			$statusprogress = Input::get('status');
			$timestamp = date('Y-m-d H:i:s');
			
			$progressupdate = DB::getInstance()->insert(progress, array(
				'admin' => $adminprogress,
				'adminid' => $adminidprogress,
				'member' => $memberprogress,
				'project' => $projectprogress,
				'status' => $statusprogress,
				'timestamp' => $timestamp
			));

			Redirect::to('memberattire1.php');
		}
	}
}

And I have the following code in the body of my page:

<form method="post" action="">
<label>
	<select name="status">
				<option value=choose>---Please Select---</option>
				<option value = "0">(10%) Bunker Registered</option>
				<option value = "10">(20%) First discussions held</option>
				<option value = "20">(30%) Initial research undertaken</option>
				<option value = "30">(40%) Ideas shared</option>
				<option value = "40">(50%) Enquiries made</option>
				<option value = "50">(60%) Results of enquiries shared</option>
				<option value = "60">(70%) Preferences shared</option>
				<option value = "70">(80%) Decisions made</option>
				<option value = "80">(90%) Decisions being executed</option>
				<option value = "90">(100%) Project Completed</option>
	</select>
</label>
<br><br>
<input type="hidden" name="member" value="<?php echo $membername; ?>">
<input type="hidden" name="admin" value="<?php echo $admin; ?>">
<input type="hidden" name="adminid" value="<?php echo $adminid; ?>">
<input type="hidden" name="project" value="attire1">
<input type="hidden" name="token" value="<?php if(isset($token)) { echo $token; } else { echo $token = Token::generate(); } ?>" >
<input type="submit" value="Submit Update" name="progress">
</form>

I know my $membername, $admin and $adminid are ok because I can simply echo them out to confirm them, so there is something silly in my coding that I've overlooked.   Can someone with a fresh pair of eyes see a typo or missed semi-colon or whatnot?   Many thanks for any help.

Hi Guys,

What am I missing here

Code: [Select]
$lside_content2 .= "<tr><td>
<a class=\"bl\" href = \"quiz_int3.php?id=$row[id]&pagenum=$pagenum\" target='_self'>&nbsp;&nbsp;&nbsp; $row[title]</a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;". echo ThumbsUp::item($row['id']); ."</p></td></tr>";
}
I'm getting this error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING

thank you for your help!

Parse error: syntax error, unexpected '(', expecting T_STRING or T_VARIABLE or T_NUM_STRING...

I'm getting this error for this line:
if ((int)$row['loyalty']<20)

Thanks in advanced.

Code: [Select]
<?php

session_start();

$successMsg = '';

    $staff_id = $_SESSION['sid'];

include_once "scripts/connect_to_mysql.php";

$customer_id = $_GET['cid'];
    $customer_id  = mysql_real_escape_string($customer_id );
    $customer_id = eregi_replace("`", "", $customer_id);

$cust_project_id = $_GET['pid'];
    $cust_project_id  = mysql_real_escape_string($cust_project_id );
    $cust_project_id = eregi_replace("`", "", $cust_project_id);

if (isset($_POST['billing_contact_fax_form_field_box'])){
$billing_contact_fname_form_field_box = $_POST['billing_contact_fname_form_field_box'];
$billing_contact_lname_form_field_box = $_POST['billing_contact_lname_form_field_box'];
$billing_contact_address_form_field_box = $_POST['billing_contact_address_form_field_box'];
$billing_contact_city_form_field_box = $_POST['billing_contact_city_form_field_box'];
$billing_contact_state_form_field_box = $_POST['billing_contact_state_form_field_box'];
$billing_contact_zip_form_field_box = $_POST['billing_contact_zip_form_field_box'];
$billing_contact_email_form_field_box = $_POST['billing_contact_email_form_field_box'];
$billing_contact_phone_form_field_box = $_POST['billing_contact_phone_form_field_box'];
$billing_contact_fax_form_field_box = $_POST['billing_contact_fax_form_field_box'];
$billing_contact_pref_meth_contact_form_field_box = $_POST['billing_contact_pref_meth_contact_form_field_box'];
$billing_contact_cc_billed_form_field_box = $_POST['billing_contact_cc_billed_form_field_box'];

$sql = mysql_query("UPDATE billing_info SET contact_fname='$billing_contact_fname_form_field_box',contact_lame='$billing_contact_lname_form_field_box',address='$billing_contact_address_form_field_box',city='$billing_contact_city_form_field_box',state='$billing_contact_state_form_field_box',zip='$billing_contact_zip_form_field_box',email='$billing_contact_email_form_field_box',phone='$billing_contact_phone_form_field_box',fax='$billing_contact_fax_form_field_box',pref_meth_contact='$billing_contact_pref_meth_contact_form_field_box',cc_billed='$billing_contact_cc_billed_form_field_box' WHERE proj_id='$cust_project_id'");

$successMsg = '<p style="font-family:Myriad Web Pro" style="font-size:10px" style="color:#666">You have successfully updated the company\'s General Information.<br /><br />
<a href="javascript:window.close();">Close</a></p>';
echo $successMsg;
exit();


}

?>

I have played around with this for SOOOOO long. I have 2 other scripts that are almost exact replicas of this script. Only difference is they are communicating with a different table...but its basically the EXACT same structure of code and functions. My tables consist of some int values, some varchar values, and the data submitted in these variables should get written to the table where the project ID is = to the id I'm working with. All of that seems to be working fine but whenever I enter the info into the form and submit, NOTHING gets written to my table....I'm completely STUMPED and P-O'd that I just wasted a complete 2 hours doing guess and check and cross comparing scripts. I can't find a thing!!!! Below is my html.....hopefully someone smarter than me can put 2 and 2 together because obviously I am an idiot!!!! Also its organized so well that you would think diagnosing the issue would be simple....not the case. I am totally and utterly stumped. I will even add my other code that works to show you what I mean.


Code: [Select]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>

<link rel="stylesheet" type="text/css" href="style.css"/>

<script type="text/javascript">
<!-- Form Validation -->
function validate_form ( ) {
valid = true;
if ( document.form.billing_contact_fname_form_field_box.value == "" ) {
alert ( "Please fill out the First Name field." );
valid = false;
}
if ( document.form.billing_contact_lname_form_field_box.value == "" ) {
alert ( "Please fill out the Last Name field." );
valid = false;
}
if ( document.form.billing_contact_address_form_field_box.value == "" ) {
alert ( "Please fill out the Address field." );
valid = false;
}
if ( document.form.billing_contact_city_form_field_box.value == "" ) {
alert ( "Please fill out the City field." );
valid = false;
}
if ( document.form.billing_contact_state_form_field_box.value == "" ) {
alert ( "Please fill out the State field." );
valid = false;
}
if ( document.form.billing_contact_zip_form_field_box.value == "" ) {
alert ( "Please fill out the Zip field." );
valid = false;
}
if ( document.form.billing_contact_email_form_field_box.value == "" ) {
alert ( "Please fill out the Email field." );
valid = false;
}
if ( document.form.billing_contact_phone_form_field_box.value == "" ) {
alert ( "Please fill out the Phone field." );
valid = false;
}
if ( document.form.billing_contact_fax_form_field_box.value == "" ) {
alert ( "Please fill out the Fax field." );
valid = false;
}
return valid;
}
<!-- Form Validation -->
</script>

</head>

<body>


<div id="pg_container">

<!--PAGE CONTAINER-->
<div id="pgbdy_container">     
       
    <div id="pgbdy">
      <div id="bdy_header"></div>
      <div id="bdy_content_area">
          <div id="bdy_content_general_info">
         
<div id="bdy_form_header">
          <p>
                Please complete the Billing Information form below.<br />
                    <i>Fields marked with a</i> <b>*</b> <i>are required fields.</i>
                </p>
            </div>

            <form action="" method="post" enctype="multipart/form-data" id="form" name="form" onsubmit="return validate_form ( );">

            <!--BILLING CONTACT FIRST NAME-->
            <div id="billing_contact_fname_form">
            <div id="billing_contact_fname_form_text">
                    <p>*First Name:</p>
                </div>
                <div id="billing_contact_fname_form_field">
                <input name="billing_contact_fname_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT FIRST NAME-->       


            <!--BILLING CONTACT LAST NAME-->
            <div id="billing_contact_lname_form">
            <div id="billing_contact_lname_form_text">
                    <p>*Last Name:</p>
                </div>
                <div id="billing_contact_lname_form_field">
                <input name="billing_contact_lname_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT LAST NAME-->       


            <!--BILLING CONTACT ADDRESS NAME-->
            <div id="billing_contact_address_form">
            <div id="billing_contact_address_form_text">
                <p>*Address:</p>
                </div>
                <div id="billing_contact_address_form_field">
                <input name="billing_contact_address_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT ADDRESS NAME-->       


            <!--BILLING CONTACT CITY NAME-->
            <div id="billing_contact_city_form">
            <div id="billing_contact_city_form_text">
                <p>*City:</p>
                </div>
                <div id="billing_contact_city_form_field">
                <input name="billing_contact_city_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT CITY NAME-->       


            <!--BILLING CONTACT STATE NAME-->
            <div id="billing_contact_state_form">
            <div id="billing_contact_state_form_text">
                <p>*State:</p>
                </div>
                <div id="billing_contact_state_form_field">
                <input name="billing_contact_state_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT STATE NAME-->       


            <!--BILLING CONTACT ZIP NAME-->
            <div id="billing_contact_zip_form">
            <div id="billing_contact_zip_form_text">
                <p>*Zip:</p>
                </div>
                <div id="billing_contact_zip_form_field">
                <input name="billing_contact_zip_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT ZIP NAME-->       


            <!--BILLING CONTACT EMAIL NAME-->
            <div id="billing_contact_email_form">
            <div id="billing_contact_email_form_text">
                <p>*Email:</p>
                </div>
                <div id="billing_contact_email_form_field">
                <input name="billing_contact_email_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT EMAIL NAME-->       


            <!--BILLING CONTACT PHONE NAME-->
            <div id="billing_contact_phone_form">
            <div id="billing_contact_phone_form_text">
                <p>*Phone:</p>
                </div>
                <div id="billing_contact_phone_form_field">
                <input name="billing_contact_phone_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT PHONE NAME-->       


            <!--BILLING CONTACT FAX NAME-->
            <div id="billing_contact_fax_form">
            <div id="billing_contact_fax_form_text">
                <p>Fax:</p>
                </div>
                <div id="billing_contact_fax_form_field">
                <input name="billing_contact_fax_form_field_box" type="text" />
                </div>
            </div>       
            <!--BILLING CONTACT FAX NAME-->       


            <!--BILLING CONTACT PREFERRED METHOD OF CONTACT NAME-->
            <div id="billing_contact_pref_meth_contact_form">
            <div id="billing_contact_pref_meth_contact_form_text">
                <p>*Preferred Method of Contact:</p>
                </div>
                <div id="billing_contact_pref_meth_contact_form_field">
<select name="billing_contact_pref_meth_contact_form_field_box">
                    <option value="Email">Email</option>
                    <option value="Phone">Phone</option>
                    <option value="Fax">Fax</option>
                    <option value="">Physical Mail</option>
                    </select>
                </div>
            </div>       
            <!--BILLING CONTACT PREFERRED METHOD OF CONTACT NAME-->       


            <!--BILLING CONTACT CREDIT CARD OR BILLED NAME-->
            <div id="billing_contact_cc_billed_form">
            <div id="billing_contact_cc_billed_form_text">
                <p>*Will the customer pay with Credit Card or will they be billed (Credit must be approved before ordering)?</p>
                </div>
                <div id="billing_contact_cc_billed_form_field">
<select name="billing_contact_cc_billed_form_field_box">
                    <option value="Credit Card">Credit Card</option>
                    <option value="Billed">Billed</option>
                    </select>
                </div>
            </div>       
            <!--BILLING CONTACT CREDIT CARD OR BILLED NAME-->       


          <!-- SUBMIT BUTTON -->
          <div id="submit_billing_info">
            <input name="submit_billing_info" type="submit" />
            </div>
          <!-- SUBMIT BUTTON -->
           
            </form>


          </div>
      </div>
      </div>
</div>
<!--PAGE CONTAINER-->

</div>
</body>
</html>


Now here is the code that works in its entirety....please note that the above is broken up just as it would be seen on the page. PHP at the top and then the HTML. It mimics the script I am about to paste below. Please help meeeeeeee!!!!


Code: [Select]
<?php 

session_start();

$successMsg = '';

    $staff_id = $_SESSION['sid'];

include_once "scripts/connect_to_mysql.php";

$customer_id = $_GET['cid'];
    $customer_id  = mysql_real_escape_string($customer_id );
    $customer_id = eregi_replace("`", "", $customer_id);

$cust_project_id = $_GET['pid'];
    $cust_project_id  = mysql_real_escape_string($cust_project_id );
    $cust_project_id = eregi_replace("`", "", $cust_project_id);

if (isset($_POST['company_name'])){

$company_name = ereg_replace("[[^A-Z a-z0-9]]", "", $_POST['company_name']); // filter everything but numbers and letters
$customer_fname = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_fname']); // filter everything but spaces, numbers, and letters
$customer_lname = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_lname']); // filter everything but spaces, numbers, and letters
$customer_address = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_address']); // filter everything but spaces, numbers, and letters
$customer_city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_city']); // filter everything but numbers and letters
$customer_state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_state']); // filter everything but numbers and letters
$customer_zip = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_zip']); // filter everything but numbers and letters
$customer_email = stripslashes($_POST['customer_email']);
$customer_email = strip_tags($customer_email);
$customer_email = mysql_real_escape_string($customer_email);
$customer_phone = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_phone']); // filter everything but spaces, numbers, and letters
$customer_fax = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_fax']); // filter everything but spaces, numbers, and letters
$cust_pre_meth_contact = $_POST['cust_pre_meth_contact']; // filter everything but spaces, numbers, and letters
$date_of_entry = date("F j, Y, g:i a");

    $sql = mysql_query("UPDATE company_info SET company_name='$company_name',contact_fname='$customer_fname',contact_lname='$customer_lname', address='$customer_address', city='$customer_city', state='$customer_state', zip='$customer_zip', email='$customer_email', phone='$customer_phone', fax='$customer_fax',pref_meth_contact='$cust_pre_meth_contact',entry_date='$date_of_entry' WHERE proj_id='$cust_project_id'");

$successMsg = '<p style="font-family:Myriad Web Pro" style="font-size:13px" style="color:#666">You have successfully updated <b>' . $company_name . '\'s</a></b> Company Information.<br /><br />
<a href="javascript:window.close();">Close</a></p>';
echo $successMsg;
exit();
}

$sql = mysql_query("SELECT * FROM company_info WHERE proj_id='$cust_project_id' LIMIT 1");

while ($row = mysql_fetch_array($sql)) {
$company_name = $row["company_name"];  
$company_contact_fname = $row["contact_fname"]; 
$company_contact_lname = $row["contact_lname"]; 
$company_address = $row["address"]; 
$customer_city = $row["city"]; 
$customer_state = $row["state"]; 
$customer_zip = $row["zip"]; 
$customer_email = $row["email"]; 
$customer_phone = $row["phone"]; 
$customer_fax = $row["fax"]; 
$cust_pre_meth_contact = $row["pref_meth_contact"];
$cust_entry_date = $row["entry_date"];
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>

<link rel="stylesheet" type="text/css" href="style.css"/>

<script type="text/javascript">
<!-- Form Validation -->
function validate_form ( ) {
valid = true;
if ( document.form.company_name.value == "" ) {
alert ( "Company Name field must not be blank." );
valid = false;
}
if ( document.form.customer_fname.value == "" ) {
alert ( "Customer Address field must not be blank." );
valid = false;
}
if ( document.form.customer_lname.value == "" ) {
alert ( "Customer Address field must not be blank." );
valid = false;
}
if ( document.form.customer_address.value == "" ) {
alert ( "Customer Address field must not be blank." );
valid = false;
}
if ( document.form.customer_city.value == "" ) {
alert ( "Customer City field must not be blank." );
valid = false;
}
if ( document.form.customer_state.value == "" ) {
alert ( "Customer State field must not be blank." );
valid = false;
}
if ( document.form.customer_zip.value == "" ) {
alert ( "Customer Password field must not be blank." );
valid = false;
}
if ( document.form.customer_email.value == "" ) {
alert ( "Customer Email field must not be blank." );
valid = false;
}
if ( document.form.customer_phone.value == "" ) {
alert ( "Customer Phone field must not be blank." );
valid = false;
}
if ( document.form.customer_fax.value == "" ) {
alert ( "Customer Fax field must not be blank." );
valid = false;
}
return valid;
}
<!-- Form Validation -->
</script>

</head>

<body>


<div id="pg_container">

<!--PAGE CONTAINER-->
<div id="pgbdy_container">     
       
    <div id="pgbdy">
      <div id="bdy_header"></div>
      <div id="bdy_content_area">
          <div id="bdy_content">
         
<div id="bdy_form_header">
          <p>
                Create a new customer by filling out the form below.<br />
                    <i>Fields marked with a</i> <b>*</b> <i>are required fields.</i>
                </p>
            </div>
          <form action="edit_company_info.php?sid=<?php echo "$staff_id"; ?>&cid=<?php echo "$customer_id"; ?>&pid=<?php echo "$cust_project_id"; ?>" method="post" id="form" name="form" enctype="multipart/form-data" onsubmit="return validate_form ( );">

          <!-- COMPANY NAME -->
            <div id="company_name_form">
            <div id="company_name_text">
                <p>
                    Company Name:
                    </p>
              </div>
                 
                <div id="company_name_field">
                <input name="company_name" type="text" id="company_name" value="<?php echo "$company_name"; ?>" />
                </div>
            </div>
            <!--COMPANY NAME-->
         
          <!-- CUSTOMER FIRST NAME -->
            <div id="customer_fname_form">
            <div id="customer_fname_text">
                <p>
                    Contact First Name:
                    </p>
              </div>
                 
                <div id="customer_fname_field">
                <input name="customer_fname" type="text" id="customer_fname" value="<?php echo "$company_contact_fname"; ?>" />
                </div>
            </div>
          <!-- CUSTOMER FIRST NAME -->

          <!-- CUSTOMER LAST NAME -->
            <div id="customer_lname_form">
            <div id="customer_lname_text">
                <p>
                    Contact Last Name:
                    </p>
              </div>
                 
                <div id="customer_lname_field">
                <input name="customer_lname" type="text" id="customer_lname" value="<?php echo "$company_contact_lname"; ?>" />
                </div>
            </div>
          <!-- CUSTOMER LAST NAME -->

         
            <!-- CUSTOMER ADDRESS -->
            <div id="customer_address_form">
            <div id="customer_address_text">
                <p>
                    Address:
                    </p>
              </div>
                 
                <div id="customer_address_field">
                <input name="customer_address" type="text" id="customer_address" value="<?php echo "$company_address"; ?>" />
                </div>
            </div>
            <!--CUSTOMER ADDRESS-->
         
            <!-- CUSTOMER CITY -->
          <div id="customer_city_form">
            <div id="customer_city_text">
                <p>
                    City:
                    </p>
              </div>
                 
                <div id="company_name_field">
                <input name="customer_city" type="text" id="customer_city" value="<?php echo "$customer_city"; ?>" />
                </div>
            </div>
            <!--CUSTOMER CITY-->
         
            <!-- CUSTOMER STATE -->
          <div id="customer_state_form">
            <div id="customer_state_text">
                <p>
                    State:
                    </p>
              </div>
                 
                <div id="customer_state_field">
                <input name="customer_state" type="text" id="customer_state" value="<?php echo "$customer_state"; ?>" />
                </div>
            </div>
            <!--CUSTOMER STATE-->
         
            <!-- CUSTOMER ZIP -->
          <div id="customer_zip_form">
            <div id="customer_zip_text">
                <p>
                    Zip:
                    </p>
              </div>
                 
                <div id="customer_zip_field">
                <input name="customer_zip" type="text" id="customer_zip" value="<?php echo "$customer_zip"; ?>" />
                </div>
            </div>
            <!--CUSTOMER ZIP-->
         
            <!-- CUSTOMER EMAIL -->
          <div id="customer_email_form">
            <div id="customer_email_text">
                <p>
                    Email:
                    </p>
              </div>
                 
                <div id="customer_email_field">
                <input name="customer_email" type="text" id="customer_email" value="<?php echo "$customer_email"; ?>" />
                </div>
            </div>
            <!--CUSTOMER EMAIL-->
         
            <!-- CUSTOMER PHONE-->
          <div id="customer_phone_form">
            <div id="customer_phone_text">
                <p>
                    Phone:
                    </p>
              </div>
                 
                <div id="customer_phone_field">
                <input name="customer_phone" type="text" id="customer_phone" value="<?php echo "$customer_phone"; ?>" />
                </div>
            </div>
            <!--CUSTOMER PHONE-->
         
            <!-- CUSTOMER FAX-->
          <div id="customer_fax_form">
            <div id="customer_fax_text">
                <p>
                    Fax:
                    </p>
              </div>
                 
                <div id="customer_fax_field">
                <input name="customer_fax" type="text" id="customer_fax" value="<?php echo "$customer_fax"; ?>" />
                </div>
            </div>
            <!--CUSTOMER FAX-->
           
            <!-- CUSTOMER PREFERRED METHOD OF CONTACT -->
          <div id="cust_pre_meth_contact_form">
            <div id="cust_pre_meth_contact_text">
                <p>
                    What is the customer's preferred method of contact?<br />
                        <select name="cust_pre_meth_contact">
                    <option value="Email">Email</option>
                    <option value="Fax">Fax</option>
                    <option value="Phone">Phone</option>
                    <option value="Physical Mail">Physical Mail</option>
                    </select>
                    </p>
                 </div>
                 
            </div>
            <!--CUSTOMER PREFERRED METHOD OF CONTACT -->
         
            <!-- SUBMIT BUTTON -->
          <div id="submit_new_customer_form">
            <div id="submit_new_customer_button">
                <p>
                    <input name="submit_new_customer_info" type="submit" id="submit_new_customer" value="Update Customer Company Info" />
                    </p>
              </div>
            </div>
            </form>
            <!--SUBMIT BUTTON-->
           
           
          </div>
      </div>
      </div>
</div>
<!--PAGE CONTAINER-->

</div>
</body>
</html>

I've been hacking at this for 3 hours now.. My syntax seems to be screwed up on something, but I cannot find it for the life of me!

Error thrown is obvious I am missing or have something nested wrong!
Parse error: parse error in C:\wamp\www\php\php_study\login_processor.php on line 22


Here is my code. Error is being thrown on the line of the elseif statment.

<?php
  include('db_cxn.php');
  $cxn = mysqli_connect($host, $user, $pass, $db) or die("Query died: connect");
  $sql = "SELECT username FROM users WHERE username = '$_POST[username]'";
  $result = mysqli_query($cxn, $sql) or die("Query Died: username");
  $num = mysqli_num_rows($result);
  if ($num > 0) {
      $sql = "SELECT username FROM users WHERE username='$_POST[username]' AND password=md5('$_POST[password]')";
      $result2 = mysqli_query($cxn, $sql) or die("Query died: password");
      $num2 = mysqli_num_rows($result2);
      if ($num2 > 0) {
          $_SESSION['auth'];
          $_SESSION['logname'] = $_SESSION['username'];
      } //if ($num2 > 0)
      
      header("Location: the_secret_page.php");
  } //if ($num > 0)
  
  else {
      $message1 = "The login name, '$_POST[username]' does not exist in the database. Please try again";
      $username = strip_tags(trim($_POST[username]));
      include('login_form.php');
  } //else
  
  elseif ($num == 0) {
      $message1 = "The username you entered does not exist. Please try again.s";
      include("login_form.php");
  } //elseif ($num == 0)
?>

I don't think my form html/php code is necessary, but I'll include it for reference:

<h1>Login Form</h1>

<?php
  $fields_1 = array("username" => "User Name", "password" => "Password");
?>

<form method="post" action="login_processor.php">
<fieldset>
<legend>Login Form</legend>
<?php
  if (isset($message_1)) {
      echo "$message_1";
  } //if (isset($message_1))
  foreach ($fields_1 as $field => $value) {
      if (preg_match("/pass/i", $field))
          $type = "password";
      else
          $type = "text";
      echo "<div id='field'>
<label for='$field'>$value</label>
<input id='$field' name='$field' type='$type' value='" . @$$field . "' size='20' maxlength='50' />
</div>\n";
  } //foreach ($fields_1 as $field => $value)
?>
<input type="submit" name="Button" value="Login" />
</fieldset>
</form>

Hello

We have a series of sites that use Google API to serve locations stored in local DB, that show google maps from within given PHP pages within our sites (these pages also have other db driven content we wish to keep....

Each 'member' in our sites,  they each have a google map shown on each page present for their 'location' menu tab...

These calls to the google map API,  often goes over our daily allotment of freebie map presentations from the google API

It is SE and other Bots that run these view numbers off the charts and prevent the google maps from loading the actual maps - we get a google map err message - advising that maximum views have been reached... (we see this in our server error logs)

Thoughts on how i can serve this map code to only legit http requests (human eyes)  or at least reduce the burden of bot crawl requests to the google API?

here is the code we use to call the maps

 - We need to encapsulate Google Map Display in a snippet that will block it from getting hit by bots....

Huge Thanks!

Code: [Select]
<form target="_blank" method="GET" action="http://maps.google.com/maps">
<input type="hidden" name="daddr" value="<? echo "$address, $city, $state $zip $country" ?>">
<?php display_tooltip("Please enter your starting point in the form address, city, state zip country or simply enter your city", "mapdir");?>
<input type="text" name="saddr" value="your starting point" onfocus=this.select()>
<input class="clickableL" type="submit" value="Map and Directions">
</form>

$query  = "SELECT * FROM name_list WHERE Name= '$_POST[Name]' ";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC)){
if ( ($row['Name']) == $_POST['Name'] ) 
      echo "ERROR";
  else echo "rest of the code";
  }


So this code compares (or it should) the name entered by the user in the form to the list of names already in database. If the user enters a name in the form that is in the database I get and "ERROR" as I should. But is they enter a name that is not in the database I am not getting "rest of the code."

Why?

Hi

I have a file, that is copied from other files. All other files work perfectly.
But, for some reason this one is throwing back an error.

I've been over it so many time, but can't see whats wrong.

Error:
Fatal error: Call to undefined method stdClass::save() in /home/p/o/powtest/web/public_html/admin/lib/ajax_php/add_interests.php on line 28


add_interests.php
Code: [Select]
<?PHP
require_once("../../../includes/initialize.php");

$flag = 0;
$ID = $_POST['ID'];
$type = $_POST['type'];
$category = $_POST['category'];
$interest = $_POST['interest'];
$expInt = explode("\n", $interest);
$DMOD = date('Y-m-d');
$TMOD = date('H:i:s');

$check_entry = Admin_interest::if_exists(clean_input_value($category));
if($check_entry == 0){
$new_category = Admin_interest::make($ID, clean_input_value($category), clean_input_value($type), $DMOD, $TMOD);
if($new_category && $new_category->save()){
$CID = $new_category->id;
$flag = 1;
}
}


foreach($expInt as $expInts){

$check_entry = Admin_interests_sub::if_exists($CID, clean_input_value($expInts));
if($check_entry == 0){
$new_interest = Admin_interests_sub::make($ID, $CID, clean_input_value($expInts), $DMOD, $TMOD);
if($new_interest && $new_interest->save()){
$message = 'Thank You: Your list Has Been Saved';
}else{
$message = "Sorry, There was an error";
}
}

}

echo $message;
?>


Class:
Code: [Select]
<?PHP
require_once(LIB_PATH.DS.'database.php');

class Admin_interests_sub {

protected static $table_name="admin_interests_sub";
protected static $db_fields = array('id', 'category_id', 'interest_sub', 'dateMod', 'timeMod');
public $id;
public $category_id;
public $interest_sub;
public $dateMod;
public $timeMod;


public static function make($ID, $category_id, $interest_sub, $DMOD, $TMOD){
if(!empty($interest_sub)){
$interest = new Admin_interests_sub();
$interest->id = (int)$ID;
$interest->category_id = (int)$category_id;
$interest->interest_sub = $interest_sub;
$kw->dateMod = $DMOD;
$kw->timeMod = $TMOD;
return $kw;
}else{
return false;
}
}

protected function attributes(){
$attributes = array();
foreach(self::$db_fields as $field){
if(property_exists($this, $field)){
$attributes[$field] = $this->$field;
}
}
return $attributes;
}

protected function sanitized_attributes(){
global $database;
$clean_attributes = array();
foreach($this->attributes() as $key => $value){
$clean_attributes[$key] = $database->escape_value($value);
}
return $clean_attributes;
}

public function save(){
return !empty($this->id) ? $this->update() : $this->create();
}

public function create(){
global $database;
$attributes = $this->sanitized_attributes();
$sql = "INSERT INTO ".self::$table_name." (";
$sql .= join(", ", array_keys($attributes));
$sql .= ") VALUES ('";
$sql .= join("', '", array_values($attributes));
$sql .= "')";
if($database->query($sql)){
$this->id = $database->insert_id();
return true;
}else{
return false;
}
}

public function update(){
global $database;
$attributes = $this->sanitized_attributes();
$attribute_pairs = array();
foreach($attributes as $key => $value){
$attribute_pairs[] = "{$key}='{$value}'";
}
$sql = "UPDATE ".self::$table_name." SET ";
$sql .= join(", ", $attribute_pairs);
$sql .= " WHERE id=".$database->escape_value($this->id);
$database->query($sql);
return ($database->affected_rows() == 1) ? true : false;
}

public function delete(){
global $database;
$sql = "DELETE FROM ".self::$table_name." ";
$sql .= "WHERE id=".$database->escape_value($this->id);
$sql .= " LIMIT 1";
$database->query($sql);
return ($database->affected_rows() == 1) ? true : false;
}

}

?>


Any help finding this bug will be a big help.

Thanks