|
PHP - Using Php Filters With Mysql Database
Hi there,
I have been creating a website which shows products of the companys (www.theadventurestartshere.org) and I have been trying to make some filters for the products using URL Parameters and recordsheet filters... Can someone advise me on the easiest way to do this? As I have created a method to do it with, (check website) but it has to be entered manually and I was hoping there is an easier way? Please Note I like to use drop down boxes for the filters but if there is a way to do the checkbox style you see on say Amazon then that would be brilliant... I use Dreamweaver CS5, and the newest versions of PHP and MySql Many Thanks, Paul Similar TutorialsI am having a lot of trouble with this code, and I have no clue how to fix it. Right now, I have a GUI for a fictitious car dealership that has 5 populated drop down menus called Make, Model, Year, Color, and Mileage. What I want the code to do is read the selections made by the user with the drop down menus once the user hits the submit button and then filter the tables that I have in a mysql database to meets the choice requirements of the user. The code will bring up the GUI, but once I hit the submit button, I get the following errors Please if anyone can help me that would be fantastic. I really have no clue At the moment I am creating a search function for my website. The approach I have in mind is a pseudo-PHP database. To give an example: A HTML form will submit the results to a PHP file. HTML FORM - Colour: Black PHP RESULT PAGE - if ($_POST['color'] == 'Black') {readfile("./products/black/*.html");} HTML FORM - Price: <$50 PHP RESULT PAGE - if ($_POST['Price'] == '<$50') {readfile("./products/less50/*.html");} The problem here is if there is an item that is black and costs less than $50, then its going to be listed twice. There is probably some code I can write to ommit the listing of duplicate entries, but it is probably going to be messy, so I am wondering if its better to use a centralized MySQL database, rather than a pseudo-PHP database? I've never used MySQL and don't know much about it and this is my first real attempt at using PHP. Right i have my code below, i also have a drop down box My drop down menu code <table class="thinline" width="175"> <tr><td class="topic">Show All Cars From:</td> </tr><tr> <td> <select name="lim" class="text"> <option value="X">Everywhere</option> <option value="England">England</option> <option value="China">China</option> <option value="Japan">Japan</option> <option value="Brazil">Brazil</option> <option value="South-Africa">South-Africa</option> <option value="America">America</option><br><input type="submit" value="Show!" class="button" style="margin-top: 4px;"> </td></tr></table> i want this box's values to update my SQL query so it shows only cars from that location seleteted. Code: [Select] <?php require("connections/db.php"); require("connections/require.php"); require("connections/jailed.php"); $submit = strip_tags($_POST['submit']); $ros = strip_tags($_POST['ros']); $play = mysql_query("SELECT * FROM `players` WHERE `playername` = '$player' LIMIT 1")or die(mysql_error()); $arry = mysql_fetch_array($play); $cash = $arry['money']; $qry = mysql_query("SELECT * FROM `garage` WHERE `owner` = '$player' ORDER BY `id` DESC")or die(mysql_error()); $num = mysql_numrows($qry); ?> <html> <head> <link rel="stylesheet" type="text/css" href="connections/style.css" /> <script type="text/javascript" src="selectall.js"></script> </head> <body> <form action="" method="post"> <table class="thinline" width="175"> <tr><td class="topic">Show All Cars From:</td> </tr><tr> <td> <select name="lim" class="text"> <option value="X">Everywhere</option> <option value="England">England</option> <option value="China">China</option> <option value="Japan">Japan</option> <option value="Brazil">Brazil</option> <option value="South-Africa">South-Africa</option> <option value="America">America</option><br><input type="submit" value="Show!" class="button" style="margin-top: 4px;"> </td></tr></table> <br> <table width="95%" align="center" class="tbl"> <tr><td align="center" class="hdr" colspan="8">.::Garage::.</td></tr> <tr> <td align="center" class="sub" width="5%"> <input type="checkbox" name="checkall" onClick="checkUncheckAll(this);"> </td> <td align="center" class="sub">Type</td> <td align="center" class="sub">Damage</td> <td align="center" class="sub">Value</td> <td align="center" class="sub">Origin</td> <td align="center" class="sub">Location</td> <td align="center" class="sub">Repair</td> <td align="center" class="sub">Sell</td> </tr> <? if ($num == 0){ ?> <tr><td align="center" class="tbl" colspan="8">You don't have any cars.</td></tr> <? }elseif ($num > 0){ while ($arr = mysql_fetch_array($qry)){ $id = $arr['id']; $car = $arr['car']; $dam = $arr['damage']; $origin = $arr['origin']; $location = $arr['location']; $status = $arr['status']; $value = $arr['value']; if ($status == 0){ $rep = "<a href=\"?rep=".$id."\">Repair</a>"; }else{ $rep = "Unavailable"; } if ($status == 0){ $sell = "<a href=\"?sell=".$id."\">Sell</a>"; }else{ $sell = "Unavailable"; } $car = "<a href=\"".$img."\" target=\"main\">".$car."</a>"; ?> <tr> <td align="center" class="tbl"> <input type="checkbox" name="radio[]" value="<? print $id; ?>"> </td> <td align="center" class="tbl"><? print $car; ?></td> <td align="center" class="tbl"><? print $dam; ?>%</td> <td align="center" class="tbl"><? print ("$".number_format($value).""); ?></td> <td align="center" class="tbl"><? print $origin; ?></td> <td align="center" class="tbl"><? print $location; ?></td> <td align="center" class="tbl"><? print $rep; ?></td> <td align="center" class="tbl"><? print $sell; ?></td> </tr> <? }} ?> <tr><td align="center" class="tbl" colspan="8"> <select name="ros"> <option value="sell" Selected>Sell</option> <option value="rep">Repair</option> </select> <? sub(submit,Submit); ?> </td></tr> </table> </form> </body> </html> For eg. I have a page with a query that retrives records from the database and I want to have options of filtering out the shown records by date, time, likes, views..etc; how would I go about doing that?
The way I am thinking is having a html form with those filter inputs and using a relative query based on the filter selection to retrive the results.
What you think?
1st the log in code: Code <form method ="post" action="cartnisya.php"> <table border="0"align="right"> <td>Username:</td> <td><input type="Text" name="Username"></td> <td>  </td> <td>  </td> <td>Password:</td> <td><input type="Password" name="Password"></td> <td>  </td> <td colspan="2" align="center"><input type="Submit" name=submit" value="Submit"></td> </table> <img src="Vinnex1.jpg"> </form> it will then go the php code: CODE: <html> <?php $db = mysql_connect("localhost", "root",""); mysql_select_db("vinnex",$db); $Username = $_POST['Username']; echo $Username; $result = mysql_query("Select TransNo From transaction", $db); $myrow = mysql_fetch_array($result); if ($myrow=='') { $TransNo='1000'; $sql = mysql_query("Select * From customer where Username='$Username'", $db); $myrow1 = mysql_fetch_array($sql); $Username = $myrow1['Username']; $Firstname = $myrow1['Firstname']; $Lastname = $myrow1['Lastname']; $name = $Firstname. " ".$Lastname; $Date = date('m/d/y'); $sql1 = "INSERT INTO temptransaction (TransNo, Username, Firstname, Date) VALUES ('$TransNo', '$Username', '$Firstname', '$Date')"; $result = mysql_query($sql1); //or die(mysql_error()); } else { $sql = mysql_query("Select max(TransNo) maxTransNo From transaction", $db); $myrow1 = mysql_fetch_array($sql); $orderno = $myrow1['maxTransNo']+1; $sql = mysql_query("Select * From customer where Username='$Username'", $db); $myrow1 = mysql_fetch_array($sql); $Username = $myrow1['Username']; $Firstname = $myrow1['Firstname']; $Lastname = $myrow1['Lastname']; $name = $Firstname. " ".$Lastname; $Date = date('m/d/y'); $sql1 = " INSERT INTO temptransaction (TransNo, Username, Firstname, Date) VALUES ('$TransNo', '$Username', '$Firstname', '$Date')"; $result = mysql_query($sql1) or die(mysql_error()); } ?> <meta http-equiv="refresh" content="0;url=orderproduct.html"/> </html> once this is open it will go the selected it wont display the matched echo for the text field. once i call the database when using username and password it wont filter and it wont call for a firstname and username to be saved in the database please help I have a property website and I want users to be able to filter the properties, So when they access the page, and click 'detached properties' only detached properties will appear, if the user selects 'semi-detached' then only semi detached properties will appear. I already have a mySQL database set up. Image attached here to have a better understanding. Basically I have a property page where I want users to be able to click 'detached' and then only detached properties will appear, if the user click 'semi-detached' then only semi-detched properties will appear. but these properties that I want to appear are just images, then a link to the actually property page with all the details. You can view the page here to get a better understanding: http://www.mumtazproperties.hostei.com/forsale.html At the moment all of the properties appear on the page. (and when you select the filters it actually does what I want it too, but through HTML) But I want the information to come from a database and then use PHP code to execute it all. Help is hugely appreciated, thanks. Hello everyone, I have website that uses the php(mail) function to notify users when something happens on their account. The site was created for a school district so all the users are district employees where their incoming email is subject to pretty strict spam filtering. I am using headers to indicate to the recipient that the email is coming from support@mysite.com, but I guess the mail servers see past this and recognize that it's coming from a php(mail) function. Because of this, all of the emails being sent are being blocked by the filter. I've tried adding all emails coming from an address that ends with "@mysite.com" but this doesn't work. This is what the addresses look like that the spam filter is actually seeing: elmas156@p3nlhftpg049.shr.prod.phx3.secureserver.net And I can't just add a single address to the white list because each time an email is sent, the letters and numbers after "@" and before "secureserver.net" are different. Here's another address that shows up: elmas156@p3nlhg331.shr.prod.phx3.secureserver.net here is the code that I'm using to send the emails: Code: [Select] <?php $sendto = "$email"; $emailsubject = "Testing Message Report For $cdate."; $emailmessage = "This is a test email."; // To send HTML mail, the Content-type header must be set $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; // Additional headers $headers .= 'From: MySite.com Report <support@mysite.com>' . "\r\n"; // Mail it mail($sendto, $emailsubject, $emailmessage, $headers); ?> Does anyone have any suggestions on what to do to make every email sent to be recognized by the spam filter as coming from the same email instead of a bunch of random ones? I hope this is making sense to someone because it was very difficult for me to explain in writing. Thanks in advance for any help or suggestions. Folks, I am just trying to learn PHP. For form input validation which is better - Regexp or PHP Filters? Or do they have completely different uses? Where does preg fit in? Thank you! J.S. Hi all,
I have been reading in almost everywhere that we should not use our own custom login and password validations ( like regex etc.) but instead use the filter_var and filter_input built in functions provided by PHP 5 and above. However even after searching for more than an hour for with different search strings, I have not found even a single example that shows how we may validate for a username/login and password in a login form. Can someone be kind enough to provide a strong secure validations for username and login.
Additionally I would also like to clarify if the username and login fields in a Login form be manipulated in any manner to pose a security threat? I mean can a hacker craft a username/login or password in such a manner as to pose an injection or any other threat?
Thanks all.
How would I go about doing the following: I have a csv like this Quote "Division","Section","Group","Product Code","Description","Description + Secondary Description" "Division 1","Section 1","Group 1","BMSLPL25","Test Name","Test Description" "Division 1","Section 1","Group 2","BMSLPL26","Test Name 2","Test Description 2" "Division 2","Section 2","Group 2","BMSLPL27","Test Name 3","Test Description 3" I have a database structured like this Quote Divisions --- id name parent_id Groups --- id name division_id Products --- id code description secondary_description Section is a sub division. What is the best way to get the information from CSV into this database? Should I have another table and store the CSV data as is and then query that to make the other tables. Any help much appreciated. hello and good day
first of all:; i hope youre all right and everything goes well at your site;: Worpress-Plugin API - giving back the meta-data according the usage of different filters
I'm currently working on a parser to make a small preview on the newest plugins in wordpress. at the moment i think i work from a URL given out of the range of these: https://de.wordpress.org/plugins/browse/popular/ - let us say the first 30 to 40 URL-pages.
What i subsequently want to filter out after the fetch is - those plugins that have the newest timestamp Version: 1.9.5.12 installations: 10,000+ WordPress Version: 5.0 or higher Tested up to: 5.4 PHP Version: 5.6 or higher Tags 3 Tags: database member sign-up form volunteer Last updated: 19 hours ago plugin-ratings
Supported arguments per action +--------------------+---------------+--------------------+----------+----------------+ | | | | | | +--------------------+---------------+--------------------+----------+----------------+ | Argument Name | query_plugins | plugin_information | hot_tags | hot_categories | | $slug | No | Yes | No | No | | $per_page | Yes | No | No | No | | $page | Yes | No | No | No | | $number | No | No | Yes | Yes | | $search | Yes | No | No | No | | $tag | Yes | No | No | No | | $author | Yes | No | No | No | | $user | Yes | No | No | No | | $browse | Yes | No | No | No | | $locale | Yes | Yes | No | No | | $installed_plugins | Yes | No | No | No | | $is_ssl | Yes | Yes | No | No | | $fields | Yes | Yes | No | No | +--------------------+---------------+--------------------+----------+----------------+
regards dil_Bert
cf: https://developer.wordpress.org/reference/functions/plugins_api/ $fields = array( 'active_installs' => true, // rounded int 'added' => true, // date 'author' => true, // a href html 'author_block_count' => true, // int 'author_block_rating' => true, // int 'author_profile' => true, // url 'banners' => true, // array( [low], [high] ) 'compatibility' => false, // empty array? 'contributors' => true, // array( array( [profile], [avatar], [display_name] ) 'description' => false, // string 'donate_link' => true, // url 'download_link' => true, // url 'downloaded' => false, // int // 'group' => false, // n/a 'homepage' => true, // url 'icons' => false, // array( [1x] url, [2x] url ) 'last_updated' => true, // datetime 'name' => true, // string 'num_ratings' => true, // int 'rating' => true, // int 'ratings' => true, // array( [5..0] ) 'requires' => true, // version string 'requires_php' => true, // version string // 'reviews' => false, // n/a, part of 'sections' 'screenshots' => true, // array( array( [src], ) ) 'sections' => true, // array( [description], [installation], [changelog], [reviews], ...) 'short_description' => false, // string 'slug' => true, // string 'support_threads' => true, // int 'support_threads_resolved' => true, // int 'tags' => true, // array( ) 'tested' => true, // version string 'version' => true, // version string 'versions' => true, // array( [version] url ) );
what do you say-!? I'm trying to use php code that is stored in the sql database, but It doesn't seem to be executing the code. when I see the page source, its there but the server is not executing the command how do I accomplish this. Here is a simple code snippet to show what I am trying to do. $result = mysql_query("select * from data"); $row = mysql_fetch_array($result); echo $row['code']; In the code field in data table this is whats there. <?php echo "testing."; ?> I'm having problems updating my database, I have 4 fields i want to change. I checked all the { on the page, that's not the problem, I tried to echo information from the database and it displayed my information so that's not the problem, i tried yelling at my computer, that didn't work, i tried to input data into the database with the insert function it worked but is not practical in my situation. I'm probably going to face palm when i find out whats wrong, help please btw, the $_SESSION['usr'] was set in another page and works. Code: [Select] <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Edit Info</title> <link rel="stylesheet" type="text/css" href="demo.css" media="screen" /> </head> <body> <div id="main"> <div class="container"> <font size="5" face="sans-serif">Change Settings <?php echo "{$_SESSION['usr']}"; ?></font> <form action="" method="POST"> <table cellpadding="3" cellspacinf="4" border="0"> <tr> <td>Name</td> <td><input type="text" name="name" /></td> </tr> <tr> <td>Age</td> <td><input type="text" name="age" /></td> </tr> <tr> <td>Gender</td> <td><input type="text" name="mf" /></td> </tr> <tr> <td>Location</td> <td><input type="text" name="loc" /></td> </tr> <tr> <td><input type="submit" name="submit" value="submit" /></td> </tr> </table> </form> <?php if ($_POST['submit']){ define('INCLUDE_CHECK',true); require 'connect.php'; $usr = $_SESSION['usr']; $sql = mysql_query("UPDATE members SET name='{$_POST['name']}', age='{$_POST['age']}, mf='{$_POST['mf']}', loc='{$_POST['loc']}' WHERE usr='{$_SESSION['usr']}'"); if($sql){ echo 'Changes Saved!'; }else{ echo 'Error'; } } ?> </div> </div> </body> </html> I looked into this everywhere,but the code does not make sense, is not properly documented and is outdated. Ive been trying to achieve this for the past hour. Anybody know how I can do this? Hi On my xampp server's database I get the warning that my database is read-only when I try to insert something into a table. I think I may know what cause this, because I created an export/import app that exports/import important data to the database... How can I remove the read-only from the database, because I am scared that the same thing might happen to my server's database? And is there a mysql query that test if the database is read-only? Thanks in advance Hi, I want to make a Shoutbox in Php without using a MySQL-database. This is the code I've got: Code: [Select] <?php $nickname = strip_tags($_POST['nickname']); $message = strip_tags($_POST['message']); ?> <html> <body> <<<HERE<b><h3><center>Shout Box</center></h3></b> <iframe src="chat.txt" width="700" height="250"></iframe> <form method="post" name="form"> Nickname: <input type="text" name="nickname" value="<?php echo $nickname;?>"><br> Message: <input type="text" name="message" value="<?php echo $message;?>"> <input type="submit" value="Submit"> </form> <a href="#">Refresh</a> <?php if ($_POST['nickname'] && $_POST['message']){ $fp = fopen("chat.txt", "a"); $stuff = $nickname . ": " . $message . "n"; fputs($fp, $stuff); } else { echo "Please enter nickname and message."; } ?> </body> </html> Problem is: it isn't working. :-P It does read things from chat.txt, but I cant get the input-box working (let people add stuff to chat.txt). What do I do wrong? Hi guys, I need your help. I am checking on a database as I want to see if I have the same value in the url and in the database. Code: [Select] <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'mydbuser'); define('DB_PASSWORD', 'mydbpass'); define('DB_DATABASE', 'mydbtable'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $username = clean($_GET['user']); $password = clean($_GET['pass']); $test = clean($_GET['test']); $public = clean($_GET['public']); if (isset($_GET['user']) && (isset($_GET['pass']))) { if($username == '' || $password == '') { $errmsg_arr[] = 'username or password are missing'; $errflag = true; } } elseif (isset($_GET['user']) || (isset($_GET['test'])) || (isset($_GET['public']))) { if($username == '' || $test == '' || $public == '') { $errmsg_arr[] = 'user or others are missing'; $errflag = true; } } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE username='$username' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if ($username && $password) { if(mysql_num_rows($result) > 0) { $qrytable1="SELECT images, id, test, links, Public FROM user_list WHERE username='$username'"; $result1=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error()); while ($row = mysql_fetch_array($result1)) { echo "<p id='test'>"; echo $row['test'] . "</p>"; echo '<p id="images"> <a href="images.php?test=test&id='.$row['id'].'">Images</a></td> | <a href="http://' . $row["links"] . '">Link</a> </td> | <a href="delete.php?test=test&id='.$row['id'].'">Delete</a> </td> | <span id="test">'.$row['Public'].'</td>'; } } else { echo "user not found"; } } elseif($username && $test && $public) { $qry="SELECT * FROM members WHERE username='$username'"; $result1=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result1) > 0) { $qrytable1="SELECT Public FROM user_list WHERE username='$username' && test='$test'"; $result2=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result2) > 0) { $row = mysql_fetch_row($result2); mysql_query("UPDATE user_list SET Public=('$_GET[public]') WHERE username='$username' AND test='$test'"); echo "update!"; } else { echo "already updated!"; } } else { echo "user not found"; } } } ?> This is the function I use to check the value in the database: Code: [Select] if (mysql_affected_rows($result2) > 0) { mysql_query("UPDATE user_list SET Public=('$_GET[public]') WHERE username='$username' AND test='$test'"); echo "you have update it!"; } else if (mysql_affected_rows($result2) < 0) { echo "it is not on the database"; } else { echo "you have already updated!"; } When i input the different value in a url bar while the records are not the same as the value in the url and in the database, i can't get passed and I am keep getting "you have already updated!!" when the value in a database are different than I have input in a url. Do you know how i can get pass it when I have input the different value in the url while it is not the same in the database? Any advice would be much appreicated. Thanks, Mark Hello all, first post here so i hope i'm doing this right and am putting this into the right place. Im in the process of integrating a blog into my website, mostly it's set up however i'm currently working on the code to update the posts (theres only 2 parts a title and a comments[which is in actual fact the post content itself]). The code succsefully completes without any errors but for some reason it does not actually update the mysql database.. the code i'm using is as follows: Code: [Select] <?php require_once('header.php'); include "../blog/blogconfig.php"; if(isset($_POST['submit'])){ $update="UPDATE eq_blogarticle SET title='".$_POST['title']."',comments='".$_POST['comment']."' WHERE artid='$aid'"; if(!mysql_query($update)){ echo mysql_error(); }else{ header("location:blog.php?action=listmsgs"); exit; } } ?> <?php // get value of aid that sent from address bar by blog.php?action=listmsgs $aid=$_GET['aid']; // Retrieve data from database $sql="SELECT * FROM eq_blogarticle WHERE artid='$aid'"; $result=mysql_query($sql); $row=mysql_fetch_array($result); ?> <form name="form2" method="post" action="update.php"> <script type="text/javascript">var SITE_URL="<?php echo SITE_URL;?>";</script> <script type="text/javascript" src="<?php echo SITE_URL;?>/includes/js/nicEdit.js"></script> <script type="text/javascript"> //<![CDATA[ bkLib.onDomLoaded(function() { nicEditors.allTextAreas() }); //]]> </script> <body> <table width="100%" border="0" cellspacing="1"> <tr> <td colspan="2" class="temptitle">Equidisc Blog</td> </tr> <tr> <td width="74%" valign="top"> <table> Edit Blog Post <br> <br> Title: <br> <input name="title" type="text" class="input" id="title" value="<? echo $row['title']; ?>"> <br> <br> <span class="style1 style2 style3">Blog Post:</span> <br> <br> <textarea name="comments" cols="55" rows="12" class="input" id="comments"><? echo stripslashes($row['comments']); ?></textarea> <br> <br> <input name="aid" type="hidden" id="aid" value="<? echo $row['artid']; ?>"> <input type="submit" name="submit" value="Submit"> </form> </table> </td> <td width="26%" valign="top"><table width="100%" border="0" cellspacing="1"> <tr> <td colspan="2"><img src="../blog/images/fb.gif" width="16" height="16" /> <strong>Blog Menu</strong></td> </tr> <tr> <td><a href="blog.php">Home</a></td> </tr> <tr> <td><a href="blog.php?action=newblogpost">New Post </a></td> </tr> <tr> <td><a href="blog.php?action=listmsgs">Manage Posts </a></td> </tr> </table></td> </tr> </table> </body> <?php require_once('footer.php'); ?> Explanation: header/footer.php obvious ../blog/blogconfig.php holds my mysql connection settings and connects to the sql, this is the same config as is used for creating the new posts which i have no issues with so i dont think the issue lays there. If i run the query on phpmyadmin with dummy data it works fine and updates the entry.. Any help would be very much appreciated as i'm at the end of my tether with this!. Thanks in advance. Jo |
|||||||