PHP - Error Text In The Corner Of My Form, But From Works?

**Disclaimer: It's been a while since I last wrote any code. The quality of my code is likely to be sub-par. You've been warned.**

I have a basic form that's meant to search flat files on our server. The "search engine" I created as two select lists: one for the file names and one for the customer site files come from.

For a reason I can't figure out, whatever option I select from the second select list is never captured when I hit Submit.

However, whatever option I select from the first select list is always captured.

What am I missing? I am sure it's starting right at me.... Any hints welcome. Thank you.

Here's my code:

    Code: [Select]
<HTML>
    <head><title>SEARCH TOOL - PROTOTYPE</title></head>
    <body><h1>SEARCH TOOL - PROTOTYPE</h1>
    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <fieldset>
    <legend>Filename (one item)</legend><select name="DBFilename" id="DBFilename" size="0">
    <?php $con = mysql_connect("localhost",  "user", "pass"); if (!$con) {  die('Could not connect: ' . mysql_error());}
    mysql_select_db("dev", $con) or die(mysql_error());
    $result = mysql_query("select distinct filename from search_test");
    while ($row = mysql_fetch_array($result))
    { ?>    <option value="<?php echo $row['filename']; ?>"><?php echo $row['filename']; ?></option> <?php } mysql_close($con); ?>
    </select></fieldset>
    <fieldset>
    <legend>Site (one item)</legend><select name="DBSite" id="DBSite">
    <?php $con = mysql_connect("localhost",  "user", "pass"); if (!$con) {    die('Could not connect: ' . mysql_error());}
    mysql_select_db("dev", $con) or die(mysql_error());
    $result = mysql_query("select distinct site from search_test");
    while ($row = mysql_fetch_array($result))
    { ?>        <option value="<?php echo $row['site']; ?>"><?php echo $row['site']; ?></option> <?php } mysql_close($con);
    ?>
    </select></fieldset>
    <input type="submit" name="submit" value="submit" >
    <input type="button" value="Reset Form" onClick="this.form.reset();return false;" />
    </form>
    </body>
    </HTML>
    <?php
    
    if (isset($_POST['submit'])) {
    
            if (!empty($_POST['DBFilename'])) {doFileSearch();}
                    elseif (!empty($_POST['DBSite'])) {doSite();}
    }
    
    function doFileSearch() {
    $mydir = $_SERVER['DOCUMENT_ROOT'] . "/filedepot";
    $dir = opendir($mydir);
    $DBFilename = $_POST['DBFilename'];
    
    $con = mysql_connect("localhost", "user", "pass");
    if (!$con) {die('Could not connect: ' . mysql_error());}
    mysql_select_db("dev", $con) or die("Couldn't select the database.");
    
    $getfilename = mysql_query("select filename from search_test where filename='" . $DBFilename . "'") or die(mysql_error());
    
    echo "<table><tbody><tr><td>Results.</td></tr>";
    while ($row = mysql_fetch_array($getfilename)) {
                    $filename = $row['filename'];
                    echo '<tr><td><a href="' . basename($mydir) . '/' . $filename . '"  target="_blank">' . $filename . '</a></td></tr>';
            }
                    echo "</table></body>";
    }
    
    function doSite() {
    $mydir = $_SERVER['DOCUMENT_ROOT'] . "/filedepot";
    $dir = opendir($mydir);
    $DBSite = $_POST['DBSite'];
    
    $con = mysql_connect("localhost", "user", "pass");
    if (!$con) {die('Could not connect: ' . mysql_error());}
    mysql_select_db("dev", $con) or die("Couldn't select the database.");
    
    $getfilename = mysql_query("select distinct filename from search_test where site='" . $DBSite . "'") or die(mysql_error());
    
    echo "<table><tbody><tr><td>Results.</td></tr>";
    while ($row = mysql_fetch_array($getfilename)) {
                    $filename = $row['filename'];
                    echo '<tr><td><a href="' . basename($mydir) . '/' . $filename . '"  target="_blank">' . $filename . '</a></td></tr>';
            }
                    echo "</table></body>";
    
    }
    ?>

I am looking for a special PHP processor.

I am gonna list what I need from most to least important.

I will have a job application form in which people can apply for a job by filling out long form. The applications needs to be not e-mailed but stored on the server. They should be able to be well databased. I should have an option to backup the database, search through applications, sort through applications. Then I should be able to assign certain applications to certain admins (who would not have access to others). This restriction should be done by category.

I will also have a client sign up sheet. Client information should also be stored on the server not e-mailed. I should be able to search, sort clients too. Clients should also be assigned to lower admins based on certain criteria.

It would be nice to download applications as pfs and databases as xls or something like that.

Both applicant and client should be able to login and change their information.

An admin can change the status of an applicant to an employee/contractor. Then an admin can assign an employee to multiple clients.

And then in best case scenario employee can bill client for particular services.

I am willing to pay for a script that is kind of similar to this. What is the closest PHP script to this?
Thanks

The upload script I'm using performs successfully in Google, but not in IE or FF.

I have this form action that checks for errors, if none are found it should go to the confirmation page.  Works well in Firefox, however Chrome stays perpetually on the register page. 

Is there any way to make this work in Chrome as well?  Does anyone have any explanation? 

Thank you very much for your time.


Code: [Select]

<form action="<?php if(!empty($errors)){
echo "confirmation.php";
} else {
echo "register.php";
} ?>" method="POST">

I have been banging my head for quite a number of hours on this.........I am getting the below error with firefox 7 or chrome but NOT with IE

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/unlockth/public_html/motorola/insertmoto.php on line 35

Here is the code.......pls can anyone help me?

<?php
  $userip = ($_SERVER['X_FORWARDED_FOR']) ? $_SERVER['X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
  $name = $_POST['name'] ;
  $email = $_POST['email'] ;
  $phone = $_POST['phone'] ;
  $operator = $_POST['operator'] ;
  $imei = $_POST['imei'] ;
  $todayis = date("l, F j, Y, g:i a") ;

  @mail( "xxx@xxx.com", "ORDER SUBMISSION",
   $message = " $userip
   $message = $todayis
   Name: $name
   Email: $email
   Phone Model: $phone
   Phone Operator: $operator
   Phone Imei: $imei",
    "From: MOTOROLA SUBMISSION>");
?>

<?
$id = $_POST['id'];

include "/home/unlockth/password.php";
mysql_select_db("unlockth_unlocking",$db);

mysql_query("INSERT INTO custdetails VALUES ('','$name','$email','$phone','$operator','$imei')");
$insertid = mysql_insert_id();

include "/home/unlockth/password.php";
mysql_select_db("unlockth_unlocking",$db);

  $getdata = mysql_query("SELECT * FROM motorola WHERE id=$id", $db);

  $row = mysql_fetch_array($getdata);

               $title = $row["title"];
               $price_1 = $row["price_1"];
               $price_2 = $row["price_2"];
               $price_3 = $row["price_3"];
               $imageaddr = $row["imageaddr"];
               $description = $row["description"];
               $keywords = $row["keywords"];
               $time = $row["time"];

include '/home/unlockth/public_html/motorola/outputmotocode.php';?>

My Contact form subscripltion works put does not echo to  subscriber that message has been sent..I am not sure how to get the response message to display on page after subscribing. Here is my my html code  

<?php
if (isset($_POST['submit'])) {
$name = $_POST['name'];	
$email = $_POST['email'];
$message = $_POST['msg'];
	$mailto = "support@playkenyamusic.com";
$headers = "From: ".$email;	
$headers .= "Cc: djboziah@gmail.com \r\n";
$txt = "You have a message From ".$name.".\n\n".$message;
mail($mailto, $email, $txt, $headers);
echo $_POST["msg"]; 
	if(!$email->send()) 
{
    echo "Mailer Error: " . $email->ErrorInfo;
} 
else 
{
    echo "Message has been sent successfully";
}	
header("Location: form-to-email.php?emailsent");	


}
?>

 

I've decided to rewrite one a couple of my forms, to make them more user friendly.

But I am having problems returning the error. I've created an array ($e) which has the field name ($e['field_name']) for the error, but it isn't displaying any errors.

Here's the code:
case "contact":
$e = array();
if(isset($_POST['sb'])){
$fullname = $sql->real_escape_string($_POST['fullname']);
$email_a = $sql->real_escape_string($_POST['email']);
$email_r = $sql->real_escape_string($_POST['email_r']);
$orderid = $sql->real_escape_string($_POST['orderid']);
$subject = $sql->real_escape_string($_POST['subject']);
$problem = $sql->real_escape_string($_POST['problem']);
# Error Message
function show_error($error,$evar){
$err = ' <span style="color: #ff0000"><strong>'.$error.'</strong></span>';
return $err;
}
# Check for isset
if(!isset($_POST['fullname'])){
$e['fullname'] = show_error('Please enter your full name',$e['fullname']);
}
if(!isset($_POST['email_a'])){
$e['email_a'] = show_error('Please enter your email address.',$e['email_a']);
}
if(!isset($_POST['email_r'])){
$e['email_r'] = show_error('Please re-enter your email address.',$e['email_r']);
}
if(!isset($_POST['subject'])){
$e['subject'] = show_error('Select a subject.',$e['subject']);
}
if(!isset($_POST['problem'])){
$e['problem'] = show_error('Describe your problem.',$e['problem']);
}
if(isset($_POST['email']) AND isset($_POST['email_r']) AND $email_a != $email_r){
$e['email_r'] = show_error('Your email addresses do not match.',$e['email_r']);
}
}
$content = '<h2>
Customer Support - Contact</h2>
<p>
For technical support, sales and product related questions: <a href="'.$tech_support.'" target="_blank">Technical Support</a>.</p>
<p>
For downloading, ordering, refund or other store related questions, please fill out the form below:</p>
<form method="post" name="csupport">
<p>
Please enter your full name:<br />
<input name="fullname" type="text" value="'.$fullname.'" />'.$e['fullname'].'</p>
<p>
Please enter your email address:<br />
<input name="email_a" type="text" value="'.$email_a.'" />'.$e['email_a'].'<br />
Please re-enter your email address:<br />
<input name="email_r" type="text" value="'.$email_r.'" />'.$e['email_r'].'</p>
<p>
Please enter your order number:<br />
<input name="orderid" type="text" value="'.$orderid.'" /></p>
<p>
Please select a subject for your enquiry:<br />
<select name="subject"><option selected="selected" value="">--Select--</option><option value="Billing Question">Billing Question</option><option value="Cancel / Refund Order">Cancel / Refund Order</option><option value="Download Question">Download Question</option><option value="Password Issues">Password Issues</option><option value="Order Question">Order Question</option><option value="Shipping Question">Shipping Question</option><option value="Other">Other</option></select>'.$e['subject'].'</p>
<p>
Describe your problem as best you can:<br />
<textarea cols="45" name="problem" rows="4">'.$problem.'</textarea>'.$e['problem'].'</p>
<p>
<input name="sb" type="hidden" value="sb" /><input name="submit" type="submit" value="Submit" /></p>
</form>
';
$title = 'Contact Support';
break;

Can anyone see what the problem is? Thanks

Hi i have this edit form that allows user to mofy data but the problems on the text box is that it deletes the rest of the data after the space from the first word i tried to increase the size of the varChars on mysql but did no work why it happens how can i stop from happening??

this the form input
<input type="text" name="name" id="name"  class='text_box' value="<?php echo $_GET['name'];?>"/>

Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you.

Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one.

FIRST:The first thing I want to know, is if my contact form secure according to you:

The HTML with the PHP codes:

Code: [Select]
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

//Assigning variables to elements
$first = htmlentities($_POST['first']);
$last = htmlentities($_POST['last']);
$sub = htmlentities($_POST['subject']);
$email = htmlentities($_POST['email']);
$web = htmlentities($_POST['website']);
$heard = htmlentities($_POST['heard']);
$comment = htmlentities($_POST['message']);
$cap = htmlentities($_POST['captcha']);

//Declaring the email address with body content
$to = 'alithebestofall2010@gmail.com';
$body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'";

//Validate the forms
if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) {
echo '<p class="error">Required fields must be filled!</p>';
header ('refresh= 3; url= index.php');
return false;

} 
elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) {
echo '<p class="error">You cannot enter a number as either the first or last name!</p>';
return false;
} 
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo '<p class="error">Incorrect email address!</p>';
return false;
}
elseif (!($cap === '12')){
echo '<p class="error">Invalid captcha, try again!</p>';
return false;
}
else {
mail ($to, $sub, $body);
echo '<p class="success">Thank you for contacting us!</p>';
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<p>Your first name: <span class="required">*</span></p>
<p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p>

<p>Your last name: <span class="required">*</span></p>
<p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p>

<p>Subject: <span class="required">*</span></p>
<p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p>

<p>Your email address: <span class="required">*</span></p>
<p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p>

<p>Website:</p>
<p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p>

<p>Where you have heard us?: <span class="required">*</span></p>
<p><select name="heard">
<option>Internet</option>
<option>Newspapers</option>
<option>Friends or relatives</option>
<option>Others</option>
</select></p>

<p>Your message: <span class="required">*</span></p>
<p><textarea cols="75" rows="20" name="message"></textarea></p>

<p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p>
<p><input type="text" name="captcha" size="10"/></p>

<p><input type="submit" name="submit" value="Send" class="button"/>
<input type="reset" value="Reset" class="button"/></p>
</form>

SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form.

THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing!

Hello, first time poster..  I've looked the web over for a long time and can't figure this one out.

- Below is basic code that successfully checks MySQL for a match and displays result.  I was debugging and forced the "height" and "width" to be 24 and 36 to make sure that wasn't the problem.  That's good.. 
- I'd like to give the user ability to select width and height from a form.. and have it do an onchange this.form.submit so the form can be changing as fields are altered (thus the onchange interaction)
- In a normal coding environment I've done this numerous times with no "Page cannot be displayed" problems.  It would simply change one select-option value at a time til they get down the form and click submit...  but in WordPress I'm having trouble making even ONE single onchange work!
- I've implemented the plugins they offer which allows you to "copy+paste" your php code directly into their wysiwyg editor.  That works with basic tests like my first bullet point above.
- I've copied and pasted the wordpress url (including the little ?page_id=123) into the form "action" url... that didn't work...  tried forcing it into an <option value=""> tag.. didn't work.  I'm just not sure. 

I've obviously put xx's in place of private info..

Why does this form give me Page Cannot Be Displayed in WordPress every time?  It won't do anything no matter how simple.. using onchange..

Code..

$con = mysql_connect("xxxx.xxxxxxx.com","xxxxxx","xxxxx");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("xxxxxx", $con);
$myprodwidth=24;
$myprodheight=36;
$result = mysql_query("SELECT * FROM product_sizes WHERE prodwidth='$myprodwidth' and prodheight='$myprodheight'");
while($row = mysql_fetch_array($result))
  {
  echo $row['prodprice'];
  }
mysql_close($con);


<form method="post" action="">
<select name="myheight" onchange="this.form.submit();">
<option selected="selected" value="">select height</option>
<option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">36</option>
<option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">48</option>
</select>

I have developed a code for a login and seems to work well (No syntax error according to https://phpcodechecker.com/ but when I enter a username and a password in the login form, I get an error HTTP 500. I think that everything is ok in the code but obviously there is something that I am not thinking about. The code (excluding db connection):

$id="''"; $username = $_POST['username']; $password = md5($_POST['password']); $func = "SELECT contrasena FROM users WHERE username='$username'";

$realpassask = $conn->query($func); $realpassaskres = $realpassask->fetch_assoc(); $realpass= $realpassaskres[contrasena];

$func2 = "SELECT bloqueado FROM users WHERE username='$username'"; $blockedask = $conn->query($func2); $blockedres = $blockedask->fetch_assoc(); $bloqueado = $blockedres[bloqueado];

//Login if(!empty($username)) { // Check the email with database
$userexists = $pdo->prepare("SELECT COUNT(username) FROM users WHERE username= '$username' LIMIT 1"); $userexists->bindParam(':username', $username); $userexists->execute(); // Get the result $userexistsres = $userexists->fetchColumn(); // Check if result is greater than 0 - user exist if( $userexistsres == 1) { if ($bloqueado == NO) { if ($password != $realpass) { die("contrasena incorrecta"); } Else{ $_SESSION['loguin']="OK"; $_SESSION['username']="$username"; header("Location: ./index.php"); } } Else{ die("Tu usuario ha sido bloqueado o todavía no ha sido aceptado por un administrador. } Else{ die("No hay ninguna cuenta con este nombre de usuario"); } } else { echo 'El campo usuario esta vacio'; } ?>

Hi there.

How do I reflect the text content of the variable $a in this text form:

<input type="text" name="artist">

Regards Morris

hey there peoples i have a bit of a problem with my php code. when i click on the name it wont play the video. but if i click on the thumbnail it plays here is the code

Code: [Select]
echo "<div class='Video_thumbnail'>";
  echo "<a href='/Video.php?id={$row['id']}'>";
  echo "<img src='http://i.ytimg.com/vi/{$row['link']}/hqdefault.jpg' width='220' height='170' alt='click' /></a>";
  echo "<br>";
  echo "</br>";
  echo "<a href='/Video.php?={$row['id']}'>";
  echo "{$row['navn']}</a>";
  echo "</div>";

hello all, i am hoping someone would be kind enough to help me.
the form and code works fine, until i add a ' for e.g. michael's and when i click the submit i get this error:

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's','home')' at line 3. the mysql filed is set as text.

the php code:
Code: [Select]
function content_add() {

    $sql="INSERT INTO content (title, body, page)
VALUES
('$_POST[title]','$_POST[body]','$_POST[page]')";

if (!mysql_query($sql))
  {
  die('Error: ' . mysql_error());
  }
echo "<script>window.location='index.php?option=content'</script>";
}

just hoping someone can help me fix this issue, thanks all.

Hi,

I am trying to make a php website to create listings however I am having problems with the following code:

<?php
require_once("/home/a9653716/public_html/functions.php");
if(!$_SESSION['uid']){
    header("Location: index.php");
}

$id = mss($_GET['id']);

if ($id) {
    $sql = "SELECT * FROM `forum_sub_cats` WHERE `id`='" . $id . "'";
    $res = mysql_query($sql) or die(mysql_error());
    if (mysql_num_rows($res) == 0) {
        echo "The forum you are trying to create a topic on, does not exist!\n";
    } else {
        $row1 = mysql_fetch_assoc($res);
        if ($row1['admin'] == 1 && $admin_user_level == 0) {
            echo "You are not an administrator, therefore you cannot post on this forum!\n";
        } else {
            if (!$_POST['submit']) {
                echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
                echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n";
                echo "<tr><td>Forum Sub Category</td><td><select name=\"cat\">\n";
                $sql2 = "SELECT * FROM `forum_cats` WHERE `admin` < " . $admin_user_level . "+1";
                $res2 = mysql_query($sql2) or die(mysql_error());
                while ($row = mysql_fetch_assoc($res2)) {
                    $sql3 = "SELECT * FROM `forum_sub_cats` WHERE `cid`='" . $row['id'] . "'";
                    $res3 = mysql_query($sql3) or die(mysql_error());

                    echo "<option value=\"0\">" . $row['name'] . "</option>\n";
                    while ($row2 = mysql_fetch_assoc($res3)) {
                        $selected = ($row2['id'] == $id) ? " SELECTED" : "";
                        echo "<option value=\"" . $row2['id'] . "\"" . $selected .
                            ">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" . $row2['name'] . "</option>\n";
                    }
                }
                echo "</select></td></tr>\n";
echo "<tr><td>Topic Title</td><td><input type=\"text\" name=\"title\"></td></tr>\n";
?>
                <script>edToolbar('message'); </script>
<?php
echo "<tr><td>Message</td><td><textarea id=\"message\" name=\"message\" class=\"ed\"></textarea></td></tr>\n";
echo "<tr><td>Tags (Seperate with commas)</td><td><input type=\"text\" name=\"tags\"></td></tr>\n";
echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
                echo "</form></table>\n";
            } else {
                $cat = mss($_POST['cat']);
                $title = mss($_POST['title']);
                $msg = mss($_POST['message']);
$tags = mss($POST['tags']);

                if ($cat && $title && $msg && $tags) {
                    $sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
                    $res = mysql_query($sql) or die(mysql_error());
                    if (mysql_num_rows($res) == 0) {
                        echo "This forum sub category does not exist!\n";
                    } else {
                        $row = mysql_fetch_assoc($res);
                        if ($row['admin'] == 1 && $admin_user_level != 1) {
                            echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
                        } else {
                            if (strlen($title) < 3 || strlen($title) > 32) {
                                echo "The title must be between 3 and 32 characters!\n";
                            } else {
                                if (strlen($msg) < 3 || strlen($msg) > 10000) {
                                    echo "The message must be between 3 and 10,000 characters!\n";
                                 } else {
if (strlen($tags) < 2 || strlen($tags) > 200) {
echo "You must submit at least 1 tag and the total length mustn't be more than 200 characters!\n";
} else {
                                    $date = date("m-d-y") . " at " . date("h:i:s");
                                    $time = time();
                                    $sql2 = "INSERT INTO `forum_topics` (`cid`,`title`,`uid`,`date`,`time`,`message`,`tags`) VALUES('" .
                                        $cat . "','" . $title . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time .
                                        "','" . $msg . "','" . $tags . "')";
                                    $res2 = mysql_query($sql2) or die(mysql_error());
                                    $tid = mysql_insert_id();
                                    topic_go($tid);
}
}
                            }
                        }
                    }
                } else {
                    echo "Please supply all the fields! \n";
                }
            }
        }
    }
} else {
    if (!$_POST['submit']) {
        echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
        echo "<form method=\"post\" action=\"./index.php?act=create\">\n";
        echo "<tr><td>Forum Sub Category</td><td><select name=\"cat\">\n";
        $sql2 = "SELECT * FROM `forum_cats` WHERE `admin` < " . $admin_user_level . "+1";
        $res2 = mysql_query($sql2) or die(mysql_error());
        while ($row = mysql_fetch_assoc($res2)) {
            $sql3 = "SELECT * FROM `forum_sub_cats` WHERE `cid`='" . $row['id'] . "'";
            $res3 = mysql_query($sql3) or die(mysql_error());

            echo "<option value=\"0\">" . $row['name'] . "</option>\n";
            while ($row2 = mysql_fetch_assoc($res3)) {
                $selected = ($row2['id'] == $id) ? " SELECTED" : "";
                echo "<option value=\"" . $row2['id'] . "\"" . $selected .
                    ">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" . $row2['name'] . "</option>\n";
            }
        }
        echo "</select></td></tr>\n";
        echo "<tr><td>Listing Title</td><td><input type=\"text\" name=\"title\"></td></tr>\n";
        echo "<tr><td>Message</td><td><textarea id=\"markItUp\" name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n";
        echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
        echo "</form></table>\n";
    } else {
        $cat = mss($_POST['cat']);
        $title = mss($_POST['title']);
        $msg = mss($_POST['message']);
$tags = mss($POST['tags']);

        if ($cat && $title && $msg && $tags) {
            $sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
            $res = mysql_query($sql) or die(mysql_error());
            if (mysql_num_rows($res) == 0) {
                echo "This forum sub category does not exist!\n";
            } else {
                $row = mysql_fetch_assoc($res);
                if ($row['admin'] == 1 && $admin_user_level != 1) {
                    echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
                } else {
                    if (strlen($title) < 3 || strlen($title) > 32) {
                        echo "The title must be between 3 and 32 characters!\n";
                    } else {
                        if (strlen($msg) < 3 || strlen($msg) > 10000) {
                            echo "The message must be between 3 and 10,000 characters!\n";
                        } else {
if (strlen($tags) < 2 || strlen($tags) > 200) {
echo "You must submit at least 1 tag and no more than a total of 200 characters!\n";
} else {
                            $date = date("m-d-y") . " at " . date("h:i:s");
                            $time = time();
                            $sql2 = "INSERT INTO `forum_topics` (`cid`,`title`,`uid`,`date`,`time`,`message`,`tags`) VALUES
('" . $cat . "','" . $title . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time . "','" . $msg . "','" . $tags . "')";
                            $res2 = mysql_query($sql2) or die(mysql_error());
                            $tid = mysql_insert_id();
                            header("Location: index.php?act=topic&id=" . $tid . "");
                        }
                    }
}
                }
            }
        } else {
            echo "Please supply all the fields!\n";
        }
    }
}
?>

It seems to work fine until I put the tags text box in. It works fine however when I submit something it says that I havn't supplied all the fields. I have spent quite a while trying to figure this one out but I am very new to php and understand that it's probably a missing comma or something!