coding an social networking/e-commerce site and have issues

LadyDragon

i am trying to get my site to work but as i take all the php and mysql errors out i'm finding that the code is not writing to my database. below is all three code pages that wont post to the database. i will post just one of the pages i am having issues with for now and maybe i could get help from someone on the rest.
i need to know what is causing the issues please!! i don't need the code just a general this is what needs fixing i'm sure i can figure out the rest later.
this is the site page users see.

<?php include_once("php_includes/check_login_status.php"); ?>
<?php include_once("template_signup.php"); ?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Sign Up</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<link href="style/style.css" rel="stylesheet" type="text/css">
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
<script src="js/signup.js"></script>
</head>
<body>
<?php include_once("template_pageheader.php"); ?>
<div id=”pagemiddle”>
  <div id=”pagemiddleside”>
    <div id="avatar">
    </div>
    <div id="pagenavigation">
    </div>
  </div>
  <!--insurt content below between div-->
  <div id=”pagemiddlecontent”>
 	<div id="signupform">
  	  <h3>Sign Up Here</h3>
      <form name="signupform" id="signupform" onSubmit="return false;">
       <div>Username: </div>
       <input id="username" type="text" onBlur="checkusername()" onKeyUp="restrict('username')" maxlength="24">
       <span id="unamestatus"></span>
       <div>Email Address:</div>
      <input id="email" type="text" onFocus="emptyElement('status')" onKeyUp="restrict('email')" maxlength="88">
      <div>Create Password:</div>
      <input id="pass1" type="password" onFocus="emptyElement('status')" maxlength="16">
      <div>Confirm Password:</div>
      <input id="pass2" type="password" onFocus="emptyElement('status')" maxlength="16">
      <div>First Name:</div>
      <input id="first" type="text" onFocus="emptyElement('status')" maxlength="24">
      <div>Last Name:</div>
      <input id="last" type="text" onFocus="emptyElement('status')" maxlength="24">
      <div>Gender:</div>
      <select id="gender" onFocus="emptyElement('status')">
        <option value=""></option>
      <option value="m">Male</option>
      <option value="f">Female</option>
      </select>
      <div>Street Address:</div>
      <input id="street" type="text" onFocus="emptyElement('status')" maxlength="100">
      <div>City:</div>
      <input id="city" type="text" onFocus="emptyElement('status')" maxlength="30">
      <div>State:</div>
      <select id="state" onFocus="emptyElement('status')">
       <option value="Select ">-- Select  state--</option>
       <option value="AL">AL</option>
       <option value="AK">AK</option>
       <option value="AZ">AZ</option>
       <option value="AR">AR</option>
       <option value="CA">CA</option>
       <option value="CO">CO</option>
       <option value="CT">CT</option>
       <option value="DE">DE</option>
       <option value="DC">DC</option>
       <option value="FL">FL</option>
       <option value="GA">GA</option>
       <option value="HI">HI</option>
       <option value="ID">ID</option>
       <option value="IL">IL</option>
       <option value="IA">IA</option>
       <option value="KS">KS</option>
       <option value="KY">KY</option>
       <option value="LA">LA</option>
       <option value="ME">ME</option>
       <option value="MD">MD</option>
       <option value="MA">MA</option>
       <option value="MI">MI</option>
       <option value="MN">MN</option>
       <option value="MS">MS</option>
       <option value="MO">MO</option>
       <option value="MT">MT</option>
       <option value="NE">NE</option>
       <option value="NV">NV</option>
       <option value="NH">NH</option>
       <option value="NJ">NJ</option>
       <option value="NM">NM</option>
       <option value="NY">NY</option>
       <option value="NC">NC</option>
       <option value="ND">ND</option>
       <option value="OH">OH</option>
       <option value="OK">OK</option>
       <option value="OR">OR</option>
       <option value="PA">PA</option>
       <option value="RI">RI</option>
       <option value="SC">SC</option>
       <option value="SD">SD</option>
       <option value="TN">TN</option>
       <option value="TX">TX</option>
       <option value="UT">UT</option>
       <option value="VT">VT</option>
       <option value="VA">VA</option>
       <option value="WA">WA</option>
       <option value="WV">WV</option>
       <option value="WI">WI</option>
       <option value="WY">WY</option>
       </select>
      <div>Zip code:</div>
      <input id="zip" type="text" onFocus="emptyElement('status')" maxlength="5">
      <div>Country:</div>
      <select id="country" onFocus="emptyElement('status')">
       <option value=""></option>
     <option value="Germany">Germany</option>
     <option value=" United States"> United States </option>
     <option value="Greece"> Greece </option>
     <option value="Egypt"> Egypt </option>
     <option value="Japan"> Japan </option>
     <option value="Ecuador"> Ecuador </option>
     <option value="Saudi Arabia"> Saudi Arabia </option>
     <option value="Morocco"> Morocco </option>
     <option value="Brazil"> Brazil </option>
     <option value="Belgium"> Belgium </option>
     <option value="Colombia"> Colombia </option>
     <option value="Czech Republic"> Czech Republic </option>
     <option value="France"> France </option>
     <option value="Ghana"> Ghana </option>
     <option value="Iraq"> Iraq </option>
     <option value="Kuwait"> Kuwait </option>
     <option value="Nigeria"> Nigeria </option>
     <option value="Mexico"> Mexico </option>
     <option value=" Mexico "> Mexico </option>
     <option value="Russia"> Russia </option>
     <option value="South Africa"> South Africa </option>
     <option value="United Arab Emirates"> United Arab Emirates </option>
     <option value="China"> China </option>
     <option value="Canada"> Canada </option>
     <option value="United Kingdom"> United Kingdom </option>
      </select>
      <div>
        <a href="#" onClick="return false" onMouseDown="openTerms()">
        View the Terms Of Use
      </a>
      </div>
      <div id="terms" style="display:none;">
        <h3>Dragons Den Gaming Terms Of Use</h3>
        <p>1. please do not curse.</p>
        <p>2. do not share thought or images that you do not want on the internet for the world to see.</p>
        <p>3. there will be no picking on each other.</p>
        <h3>Trading Post terms of use</h3>
        <p>1. must be a member to sell or buy items.</p>
        <p>2. items must be shiped withing 3 days of sales notification.</p>
        <h3>violation of any rules will result in account deactivation</h3>
      </div>
      <br /><br />
      <button id="signupbtn" onClick="$signup()">Create Account</button>
      <span id="status"></span>
      <label>

  </label>
  </form>
</div>
</div>
<?php include_once("template_pagefooter.php"); ?>
</body>
</html>

this is the .js file

function restrict(elem){
	var tf = _(elem);
	var rx = new RegExp;
	if(elem == "email"){
		rx = /[' "]/gi;
	} else if(elem == "username"){
		rx = /[^a-z0-9]/gi;
	}
	tf.value = tf.value.replace(rx, "");
}
function emptyElement(x){
	_(x).innerHTML = "";
}
function checkusername(){
	var u = _("username").value;
	if(u != ""){
		_("unamestatus").innerHTML = 'checking ...';
		var ajax = ajaxObj("POST", "signup.php");
        ajax.onreadystatechange = function() {
	        if(ajaxReturn(ajax) == true) {
	            _("unamestatus").innerHTML = ajax.responseText;
	        }
        }
        ajax.send("usernamecheck="+u);
	}
}
function signup(){
	var u = _("username").value;
	var e = _("email").value;
	var p1 = _("pass1").value;
	var p2 = _("pass2").value;
	var c = _("country").value;
	var g = _("gender").value;
	var f = _("first").value;
	var l = _("last").value;
	var s = _("street").value;
	var ct = _("city").value;
	var st = _("state").value;
	var z = _("zip").value;
	var status = _("status");
	if(u == "" || e == "" || p1 == "" || p2 == "" || c == "" || g == ""|| f == ""|| l == ""|| s == ""|| ct == ""|| st == ""|| z == ""){
		status.innerHTML = "Fill out all of the form data";
	} else if(p1 != p2){
		status.innerHTML = "Your password fields do not match";
	} else if( _("terms").style.display == "none"){
		status.innerHTML = "Please view the terms of use";
	} else {
		_("signupbtn").style.display = "none";
		status.innerHTML = 'please wait ...';
		var ajax = ajaxObj("POST", "signup.php");
        ajax.onreadystatechange = function () {
	        if(ajaxReturn(ajax) == true) {
	            if(ajax.responseText != "signup_success"){
					status.innerHTML = ajax.responseText;
					_("signupbtn").style.display = "block";
				} else if(ajax.responseText = "signup_success"){
					window.scrollTo(0,0);
					_("signupform").innerHTML = "OK "+u+", check your email inbox and junk mail box at <u>"+e+"</u> in a moment to complete the sign up process by activating your account. You will not be able to do anything on the site until you successfully activate your account.";
				}
	        }
        }
        ajax.send("u="+u+"&e="+e+"&p="+p1+"&c="+c+"&g="+g+"&f="+f+"&l="+l+"&s="+s+"&st="+st+"&z="+z);
	}
}
function openTerms(){
	_("terms").style.display = "block";
	emptyElement("status");
}

dalecosp

There are normally error_logs for most implementations of web servers. Does your error log show you any message that might help?

What about the software itself? Does it give error messages?

Not that I'm doubting you ... it's somewhat important for triage ... how do you know it's not writing to the database?

LadyDragon

i check my database and i do not see the data that should post. i do get the email in the php(which is below) but even that is not working right. also it adds the folder for the users like is should.

<?php
session_start();
// If user is logged in, header them away
if(isset($_SESSION["username"])){
	header("location: message.php?msg=you are already a member");
    exit();
}
?><?php
// Ajax calls this NAME CHECK code to execute
if(isset($_POST["checkusername"])){
	include_once("php_includes/db_connect.php");
	$username = preg_replace('#[^a-z0-9]#i', '', $_POST['checkusername']);
	$query = "SELECT id FROM 'users' WHERE username='$username' LIMIT 1";
     $result = mysql_query($query, $db_conx); 
    if (strlen($username) < 3 || strlen($username) > 16) {
	    echo '<strong style="color:#F00;">3 - 16 characters please</strong>';
	    exit();
    }
	if (is_numeric($username[0])) {
	    echo '<strong style="color:#F00;">Usernames must begin with a letter</strong>';
	    exit();
    }
    if ($result < 1) {
	    echo '<strong style="color:#009900;">' . $username . ' is OK</strong>';
	    exit();
    } else {
	    echo '<strong style="color:#F00;">' . $username . ' is taken</strong>';
	    exit();
    }
}
?><?php
// Ajax calls this REGISTRATION code to execute
if(isset($_POST["u"])){
	// CONNECT TO THE DATABASE
	include_once("php_includes/db_connect.php");
	// GATHER THE POSTED DATA INTO LOCAL VARIABLES
	$u = preg_replace('#[^a-z0-9]#i', '', $_POST['u']);
	$e = $_POST['e'];
	$p = $_POST['p'];
	$g = preg_replace('#[^a-z]#', '', $_POST['g']);
	$c = preg_replace('#[^a-z ]#i', '', $_POST['c']);
	$f = preg_replace('#[^a-z ]#i', '', $_POST['f']);
	$l = preg_replace('#[^a-z ]#i', '', $_POST['l']);
	$s = preg_replace('#[^a-z0-9]#i', '', $_POST['s']);
	$ct = preg_replace('#[^a-z ]#i', '', $_POST['ct']);
	$st = preg_replace('#[^a-z ]#i', '', $_POST['st']);
	$z = preg_replace('#[^0-9 ]#i', '', $_POST['z']);
	// GET USER IP ADDRESS
    $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
	// DUPLICATE DATA CHECKS FOR USERNAME AND EMAIL
	$query = "SELECT id FROM 'users' WHERE username='$u' LIMIT 1";
     $result = mysql_query($query, $db_conx); 

// -------------------------------------------
$query = "SELECT id FROM 'users' WHERE email='$e' LIMIT 1";
$result = mysql_query($query, $db_conx); 
// FORM DATA ERROR HANDLING
if(u == "" || e == "" || p1 == "" || p2 == "" || c == "" || g == ""|| f == ""|| l == ""|| s == ""|| ct == ""|| st == ""|| z == ""){
	echo "The form submission is missing values.";
    exit();
} else if ($u_check > 0){ 
    echo "The username you entered is alreay taken";
    exit();
} else if ($e_check > 0){ 
    echo "That email address is already in use in the system";
    exit();
} else if (strlen($u) < 3 || strlen($u) > 16) {
    echo "Username must be between 3 and 16 characters";
    exit(); 
} else if (is_numeric($u[0])) {
    echo 'Username cannot begin with a number';
    exit();
} else {
// END FORM DATA ERROR HANDLING
    // Begin Insertion of data into the database
	// Hash the password and apply your own mysterious unique salt
	$p_hash= md5($p);
	// Add user info into the database table for the main site table
	$query = "INSERT INTO `users` ('username', 'email', 'password','first', 'last', 'gender','street', 'city', 'state', 'zip', 'country', 'ip', 'signup', 'lastlogin', 'notescheck')       
	        VALUES('$u','$e','$p_hash','$f','$l','$g','$s','$ct','$st','$z','$c','$ip',now(),now(),now())";
	$result = mysql_query($query, $db_conx);  
	$uid = mysql_insert_id($db_conx);
	// Establish their row in the useroptions table
	$query = "INSERT INTO `useroptions`('id', 'username', 'background') VALUES ('$uid','$u','original')";
	$result = mysql_query($query, $db_conx); 
	// Create directory(folder) to hold each user's files(pics, MP3s, etc.)
	if (!file_exists("user/$u")) {
		mkdir("user/$u", 0755);
	}
	// Email the user their activation link
	$Name = "Dragon’s Den Gaming"; //senders name
$email = "info@dragonsdengamming.com "; //senders e-mail adress
$recipient = "$e"; //recipient
$message =  'Drgons Den Gamming Account Activation<br /><br /><br /><br />Hello '.$u.',<br /><br />Thank you for joining Dragons Den Gamming! We hope you find this to be a cool site you can share with your friends. Enjoy all the news about the newest games and much more. Activation must be completed before you can gain full access to the site.<br /><br />Happy Gamming<br />Dragons Den staff<br /><br />Click the link below to activate your account when ready:<br /><br /><a href"http://www.dragonsdengamming.com/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash.'">Click here to activate your account now</a><br /><br />Login after successful activation using your:<br />* E-mail Address: <b>'.$e.'</b>' ; //mail body
$subject = " Dragon’s Den Gamming Account Activation "; //subject
$header = "From: ". $Name . " <" . $email . ">\r\n"; //optional headerfields
$headers .= "MIME-Version: 1.0\n";
 $headers .= "Content-type: text/html; charset=iso-8859-1\n";
ini_set('sendmail_from', ' auto_responder@dragonsdengamming.com ');  

		if(mail($recipient, $email, $subject, $message, $headers)){
		echo "signup_success";
		exit();
		}
	}
	exit();
}
?>

LadyDragon

also i have gotten rid of all these type errors and i get no more Warning: mysqli_query() expects parameter 1 to be mysqli, integer given in

LadyDragon

i fildled with the code for the sign up functions now i get the error messages You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'username'='LadyDragon' LIMIT 1' at line 1
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' WHERE 'email'='lizanderica@sbcglobal.net' LIMIT 1' at line 1

<?php
session_start();
// If user is logged in, header them away
if(isset($_SESSION["username"])){
	header("location: message.php?msg=you are already a member");
    exit();
}
?><?php
// Ajax calls this NAME CHECK code to execute
if(isset($_POST["usernamecheck"])){
	include_once("php_includes/db_connect.php");
	$username = preg_replace('#[^a-z0-9]#i', '', $_POST['usernamecheck']);
	$query = "SELECT id FROM 'users' WHERE username='$username' LIMIT 1";
     $result = mysql_query( $query); 
    if (strlen($username) < 3 || strlen($username) > 16) {
	    echo '<strong style="color:#F00;">3 - 16 characters please</strong>';
	    exit();
    }
	if (is_numeric($username[0])) {
	    echo '<strong style="color:#F00;">Usernames must begin with a letter</strong>';
	    exit();
    }
    if ($result < 1) {
	    echo '<strong style="color:#009900;">' . $username . ' is OK</strong>';
	    exit();
    } else {
	    echo '<strong style="color:#F00;">' . $username . ' is taken</strong>';
	    exit();
    }
}
?><?php
// Ajax calls this REGISTRATION code to execute
if(isset($_POST["u"])){
	// CONNECT TO THE DATABASE
	include_once("php_includes/db_connect.php");
	// GATHER THE POSTED DATA INTO LOCAL VARIABLES
	$u = preg_replace('#[^a-z0-9]#i', '', $_POST['u']);
	$e = $_POST['e'];
	$p = $_POST['p'];
	$g = preg_replace('#[^a-z]#', '', $_POST['g']);
	$c = preg_replace('#[^a-z ]#i', '', $_POST['c']);
	$f = preg_replace('#[^a-z ]#i', '', $_POST['f']);
	$l = preg_replace('#[^a-z ]#i', '', $_POST['l']);
	$s = preg_replace('#[^a-z0-9]#i', '', $_POST['s']);
	$ct = preg_replace('#[^a-z ]#i', '', $_POST['ct']);
	$st = preg_replace('#[^a-z ]#i', '', $_POST['st']);
	$z = preg_replace('#[^0-9 ]#i', '', $_POST['z']);
	// GET USER IP ADDRESS
    $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
	// DUPLICATE DATA CHECKS FOR USERNAME AND EMAIL
	$query = "SELECT username FROM 'users' WHERE 'username'='$u' LIMIT 1";
     $result1= mysql_query( $query); 
		if (mysql_errno()) {
    echo $sql . "<br/>\n" . mysql_error();
}
	// -------------------------------------------
	$query = "SELECT email FROM 'users' WHERE 'email'='$e' LIMIT 1";
    $result2 = mysql_query($query); 
	// FORM DATA ERROR HANDLING
	if (mysql_errno()) {
    echo $sql . "<br/>\n" . mysql_error();
}
	if(u == "" || e == "" || p1 == "" || p2 == "" || c == "" || g == ""|| f == ""|| l == ""|| s == ""|| ct == ""|| st == ""|| z == ""){
		echo "The form submission is missing values.";
        exit();
	} else if ($result1 > 0){ 
        echo "The username you entered is alreay taken";
        exit();
	} else if ($result2 > 0){ 
        echo "That email address is already in use in the system";
        exit();
	} else if (strlen($u) < 3 || strlen($u) > 16) {
        echo "Username must be between 3 and 16 characters";
        exit(); 
    } else if (is_numeric($u[0])) {
        echo 'Username cannot begin with a number';
        exit();
    } else {
	// END FORM DATA ERROR HANDLING
	    // Begin Insertion of data into the database
		// Hash the password and apply your own mysterious unique salt
		$p_hash= md5($p);
		// Add user info into the database table for the main site table
		$query = "INSERT INTO `users` ('username', 'email', 'password','first', 'last', 'gender','street', 'city', 'state', 'zip', 'country', 'ip', 'signup', 'lastlogin', 'notescheck')       

		        VALUES('$u','$e','$p_hash','$f','$l','$g','$s','$ct','$st','$z','$c','$ip',now(),now(),now())";
		$result=mysql_query($query); 
		$uid = mysql_insert_id($db_conx);
		// Establish their row in the useroptions table
		$query = "INSERT INTO `useroptions`('id', 'username', 'background') VALUES ('$uid','$u','original')";
		$result=mysql_query($query);
		// Create directory(folder) to hold each user's files(pics, MP3s, etc.)
		if (!file_exists("user/$u")) {
			mkdir("user/$u", 0755);
		}
		// Email the user their activation link
		$Name = "Dragon’s Den Gaming"; //senders name
$email = "info@dragonsdengamming.com "; //senders e-mail adress
$recipient = "$e"; //recipient
$message =  'Drgons Den Gamming Account Activation<br /><br /><br /><br />Hello '.$u.',<br /><br />Thank you for joining Dragons Den Gamming! We hope you find this to be a cool site you can share with your friends. Enjoy all the news about the newest games and much more. Activation must be completed before you can gain full access to the site.<br /><br />Happy Gamming<br />Dragons Den staff<br /><br />Click the link below to activate your account when ready:<br /><br /><a href"http://www.dragonsdengamming.com/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash.'">Click here to activate your account now</a><br /><br />Login after successful activation using your:<br />* E-mail Address: <b>'.$e.'</b>' ; //mail body
$subject = " Dragon’s Den Gamming Account Activation "; //subject
$header = "From: ". $Name . " <" . $email . ">\r\n"; //optional headerfields
$headers .= "MIME-Version: 1.0\n";
 $headers .= "Content-type: text/html; charset=iso-8859-1\n";
ini_set('sendmail_from', ' auto_responder@dragonsdengamming.com ');  

		if(mail($recipient, $email, $subject, $message, $headers)){
		echo "signup_success";
		exit();
		}
	}
	exit();
}
?>

johanafm

LadyDragon;11025487 wrote:

     $result = mysql_query($query, $db_conx);

LadyDragon;11025499 wrote:
Warning: mysqli_query() expects parameter 1 to be mysqli, integer given in

You said you'd gotten rid of the error, but I'd still like to make sure that you are aware of the difference between mysql_query and mysqli_query.

Also, I see no call to mysqli_connect. First thing to do when db queries fail is to make sure you have a valid connection resource. What's the return value of the call to _connect? Also, there is a difference between mysql_connect and mysqli_connect.

And do stop using the mysql extension.

johanafm

Please do use [noparse]

 tags when posting php code[/noparse]
2. Please only post relevant code, not huge blocks of whatever.
[QUOTE=LadyDragon;11025507]
WHERE 'username'='LadyDragon' LIMIT 1' at line 1
[/QUOTE]
' (single quotes) delimit string literals
" (double quotes) delimit identifiers (unless using a mysql database with ansi quotes turned off - else you use ` (backtick) for this)
Identifiers only need be quoted if the identifier is also a reserved word. You may however always quote them should you wish to do so.

username is supposed to be an identifier, not a string literal.

Oh, and I did cut out the wrong part from your post. In this case, what you get is FALSE (always) since 'username' is not equal to 'LadyDragon'. But the same principle apply to whatever the parse error was. Iirc from reading your post, you had also single quoted 'email' (same issue as here), and 'users' (this is the parse error), since 'users' isn't a table, while "users", users and possibly `users`are.

LadyDragon

OK i tweaked and i think i might be connecting to the data base but now it says such and such username is taken when it is not even in the data base. what did i miss?

<?php
// Ajax calls this NAME CHECK code to execute
if(isset($_POST["usernamecheck"])){
    $db=mysql_connect("host","user","pass") or die ("can not connect");
	mysql_select_db("ddgusers", $db);
	$username = preg_replace('#[^a-z0-9]#i', '', $_POST['usernamecheck']);
	$query = 'SELECT `id` FROM `users` WHERE `username`="$username"';
     $result=mysql_query($query,$db);
    if (strlen($username) < 3 || strlen($username) > 16) {
	    echo '<strong style="color:#F00;">3 - 16 characters please</strong>';
	    exit();
    }
	if (is_numeric($username[0])) {
	    echo '<strong style="color:#F00;">Usernames must begin with a letter</strong>';
	    exit();
    }
    if ($result < 1) {
	    echo '<strong style="color:#009900;">' . $username . ' is OK</strong>';
	    exit();
    } else {
	    echo '<strong style="color:#F00;">' . $username . ' is taken</strong>';
	    exit();
    }
}
?>

LadyDragon

hey johanafm i was wondering if you would be willing to trade contact information so that i can have you walk through my code with me. i am trying to get this website done for my final project it needs to be done and handed in by the 2nd of next month. this is my last project before i graduate.

johanafm

LadyDragon;11025581 wrote:
OK i tweaked and i think i might be connecting to the data base but now it says such and such username is taken when it is not even in the data base. what did i miss?

Where? Exact message? Line number indicated?

LadyDragon;11025581 wrote:
'[snip] "[snip]"';

' and " are still not the same. " still delimits identifiers. ' still delimits string literals.

LadyDragon

i managed to figure out how to get the code done in Dreamweaver but i'm having issues with session variables. the session variables from my login page are not carrying over. it is also not allowing my header to change like it should. both codes are below:

php login code and session stuff

<?php require_once('Connections/db.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['email'])) {
  $loginUsername=$_POST['email'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "user.php";
  $MM_redirectLoginFailed = "signup.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_db, $db);

  $LoginRS__query=sprintf("SELECT email, password FROM users WHERE email=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 

  $LoginRS = mysql_query($LoginRS__query, $db) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;	      

if (isset($_SESSION['PrevUrl']) && false) {
  $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
}
header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

header php

<?php

$envelope = '<img src="images/note_dead.jpg" width="22" height="12" alt="Notes" title="This envelope is for logged in members">';
$loginLink = '<a href="login.php">Log In</a> &nbsp; | &nbsp; <a href="signup.php">Sign Up</a>';
$mydenlink = '<a href="index.php"><img src=images/den.png width="44" height="44" alt=”the Den” title=”The Den”></a>';
/* this code bellow is what needs to change to have this header work right but what do i use?*/
if($user_ok == true) {
	$query = "SELECT notescheck FROM users WHERE username='$log_username' LIMIT 1";
	$result = mysqli_query($db_conx, $sql);
	$row = mysqli_fetch_row($result);
	$notescheck = $row[0];
	$query = "SELECT id FROM notifications WHERE username='$log_username' AND date_time > '$notescheck' LIMIT 1";
	$result = mysqli_query($db_conx, $sql);
	$num = mysql_numrows($query);
    if ($num == 0) {
		$envelope = '<a href="notifications.php" title="Your notifications and friend requests"><img src="images/note_still.jpg" width="22" height="12" alt="Notes"></a>';
    } else {
		$envelope = '<a href="notifications.php" title="You have new notifications"><img src="images/note_flash.gif" width="22" height="12" alt="Notes"></a>';
	}
    $loginLink = '<a href=user.php?u='.$log_username.'>'.$log_username.'</a> &nbsp; | &nbsp; <a href=logout.php>Log Out</a> ';
	$mydenlink = '<a href="userhome.php"><img src=images/myden.png  width="44" height="44" alt=”The Den” title=”The Den”></a>';
}
?>

i know the header php has to do with not using the right variables and such but i don't know what one to use.

Weedpacket

  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

Of course, PHP doesn't have a version 6 yet, and [man]get_magic_quotes_gpc[/man] has been nonfunctional since 5.4.0.... (And, incidentally, that's an unreliable way of comparing PHP version numbers (e.g. "'5.4.10' < '5.4.3'"), and [man]PHP_VERSION_ID[/man] or [man]version_compare[/man] would be more robust.)

LadyDragon wrote:

    $result = mysqli_query($db_conx, $sql);
    $num = mysql_numrows($query);

  $LoginRS = mysql_query($LoginRS__query, $db) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);

   $result = mysqli_query($db_conx, $sql);
    $row = mysqli_fetch_row($result);

johanafm wrote:
You said you'd gotten rid of the error, but I'd still like to make sure that you are aware of the difference between mysql_query and mysqli_query.

LadyDragon

i just saw what you are talking about i do know the difference but i'm still fairly new to mysql i wil go and fix the code

The_Phantom

Does anyone happen to have all of the images for this series? (i.e. - note_dead.jpg, note_still.jpg, note_flash.gif) and the others as well? I can't locate them anywhere!

Thanks!