|
PHP - What I Am Doing Wrong? Mysql Num Row Error
Hi guys
I have a code where users can login, I have checked all the database fields, variables etc and they are all correct. I have the code below and I will appreciate it if you help me to see what is wrong? Code: [Select] <?php // Turn off all error reporting error_reporting(0); // Report simple running errors error_reporting(E_ERROR | E_WARNING | E_PARSE); // Reporting E_NOTICE can be good too (to report uninitialized // variables or catch variable name misspellings ...) error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE); // Report all errors except E_NOTICE // This is the default value set in php.ini error_reporting(E_ALL ^ E_NOTICE); // Report all PHP errors (see changelog) error_reporting(E_ALL); // Report all PHP errors error_reporting(-1); // Same as error_reporting(E_ALL); ini_set('error_reporting', E_ALL); ?> <?php include'includes/db/db.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>JSA Dashboard - Login</title> <link href="styles/layout.css" rel="stylesheet" type="text/css" /> <link href="styles/login.css" rel="stylesheet" type="text/css" /> <!-- Theme Start --> <link href="themes/blue/styles.css" rel="stylesheet" type="text/css" /> <!-- Theme End --> </head> <body> <div id="logincontainer"> <?php $session_email = $_SESSION['email']; if ($_POST['login']) { $email=mysql_real_escape_string(strip_tags($_POST['email'])); $enteredpassword=mysql_real_escape_string(strip_tags($_POST['password'])); if(!$email || !$enteredpassword) {echo "<div class='status error'><p class='closestatus'><a href='' title='Close'>x</a></p>Please enter both email and password, this message appears when you have not entered your email or password to login!</div>";} else { $password=md5($enteredpassword); $getuser=mysql_query("SELECT * FROM users WHERE $email='email'"); while($row = mysql_fetch_array($getuser)) { $dbemail=$row['email']; $dbpassword=$row['password']; } if (mysql_num_rows($getuser)==0) {echo "<div class='status error'><p class='closestatus'><a href='' title='Close'>x</a></p>This user doesn't exist</div>";} else { if ($dbpassword !=$password){echo "<div class='status error'><p class='closestatus'><a href='' title='Close'>x</a></p>Password is incorrect!</div>";} else { $_SESSION['email']=$email; //assign session header("Location: main.php"); //refresh } } } } ?> <div id="loginbox"> <div id="loginheader"> <img src="themes/blue/img/cp_logo_login.png" alt="Control Panel Login" /> </div> <div id="innerlogin"> <form action="" name="login" method='POST'> <p>Enter your Email:</p> <input type="text" class="logininput" name="email"/> <p>Enter your password:</p> <input type="password" class="logininput" name="password"/> <input type="submit" class="loginbtn" value="Login" name="login"/><br /> </form> </div> </div> <img src="img/login_fade.png" alt="Fade" /> </div> </body> </html> Similar Tutorialshello, if im inserting to database from form, im getting an error, but it is correctly entering the data. any ideas? Code: [Select] <?php include 'config.php'; $query = mysql_query("INSERT INTO jobNO ( `ID` , `jobNO` , `companyID` ) VALUES ( NULL, '$_POST[jobNO]', '$_POST[companyID]' )"); mysql_query($query) or die('Error, insert query failed'); echo "1 record added"; ?> Hi guys I am doinga login form for an organization, this form has email, password and pin If user fills all the fields it will execute the query fine but if user doesnt enter the pin it will come up with an error, the issue is that this pin is not included anywhere in mysql_query I have. Query tries to get the company id from db and echo it out, so if I dont enter the pin I get the error I have echoes out and another system error which is Quote Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in ..../Dashboard/index.php on line 35 and my line 35 is while($row=mysql_fetch_array($getpin)){ here is my code Code: [Select] <?php include ('includes/db/db.php'); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title>Login | Careers Inbox Dashboard Admin</title> <link rel="stylesheet" href="./css/reset.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/text.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/form.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/buttons.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/login.css" type="text/css" media="screen" title="no title" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head> <body> <div id="login"> <h1>Dashboard</h1> <?php if (isset($_POST['login']) && $_POST['login']){ $email=addslashes(strip_tags($_POST['email'])); $in_password=addslashes(strip_tags($_POST['password'])); $pin=addslashes(strip_tags($_POST['pin'])); $password=md5($in_password); if (!$email || !$in_password || !$pin) echo "<div class='error'>Please fill all required fields</div>"; else $getpin=mysql_query("SELECT * FROM users WHERE UserEmail='$email' AND UserPassword='$password'"); while($row=mysql_fetch_array($getpin)){ $pin_email=$row['UserEmail ']; $pin_id=$row['UserId']; $pin_company_id=$row['company_id']; } echo "$pin_company_id"; } ?> <div id="login_panel"> <form action="" method="post" accept-charset="utf-8" /> <div class="login_fields"> <div class="field"> <label for="email">Email</label> <input type="text" name="email" value="" id="email" tabindex="1" placeholder="email@example.com" /> </div> <div class="field"> <label for="password">Password <small><a href="forgotpassword.php">Forgot Password?</a></small></label> <input type="password" name="password" value="" id="password" tabindex="2" placeholder="password" /> <div class="field"> <label for="pin">Pin Number</small></label><input type="password" name="pin" value="" id="password" tabindex="2" placeholder="pin"/> </div> </div> </div> <!-- .login_fields --> <div class="login_actions"> <input type="submit" name="login" value="Login" class="btn btn-grey"/> </div> </form> </div> <!-- #login_panel --> </div> <!-- #login --> </body> </html> thank you in advance. Newbie here, would love some help to find out what I'm doing wrong on this code. I'm using phpChart to make a graph. This is my code, but the graph does not appear.
<?php
require_once("phpChart_Lite/conf.php");
include 'connection.php';
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>phpChart - Basic Chart</title>
</head>
<body>
<?php
$query = mysqli_query($con, "SELECT krl FROM diesel WHERE sted = 'Borgeskogen' ORDER BY dato ASC");
// set array
$price = array();
// look through query
while($row = mysqli_fetch_assoc($query)){
// add each row returned into an array
$price[] = $row['krl'];
}
//$pc = new C_PhpChartX(array(array(11, 9, 5, 12, 14)),'basic_chart');
$pc = new C_PhpChartX(array($price),'basic_chart');
$pc->set_animate(true);
$pc->draw();
?>
</body>
</html>
hello i have a script that send a checkbox to the database, if it is checked it is sent to mysql as a 1 and not checked sent as 0, but when the info is sent the 1 for checked is sent to title and title is sent to ingredients and etc... these are the scripts add_recipie.php <?php // Start_session, check if user is logged in or not, and connect to the database all in one included file include_once("scripts/checkuserlog.php"); // Include the class files for auto making links out of full URLs and for Time Ago date formatting include_once("wi_class_files/autoMakeLinks.php"); include_once ("wi_class_files/agoTimeFormat.php"); // Create the two objects before we can use them below in this script $activeLinkObject = new autoActiveLink; $myObject = new convertToAgo; ?> <?php // Include this script for random member display on home page include_once "scripts/homePage_randomMembers.php"; ?> <?php $sql_blabs = mysql_query("SELECT id, mem_id, the_blab, blab_date FROM blabbing ORDER BY blab_date DESC LIMIT 30"); $blabberDisplayList = ""; // Initialize the variable here while($row = mysql_fetch_array($sql_blabs)){ $blabid = $row["id"]; $uid = $row["mem_id"]; $the_blab = $row["the_blab"]; $notokinarray = array("fag", "gay", "shit", "fuck", "stupid", "idiot", "asshole", "cunt", "douche"); $okinarray = array("sorcerer", "grey", "shug", "farg", "smart", "awesome guy", "asshole", "cake", "dude"); $the_blab = str_replace($notokinarray, $okinarray, $the_blab); $the_blab = ($activeLinkObject -> makeActiveLink($the_blab)); $blab_date = $row["blab_date"]; $convertedTime = ($myObject -> convert_datetime($blab_date)); $whenBlab = ($myObject -> makeAgo($convertedTime)); //$blab_date = strftime("%b %d, %Y %I:%M:%S %p", strtotime($blab_date)); // Inner sql query $sql_mem_data = mysql_query("SELECT id, username, firstname, lastname FROM myMembers WHERE id='$uid' LIMIT 1"); while($row = mysql_fetch_array($sql_mem_data)){ $uid = $row["id"]; $username = $row["username"]; $firstname = $row["firstname"]; if ($firstname != "") {$username = $firstname; } // (I added usernames late in my system, this line is not needed for you) /////// Mechanism to Display Pic. See if they have uploaded a pic or not ////////////////////////// $ucheck_pic = "members/$uid/image01.jpg"; $udefault_pic = "members/0/image01.jpg"; if (file_exists($ucheck_pic)) { $blabber_pic = '<div style="overflow:hidden; width:40px; height:40px;"><img src="' . $ucheck_pic . '" width="40px" border="0" /></div>'; // forces picture to be 100px wide and no more } else { $blabber_pic = "<img src=\"$udefault_pic\" width=\"40px\" height=\"40px\" border=\"0\" />"; // forces default picture to be 100px wide and no more } $blabberDisplayList .= ' <table width="100%" align="center" cellpadding="4" bgcolor="#CCCCCC"> <tr> <td width="7%" bgcolor="#FFFFFF" valign="top"><a href="profile.php?id=' . $uid . '">' . $blabber_pic . '</a> </td> <td width="93%" bgcolor="#EFEFEF" style="line-height:1.5em;" valign="top"><span class="greenColor textsize10">' . $whenBlab . ' <a href="profile.php?id=' . $uid . '">' . $username . '</a> said: </span><br /> ' . $the_blab . '</td> </tr> </table>'; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <meta name="Description" content="Web Intersect is a deft combination of powerful free open source software for social networking, mixed with insider guidance and tutorials as to how it is made at its core for maximum adaptability. The goal is to give you a free website system that has a network or community integrated into it to allow people to join and interact with your website when you have the need." /> <meta name="Keywords" content="web intersect, how to build community, build social network, how to build website, learn free online, php and mysql, internet crossroads, directory, friend, business, update, profile, connect, all, website, blog, social network, connecting people, youtube, myspace, facebook, twitter, dynamic, portal, community, technical, expert, professional, personal, find, school, build, join, combine, marketing, optimization, spider, search, engine, seo, script" /> <title>CookBookers</title> <link href="style/main.css" rel="stylesheet" type="text/css" /> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <style type="text/css"> #Layer1 { height:210px; } .style3 {font-size: 24px} body { background-color: #3c60a4; } </style> </head> <body> <p> <?php include_once "header_template.php"; ?> </head> <body style="margin:0px;"> <center> </p> <table border="0" align="center" cellpadding="0" cellspacing="0" class="mainBodyTable"> <tr> <td width="235" valign="top"> <td width="665" colspan="2" align="left" valign="top" style="background-color:#EFEFEF; border:#999 0px; padding:10px;"> <table border="0" cellpadding="6"> <tr> <td> <form method="POST" action="include/recipe.php"> <table cellpadding="0px" border="0" align="left" cellspacing="5px" style="font-size:14px;"> <tr> <td><span class="style3">Add New Recipie:</span><br /></td> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Public:</h4> <input name="Pub" value="0" type="checkbox" id="Pub" value="checkbox" /> </td> </tr> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Title: </h4> <input type="text" name="title"></td> </tr> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Makes: </h4> <input type="text" name="make"></td> </tr> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Ingrediants: </h4> <textarea rows="10" name="ingr" cols="40"></textarea><br></td> </tr> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Method: </h4> <textarea rows="10" name="desc" cols="40"></textarea></td> </tr> <tr> <td><h4 style="margin-bottom:5px; color:brown;">Notes: </h4> <textarea rows="10" name="note" cols="40"></textarea></td> </tr> <tr> <td><input type="submit" value="Submit" style="padding:5px 10px;"></td> </tr> </table> </form> </td> </tr> </table> </tr> </table> </td> </tr> </table> <?php include_once "footer_template.php"; ?> </body> insert recipie <?php //include("session.php"); include("database.php"); @session_start(); $user = $_SESSION['username']; //die($user); $Pub=$_POST['Pub']; $title=$_POST['title']; $make=$_POST['make']; $ingr=$_POST['ingr']; $desc=$_POST['desc']; $note=$_POST['note']; //if($user=="Guest"||$user==""){ //header("Location: ../index.php"); //} //else{ $database->AddRecipe($user,$Pub,$title,$make,$ingr,$desc,$note); header("Location: ../add_recipie.php"); //} ?> Hi guys new to this site and need some help. Im using PHP 5 in easy steps by Mike McGrath, currently creating the register and login scripts for my website. Ive manged to do the register script fine, it drops new user details into the MySQL database fine, however the login script gives the following error when loggin in: Parse error: syntax error, unexpected T_VARIABLE in /hermes/bosweb25a/b109/ipg.removalspacecom/removal space.com/loginscript.php on line 15 I copied the script word-for-word, letter-for-letter, checked and re-checked. I would like to ask you guys if you see something i dont? Here is the script: Code: [Select] <?php $username = $_POST['username']; $password = $_POST['password']; $self = $_SERVER['PHP_SELF']; $referer = $_SERVER['HTTP_REFERER']; #if either form field is empty return to the log-in page if( ( !$username ) or (!$paswword ) ) { header( "Location:$referer" ); exit(); } #connect to MySQL $conn = @mysql_connect ( "removalspacecom.ipagemysql.com", "removal", "123" ) or die("Could not connect" ); #select the specified database $rs = @mysql_select_db( "removal1", $conn ) or die( "Could not select database" ) #create sql query $sql="select * from users where user_name=\"$username\" and password = password( \"$password\" )"; #execute query $rs = myslq_query( $sql, $conn ) or die( "Could not execute query" ); #get number of rows that match username and password $num = mysql_numrows( $rs ); #if there is a match the log-in is authenticated if( $num != 0 ) { $msg = "Welcome $username - your log-in was sucessfull!"; } else #or return to the log-in page { header( "location:$referer" ); exit(); } ?> <html> <head><title>Log-in Authenticated</title></head> <body> <?php echo( $msg ); ?> </body> </html> the error is coming from line 15, the sql query line? why would there be an error from the advisory book? please help me as im stuck on this one. Thanks a lot for any help i get. MOD EDIT: code tags added. Ok, I'm going start off simple. If I have to provide more code I will. I am doing an update on a table called countries. Yet my query just will not update the db. Is there anything wrong with this query? mysql_query("UPDATE countries SET country_id = '{$_POST['update_value']}' WHERE country_id = '{$_POST['original_html']}'") or die(mysql_error()); I have been pulling my hair out for the lasy 3 hours i am trying to update a MySql table but i cant get it too work, i just keep getting MySql error #1064 - You have an error in your SQL syntax; if i just update 1 field it works fine but if i try to update more than 1 field it dosent work, Help Please! <?php $root = $_SERVER['DOCUMENT_ROOT']; require("$root/include/mysqldb.php"); require("$root/include/incpost.php"); $con = mysql_connect("$dbhost","$dbuser","$dbpass"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("$dbame", $con); mysql_query("UPDATE Reg_Profile_p SET build='$build' col='$col' size='$size' WHERE uin = '$uinco'"); ?> does anyone know who to resolve this issue of importing a CSV file from excel into sql? I get this error when I do. LOAD DATA LOCAL INFILE '/tmp/phpq2aAbU' INTO TABLE `Events` FIELDS TERMINATED BY ',' ENCLOSED BY '\\"' ESCAPED BY '\\\\' LINES TERMINATED BY '\r\n' Hi, Im just having some trouble with this...maybe a fresh pair of eyes can help? Im getting a "Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn't match number of bind variables" error when I try run this: Code: [Select] $date = date("Y-m-d"); $header = $_POST['header']; $summary = $_POST['summary']; $content = $_POST['content']; $query = "INSERT INTO articles (pubdate, title, summary, content) VALUES(?, ?, ?, ?)"; $stmt = $mysqli->stmt_init(); if ($stmt->prepare($query)){ $stmt->bind_param('i,s,s,s', $date, $header, $summary, $content); $stmt->execute(); $stmt->close(); } else { echo "ERROR: SQL statement failure!"; echo "<a href='addnews.php'> -> OK</a>"; } $mysqli->close(); It looks fine to me, just can't see whats wrong lol! All I am trying to do is add a record on a page without the page refreshing. For that ajax is used. Here is the code.
It does not add the record to mysql table. Can anyone tell me what I am doing wrong?
record.php
<!DOCTYPE HTML>
<html lang="en">
<head>
<script type="text/javascript" src="js/jquery-1.11.0.min.js"></script>
<script type="text/javascript" >
$(function() {
$(".submit_button").click(function() {
var textcontent = $("#content").val();
var name = $("#name").val();
var dataString = 'content='+ textcontent + '&name='+name;
if(textcontent=='')
{
alert("Enter some text..");
$("#content").focus();
}
else
{
$("#flash").show();
$("#flash").fadeIn(400).html('<span class="load">Loading..</span>');
$.ajax({
type: "POST",
url: "action.php",
data: dataString,
cache: true,
success: function(html){
$("#show").after(html);
document.getElementById('content').value='';
$("#flash").hide();
$("#content").focus();
}
});
}
return false;
});
});
</script>
</head>
<body>
<?php
$record_id = $_GET['id']; // getting ID of current page record
?>
<form action="" method="post" enctype="multipart/form-data">
<div class="field">
<label for="title">Name *</label>
<input type="text" name="name" id="name" value="" maxlength="20" placeholder="Your name">
</div>
<div class="field">
<label for="content">content *</label>
<textarea id="content" name="content" maxlength="500" placeholder="Details..."></textarea>
</div>
<input type="submit" name="submit" value="submit" class="submit_button">
</form>
<div id="flash"></div>
<div id="show"></div>
</body>
</html>
action.php
if(isset($_POST['submit'])) {
if(empty($_POST['name']) || empty($_POST['content'])) {
$error = 'Please fill in the required fields!';
} else {
try {
$name = trim($_POST['name']);
$content = trim($_POST['content']);
$stmt = $db->prepare("INSERT INTO records(record_id, name, content)
VALUES(:recordid, :name, :content");
$stmt->execute(array(
'recordid' => $record_id,
'name' => $name,
'content' => $content
));
if(!$stmt){
$error = 'Please fill in the required fields.';
} else {
$success = 'Your post has been submitted.';
}
} catch(Exception $e) {
die($e->getMessage());
}
}
}
Hi there I have a problem here, I think I may know what it is but just wanted some guidance on this issue. I took the logic from a previous help from the people on this forum and here is my landing page: <?php // ini_set("display_errors", 1); // randomly starts a session! session_name("jeremyBasicLogin"); session_start(); if(isset($_SESSION['username'])) { // display whatever when the user is logged in: echo <<<ADDENTRY <html> <head> <title>User is now signed in:<title> </head> <body> <h1>You are now signed in!</h1> <p>You can do now what you want to do!</p> </body> </html> ADDENTRY; } else { // If anything else dont allow access and send back to original page! header("location: signin.php"); } ?> This is where the user goes to when they go to this system (not a functional system, ie it doesnt actually do anything its more for my own theory. As you wont have a session on the first turn to this page it goes to: signin.php which contains: <?php // ini_set("display_errors", 1); require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // Do a procedure to log the user in: // Santize User Inputs $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // cleans up with PHP first! $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 1) { session_name("jeremyBasicLogin"); session_start(); $_SESSION['is_logged_in'] = true; $_SESSION['username'] = $username; //print_r($_SESSION); // debug purposes only! $_SESSION['time_loggedin'] = time(); // this is adding to the array (have seen the output in the SESSION vars! // call function to update the time stamp in MySQL? header("location: index.php"); } else if(mysql_num_rows($result) != 1) { $message = "You typed the wrong password or Username Please retry!"; } } else { $message = ""; } // displays the login page: echo <<<LOGIN <html> <body> <h1>Example Login</h1> <form id="login" name="login" action="{$_SERVER['PHP_SELF']}" method="post"> <label for="username">Username: </label><input type="text" id="username" name="username" value="" /><br> <label for="password">Password: </label><input type="text" id="password" name="password" value="" /><br> <input type="submit" id="submit" name="submit" value="Login" /> </form> LOGIN; echo "<p>" . $message . "</p>"; echo <<<LOGIN <p>Please Login to View and Edit Your Entries</p> <p><a href="register.php">Click Here To Signup</a><p> </body> </html> LOGIN; ?> This checks through user inputs and hopefully logs them in, when Ive inserted the data into the database itself it works, if I try and login but if a user fills in this form: signup.php: <?php //ini_set("display_errors", 1); $message =''; require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // do some safe protecting of the users variables, apply it to all details! $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $email = trim(stripslashes(mysql_real_escape_string($_POST['email']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // does as above but also encrypts it using the md5 function! $password2 = trim(stripslashes(mysql_real_escape_string(md5($_POST['password2'])))); // does as above but also encrypts it using the md5 function! if($username != '' && $email != '' && $password != '' && $password2 != '') { // do whatever when not = to nothing/empty fields! if($password === $password2) { // do database stuff to enter users details $sql = "INSERT INTO `test`.`users` (`id` ,`username` ,`password`) VALUES ('' , '$username', MD5( '$password' ));"; $result = mysql_query($sql); if($result) { $message = 'You may now login by clicking <a href="index.php">here</a>'; } } else { // echo out a user message says they got their 2 passwords incorrectly typed: $message = 'Pleae re enter your password'; } } else { // they where obviously where empty $message = 'You missed out some required fields, please try again'; } } echo <<<REGISTER <html> <body> <h1>Register Form</h1> <p>Please fill in this form to register</p> <form id="register" name="register" action="{$_SERVER['PHP_SELF']}" method="post"> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" value="" /></td> </tr> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" value="" /></td> </tr> <tr> <td><label for="password">Password: </label></td> <td><input type="text" id="password" name="password" value="" /></td> </tr> <tr> <td><label for="password">Confirm Password: </label></td> <td><input type="text" id="password2" name="password2" value="" /></td> </tr> <tr> <td><input type="submit" id="submit" name="submit" value="Register" /></td> </tr> <table> REGISTER; echo "<p>" . $message . "</p>"; echo <<<REGISTER </form> </body> </html> REGISTER; ?> As I said when the user signs up when submitting the above form, it doesnt work, keeps coming up with a different value for the password, so I am about 99% certain its the password, but I have been maticulous about copying in the sanitize function for SQL injections and it just doesnt still work, really puzzled now. Any helps appreciated, Jeremy. Here's my code, whenever I try to fill the form it gives me that error "Oops! Something went wrong. Please try again later"
Code:
<?php
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$CodEntrega = $CodCliente = $Dia = $Pagamento = $Funcionario = "";
$CodEntrega_err = $CodCliente_err = $Dia_err = $Pagamento_err = $Funcionario_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Validate name
$input_CodEntrega = trim($_POST["CodEntrega"]);
if(empty($input_CodEntrega)){
$CodEntrega_err = "Insira o codigo de entrega";
} else{
$CodEntrega = $input_CodEntrega;
}
// Validate address
$input_CodCliente = trim($_POST["CodCliente"]);
if(empty($input_CodCliente)){
$CodCliente_err = "Insira o codigo do cliente";
} else{
$CodCliente = $input_CodCliente;
}
// Validate salary
$input_Dia = trim($_POST["Dia"]);
if(empty($input_Dia)){
$Dia_err = "Insira a data da entrega";
} else{
$Dia = $input_Dia;
}
$input_Pagamento = trim($_POST["Pagamento"]);
if(empty($input_Pagamento)){
$Pagamento_err = "Insira o tipo de pagamento";
} else{
$Pagamento = $input_Pagamento;
}
$input_Funcionario = trim($_POST["Funcionario"]);
if(empty($input_Funcionario)){
$Funcionario_err = "Insira o codigo do funcionario";
} else{
$Funcionario = $input_Funcionario;
}
if(empty($CodEntrega_err) && empty($CodCliente_err) && empty($Dia_err) && empty($Pagamento_err) && empty($Funcionario_err)){
$sql = "INSERT INTO entrega(CodEntrega, CodCliente, Dia, Pagamento, Funcionario) VALUES (?, ?, ?, ?, ?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ssdss", $param_CodEntrega, $param_CodCliente, $param_Dia, $param_Pagamento, $param_Funcionario);
// Set parameters
$param_CodEntrega= $CodEntrega;
$param_CodCliente = $CodCliente;
$param_Dia = $Dia;
$param_Pagamento = $Pagamento;
$param_Funcionario = $Funcionario;
if(mysqli_stmt_execute($stmt))
{
header("location: home.html");
exit();
}
else
{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Projeto TW</title>
<link rel="stylesheet" href="css/milligram.css">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
* {
box-sizing: border-box;
}
body {
font-family: Arial, Helvetica, sans-serif;
}
/* Style the header */
header {
background-color: #B0171F;
padding: 30px;
text-align: center;
font-size: 35px;
color: white;
}
/* Create two columns/boxes that floats next to each other */
nav {
float: left;
width: 30%;
height: 300px; /* only for demonstration, should be removed */
background: #ccc;
padding: 20px;
}
/* Style the list inside the menu */
nav ul {
list-style-type: decimal;
padding: 0;
}
article {
float: left;
padding: 20px;
width: 70%;
background-color: #f1f1f1;
height: 300px; /* only for demonstration, should be removed */
}
/* Clear floats after the columns */
section::after {
content: "";
display: table;
clear: both;
}
/* Style the footer */
footer {
background-color: #B0171F;
padding-top: 7px;
padding-bottom: 7px;
text-align: middle;
color: white;
position: relative;
bottom: 0;
}
#content-wrap {
padding-bottom: 2rem; /* Footer height */
}
#page-container {
position: relative;
}
@media (max-width: 600px) {
nav, article {
width: 100%;
height: auto;
}
}
.dropbtn {
background-color: #4CAF50;
color: white;
padding: 16px;
font-size: 16px;
border: none;
}
.dropdown {
position: relative;
display: inline-block;
}
.dropdown-content {
display: none;
position: absolute;
background-color: #f1f1f1;
min-width: 160px;
box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2);
z-index: 1;
}
.dropdown-content a {
color: black;
padding: 12px 16px;
text-decoration: none;
display: block;
}
.dropdown-content a:hover {background-color: #ddd;}
.dropdown:hover .dropdown-content {display: block;}
.dropdown:hover .dropbtn {background-color: #3e8e41;}
</style>
</head>
<body>
<header>
<div class="head1">PROJETO DE TW</div>
<div class="head2">Gestão de uma BD</div>
</header>
<div class='container'>
<div class='navbar'>
<ul>
<li><a class="active" href="home.html">Home</a></li>
<li><a href="#consultar">Consultar</a></li>
<li><a href="tabela.html">Inserir</a></li>
<li><a href="#alterar">Alterar</a></li>
<li><a href="#eliminar">Eliminar</a></li>
</ul>
</div>
<div class = "body_sec">
<section id="Content">
<h3>INSERIR DADOS DE ENTREGA</h3>
<button type="button" >ENTREGA</button>
</section>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>CodEntrega</label>
<input type="text" name="CodEntrega" class="form-control <?php echo (!empty($CodEntrega_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $CodEntrega; ?>">
<span class="invalid-feedback"><?php echo $CodEntrega_err;?></span>
</div>
<div class="form-group">
<label>CodCliente</label>
<input type="text" name="CodCliente" class="form-control <?php echo (!empty($CodCliente_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $CodCliente; ?>">
<span class="invalid-feedback"><?php echo $CodCliente_err;?></span>
</div>
<div class="form-group">
<label>Dia de Entrega</label>
<input type="date" name="Dia" class="form-control <?php echo (!empty($Dia_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $Dia; ?>">
<span class="invalid-feedback"><?php echo $Dia_err;?></span>
</div>
<div class="form-group">
<label>Pagamento</label>
<input type="text" name="Pagamento" class="form-control <?php echo (!empty($Pagamento_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $Pagamento; ?>">
<span class="invalid-feedback"><?php echo $Pagamento_err;?></span>
</div>
<div class="form-group">
<label>Codigo do Funcionario</label>
<input type="text" name="Funcionario" class="form-control <?php echo (!empty($Funcionario_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $Funcionario; ?>">
<span class="invalid-feedback"><?php echo $Funcionario_err;?></span>
</div>
<input type="submit" class="btn btn-primary" value="Submit">
<a href="home.html" class="btn btn-secondary ml-2">Cancel</a>
</form>
</div>
</div>
</div>
</div>
</body>
</html>
Edited May 10 by Barand code tags added My code: Code: [Select] $extract = mysql_query("SELECT id,title,message FROM blog ORDER BY id DESC LIMIT 1"); while ($row = mysql_fetch_assoc($extract)) { echo "<div class='right'><h2>".$row['title']."</h2><div class='articles'>".nl2br(stripslashes($row['message']))."</div></div>"; } Error: Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/stonedms/public_html/justin/Toplist/index.php on line 29 I've double checked my database, and it seems like I've have everything correct. hey guys; Another problem with sql. Code: [Select] { echo "Welcome " . $row['username']; echo "<br />"; echo "<br />"; echo "<br />"; $msgquery = "SELECT * FROM spotty_messages WHERE (id_receiver = '" . $userid . "') AND message_read = '0'"; $messageres = mysql_query($msgquery); $messrow = mysql_fetch_array($messageres); $messagenum = mysql_num_rows($messageres); } $i = 0; while ($i < $messagenum) { $f1 = "From:" . mysql_result($messrow,$i,"sender"); echo " <tr> <td>" . $f1 ."</font></td> " ; $i++; } This is returning the error : Warning: mysql_result() expects parameter 1 to be resource, null given in /customers/klueless.net/klueless.net/httpd.www/daisysite/messages.php on line 106 Please help, thanks! Hi I am trying to figure out with this example i saw online does not work...I am building a database to store user and password and i keep getting an error "undefined index username" i need it to pull the username from mysql database so how do i do this??? mysql_connect("host", "username", "pw") or die (mysql_error()); mysql_select_db('username') or die (mysql_error()); if(mysql_num_rows(mysql_query("SELECT * from users WHERE username='" . $_POST['username'] . "'")) == 1) ( this is the error line) now I have the actual host username and pw in my file i just took it off for my security lol. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Number LIKE '%TEST%' OR Name LIKE '%TEST%'' at line 1 Is the error message i get... Here is my code... <?php $search=$_POST['searchform']; if(!$search) die('Please enter a search'); //connect to the database $db=mysql_connect ("xxxxxx", "xxxx", "xxxx") or die ('I cannot connect to the database because: ' . mysql_error()); //-select the database to use $mydb=mysql_select_db("wadkin"); //-query the database table $sql="SELECT ID, Stock Number, Name FROM Contacts WHERE Stock Number LIKE '%" . $search . "%' OR Name LIKE '%" . $search ."%'"; //-run the query against the mysql query function $result=mysql_query($sql) or die (mysql_error()); //-create while loop and loop through result set while($row=mysql_fetch_array($result)){ $Stock =$row['Stock Number']; $Name=$row['Name']; $ID=$row['ID']; //-display the result of the array echo "<ul>\n"; echo "<li>" . "<a href=\"search.php?id=$ID\">" .$Stock . " " . $Name . "</a></li>\n"; echo "</ul>"; } ?> Can someone correct for me please????!!!!! I have a newUser function in a class (database) that attempts to input all the post data from a registration (after it validates it all of course). Here is my function: Code: [Select] public function newUser($properties, $validated, $userLevel, $validationCode) { $qualityControl = new QualityControl; $properties = $this->escapeString($_POST); $properties['password'] = $qualityControl->encryptData($properties['password']); $time = gmmktime(); $query = "INSERT INTO 'TABLE_NAME' (handle, email, userLevel, password, banned, dateJoined, validated, validtionCode) VALUES ('$properties[username]','$properties[email]','$userLevel','$properties[password]',0,'$time','$validated','$validationCode')"; return mysql_query($query, $this->connection); } I am getting an error in that my query is not inserting, no errors come up with mysql_error if I toss that in after the query and this function appears to run fine as it returns and the rest of the script is run. I have a feeling it has to do with either my sql syntax or the escapeString function. Escape string is a function that is "supposed" to escape a string passed to it or iterate through an entire array it is passed, here is the code for it: Code: [Select] private function escapeString($data) { if (is_array($data)) { foreach ($data as &$value) $value = mysql_real_escape_string($value); return $data; } return mysql_real_escape_string($data); } If there error isn't in either of these two areas, it might be the encryptData function? All it is doing is md5ing + salting the password and returning the result. Here is that function if you need it: Code: [Select] return md5(SALT.$data); Very simple, I don't think the error is there. The globals I'm using are all defined correctly so that shouldn't be a problem either. I've been looking at it for the past hour and can't figure out why my stuff won't get into the database. Oh, here's the beginning of the database class that opens the database and such, I'm not getting any errors from it. Code: [Select] class Database { var $connection; public function __construct() { $qualityControl = new QualityControl; $this->connection = mysql_connect(DB_HOST, DB_USERNAME, DB_PASSWORD) or die(mysql_error()); mysql_select_db(DB_NAME, $this->connection) or die(mysql_error()); } Thank you for any help! Also, please excuse some of the sloppiness like the error handling not being graceful, etc, I usually pretty that stuff up after I'm done with the script. -Adam I dont know whats wrong Error: Code: [Select] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '::1, 3, , now())' at line 1 Error Line: mysql_query('INSERT INTO `'. $db .'`.`votes` (`ip`, `serverId`, `ownerId`, `date`) VALUES ('. $ip .', '. $serverId .', '. $ownerId .', now())') or die(mysql_error()); Hey everyone, So i was following a tutorial on youtube, it is a simple search and display program using mysql and php. i have completed 4 of 5 tutorials and when i enter a keyword in the textfield search and subit, it displays all the results in my database instead of the one. here is my code, any help would be very helpful thanks. $button = $_GET['submit']; $search = $_GET['search']; if(strlen($search)<2) echo "Search term too short"; else { echo "You searched for <b>$search</b><hr size='1'>"; mysql_connect("localhost", "root", "supersham"); mysql_select_db("carbreaker"); $keywords = $getrow['keywords']; //explode our search term $search_exploded = explode(" ", $search); $search_each = 0; while ($search_each < count($search_exploded)) { if ($search_each == 0) { $construct = "keywords LIKE '%" . $search_each . "%'"; } else { $construct .= " AND keywords LIKE '%" . $search_each . "%'"; } $search_each++; } //echo out construct $construct = "SELECT * FROM stock WHERE $construct"; $run = mysql_query($construct); $foundnum = mysql_num_rows($run); if($foundnum==0) echo "No Stock Found"; else{ echo "$foundnum results found<br>"; while($runrows = mysql_fetch_assoc($run)) { $make = $runrows['make']; $model = $runrows['model']; $year = $runrows['year']; $cc= $runrows['cc']; $fuel = $runrows['fuel']; $doors = $runrows['doors']; $body = $runrows['body']; $date = $runrows['date']; echo "<b>$make</b> $model $year $cc $fuel $doors $body $date<br>"; } } } ?> Hello, can anybody tell me whats wrong with my code: function check_login($uname, $pwd){ $sql = "SELECT * FROM users WHERE uname=$uname"; $result = mysql_query($sql) or die('Error, Load query failed: ' . mysql_error()); $data = array(); while($row=mysql_fetch_assoc($result)){ $data[] = $row; } return $data; } $chk = check_login("test", "test1"); foreach($chk as $row){ echo $row['uname']; echo " = "; echo $row['pass']; echo "<BR>"; } when i run this i get: Quote Error, Load query failed: Unknown column 'test' in 'where clause' |
|||||||