Welcome to WebmasterWorld only1perky,

what is the function GetSQLValueString, that is where the issue is. Maybe paste the code of that function.

also $HTTP_POST_VARS is deprecated, you should use $_POST instead
[php.net...]

I know it's a lot of code but here's is everything before the <html> tag.

<?php //require('./includes/check_exhib_logged_in.php');?>
<!-- InstanceBegin template="/Templates/template1.dwt.php" codeOutsideHTMLIsLocked="false" -->
<!-- InstanceBeginEditable name="record sets" -->
<?php require_once('./Connections/connuser.php');?>
<?php require_once('./Connections/connadmin.php');?>
<?php
$upload_error = "";
$colname_rs_check_exist = "-1";

if(isset($HTTP_POST_VARS['email'])){
$colname_rs_check_exist =(get_magic_quotes_gpc())? $HTTP_POST_VARS['email'] : addslashes($HTTP_POST_VARS['email']);
}
mysql_select_db($database_connuser, $connuser);
$query_rs_check_exist = sprintf("SELECT email FROM exhibitors WHERE email = '%s'", $colname_rs_check_exist);
$rs_check_exist = mysql_query($query_rs_check_exist, $connuser) or die(mysql_error());
$row_rs_check_exist = mysql_fetch_assoc($rs_check_exist);
$totalRows_rs_check_exist= mysql_num_rows($rs_check_exist);

if($totalRows_rs_check_exist > 0){// that emaiil address is already used
$upload_error .= "<li>Problem, the email address ".$HTTP_POST_VARS['email']." is already being used. As your email address is also used as your user login it needs to be unique.</li>";
}

// in same order: bmp,bmp,eps,gif,jpg,jpeg,psd,png,png,tiff,tiff
$filetype_array = array(/*"image/bmp","image/x-windows-bmp", "application/postscript",*/"image/gif", "image/jpeg", "image/pjpeg",/* "application/octet-stream",*/"image/x-png","image/png"/*, "image/tiff","image/x-tiff"*/);
$valid_value = false;
$max_file_size = 262144;
//$imagefilename=$_FILES['imagefilename'];
if( $totalRows_rs_check_exist < 1 && $imagefilename<>''&& $imagefilename<>'none'){
// check they have even sent one
if($_FILES['imagefilename']['size'] == 0){
$upload_error .= "<li>Problem, file uploaded has zero size. This could be because it exceeded the maximum file size of 250Kb.</li>";
}elseif($_FILES['imagefilename']['size'] > $max_file_size){
$upload_error .= "<li>Problem, file size is ".$_FILES['imagefilename']['size'].", which exceeds the maximum size of ".$max_file_size." bytes.</li>";
}else{
foreach($filetype_array as $value){
if($_FILES['imagefilename']['type'] == $value){
$valid_value = true;
}
}
if(!$valid_value){
$upload_error .= "<li>Problem, file uploaded is of the wrong file type. Types allowed:JPEG, GIF & PNG</li>";
}
}

$uploaded_name = stripslashes($_FILES['imagefilename']['name']);
$uploaded_type = $_FILES['imagefilename']['type'];
}

// the isert code>>
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""){
$theValue =(!get_magic_quotes_gpc())? addslashes($theValue) : $theValue;

switch($theType){
case "text":
$theValue = ($theValue!= "")? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue!= "")? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue!= "")? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue!= "")? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue!= "")? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

if((isset($HTTP_POST_VARS["hidden_action"])) && ($HTTP_POST_VARS["hidden_action"] == "update") && $upload_error == ""){
if(is_array($HTTP_POST_VARS['category'])){
$craft = implode(",",$HTTP_POST_VARS['category']);
}else{
$craft =$HTTP_POST_VARS['category'];
}

$insertSQL = sprintf("INSERT INTO exhibitors (
business, contact, exhibitor_type, address1,
address2, address3, city, county,
postcode, region, telephone, fax,

email, password, url, craft,
description, ename, eaddr, commision,
creditcards, delivery, gallery, onlineshop,

traning, found, datejoined) VALUES (
%s, %s, %s, %s,
%s, %s, %s, %s,
%s, %s, %s, %s,

%s, %s, %s, %s,
%s, %s, %s, %s,
%s, %s, %s, %s,
%s, %s, %s)",

GetSQLValueString($HTTP_POST_VARS['business'], "text"), GetSQLValueString($HTTP_POST_VARS['contact'], "text"), GetSQLValueString($HTTP_POST_VARS['utype'], "text"), GetSQLValueString($HTTP_POST_VARS['address1'], "text"),
GetSQLValueString($HTTP_POST_VARS['address2'], "text"),GetSQLValueString($HTTP_POST_VARS['address3'], "text"),GetSQLValueString($HTTP_POST_VARS['city'], "text"),GetSQLValueString($HTTP_POST_VARS['county'], "text"),
GetSQLValueString($HTTP_POST_VARS['postcode'], "text"),GetSQLValueString($HTTP_POST_VARS['region'], "text"), GetSQLValueString($HTTP_POST_VARS['telephone'], "text"), GetSQLValueString($HTTP_POST_VARS['fax'], "text"),
GetSQLValueString($HTTP_POST_VARS['email'], "text"), GetSQLValueString($HTTP_POST_VARS['password'], "text"), GetSQLValueString($HTTP_POST_VARS['url'], "text"),
GetSQLValueString($craft, "text"),
GetSQLValueString($HTTP_POST_VARS['description'], "text"), GetSQLValueString($HTTP_POST_VARS['ename'], "text"),GetSQLValueString($HTTP_POST_VARS['eaddr'], "text"), GetSQLValueString($HTTP_POST_VARS['commision'], "text"),
GetSQLValueString(isset($HTTP_POST_VARS['creditcard'])? "true" : "", "defined", "1", "0"), GetSQLValueString(isset($HTTP_POST_VARS['delivery'])? "true" : "", "defined","1","0"), GetSQLValueString(isset($HTTP_POST_VARS['gallery'])? "true" : "", "defined","1","0"), GetSQLValueString(isset($HTTP_POST_VARS['ecommerce'])? "true" : "", "defined","1","0"),
GetSQLValueString(isset($HTTP_POST_VARS['traning'])? "true" : "", "defined", "1", "0"), GetSQLValueString($HTTP_POST_VARS['found'], "text"), "NOW()");

mysql_select_db($database_connadmin, $connadmin);
$Result1 = mysql_query($insertSQL, $connadmin) or die(mysql_error());
if($_FILES['imagefilename']['name']!= "" && $_FILES['imagefilename']['name']!= "none"){
// move file:

if (!move_uploaded_file($_FILES['imagefilename']['tmp_name'], './images/uploaded/' . $uploaded_name/*$_FILES['imagefilename']['name']*/)){

$upload_error == "Problem, could not move the file specified";
$imagefilename =$_FILES['imagefilename']['name'];
}

chmod('./images/uploaded/'.$uploaded_name/*$_FILES['imagefilename']['name']*/, 0777); // give it ftp download rights etc
}

// now send the email
include('htmlMimeMail.php');// the class to deal with attachements
$mail = new htmlMimeMail();// new instance
$to_array = array('newexhibitor@example.com');
//$to_array = array('jon@example.com');
// attachement doesn't work
$attachment = $mail->getFile('./images/uploaded/'.$_FILES['imagefilename']['name']);
// the HTML used in the email:
$html = '

[edited by: eelixduppy at 11:12 pm (utc) on Nov. 9, 2007]
[edit reason] exemplified [/edit]

I do not know how you want to store the information in the db, however implode is a very good function for creating a string from an array. For instance, you can do something like this:

GetSQLValueString([url=http://us2.php.net/implode]implode[/url]('¦',$craft), "text")

However, since you are unsure if it's going to be an array or not, you may want to do something like this instead:

GetSQLValueString([url=http://us2.php.net/manual/en/function.is-array.php]is_array[/url]($craft)? [url=http://us2.php.net/implode]implode[/url]('¦',$craft) : $craft, "text")

The above uses the ternary comparison operator [us2.php.net].

Hi guys thanks for your quick replies:

Here is the code to print the results:

<?php foreach($HTTP_POST_VARS as $key => $value){
if (!strstr($key,'hidden') &&!strstr($key,'submit') &&!strstr($key, 'MAX_FILE_SIZE') &&!strstr($value, 'NULL') &&!empty($value)){
?>
<tr>
<td><div align="right" class="darktitle"><?php echo $key?>:</div></td>
<td><strong><?php echo stripslashes($value)?></strong></td>
</tr>
<?php }}?>
<?php if(!empty($_FILES['imagefilename']['name'])){?>
<tr>
<td class="darktitle"><div align="right">image uploaded:</div></td>
<td><strong><?php echo stripslashes($_FILES['imagefilename']['name'])?></strong></td>
</tr>
<?php }?>

I'm sorry I can't be of much help but the site I am trying to fix was created by someone else so I'm still trying to find my ay round everything.