Paul Swanson

I think your problem is that you haven't defined $bg before you use it in this line: $data .= join('</td><td>', $row)."</td></tr>\n<tr bgcolor=\"'.$bg.'\"><td>"; // Create a new row of data and append it to the last row (this line is where I'm having the problem)

Are you sure PHP is running? Try a script with just: <?php phpinfo(); ?> Do you get the PHP Information page?

I've never used the key word TABLE in an update query. Try just: UPDATE tablename SET ...

Did you add session_start() to the page that includes the FPDF library? You should add that and do any variable validation/manipulation before you load the FPDF library. I haven't used session variables, but it should work. I have used POST data, and I do my validation and variable assignments before I include the FPDF library. My script looks something like this (shortened, but you should get the idea): // FORM VALIDATION if (isset ($_POST['submitted'])) { // instName if (!empty ($_POST['instName'])) { $institutionName = $_POST['instName']; } else { $institutionName = FALSE; $msg .= '<p>Please enter your Institution Name.</p>'; echo '<script type="text/javascript" language="javascript">missingFieldIds.push("instName");</script>'; } // channel if (!empty ($_POST['channel']) && $_POST['channel'] != '0') { $deliveryChannel = $_POST['channel']; } else { $deliveryChannel = FALSE; $msg .= '<p>Please select a Delivery Channel.</p>'; echo '<script type="text/javascript" language="javascript">missingFieldIds.push("channel");</script>'; } // create pdf if required fields completed if ($institutionName && $deliveryChannel) { // required fields available, load FPDF library require ($_SERVER['DOCUMENT_ROOT'] . '/fpdf/fpdf.php'); // generate filename $filename = 'Training_Attendees_' . time () . '.pdf'; // build pdf $pdf=new FPDF('P', 'pt', "Letter"); $pdf->SetMargins(18,96,18); $pdf->SetFillColor(114,187,57); $pdf->AddPage(); $pdf->Image($_SERVER['DOCUMENT_ROOT'] . '/images/TrainingServicesWhite.png', 12, 12, 315, 41, 'png'); //$pdf->Ln(); $pdf->Ln(); $pdf->Ln(); $pdf->SetFont('Arial', ''); $pdf->SetFontSize(10); $pdf->Cell(100, 12, 'Institution Name:', 0, 0, 'R'); $pdf->Cell(200, 12, "$institutionName", 0, 0, 'L'); $pdf->Cell(100, 12, 'Delivery Channel:', 0, 0, 'R'); $pdf->Cell(200, 12, "$deliveryChannel", 0, 0, 'L'); $pdf->Cell(0, 16, '', 1, 1, 'L'); $pdf->Image($_SERVER['DOCUMENT_ROOT'] . '/images/HarlandFooter600px.png', 5, 720, 600, 59, 'png'); $pdf->Output($_SERVER['DOCUMENT_ROOT'] . '/secure/trainer_uploads/' . $filename, 'F'); } } The above code saves to a file on the server, but there are other methods of delivering the pdf. You'll probably want to have it open in their browser. Hope this helps.

Does your database connection script set $dbc as a global? You would have scope issues if it doesn't. After your $r = mysqli_query ($dbc, $q); statement, add: echo mysql_error (); ... and see if that tells you anything.

I'm betting that a few lines further down the script has echo $greeting; (at least the 2nd Edition does, except it uses $message as the variable name).

I, too, had problems incorporating a MySQL query in the same script as the FPDF code, so what I do is query the database and retrieve all the information on the page that has the button or link that creates the PDF into either hidden form elements, and POST that information to the FPDF page, or into $_SESSION variables and redirect to the FPDF page. If you spent a long time working at it, you could probably modify the FPDF code so you could do it all in once script, but I found it easier to make it a two-step process. The $_SESSION route would be more secure, since you wouldn't be transmitting any of the invoice information.

if () requires an expression, a list of values isn't allowed. If you are testing to see if all variables are true, you need to use a logical operator, either && (AND), or || (OR). See http://www.php.net/manual/en/control-structures.if.php If you are testing to see if all the variables evaluate to true, you should use: if ($value1 && $value2 && $value3) { If you are testing to see if any of them evaluate to true, you'll want: if ($value1 || $value2 || $value3) {

It will need to match what is in my.ini, which is MySQL's config file, so if you didn't change that one you will need to change it to match what you put in phpMyAdmin. You should find the my.ini file in mysql/bin. You will need to stop/start MySQL once you make the change.

Thank you, Larry, for the generous offer! That would be fantastic. Do you still have my address? I haven't moved since 2003. I'm looking forward to your Javascript book. That's one I definitely will add to my shelf!

Using isset() might be overkill, since any <select> element should be present in $_POST. It's just a habit from validating text inputs, which won't be present in $_POST if no value has been entered, and will give the undefined index error we all know so well.

I think because your <select> element is multiple, $_POST['selService'] will be an array, and you'll have to use in_array rather than ==, so whether you use my code or Antonio's, try change your conditional to: isset ($_POST['selService']) && in_array ($service, $_POST['selService']) ...and see if that doesn't make it sticky for you.

There is another way to have your files in a protected folder. See http://www.larryullman.com/forums/index.php?/topic/910-registration-form/page__view__findpost__p__5405

Judging from your output, I think you want: foreach ($options as $service) { echo "<option value=\"$service\"" . (isset ($_POST['selService']) && in_array ($service, $_POST['selService']) ? ' selected="selected" : '') . ">$service</option>\n"; }

Hi Mary, Session variables are a good way to make the form values accessable to multi-page forms. You could also have each form just post the values collected to the next form in the sequence, which can then be stored in hidden form elements so you can pass it along until you reach the final form. As long as the information you are collecting isn't of a sensitive nature, such as Social Security Numbers or usernames and passwords, using hidden form elements should be fine. Otherwise you should use session variables, and probably https to make it sufficiently secure. For allowing users to modify their data, I would save their user id in a session variable once they log in. Then you could use that to query the database for their information, and populate a form for editing the information. The Content Management chapter (at least that's where it is in my 2nd Edition book) has examples of how to retrieve database information into a form for editing.

Mary, If your mysqli_connect.php is located in the /kunden/homepages/41/d94940699/htdocs/mysite directory, then you could use require $_SERVER['DOCUMENT_ROOT'] . '/mysqli_connect.php'; require $_SERVER['DOCUMENT_ROOT'] . '../mysqli_connect.php'; would be looking in the /kunden/homepages/41/d94940699/htdocs folder. The code that is working for you will be fine as long as the page with the require statement is in the same folder as the mysqli_connect.php script. What I do is I have my connection script in a folder named 'secure' that is located off the document root folder, and I've protected that folder with a .htaccess file that prevents any access via a browser. This protects the file from being read so the username and password remain unknown. I can then include that connection script with the exact same statement from any script in any folder: require_once $_SERVER['DOCUMENT_ROOT'] . '/secure/db_connect.inc.php'; My .htaccess file in the secure folder has the following: # .htaccess file to control folder access # This folder should not be accessable to general browsing. # Only PHP scripts may access this folder. # disable directory browsing Options All -Indexes # prevent folder listing IndexIgnore * # prevent access to any file <FilesMatch "^.*$"> Order Allow,Deny Deny from all </FilesMatch> Anyone trying to browse the secure folder will get a Forbidden message, and will not even be able to see what files are located there, much less read them. This is about as safe as you can make it, and I can copy and paste the require statement into any script that needs it, and it always works.

I used to have problems with getting the correct path in requires and includes until I started using $_SERVER['DOCUMENT_ROOT']: require $_SERVER['DOCUMENT_ROOT'] . '/rest/of/path/to/file.php'; It's soooo much easier to figure out now!

roberts, I have to confess that I am confused by your query. It seems like it has to do with a sports team or players, but your select element seems like it has to do with restaurant workers. I don't see the connection, unless it's a company team from a restaurant? Also, I don't get the question marks in your query. I've never seen that before: is it supposed to be part of your actual code, or is it that you aren't sure what should go there? So I'm going to make up an example that I hope will demonstrate what I think you want. Let's say you have a database table named 'staff' and it has columns for id, name, and position. The position column will indicate whether the employee is a chef or a waiter. Here is what the select element might look like: <select name="position"> <option value="a">All employees</option> <option value="Chef">Chefs</option> <option value="Wait">Waiters</option> </select> And here is how I would do the field validation and write the query: if (isset ($_GET['position'] && strlen ($_GET['position'] > 0)) { if ($_GET['position'] == 'a') { $position = ''; } else { $position = "WHERE position='" . mysql_real_escape_string ($_GET['position']) . "'"; } } else { $required[] = 'You must select a position'; } $query = "SELECT id, name, position FROM staff $position ORDER BY name ASC"; If you have additional criteria in your WHERE clause (and I think you do), the $position variable could be "AND position='" . mysql_real_escape_string ($_GET['position'] . "'"; instead of being the entire WHERE clause, and you could insert that value into the query after one of your other criteria. I would also suggest you try my example in a test script before modifying what you already have, and print the $query variable rather than run mysql_query($query). That way you can tweak it until you see the $query has what you are looking for. I hope this helps you find your solution.

I think Larry's description in the link provided by Josee (thank you Josee!) will help you. His explanation shows how to build up your query by concatenating the pieces as you go through your validation. This is essentiallly what I was getting at, but I tend to build the WHERE clause into a variable that I insert into the query variable. There was also a missing closing brace in the example I provided, which I just fixed.

You should find the password in my.ini, in the [client] section. my.ini should be located in C:\xampp\mysql\bin.

Sorry Jeff, I was on holiday and just got back to checking the forum today. I had a similar problem when setting up XAMPP and I ended up changing IIS to use port 8080, since I use Apache more often. You should be able to have both running, but you'll need to access the one using port 8080 with //localhost:8080/ instead of just //localhost/.

What I would do in this situation is use a variable for the entire WHERE clause part of the SQL, and use conditionals to set the value. Example: $where = NULL; if (!empty ($_POST['season']) { if ($_POST['season'] == 'All') { $where = ''; } else { $season = (int) $_POST['season']; $where = "WHERE season=$season "; } } $query = "SELECT empl_id, year, position, name, yel, rel FROM played $where ORDER BY name DESC"; That's simplified, using only the season and assuming it's an integer value in the database, but it should give you an idea of how to approach it. You can concatenate more fields as needed. Essentially, if you want all players from all seasons you'll want $where to be an empty string.

I think if you go through the book from beginning to end, you'll learn all of the pieces you need to accomplish your goal. I have the second edition of the book, so I can't speak to the examples in the edition you have, but there is a section on file uploads, user registration, content management, and e-commerce. By applying what you learn in those sections, you should know how to do just about anything that you can do with PHP and MySQL. I've gained all of my PHP knowledge from the second edition of this book, plus Larry's PHP 5 Advanced, by starting with chapter one and progressing through the book in order, and typing the scripts myself. Each chapter builds on what you learn in previous chapters, and I think you'll have an easier path if you don't jump ahead, at least with this book. The PHP 5 Advanced book is different, though. You can read those chapters in just about any order.

My Apache error.log file is located in C:\xampp\apache\logs ... If you had enabled Microsoft's Internet Information Sevices (IIS) prior to installing XAMPP, it is likely using port 80, and you may have to configure Apache to use port 8080 (or change IIS to use port 8080). To change it for Apache, you'll need to open httpd.conf in a text editor and change the line that starts with "Listen." The httpd.conf file is normally located in C:\xampp\apache\conf. After modifying the file you will need to stop and restart Apache.

MIME is an acronym for Multipurpose Internet Mail Extension, and is an internet standard for different file types. http://en.wikipedia.org/wiki/MIME