|
PHP - Passing Errors From Form Processing Script
I have a html for that posts to a form processing script which is fully functional atm,
in the processing script i have if statements, if the condition is met it updates tables in database, if there not met i echo a "not met" statment. problem is my form processing script just goes straight back to the index.php page using the following code; header('Location: index.php'); here is the form processing script: <?php session_start(); header('Location: index.php'); include "connect.php"; $id = $_SESSION['id']; $user = $_SESSION['user']; $ticketNumber = $_POST[ticketNumber]; //echo $_POST[ticketNumber]; $today = date('Y-m-d H:i:s', time() - 3600); // Query "Ticket" Table to check if user has purchased a "regular" ticket within the last 24 hours $query24hour = mysql_query("SELECT * FROM tickets WHERE username = '$user' AND HOUR(TIMEDIFF(NOW() , purchaseDate)) < 24;") or die(mysql_error()); // Query "promoTickets" table to grab information of previous tickets bought to the "promotional" auction and LIMIT tickets to 1 per user for "promotional" auctions. $querySold = mysql_query("SELECT * FROM promoTickets WHERE promoID='$_POST[promoID]' AND (ticketNumber='$ticketNumber' OR username = '$user');") or die(mysql_error()); //echo $querySold; $sold = mysql_fetch_assoc($querySold); //print_r($sold); //echo $sold; //echo query24hour; $querycount24hour = mysql_num_rows($query24hour); //echo $querycount24hour; //check if ticket is sold and if user has purchased a "regular" ticket within 24 hours if(empty($sold)!=FALSE and $querycount24hour >= 1){ //Checks users balance to see if they have enough for the ticket $queryBal = mysql_query("SELECT user_iskbalance FROM users WHERE username = '$user';") or die(mysql_error()); //echo $querySold; //echo $user; //echo $queryBal; $balArray = mysql_fetch_assoc($queryBal); $bal = $balArray[user_iskbalance]; $newBal = $bal-$_POST[ticketPrice]; //check if he has the money to buy the ticket if($bal>=$_POST[ticketPrice]){ //remove the money $queryBalRemoveal = mysql_query("UPDATE `users` SET `user_iskbalance`='$newBal' WHERE `username`='$user';") or die(mysql_error()); //buy ticket & insert data into "promoTickets" table $query = mysql_query("INSERT INTO promoTickets(promoID, username, charID, ticketNumber, ticketPrice, purchaseDate) VALUES ('$_POST[promoID]', '$user', '$id', '$_POST[ticketNumber]', '$_POST[ticketPrice]', '$today');") or die(mysql_error()); } else{ die("Insufficent balance. Please add more ISK") ; } } else{ die("Ticket has already been Sold or you have already bought a ticket to this promotion..!"); } ?> any way i can get the errors to be passed onto the index.php (with the form) and echo them there? as it stands errors arnt shown to the users and its confusing people Similar TutorialsHello, I am doing a php registration form, file name is register.php Code: [Select] <?php include("config.php"); $submit = strip_tags($_POST['submit']); $username = strip_tags($_POST['user_box']); $password = md5(strip_tags($_POST['pass_box'])); $cpassword = md5(strip_tags($_POST['c_pass_box'])); $email = strip_tags($_POST['email_box']); $mobile = $_POST['mobile_box']; $ip = $_SERVER['REMOTE_ADDR']; $date = date('Y-m-d'); $time = date('h-i-s'); $i = 0; $checkusername = mysql_num_rows(mysql_query("SELECT * FROM members WHERE username='$username'")); $checkemail = mysql_num_rows(mysql_query("SELECT * FROM members WHERE email='$email'")); /* Validating username field */ if($username != NULL) { if (strlen($username) > 15 || strlen($username) < 6) { echo "<p>Username must be in range of 6 to 15 Characters.</p>"; } else { //check in DB if ($checkusername == 1) { echo "<p>Username already exist in database.</p>"; } else { $i++; } } } else { echo "<p>Username cannot be Blank</p>"; } /* ----------validating password field---------- */ if ($password != "d41d8cd98f00b204e9800998ecf8427e" || $cpassword != "d41d8cd98f00b204e9800998ecf8427e") { if ($password == $cpassword) { if (strlen($password) > 16 && strlen($password) < 4) { echo "<p>password must be in range of 4 to 16 Characters.</p>"; } else { $i++; } } else { echo "<p>Passwords do not match.</p>"; } } else { echo "<p>Password cannot be empty</p>"; } /* ----------Validating Passwords End---------- */ /* ----------Validating Email field Starts---------- */ if($email != NULL) { if($checkemail == 1) { echo "<p>Email already exist.</p>"; } else { $i++; } } else { echo "<p>Email field cannot be empty.</p>"; } /* ----------Validating Email fiend ends---------- */ /* ----------Validating Email field Starts---------- */ if($mobile != NULL) { if(strlen($mobile) >10) { echo "<p>Mobile cannot be more than 10 digits long</p>"; } else { $i++; } } else { echo "<p>Mobile field cannot be empty.</p>"; } /* ----------Validating Email fiend ends---------- */ if ($i == 4) { mysql_query("INSERT INTO members (username, password, email, mobile, ip, date, time) VALUES ('$username', '$cpassword', '$email', '$mobile', '$ip', '$date', '$time')"); echo "<p>Successful Registration Done !</p>"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <form id="form1" name="form1" method="post" action=""> <table width="576" height="229" border="0"> <tr> <td width="139">Username :</td> <td colspan="2"><label for="user_box"></label> <input type="text" name="user_box" id="user_box" size="30" height="30" /> (Between 6 to 15 Characters)</td> </tr> <tr> <td>Password :</td> <td colspan="2"><label for="pass_box"></label> <input type="password" name="pass_box" id="pass_box" size="30" height="30" /> (Between 4 to 16 Characters)</td> </tr> <tr> <td>Confirm Password :</td> <td colspan="2"><label for="c_pass_box"></label> <input type="password" name="c_pass_box" id="c_pass_box" size="30" height="30" /></td> </tr> <tr> <td>Email Address :</td> <td colspan="2"><label for="email_box"></label> <input type="text" name="email_box" id="email_box" size="30" height="30" /></td> </tr> <tr> <td>Mobile No. :</td> <td colspan="2"><label for="mobile_box"></label> <input type="text" name="mobile_box" id="mobile_box" size="30" height="30" /> (10 Characters)</td> </tr> <tr> <td> </td> <td width="171"><input type="submit" name="submit" id="submit" value="Submit" /></td> <td width="252"><input type="reset" name="button2" id="button2" value="Reset" /></td> </tr> </table> </form> </body> </html> When I load page, it shows following errors before Username cannot be Blank Password cannot be empty Email field cannot be empty. Mobile field cannot be empty. What I want is on loading page i.e. before giving any inputs, it should not show any errors. Need help I have a php string variable that is created by php code within an html form ($answer). I need to pass this string variable along with all the html form input data to another php script specified with the form "action" (post method). All the html form input data is coming thru fine but not the variable ($answer). How do I do this? Here is the php code for importing html form data at the script called in the form action: $languages = $_POST['languages']; $answergiven = $_POST['answergiven']; $problemanswer = $_POST['$answer']; 'languages' and 'answergiven' are form inputs and come thru fine. '$answer' does not get passed to the second script. How do I do this? Here is the php code within the first html form <?php // OPEN DATABASE $username="servics3_sample"; $password="sample"; $database="servics3_sample"; mysql_connect(localhost,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); // GENERATE RANDOM PROBLEM NUMBER $probnum = (rand ( 1 , 9 )); echo $probnum; // RETRIEVE ANTI-SPAM PROBLEM $query="SELECT * FROM liasantispam WHERE `problem number` LIKE '%$probnum%' "; $result=mysql_query($query) or die("Error: ". mysql_error(). " with query ". $query); $firstnum=mysql_result($result,0,"first number"); $operator=mysql_result($result,0,"operator"); $secondnum=mysql_result($result,0,"second number"); $answer=mysql_result($result,0,"answer"); echo $firstnum," ",$operator," ",$secondnum," = "; mysql_close(); ?> Okay heres the problem. I have a form which displays items that sit within a packet. (In this case its called Wireless Package 1). Each item has its own specific value, which can be any string, hench why there is an 'input type= text' in the value column in the table. Each of these values is stored in a table, with the primary key 'piid', (show as a hidden field within 3rd column). The problem is when im posting the array 'values[]' I cant distinguish between what value needs to be referenced againist a piid, how do i obtain these individual ID's and Values in a loop so they can turned into a MySql Strings????? I tried using an explode function but got no where, any help is very much apprieciated! This is the code for the form displayed. <table border="1" cellpadding="5" cellspacing="5"> <tr> <th>Item ID</th> <th>Item</th> <th>Value</th> <th>Remove</th> </tr> <form action="edit_packet.php" method="post"> <?php foreach($packages as $packet):?> <tr> <td> <?php echo $packet['piid'] ;?> </td> <td> <?php echo $packet['desc'] ;?> </td> <td> <input type="hidden" name="values[]" value="<?php echo $packet['piid'];?>,," /> <input type="text" name="values[]" value="<?php echo $packet['value']; ?>" /> <input type="hidden" name="values[]" value="///" /> </td> <td> <form action="delete.php" method="post"> <input type="hidden" name="pid" value="<?php echo $packet['piid'];?>"/> <input type="submit" value="Delete Packet"> </td> </tr> <?php endforeach; ?> </table> <input type="submit" value="Submit" /> </form> I have a php script that I am trying to run ( I dindt write it) but the index.php file loads basically all of the php file in plain text instead of running it. Any sugguestions? PHP is isntalled since other php scripts work.
Thanks
I have 2 scripts that take a while to process... The first takes a few minutes, the second takes over an hour... The first script completed successfully, but the second script seems like it just stops most of the way through the script... I have this set on both files: set_time_limit(0); ini_set('memory_limit', -1); I NEED to disable ALL time limits and all of that, does ANYONE have any clue as to why my second script is failing? It is NOT the programming, I know that for sure... But the script just stops executing, and I think it is because it times out... But after setting those 2 options, I don't see why it times out.. Also for reference, I am NOT using any database... I am simply downloading files from an FTP server to my server... Any help would be appreciated, I have been searching for the last few days on an answer. Rob I am pretty new to using php and mysql and am struggling to understand how to go about processing a multiple choice quiz script to check if the answer given by the user is right or wrong and give the user the final result . I understand how to write and process register pages and login scripts and the like but for some reason I just can't understand what i need to do for this type of script So far my thinking has been 1) When the page is submitted have a query that compares the answer selected to the answer in the database. 2) Have php variables for correct and and incorrect both initialised to 0 and which will change depending on the answers given. 3) Use an if else statement similar to the code below to add up the score : - if($result['answer']==$_POST[$result['id']]){ $correct_answer++; }else{ $incorrect_answer++; } 4) Have a query that enters the person taking the quiz's grade in to the database. I would really appreciate it someone could give me some guidance for the best way to do this. I have included below my code for selecting the questions form the database.
<?php
// Starts the session
session_start();
/*
*/
if (!isset($_SESSION['user_level']) or ($_SESSION['user_level'] != 0))
{
header("Location: error_page.php");
exit();
}
?>
<?php
require_once ('mysqli_connect.php');
$email_address = ['email_address'];
$quizGradeBegan=("INSERT INTO learner_grade_db( email_address, score, )VALUES ('$email_address',0) ");
$result=@mysqli_query($dbcon, $submittedAnswerQuery);
if(isset($_SESSION['email_address'])){
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Q-Quiz: Learner Homepage</title>
<link rel="stylesheet" href="sdnt.css" />
</head>
<body>
<div class="wrapper"> <!-- Start of wrapper div -->
<div class="header"> <!-- Start of header div -->
<h1>e-Quiz: <br> Learner Homepage</h1>
<?php
//Makes a call to includes/leaner_nav.php in order to show The Learner Navigation Bar
require_once("includes/learner_nav.php");
//Makes a call to includes/welcome_name.php in order to show the Learners name.
require_once("includes/welcome_name.php");
/*Makes a call to includes/current_date in order to shows the current date.
Will appear in the Day Month Year Format.*/
require_once("includes/current_date.php");
?>
<!-- Shows the Change text size images -->
<div id="textSizer"><!-- Start of the textSizer div -->
<img id="smallStyler" class="textSize" src="imgs/fontSmall.jpg" height="18" width="18" alt="Smallest" />
<img id="mediumStyler" class="textSize" src="imgs/fontMedium.jpg" height="18" width="18" alt="Default" />
<img id="largeStyler" class="textSize" src="imgs/fontLarge.jpg" height="18" width="18" alt="Biggest" />
</div> <!-- End of textsizer div -->
</div><!-- End of Header div -->
<div class="article"> <!-- Start of the article div -->
<?php
$query=("SELECT question_id, question, distractor_1, distractor_2, distractor_3, distractor_4 FROM multiplechoice_db ORDER BY RAND() LIMIT 3 " );
$result = @mysqli_query ($dbcon, $query); // Run the query.
while($row = mysqli_fetch_array($result, MYSQL_BOTH)):?>
<br>
<form action="gradepage.php" method="post">
<?php echo $row['question_id'];?>
<br>
<?php echo $row['question'];?>
<br>
<input type="radio" value="1" id=' distractor <?php echo $row['question_id'];?>' name ='<?php echo $row['question_id'];?>'/><?php echo $row['distractor_1'];?>
<br>
<input type="radio" value="2" id=' distractor <?php echo $row['question_id'];?>' name ='<?php echo $row['question_id'];?>'/><?php echo $row['distractor_2'];?>
<br>
<input type="radio" value="3" id=' distractor <?php echo $row['question_id'];?>' name ='<?php echo $row['question_id'];?>'/><?php echo $row['distractor_3'];?>
<br>
<input type="radio" value="4" id=' distractor <?php echo $row['question_id'];?>' name ='<?php echo $row['question_id'];?>'/><?php echo $row['distractor_4'];?>
<br>
<?php endwhile;?>
<p> <input id="submit" type="submit" name="submit" value="Click To Submit Completed Quiz "></>
</div> <!-- End of the article div -->
<div class="aside"> <!-- Start of the aside div -->
<ul class="nav2">
<?php
//Makes a call to includes/leanersidebar1.php in order to show The Learner Sidebar
require_once("includes/learnersidebar1.php");
?>
</ul>
<br><br><br><br><br>
</div> <!-- End of the aside div -->
<div class="footer "><!-- Start of the footer div -->
<?php
//Makes a call to includes/footer.php in order to show the Footer
require_once("includes/footer.php");
?>
</div><!-- End of the footer div -->
</div><!-- End of the wrapper div -->
</body>
<html>
Can you take a look at this page? It uses php code that I have been creating. I need it to accept the form even if checkboxes are left empty. Currently it comes up with an error. http://www.pilotrock.com/color_contact/ Here is the PHP code: <?php if(isset($_POST['Email_Address'])) { include 'lite_settings.php'; function died($error) { echo "Sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['organization']) || !isset($_POST['Full_Name']) || !isset($_POST['title']) || !isset($_POST['company']) || !isset($_POST['address']) || !isset($_POST['city_state']) || !isset($_POST['zip']) || !isset($_POST['Telephone_Number']) || !isset($_POST['cell_phone']) || !isset($_POST['fax']) || !isset($_POST['Email_Address']) || !isset($_POST['confirm_email']) || !isset($_POST['powder_coated_steel_blue']) || !isset($_POST['powder_coated_steel_black']) || !isset($_POST['powder_coated_steel_green']) || !isset($_POST['powder_coated_steel_brown']) || !isset($_POST['powder_coated_steel_yellow']) || !isset($_POST['powder_coated_steel_red']) || !isset($_POST['powder_coated_steel_gray']) || !isset($_POST['powder_coated_steel_burgendy']) || !isset($_POST['thermo_plastic_coated_type_expanded']) || !isset($_POST['thermo_plastic_coated_type_perforated']) || !isset($_POST['thermo_plastic_coated_black']) || !isset($_POST['thermo_plastic_coated_blue']) || !isset($_POST['thermo_plastic_coated_brown']) || !isset($_POST['thermo_plastic_coated_gray']) || !isset($_POST['thermo_plastic_coated_red']) || !isset($_POST['thermo_plastic_coated_green']) || !isset($_POST['recycle_plastic_red']) || !isset($_POST['recycle_plastic_yellow']) || !isset($_POST['recycle_plastic_black']) || !isset($_POST['recycle_plastic_blue']) || !isset($_POST['recycle_plastic_gold']) || !isset($_POST['recycle_plastic_redwood']) || !isset($_POST['recycle_plastic_cedar']) || !isset($_POST['recycle_plastic_green']) || !isset($_POST['recycle_plastic_gray']) || !isset($_POST['recycle_plastic_brown'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $organization = $_POST['organization']; // required $full_name = $_POST['Full_Name']; // required $title = $_POST['title']; // not required $company = $_POST['company']; // not required $address = $_POST['address']; // required $city_state = $_POST['city_state']; // required $zip = $_POST['zip']; // required $telephone = $_POST['Telephone_Number']; // required $cell_phone = $_POST['cell_phone']; // not required $fax = $_POST['fax']; // not required $email_from = $_POST['Email_Address']; // required $confirm_email = $_POST['confirm_email']; // required $powder_coated_steel_blue = $_POST['powder_coated_steel_blue']; // required $powder_coated_steel_black = $_POST['powder_coated_steel_black']; // required $powder_coated_steel_green = $_POST['powder_coated_steel_green']; // required $powder_coated_steel_brown = $_POST['powder_coated_steel_brown']; // required $powder_coated_steel_yellow = $_POST['powder_coated_steel_yellow']; // required $powder_coated_steel_red = $_POST['powder_coated_steel_red']; // required $powder_coated_steel_gray = $_POST['powder_coated_steel_gray']; // required $powder_coated_steel_burgendy = $_POST['powder_coated_steel_burgendy']; // required $thermo_plastic_coated_type_expanded = $_POST['thermo_plastic_coated_type_expanded']; // required $thermo_plastic_coated_type_perforated = $_POST['thermo_plastic_coated_type_perforated']; // required $thermo_plastic_coated_black = $_POST['thermo_plastic_coated_black']; // required $thermo_plastic_coated_blue = $_POST['thermo_plastic_coated_blue']; // required $thermo_plastic_coated_brown = $_POST['thermo_plastic_coated_brown']; // required $thermo_plastic_coated_gray = $_POST['thermo_plastic_coated_gray']; // required $thermo_plastic_coated_red = $_POST['thermo_plastic_coated_red']; // required $thermo_plastic_coated_green = $_POST['thermo_plastic_coated_green']; // required $recycle_plastic_red = $_POST['recycle_plastic_red']; // required $recycle_plastic_yellow = $_POST['recycle_plastic_yellow']; // required $recycle_plastic_black = $_POST['recycle_plastic_black']; // required $recycle_plastic_blue = $_POST['recycle_plastic_blue']; // required $recycle_plastic_gold = $_POST['recycle_plastic_gold']; // required $recycle_plastic_redwood = $_POST['recycle_plastic_redwood']; // required $recycle_plastic_cedar = $_POST['recycle_plastic_cedar']; // required $recycle_plastic_green = $_POST['recycle_plastic_green']; // required $recycle_plastic_gray = $_POST['recycle_plastic_gray']; // required $recycle_plastic_brown = $_POST['recycle_plastic_brown']; // required $error_message = ""; $email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$"; if(!eregi($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } if(strlen($full_name) < 2) { $error_message .= 'Your Name does not appear to be valid.<br />'; } if(strlen($address) < 2) { $error_message .= 'Your Address does not appear to be valid.<br />'; } if(strlen($city_state) < 2) { $error_message .= 'Your City/State does not appear to be valid.<br />'; } if(strlen($zip) < 2) { $error_message .= 'Your Zip/Postal Code does not appear to be valid.<br />'; } if(strlen($telephone) < 2) { $error_message .= 'Your Telephone Number does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\r\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Organization: ".clean_string($organization)."\r\n"; $email_message .= "Full Name: ".clean_string($full_name)."\r\n"; $email_message .= "Title: ".clean_string($title)."\r\n"; $email_message .= "Company Name: ".clean_string($company)."\r\n"; $email_message .= "Street Address: ".clean_string($address)."\r\n"; $email_message .= "City/State: ".clean_string($city_state)."\r\n"; $email_message .= "ZIP/Postal Code: ".clean_string($zip)."\r\n"; $email_message .= "Telephone: ".clean_string($telephone)."\r\n"; $email_message .= "Cell Phone: ".clean_string($cell_phone)."\r\n"; $email_message .= "Fax: ".clean_string($fax)."\r\n"; $email_message .= "Email: ".clean_string($email_from)."\r\n"; $email_message .= "Confirm Email: ".clean_string($confirm_email)."\r\n"; $email_message .= "Powder Coated Steel Blue: ".clean_string($powder_coated_steel_blue)."\r\n"; $email_message .= "Powder Coated Steel Black: ".clean_string($powder_coated_steel_black)."\r\n"; $email_message .= "Powder Coated Steel Green: ".clean_string($powder_coated_steel_green)."\r\n"; $email_message .= "Powder Coated Steel Brown: ".clean_string($powder_coated_steel_brown)."\r\n"; $email_message .= "Powder Coated Steel Yellow: ".clean_string($powder_coated_steel_yellow)."\r\n"; $email_message .= "Powder Coated Steel Red: ".clean_string($powder_coated_steel_red)."\r\n"; $email_message .= "Powder Coated Steel Gray: ".clean_string($powder_coated_steel_gray)."\r\n"; $email_message .= "Powder Coated Steel Burgendy: ".clean_string($powder_coated_steel_burgendy)."\r\n"; $email_message .= "Thermo Plastic Coated Type Expanded: ".clean_string($thermo_plastic_coated_type_expanded)."\r\n"; $email_message .= "Thermo Plastic Coated Type Perforated: ".clean_string($thermo_plastic_coated_type_perforated)."\r\n"; $email_message .= "Thermo Plastic Coated Black: ".clean_string($thermo_plastic_coated_black)."\r\n"; $email_message .= "Thermo Plastic Coated Blue: ".clean_string($thermo_plastic_coated_blue)."\r\n"; $email_message .= "Thermo Plastic Coated Brown: ".clean_string($thermo_plastic_coated_brown)."\r\n"; $email_message .= "Thermo Plastic Coated Gray: ".clean_string($thermo_plastic_coated_gray)."\r\n"; $email_message .= "Thermo Plastic Coated Red: ".clean_string($thermo_plastic_coated_red)."\r\n"; $email_message .= "Thermo Plastic Coated Green: ".clean_string($thermo_plastic_coated_green)."\r\n"; $email_message .= "Recycle Plastic Red: ".clean_string($recycle_plastic_red)."\r\n"; $email_message .= "Recycle Plastic Yellow: ".clean_string($recycle_plastic_yellow)."\r\n"; $email_message .= "Recycle Plastic Black: ".clean_string($recycle_plastic_black)."\r\n"; $email_message .= "Recycle Plastic Blue: ".clean_string($recycle_plastic_blue)."\r\n"; $email_message .= "Recycle Plastic Gold: ".clean_string($recycle_plastic_gold)."\r\n"; $email_message .= "Recycle Plastic Redwood: ".clean_string($recycle_plastic_redwood)."\r\n"; $email_message .= "Recycle Plastic Cedar: ".clean_string($recycle_plastic_cedar)."\r\n"; $email_message .= "Recycle Plastic Green: ".clean_string($recycle_plastic_green)."\r\n"; $email_message .= "Recycle Plastic Gray: ".clean_string($recycle_plastic_gray)."\r\n"; $email_message .= "Recycle Plastic Brown: ".clean_string($recycle_plastic_brown)."\r\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); header("Location: $thankyou"); ?> <script>location.replace('<?php echo $thankyou;?>')</script> <? } ?> So I know a little about PHP but I am no expert by any means. But I have a project that I am working on for a fantasy football league and need some help. My users pick players from a list and then their selections are put into a database. So more than one user is likely to pick the same player. Then I need to score the players based off their games for the week. So I have code that gets the Distinct PlayerID and creates a form to update the player score (see code below), but I have no idea how to process the form. It's a little more complicated then the forms I've used before because the MySQL query would need to UPDATE all the rows for each individual PlayerID. Am I making any sense? Anyway, here is the code. If anyone has suggestions on how to process this form or a better way of doing it then please let me know. <? print '<form id="form1" name="form1" method="post" action="update_player.php">'; // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID), PlayerName, Team From fantasy4.temp ORDER BY Team;") or die ('Could not connect: ' . mysql_error()); print' <center> <table align=center border=0 cellpadding=0 cellspacing=2 width=350> <tr align=center> <td width=50 align=center><b>Player ID </b></td> <td width=50 align=center><b>Team</b></td> <td width=200 align=center><b>Player Name</b></td> <td width=50 align=center><b>Score</b></td> <tr><td colspan="10" bgcolor="black" height="1"></td></tr> '; while($row=mysql_fetch_array($query)){ if($color == 1) { print '<tr bgcolor=#dDdDdD> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=0; } else { print '<tr> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=1; } } print '</table>'; print '<input type="submit" name="button" id="button" value="Update Player Scores" /></form>'; ?> This is what I tried that did not work <? // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID) From fantasy4.temp;") or die ('Could not connect: ' . mysql_error()); while($row=mysql_fetch_array($query)){ $PlayerID = $_POST[$row['PlayerID']]; } while($score = array($_POST['$PlayerID'])){ //Insert Query $query2=mysql_query("UPDATE fantasy4.temp set Score='$score' where PlayerID='$PlayerID'") or die ('Yikes could not connect: ' .mysql_error()); $result = @mysql_query($query2); } //Check whether the query was successful or not if($result) { header("location: register-success.php"); exit(); }else { die("Query failed - " .mysql_error()); } ?> Per usual, I'm having an issue wrapping my head an issue, or I'm just not able to narrow the search well enough. Â I have a form... method = post action = /process.php Upon hitting process.php, it will UPDATE a data table with the $_POST data it gets from the form. After that, I want to send it to PayPal. Â Â It seems like at some point I was able to complete two 'actions' at once, but it's so long since I've created my own forms. Â Then again, maybe it was a redirect after executing the UPDATE. Â I just don't remember, and anything I search for doesn't seem to produce results of something that worked. Â I've read the php manual and a good few posts with similar but not identical problems and I am struggling to understand how to do this. Ive tailored my test site to help describe the problems that I have. www.peterod.co.uk the form is the first link in the left hand bar. Here is the code that creates the form. <?php // make connection require_once "../classes/sqlconselfbuild.php"; $query = mysql_query("SELECT * FROM `materials` ORDER BY `id` ASC"); ?> <form action="../engines/testengine1.php" method="post"> <?php // results while ($row = mysql_fetch_array($query)): $id = $row['id']; ?> <p> id number: <input type="text" name="materials[<?php echo $id; ?>][name]" value="<?php echo $row['id']; ?>" /> Material: <input type="text" name="materials[<?php echo $id; ?>][material]" value="<?php echo $row['material']; ?>" /> Stage: <input type="text" name="materials[<?php echo $id; ?>] [stage]" value="<?php echo $row['stage']; ?>" /> Qantity: <input type="text" name="materials[<?php echo $id; ?>][quantity]" value="<?php echo $row['quantity']; ?>" /> Unit: <input type="text" name="materials[<?php echo $id; ?>][unit]" value="<?php echo $row['unit']; ?>" /> <br /> </p> <?php endwhile; ?> <input type="submit" name="submit" value="Submit" /> </form> I am unsure how to get this information to insert into the database. How do you use the UPDATE query with a loop generated form ? [php] Hi, I am just looking for some input on how I could make this form processing script more secure. In fact extremely secure. Like the most secure server side filtering can get! Code: [Select] <?php // Mail header removal function remove_headers($string) { $headers = array( "/to\:/i", "/from\:/i", "/bcc\:/i", "/cc\:/i", "/Content\-Transfer\-Encoding\:/i", "/Content\-Type\:/i", "/Mime\-Version\:/i" ); if (preg_replace($headers, '', $string) == $string) { return $string; } else { die('Spam much?'); } } // Build the email $to = 'info@example.com'; $subject = "Secure contact form message from: $subject"; $message = "$name said: $message"; $headers = "From: $email"; // field validation if ($subject=="" || $message=="" || $name=="") { print ("All form fields are required. Please go back and try again."); } else { // email validation if(!eregi('^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\.)*([a-z0-9-]+)(\.[a-z]{2,3})?)$', $email)) { print ("Your email address does not appear to be valid. Please go back and try again."); exit; } // Send the mail mail($to, $subject, $message, $headers); // Redirect header('Location: ../submitted.php'); } ?> I have a form that is not doing anything after I click "submit". The code is below and a demo with the code is he http://communitycouch.com/index.php?action=register Code: [Select] <?php /* Things to do: Create error to show error when special characters are inputted in First and Last Name Fields Verify Dates to be true upon submit (for bithdays) Create birthday variable to be submitted into database, also add is_numberic() change activate.php to index?action=activate */ if($action == 'register') { if (isset($_POST['submit'])) { $errors = array(); require_once('connection.php'); //////////Checks Username //////////Makes sure username is 4-20 characters and contains only letters and numbers if(ereg("[[:alnum:]]{4,20}",stripslashes(trim($_POST['username'])))) { $user = mysql_real_escape_string($_POST['username']); $query = "SELECT username FROM reg_vars WHERE username = '$username'"; $result = @mysql_query($query); $num = @mysql_num_rows($result); if ($num> 0) { $errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>'; } else { $username = mysql_real_escape_string($_POST['username']); } } else { $errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>'; } //////////Checks E-mail if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) ) || empty($_POST['email'])) { $errors[] = '<font color="red">Please provide a valid email address.</font>'; } else { $email = mysql_real_escape_string($_POST['email']); } ///////// Check Names if (empty($f_name)) { $error["f_name"] = "First Name is blank."; } if (empty($l_name)) { $error["l_name"] = "Last Name is blank."; } ////////// Check PASSWORDS if (!empty($_POST['password'])) { if ($_POST['password'] != $_POST['cpassword']) { $errors[] = '<font color="red">The passwords you have entered do not match.</font>'; } else { $password = $_POST['password']; } } else { $errors[] = '<font color="red">Please provide a password.</font>'; } /////////Send Activation E-mail //////// Add Birthday to the registrarion Variables if (empty($errors)) { $a = md5(uniqid(rand(), true)); $query = "INSERT INTO reg_vars (username, f_name, l_name, email, password, active) VALUES ('$username', '$email', SHA1('$password'), '$a')"; $result = @mysql_query($query); if (mysql_affected_rows() == 1) { ////////// Send the Activation email $body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n"; $body .= "http://www.communitycouch.com/activate.php?x=" . mysql_insert_id() . "&y=$a"; mail($_POST['email'], 'Registration Confirmation', $body, 'From: noreply@communitycouch.com'); ////////// Show thank you message echo '<h3>Thank You!</h3> You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.'; } else { echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>'; } } else { echo '<h3>Error!</h3> The following error(s) occured:<br />'; foreach ($errors as $msg) { echo " <div id=\"success_or_fail\"><font color=\"red\">$msg</font><br />\n</div>"; } } } echo " <div id=\"register_container\" class=\"Container\"> <div id=\"register_Center\" class=\"BoxCenter\"> "; echo" <div id=\"register_BoxContainer\" class=\"Container\"> <div class=\"HeaderLeft\"></div><div id=\"register_Header\" class=\"HeaderCenter\">Register for Community Couch</div><div class=\"HeaderRight\"></div><br /> <div id=\"register_Content\" class=\"BoxContent\"> <form name=\"reg_form\" action=\"";$_SERVER['PHP_SELF']; echo"\" method=\"post\" style=\"margin: 0;\"> <div class=\"Container FormBoxLeft\"> <b>Username:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"username\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>First Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"f_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Last Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"l_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Birthdate:</b> </div> <div class=\"Container FormBoxRight\"> <select name=\"month\"><option value=\"\">-Month-</option> <option value=\"01\">January</option> <option value=\"02\">February</option> <option value=\"03\">March</option> <option value=\"04\">April</option> <option value=\"05\">May</option> <option value=\"06\">June</option> <option value=\"07\">July</option> <option value=\"08\">August</option> <option value=\"09\">September</option> <option value=\"10\">October</option> <option value=\"11\">November</option> <option value=\"12\">December</option> </select> <select name=\"day\"> <option value=\"\"> -Day-</option>'; //Print 31 Days "; for ($x=1; $x<=31; $x++) { echo "<option value='".$x."'"; if(isset($_POST['submit']) && $day == $x) { echo " selected"; } echo ">".$x."</option>\n"; } echo "</select> <input name=\"year\" size=\"2\" maxlength=\"4\" type=\"text\"> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>E-Mail:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"email\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Display E-Mail to the Public:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"disp_email\" value=\"yes\" type=\"radio\" /> Yes <input name=\"disp_email\" value=\"no\" type=\"radio\" checked /> No </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"password\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Confirm Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"cpassword\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div id=\"register_submit\" class=\"Container\"> <input name=\"tos\" type=\"checkbox\" /> I have read and agree to the Terms of Use and Privacy Policy<br /> <input type=\"submit\" value=\"Submit\"><input type=\"reset\" value=\"Reset\"> </div> <br class=\"EndColumn\" /> </form> </div> <div class=\"FooterLeft\"></div><div id=\"register_Footer\" class=\"FooterCenter\"></div><div class=\"FooterRight\"></div> </div> </div> </div> <br class=\"EndColumn\" /> <br />"; }?> [\code] Can someone give me some guidance of how to separate Form Display from Form Processing? I have always used forms that submitted back to themselves which isn't so bad, but then trying to cram in code to display the form, validation errors, and messages after the form is processed all in one file is insane?! Currently I am working on a simple "Add a Comment" form. It would be nice to have a separate form processing script, but I don't know where to begin... Debbie Having some issues getting this to work properly... I keep getting my own error message I know where it fails, but I can't seem to figure out why it fails. The test file I'm using is an MP3 file, which is why I'm here asking if anyone other than I can shed some experienced light on this :p Code: [Select] File Upload Failed! No File Exists!The file type or extension you are trying to upload is not allowed! You can only upload MP3 files to the server! My upload form looks like: <?php session_start(); define('PITCHFORK', true); if(!isset($_SESSION['USERS_AUTHENTICATED'])) { die("You must be logged in to do that"); } if(isset($_POST['upload'])) { include("config.php"); include("classes/class.media.upload.php"); $file = $_GET['file']; $upload = new Upload; $upload->doAudio($file); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PITCHFORK Login</title> <link rel="stylesheet" href="style/login.css" type="text/css" media="all"> <meta name="robots" content="noindex,nofollow"> </head> <body> <div id="login"><h1><a title="A SpaazZ Industries Concept"></a></h1> <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label>File (one at a time for now)<br> <input name="file" id="user_login" class="input" size="20" tabindex="10" type="file" /> </label> </p> <p> </p> <?php if(isset($_SESSION['errMessage'])) { echo("<div id=\"login_error\"><strong>ERROR</strong>:<br />"); echo($_SESSION['errMessage']); unset($_SESSION['errMessage']); echo("</div>"); } ?> <p class="submit"> <input name="upload" id="submit" class="button-primary" value="Upload File" tabindex="100" type="submit"> </p> </form> </div> </body> </html> My Upload Class looks liks: <?php // TO DO : ERROR HANDLING // AJAX INTERFACING session_start(); define('PITCHFORK', true); class Upload { // The path to local (relivent to the user uploading - on their computer) file var $file; public function doAudio($file) { $target_path = $_SESSION['USERS_Media_Folder']."/"; // Set at login in class.users.php $flag = 0; // Safety net, if this gets to 1 at any point in the process, we don't upload. $filename = $_FILES[$file]['name']; $filesize = $_FILES[$file]['size']; $mimetype = $_FILES[$file]['type']; $filename = htmlentities($filename); $filesize = htmlentities($filesize); $mimetype = htmlentities($mimetype); $target_path = $target_path . basename( $filename ); if($filename != ""){ echo "Beginning upload process for file named: ".$filename."<br>"; echo "Filesize: ".$filesize."<br>"; echo "Type: ".$mimetype."<br><br>"; } //First generate a MD5 hash of what the new file name will be //Force a MP3 extention on the file we are uploading $hashedfilename = md5_file($filename); $hashedfilename = $hashedfilename.".mp3"; //Check for empty file if($filename == ""){ $_SESSION['errMessage'] .= "No File Exists!"; $flag = $flag + 1; } //Now we check that the file doesn't already exist. $existname = $target_path.$hashedfilename; if(file_exists($existname)) { if($flag == 0) { $_SESSION['errMessage'] .= "Your file already exists on the server! Please choose another file to upload or rename the file on your computer and try uploading it again!"; } $flag = $flag + 1; } //Whitelisted files - Only allow files with MP3 extention onto server... $whitelist = array(".mp3"); foreach ($whitelist as $ending) { if(substr($filename, -(strlen($ending))) != $ending) { $_SESSION['errMessage'] .= "The file type or extention you are trying to upload is not allowed! You can only upload MP3 files to the server!"; $flag++; } } //Now we check the filesize. If it is too big or too small then we reject it //MP3 files should be at least 1MB and no more than 6.5 MB if($filesize > 6920600) { //File is too large if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too large! Your file can be up to 6.5 MB in size only. Please upload a smaller MP3 file or encode your file with a lower bitrate."; } $flag = $flag + 1; } if($filesize < 1048600) { //File is too small if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too small! Your file has been marked as suspicious because our system has determined that it is too small to be a valid MP3 file. Valid MP3 files must be bigger than 1 MB and smaller than 6.5 MB."; } $flag = $flag + 1; } //Check the mimetype of the file if($mimetype != "audio/x-mp3" and $mimetype != "audio/mpeg") { if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload does not contain expected data. Are you sure that the file is an MP3?"; } $flag = $flag + 1; } //Check that the file really is an MP3 file by reading the first few characters of the file $f = @fopen($_FILES[$file]['tmp_name'],'r'); $s = @fread($f,3); @fclose($f); if($s != "ID3") { if($flag == 0){ $_SESSION['errMessage'] .= "The file you are attempting to upload does not appear to be a valid MP3 file."; } $flag++; } //All checks are done, actually move the file... if($flag == 0) { if(move_uploaded_file($_FILES[$file]['tmp_name'], $target_path)) { //Change the filename to MD5 hash and FORCE a MP3 extention. if(@file_exists($target_path.$filename)) { //Rename the file to an MD5 version rename($target_path.$filename, $target_path.$hashedfilename); echo "The file ". basename( $filename ). " has been uploaded. Your file is <a href='$target_path$hashedfilename'>here</a>."; } else{ echo "There was an error uploading the file, please try again!"; } } else { echo "There was an error uploading the file, please try again!"; } } else { echo "File Upload Failed!<br>"; if($error != "") { echo $error; } } } // Close function doAudio } // Close Class audioUpload ?> Hi, I'm new to php and just trying to make sense of things by trying stuff. I'm trying to make a very rudimentary CMS where form values are added to a mysql database. One of the inputs in the form ($body) is a textarea. I've messed around with this but there's a glitch somewhere-when I press the submit button I just get a blank page (the page for the form processing script). My guess is there's something not right with the "safety measures" I'm taking: trim,stripslashes,etc. Any help would be appreciated Code: [Select] <?php session_start(); if(!isset($_POST['Submit'])){ header("Location: home_manage.php"); exit(); } else{ $headline=$_POST['headline']; $author=$_POST['author']; $body=$_POST['body']; $headline=trim($headline); $author=trim($author); $body=trim($body); $message=array(); if((strlen($headline)!=0)&&(strlen($author)!=0)&&(strlen($body)!=0)){ $time=time(); $date=date('Y-m-d H:i:s',$time); $headline=strip_tags($headline); $author=strip_tags($author); $body="<p>".$body."</p>"; $order=array("\r\n", "\n", "\r"); $replace='</p><p>'; $body=str_ireplace($order,$replace,$body); $body=strip_tags($body,'<p><br />'); if(get_magic_quotes_gpc()) { $headline=stripslashes($headline); $author=stripslashes($author); $body=stripslashes($body); } $headline=htmlentities(mysql_real_escape_string($headline)); $author=htmlentities(mysql_real_escape_string($author)); $body=htmlentities(mysql_real_escape_string($body)); require('storage.inc'); $link = mysql_connect($host,$user,$db_password); $db = mysql_select_db($post_database,$link); $query= "INSERT INTO entry (entry_date,entry_head,entry_author,entry_text) VALUES ('$date','$headline','$author','$body')"; mysql_query($query); $message[]="<p class='announce'><b>Post titled ".$headline." has been added to the database.</b></p>"; } else{ if(strlen($headline)<1){$message[]="<p class='announce'><b>You must include a headline for this post.</b></p>";} if(strlen($author)<1){$message[]="<p class='announce'><b>You must include an author name for this post.</b></p>";} if(strlen($body)<1){$message[]="<p class='announce'><b>You must include some body text for this post.</b></p>";} } $_SESSION['msg']['up_err']=implode($message); header("Location: home_manage.php"); exit(); } ?> I have this code <?php session_start(); $error = 0; $valError = ""; // Form Page Submit Security $domain_list = explode(',',""); $ip_limit = 0; $active = 1; $active_message = <<<EOT Sorry, this form is currently disabled. EOT; include_once 'security/secure_submit.php'; include_once 'lib/utility.php'; $_SESSION["entry_key"] = isset($_SESSION["entry_key"]) ? $_SESSION["entry_key"] : md5(time() + rand(10000, 1000000)); // cname - text if(isset($_POST['cname']) && $_POST['cname'] != '') { $cname = isset($_POST['cname']) ? $_POST['cname'] : ''; $_SESSION['cname'] = $cname; } else { $error = '1'; $valError .= 'Company Name : is required.<br/>'; } if(isset($_SESSION['cname_is'])) { $_SESSION['cname_is'] = 0; } $cname = isset($_SESSION['cname']) ? $_SESSION['cname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['cname'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Company Name :'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['cname'] = "Company Name :"; // dname - text if(isset($_POST['dname']) && $_POST['dname'] != '') { $dname = isset($_POST['dname']) ? $_POST['dname'] : ''; $_SESSION['dname'] = $dname; } else { $error = '1'; $valError .= 'Domain Name : is required.<br/>'; } if(isset($_SESSION['dname_is'])) { $_SESSION['dname_is'] = 0; } $dname = isset($_SESSION['dname']) ? $_SESSION['dname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['dname'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Domain Name :'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['dname'] = "Domain Name :"; // ipaddress - text if(isset($_POST['ipaddress']) && $_POST['ipaddress'] != '') { $ipaddress = isset($_POST['ipaddress']) ? $_POST['ipaddress'] : ''; $_SESSION['ipaddress'] = $ipaddress; } else { $error = '1'; $valError .= 'IP Address : is required.<br/>'; } if(isset($_SESSION['ipaddress_is'])) { $_SESSION['ipaddress_is'] = 0; } $ipaddress = isset($_SESSION['ipaddress']) ? $_SESSION['ipaddress'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ipaddress'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['IP Address :'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ipaddress'] = "IP Address :"; // ns1 - text if(isset($_POST['ns1']) && $_POST['ns1'] != '') { $ns1 = isset($_POST['ns1']) ? $_POST['ns1'] : ''; $_SESSION['ns1'] = $ns1; } else { $error = '1'; $valError .= 'Name Server 1 : is required.<br/>'; } if(isset($_SESSION['ns1_is'])) { $_SESSION['ns1_is'] = 0; } $ns1 = isset($_SESSION['ns1']) ? $_SESSION['ns1'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns1'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 1 :'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns1'] = "Name Server 1 :"; // ns2 - text if(isset($_POST['ns2']) && $_POST['ns2'] != '') { $ns2 = isset($_POST['ns2']) ? $_POST['ns2'] : ''; $_SESSION['ns2'] = $ns2; } else { $error = '1'; $valError .= 'Name Server 2 : is required.<br/>'; } if(isset($_SESSION['ns2_is'])) { $_SESSION['ns2_is'] = 0; } $ns2 = isset($_SESSION['ns2']) ? $_SESSION['ns2'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns2'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 2 :'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns2'] = "Name Server 2 :"; // ftpserver - text if(isset($_POST['ftpserver']) && $_POST['ftpserver'] != '') { $ftpserver = isset($_POST['ftpserver']) ? $_POST['ftpserver'] : ''; $_SESSION['ftpserver'] = $ftpserver; } else { $error = '1'; $valError .= 'FTP Server Address : is required.<br/>'; } if(isset($_SESSION['ftpserver_is'])) { $_SESSION['ftpserver_is'] = 0; } $ftpserver = isset($_SESSION['ftpserver']) ? $_SESSION['ftpserver'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpserver'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Server Address :'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpserver'] = "FTP Server Address :"; // ftpuname - text if(isset($_POST['ftpuname']) && $_POST['ftpuname'] != '') { $ftpuname = isset($_POST['ftpuname']) ? $_POST['ftpuname'] : ''; $_SESSION['ftpuname'] = $ftpuname; } else { $error = '1'; $valError .= 'FTP Username : is required.<br/>'; } if(isset($_SESSION['ftpuname_is'])) { $_SESSION['ftpuname_is'] = 0; } $ftpuname = isset($_SESSION['ftpuname']) ? $_SESSION['ftpuname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpuname'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Username :'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpuname'] = "FTP Username :"; // ftppword - text if(isset($_POST['ftppword']) && $_POST['ftppword'] != '') { $ftppword = isset($_POST['ftppword']) ? $_POST['ftppword'] : ''; $_SESSION['ftppword'] = $ftppword; } else { $error = '1'; $valError .= 'FTP Password : is required.<br/>'; } if(isset($_SESSION['ftppword_is'])) { $_SESSION['ftppword_is'] = 0; } $ftppword = isset($_SESSION['ftppword']) ? $_SESSION['ftppword'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftppword'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Password :'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftppword'] = "FTP Password :"; // pop - text if(isset($_POST['pop']) && $_POST['pop'] != '') { $pop = isset($_POST['pop']) ? $_POST['pop'] : ''; $_SESSION['pop'] = $pop; } else { $error = '1'; $valError .= 'POP : is required.<br/>'; } if(isset($_SESSION['pop_is'])) { $_SESSION['pop_is'] = 0; } $pop = isset($_SESSION['pop']) ? $_SESSION['pop'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['pop'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['POP :'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['pop'] = "POP :"; // smtp - text if(isset($_POST['smtp']) && $_POST['smtp'] != '') { $smtp = isset($_POST['smtp']) ? $_POST['smtp'] : ''; $_SESSION['smtp'] = $smtp; } else { $error = '1'; $valError .= 'SMTP : is required.<br/>'; } if(isset($_SESSION['smtp_is'])) { $_SESSION['smtp_is'] = 0; } $smtp = isset($_SESSION['smtp']) ? $_SESSION['smtp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['smtp'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['SMTP :'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['smtp'] = "SMTP :"; // webmailaddy - text if(isset($_POST['webmailaddy']) && $_POST['webmailaddy'] != '') { $webmailaddy = isset($_POST['webmailaddy']) ? $_POST['webmailaddy'] : ''; $_SESSION['webmailaddy'] = $webmailaddy; } else { $error = '1'; $valError .= 'Webmail Address : is required.<br/>'; } if(isset($_SESSION['webmailaddy_is'])) { $_SESSION['webmailaddy_is'] = 0; } $webmailaddy = isset($_SESSION['webmailaddy']) ? $_SESSION['webmailaddy'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['webmailaddy'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Webmail Address :'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['webmailaddy'] = "Webmail Address :"; // adiskspace - text if(isset($_POST['adiskspace']) && $_POST['adiskspace'] != '') { $adiskspace = isset($_POST['adiskspace']) ? $_POST['adiskspace'] : ''; $_SESSION['adiskspace'] = $adiskspace; } else { $error = '1'; $valError .= 'Allocated Disk Space : is required.<br/>'; } if(isset($_SESSION['adiskspace_is'])) { $_SESSION['adiskspace_is'] = 0; } $adiskspace = isset($_SESSION['adiskspace']) ? $_SESSION['adiskspace'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adiskspace'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Disk Space :'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adiskspace'] = "Allocated Disk Space :"; // ambw - text if(isset($_POST['ambw']) && $_POST['ambw'] != '') { $ambw = isset($_POST['ambw']) ? $_POST['ambw'] : ''; $_SESSION['ambw'] = $ambw; } else { $error = '1'; $valError .= 'Allocated Monthly Bandwidth : is required.<br/>'; } if(isset($_SESSION['ambw_is'])) { $_SESSION['ambw_is'] = 0; } $ambw = isset($_SESSION['ambw']) ? $_SESSION['ambw'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ambw'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Monthly Bandwidth :'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ambw'] = "Allocated Monthly Bandwidth :"; // amboxes - text if(isset($_POST['amboxes']) && $_POST['amboxes'] != '') { $amboxes = isset($_POST['amboxes']) ? $_POST['amboxes'] : ''; $_SESSION['amboxes'] = $amboxes; } else { $error = '1'; $valError .= 'Allocated MailBoxes : is required.<br/>'; } if(isset($_SESSION['amboxes_is'])) { $_SESSION['amboxes_is'] = 0; } $amboxes = isset($_SESSION['amboxes']) ? $_SESSION['amboxes'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxes'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBoxes :'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxes'] = "Allocated MailBoxes :"; // amboxquota - text if(isset($_POST['amboxquota']) && $_POST['amboxquota'] != '') { $amboxquota = isset($_POST['amboxquota']) ? $_POST['amboxquota'] : ''; $_SESSION['amboxquota'] = $amboxquota; } else { $error = '1'; $valError .= 'Allocated MailBox Quoted : is required.<br/>'; } if(isset($_SESSION['amboxquota_is'])) { $_SESSION['amboxquota_is'] = 0; } $amboxquota = isset($_SESSION['amboxquota']) ? $_SESSION['amboxquota'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxquota'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBox Quoted :'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxquota'] = "Allocated MailBox Quoted :"; // adbase - text if(isset($_POST['adbase']) && $_POST['adbase'] != '') { $adbase = isset($_POST['adbase']) ? $_POST['adbase'] : ''; $_SESSION['adbase'] = $adbase; } else { $error = '1'; $valError .= 'Allocated Databases : is required.<br/>'; } if(isset($_SESSION['adbase_is'])) { $_SESSION['adbase_is'] = 0; } $adbase = isset($_SESSION['adbase']) ? $_SESSION['adbase'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adbase'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Databases :'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adbase'] = "Allocated Databases :"; // exp - text if(isset($_POST['exp']) && $_POST['exp'] != '') { $exp = isset($_POST['exp']) ? $_POST['exp'] : ''; $_SESSION['exp'] = $exp; } else { $error = '1'; $valError .= 'Expires On : is required.<br/>'; } if(isset($_SESSION['exp_is'])) { $_SESSION['exp_is'] = 0; } $exp = isset($_SESSION['exp']) ? $_SESSION['exp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['exp'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Expires On :'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['exp'] = "Expires On :"; if($error){ if(isset($_SESSION['pages']['page5.php'])) { unset($_SESSION['pages']['page5.php']); } $_SESSION["e_message"] = $valError; header("Location: index.php?section-hostingedit"); } else { $_SESSION['pages']['page5.php'] = 'pass'; // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } // conditional route code // default action header($route); } ?> the code that will not run is // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } If everything on the form passes it should process the data into the database. However it is not. I placed echo statements to see where it was getting to in the database interaction portion of the code but no dice. Any help is apreciated, thanks in advance. Hi everyone I am pretty new to php but have been playing around with it for awhile. I have been trying to include a offline script from codecanyon located (http://codecanyon.net/item/web-construct/61643). The problem I am having is when I try to include the file as per the scripts instruction (<?php include("offline.php");?>) I get all sorts of errors on mysite (please see below for one error). I read his discussion section were one person is having the same problem I am having the script developers answers was (Place the webconstruct include after the session_start() line). I have tried that or think I did it right but still getting the same errors as before. Can someone please help me in getting this script installed? I will copy the session code below and if someone can point me to the right direction in how to resolve this issue I would be thankful. (error) Notice: Use of undefined constant (my session code) <? if ( isset($_SESSION['url']) && $_SESSION['url'] != $SITE_URL ) { session_destroy(); ?> <script language="javascript">window.location.href="index.php";</script> Thanks in advance for anyone's help! Okay, I have a script that is supposed to break if one of the errors occurs. However, it's not. I don't know if I have it coded incorrectly or what. Any help would be appreciated! Purpose of Script: The user is supposed to be able to spend "stat bonus points" to level up their stats. However, if they have 0 points, then obviously they can't spend them. If the user tries to use more points than they have, it's supposed to break too. Thanks in advance!! if (isset($_POST["statbonus"])) { include("tmpconfig.php"); $checkquery = $db->execute("SELECT * FROM `users` WHERE `id`=?", $player->id); //$rec = mysql_fetch_array($checkquery); extract($_POST); $errors = 0; $errorlist = ""; $rec = mysql_fetch_array($checkquery); extract($_POST); $errors = 0; $errorlist = ""; if (!is_numeric($stat_bonus)) { $errors++; $errorlist .= "The amount of bonus sent needs to be a whole number.<br />"; } if ($stat_bonus == "") { $errors++; $errorlist .= "The amount of bonus is required.<br />"; } if ($amount > $stat_bonus) { $errors++; $errorlist .= "You're trying to spend more stat bonus than what you have.<br />"; } if ($stat_bonus == "0") { $errors++; $errorlist .= "You need to spend more stat bonus than just zero.<br />"; } if ($errors == 0) { $query = $db->execute("UPDATE `users` SET `stat_bonus`=? WHERE `id`=?", array($player->stat_bonus - $amount, $player->id)) or die("querya failed: ". mysql_error()); if($query) $qry = $db->execute("select * from `users` where `id`=?", array($player->id)) or die("qry failed: ".mysql_error()); $rw = $qry->fetchrow(); if($qry){ $query2 = $db->execute("UPDATE `users` SET `stat_bonus`=?, $choice=$choice+$amount WHERE `id`=?", array($player->stat_bonus - $amount, $player->id)) or die("query2 failed: ". mysql_error()); if($qry){ echo("<br><br>You have successfully used your stat bonus points.<br>"); } else { echo "<font color=green><b>You have succesfully spent skill points!</b></font><br /><br />"; }}}} Hi Ive made a database with the option to kick someone for a certain amount of time but seems like I'm doing something wrong somewhere can anybody please assist
My full script is
(Admin panel)
<?
include "./emoticon_replace1.php";
if ($_POST["DeletePost"]) {
$id = $_POST["id"];
$query = "DELETE FROM ".$dbTable." WHERE id='".$id."'";
mysql_query($query);
echo "ID removed from system: ".$id;
}
if ($_POST["BanIP"]) {
$IP_To_Add = $_POST["ip"];
if(eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $IP_To_Add))
{
$sql = "INSERT INTO ".$IPBanTable." (ip) VALUES (\"$IP_To_Add\")";
$result = mysql_query($sql);
} else {
echo "Error: Not a valid IP: ".$IP_To_Add;
}
}
if ($_POST["purge"]) {
$query = "TRUNCATE TABLE ".$dbTable;
mysql_query($query);
echo "StringyChat purged";
}
if(!$_POST["update"] || !$_POST["StringyChat_name"] || !$_POST["StringyChat_message"]) {
} else {
$id = $_POST["id"];
$name = $_POST["StringyChat_name"];
$message = $_POST["StringyChat_message"];
include("emoticon_replace.php");
$query = "UPDATE ".$dbTable." SET StringyChat_name='$name', StringyChat_message='$message' WHERE id='".$id."'";
$result = mysql_query($query, $db) or die("Invalid query: " . mysql_error());
}
if ($_POST["EditPost"]) {
$id = $_POST["id"];
$result = mysql_query("SELECT * FROM ".$dbTable." WHERE id='".$id."'", $db);
$myrow = mysql_fetch_array($result);
?>
<form name="StringyChat_form" method="POST" action="?mode=postman">
Name:<br>
<input name="StringyChat_name" class="StringyChatFrm" type="text" size="20" maxlength="<? echo $name_size; ?>" value="<? echo $myrow["StringyChat_name"]?>">
<br>
Message:<br>
<textarea name="StringyChat_message" class="StringyChatFrm" cols="20" rows="4"><? echo $myrow["StringyChat_message"]?></textarea>
<br>
<input type="hidden" name="id" value="<? echo $id ?>">
<input name="update" class="StringyChatFrm" type="submit" value="Update">
</form>
<?
}
?>
<a href="<? echo $_SERVER['REQUEST_URI']; ?>&m=purge">Purge StringyChat</a><br>
<br>
<?
// Load up the last few posts. The number to load is defined by the "ShowPostNum" variable.
$result = mysql_query("SELECT * FROM ".$dbTable." ORDER BY StringyChat_time DESC",$db);
while ($myrow = mysql_fetch_array($result)) {
$msg = $myrow["StringyChat_message"];
$msg = strip_tags($msg);
$msg = eregi_replace("im#([a-z]{3})", "<img src=\"/stringychat/images/\\1.gif\" alt=\"emoticon\">",$msg);
printf("<div class=\"StringyChatItem\"><h4>%s<br>\n", $myrow["StringyChat_name"]);
printf("%s<p>\n",$myrow["StringyChat_ip"],"%s</p>\n");
printf("%s</h4>\n", date("H:i - d/m/y", $myrow["StringyChat_time"]));
printf("%s</div>\n", $msg);
if ($_POST["1h"]) {
$mxitid1= $_POST["1h"];
if(eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $IP_To_Add))
{
$sql1 = "UPDATE ".$dbTable." SET unban_time = DATE_ADD(NOW(), INTERVAL 1 DAY) WHERE mxit_id = $mxitid1)";
$result1 = mysql_query($sq1l);
} else {
echo "Error: Cannot Kick: ".$IP_To_Add;
}
}
function checkban($mxitid)
{
// querys database
$q = mysql_query("SELECT 1 FROM ".$dbTable." WHERE unban_time > NOW() AND mxit_id = '$mxitid'",$db);
$get = mysql_num_rows($q);
// if found
if ($get == "1")
{
// deny user access
$r=mysql_fetch_array($q);
die("You have been banned from this website until $r[legnth]. If you feel this is in error, please contact the webmaster at .");
}
}
?>
<form name="form<? echo $myrow["id"];?>" method="post" action="?mode=postman">
<input name="id" type="hidden" value="<? echo $myrow["id"];?>">
<input name="ip" type="hidden" value="<? echo $myrow["StringyChat_ip"];?>">
<input name="EditPost" type="submit" id="EditPost" value="Edit">
<input name="DeletePost" type="submit" id="DeletePost" value="Delete">
<input name="BanIP" type="submit" id="BanIP" value="Ban <? echo $myrow["StringyChat_ip"];?>">
<input name="1h" type="submit" id="1" value="Kick <? echo $myrow["mxit_id"];?>">
<input name="1d" type="submit" id="1d" value="Kick <? echo $myrow["StringyChat_ip"];?> for 24 hours ">
<input name="7d" type="submit" id="7d" value="Kick <? echo $myrow["StringyChat_ip"];?> for 7 days ">
</form>
<?
}
?>
The part I added to the above script which is giving me pain is
if ($_POST["1h"]) {
$mxitid1= $_POST["1h"];
if(eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $IP_To_Add))
{
$sql1 = "UPDATE ".$dbTable." SET unban_time = DATE_ADD(NOW(), INTERVAL 1 DAY) WHERE mxit_id = $mxitid1)";
$result1 = mysql_query($sq1l);
} else {
echo "Error: Cannot Kick: ".$IP_To_Add;
}
}
function checkban($mxitid)
{
// querys database
$q = mysql_query("SELECT 1 FROM ".$dbTable." WHERE unban_time > NOW() AND mxit_id = '$mxitid'",$db);
$get = mysql_num_rows($q);
// if found
if ($get == "1")
{
// deny user access
$r=mysql_fetch_array($q);
die("You have been banned from this website until $r[legnth]. If you feel this is in error, please contact the webmaster at .");
}
}
What I'm trying to do is to ban the person for 1 day. And by banning the person I want them to be blocked from my Index page from submitting a form (sending a message) which is stored as tik.php on my index page
index.php
<?php
require_once('common.php');
include "ip-ban-time-limit.php";
checkban($_SERVER['HTTP_X_MXIT_USERID_R']);
checkUser();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Galaxy Universe Chat</title>
<link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body><br>
<div id="main">
<div class="caption">Galaxy Universe Chat</div>
<div id="icon"> </div>
<div id="result">
Hello <?php echo $_SESSION['userName']; ?> ! <br/>
<div style="color:red"><b><p>Please keep it clean and in English or you will be banned!</p></b></div>
<br>
<?PHP
include "./stringychat.inc.php";
require_once ( 'tik.php' );
?>
<br>
<p><a href="index1.php">Refresh</a> | <a href="logout.php">Log Out</a></p>
</div>
<div id="source">Galaxy Wars chat @ cobusbo</div>
</div>
</body>
Seems like I've been doing something wrong with my queries...Hi, I recently attempted to install a refer-a-friend script into my website but I really don't use PHP at all and even my html is very sloppy so it didn't get installed as planned. It currently cuts out the bottom half of my website like so: http://www.returntherake.com/refer.php Basically everything before the script is called is fine but everything after doesn't work. Heres the code from the point its installed till the end of my website. Any help would be great. Thank you so much. Quote <script language="php"> // Number of friend feilds to put on the page $tellnumber = "3"; // Subject of email $subject = "Great Poker Rakeback Site"; // Message sent in the email $message = "Look at this great site I found. I think you'll like it. It will boost your profits while playing online poker by getting you some of your rake back. http://www.ReturnTheRake.com/ When signing up with a website remember to say $_POST[name] referred you in the proper section. As you will recieve a 25% bonus on your first $20 rakeback recieved."; // Url to redirect user to once they click submit $thankyouurl = "http://www.returntherake.com/thankyou_refer.html"; ////////////////////////////////////////////////////////////////////////////////// // DO NOT EDIT ANYTHING BELOW THIS LINE // ////////////////////////////////////////////////////////////////////////////////// if($_POST[submitform] == "Submit") { $error = ""; $num=0; while($num < $tellnumber) { $num++; $temail = "femail"."$num"; $tname = "fname"."$num"; if($_POST[$tname] OR $_POST[$temail]) { if(!$_POST[$tname]) { $error .= "Missing Friends Name, Friend $num<BR>"; } if(!$_POST[$temail]) { $error .= "Missing Friends Email, Friend $num<BR>"; } } if($_POST[$temail]) { if(!ereg("@",$_POST[$temail])) { $error .= "Invalid Email Address, Friend $num<BR>"; } if(!ereg("\.",$_POST[$temail])) { $error .= "Invalid Email Address, Friend $num<BR>"; } } } if(!$_POST["name"]) { $error .= "Missing your name<BR>"; } if(!ereg("@",$_POST[email])) { $error .= "Invalid Email Address<BR>"; } if(!ereg("\.",$_POST[email])) { $error .= "Invalid Email Address<BR>"; } if($error) { ?> <BODY BGCOLOR="#ffffff"> <P><CENTER><TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0"> <TR> <TD WIDTH="100%" BGCOLOR="#01864E"> <TABLE WIDTH="340" BORDER="0" CELLSPACING="1" CELLPADDING="2"> <TR> <TD WIDTH="26%" BGCOLOR="#01864E"> <B><FONT COLOR="#ffffff" SIZE="-3" FACE="Verdana">Error</FONT></B></TD> </TR> <TR> <TD WIDTH="26%" BGCOLOR="#ffffff"> <FONT COLOR="#000000" SIZE="-3" FACE="Verdana"><? echo $error; ?></FONT></TD> </TR> </TABLE></TD> </TR> </TABLE></CENTER> <? exit(); } $extra ="\r\n"; $headers = ""; $headers .= "From: $_POST[name] <$_POST[email]>".$extra; $headers .= "Reply-To: $_POST[name] <$_POST[email]>".$extra; $headers .= "Return-Path: $_POST[name] <$_POST[email]>".$extra; $headers .= "Message-ID: <".time()." - $_POST[email]>".$extra; $headers .= "X-Mailer: PHP v".phpversion().$extra; $headers .= 'MIME-Version: 1.0'.$extra.$extra; $num=0; while($num < $tellnumber) { $num++; $temail = "femail".$num; $tname = "fname".$num; $print_f_name = $_POST[$tname]; $print_f_email = $_POST[$temail]; if($_POST[$temail] AND $_POST[$tname]) { mail($print_f_email,"$subject"," Hi, $print_f_name $message From $_POST[name] ",$headers); } } header("Location: $thankyouurl"); exit(); } else { $num=0; while($num < $tellnumber) { $num++; $theboxes .= " <TR> <TD WIDTH=\"49%\" BGCOLOR=\"#ffffff\"> <CENTER><B><FONT COLOR=\"#000000\" SIZE=\"-3\" FACE=\"Verdana\">$num</FONT></B></CENTER></TD> <TD WIDTH=\"26%\" BGCOLOR=\"#ffffff\"> <CENTER><INPUT NAME=\"fname$num\" TYPE=\"text\" SIZE=\"-3\"></CENTER></TD> <TD WIDTH=\"25%\" BGCOLOR=\"#ffffff\"> <INPUT NAME=\"femail$num\" TYPE=\"text\" SIZE=\"-3\"> </TD> </TR>"; } ?> <BODY BGCOLOR="#ffffff"> <P><CENTER><FONT FACE="Verdana"><B>Tell your friend about our site</B></FONT></CENTER></P> <FORM ACTION="tellfriend.php" METHOD="POST"><P><CENTER><TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0"> <TR> <TD WIDTH="100%" BGCOLOR="#01864E"> <TABLE WIDTH="340" BORDER="0" CELLSPACING="1" CELLPADDING="2"> <TR> <TD WIDTH="26%" BGCOLOR="#01864E"> <CENTER><B><FONT COLOR="#ffffff" SIZE="-3" FACE="Verdana">Your Poker Account</FONT></B></CENTER></TD> <TD WIDTH="25%"> <CENTER><B><FONT COLOR="#ffffff" SIZE="-3" FACE="Verdana">Your Email</FONT></B></CENTER></TD> </TR> <TR> <TD WIDTH="150" BGCOLOR="#ffffff"> <CENTER><INPUT NAME="name" TYPE="text" SIZE="12px"></CENTER></TD> <TD WIDTH="200" BGCOLOR="#ffffff"> <INPUT NAME="email" TYPE="text" SIZE="-3"> </TD> </TR> </TABLE></TD> </TR> </TABLE></CENTER></P><P><CENTER><TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0"> <TR> <TD WIDTH="100%" BGCOLOR="#01864E"> <TABLE WIDTH="340" BORDER="0" CELLSPACING="1" CELLPADDING="2"> <TR> <TD WIDTH="49%" BGCOLOR="#01864E"></TD> <TD WIDTH="26%" BGCOLOR="#01864E"> <CENTER><B><FONT COLOR="#ffffff" SIZE="-3" FACE="Verdana">Friends name</FONT></B></CENTER></TD> <TD WIDTH="25%"> <CENTER><B><FONT COLOR="#ffffff" SIZE="-3" FACE="Verdana">Friends email</FONT></B></CENTER></TD> </TR><? echo $theboxes; ?></TABLE></TD> </TR> </TABLE></CENTER></P> <P><CENTER><INPUT NAME="submitform" TYPE="submit" VALUE="Submit"></CENTER></FORM> <? exit(); } ?> </h3> </td> </tr> </table></td> <td width="1" bgcolor="#CCCCCC"></td> </tr> <tr> <td height="1" colspan="3" bgcolor="#CCCCCC"></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td height="10" align="center" valign="top"></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr> <td align="left" height="17" valign="top" class="style19"> </td> </tr> <tr> <td align="left" height="17" valign="top" class="style19"> </td> </tr> </tbody> </table> </td> </tr> </tbody> </table> </td> </tr> <tr> <td align="left" valign="top"> </td> </tr> <tr> <td align="left" valign="top"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody> <tr> <td align="left" valign="top" width="11"><img src="images/footer_bg_left.gif" alt="" height="120" width="11" /></td> <td class="footer" align="left" valign="middle"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody> <tr> <td style="padding-left: 12px;" align="left" valign="top" width="260"><img src="images/footer_img.gif" alt="" height="110" width="249" /></td> <td align="left" valign="middle"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody> <tr> <td class="footer_border" align="left" valign="top"> <a href="index.php">Homea> | <a href="#">Terms & Conditions</a> | <a href="#"> Privacy Policy</a> | <a href="#">Site Map</a> | <a href="#">Contact Us</a></td> </tr> <tr> <td class="footer_border" style="font-size: 10px; line-height: 22px;" align="left" valign="top">ReturnTheRake.com Copyright © 2010, All Rights Reserved.</td> </tr> </tbody> </table> </td> </tr> </tbody> </table> </td> <td align="left" valign="top" width="11"><img src="images/footer_bg_right.gif" alt="" height="120" width="11" /></td> </tr> </tbody> </table> </td> </tr> <tr> <td align="left" valign="top"> </td> </tr> </tbody> </table> <br /> </body> </html> |
|||||||