|
PHP - Need Help In Where To Insert Username Check Code Into Current Form Code
Hi, I need to insert some code into my current form code which will check to see if a username exist and if so will display an echo message. If it does not exist will post the form (assuming everything else is filled in correctly). I have tried some code in a few places but it doesn't work correctly as I get the username message exist no matter what. I think I am inserting the code into the wrong area, so need assistance as to how to incorporate the username check code.
$sql="select * from Profile where username = '$username'; $result = mysql_query( $sql, $conn ) or die( "ERR: SQL 1" ); if(mysql_num_rows($result)!=0) { process form } else { echo "That username already exist!"; } the current code of the form <?PHP //session_start(); require_once "formvalidator.php"; $show_form=true; if (!isset($_POST['Submit'])) { $human_number1 = rand(1, 12); $human_number2 = rand(1, 38); $human_answer = $human_number1 + $human_number2; $_SESSION['check_answer'] = $human_answer; } if(isset($_POST['Submit'])) { if (!isset($_SESSION['check_answer'])) { echo "<p>Error: Answer session not set</p>"; } if($_POST['math'] != $_SESSION['check_answer']) { echo "<p>You did not pass the human check.</p>"; exit(); } $validator = new FormValidator(); $validator->addValidation("FirstName","req","Please fill in FirstName"); $validator->addValidation("LastName","req","Please fill in LastName"); $validator->addValidation("UserName","req","Please fill in UserName"); $validator->addValidation("Password","req","Please fill in a Password"); $validator->addValidation("Password2","req","Please re-enter your password"); $validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!"); $validator->addValidation("email","email","The input for Email should be a valid email value"); $validator->addValidation("email","req","Please fill in Email"); $validator->addValidation("Zip","req","Please fill in your Zip Code"); $validator->addValidation("Security","req","Please fill in your Security Question"); $validator->addValidation("Security2","req","Please fill in your Security Answer"); if($validator->ValidateForm()) { $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("beatthis_beatthis") or die(mysql_error()); $FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file $LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file $UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file $Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file $Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file $email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file $Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file $Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file $Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file $Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } mysql_close($con); $show_form=false; } else { echo "<h3 class='ErrorTitle'>Validation Errors:</h3>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<p class='errors'>$inpname : $inp_err</p>\n"; } } } if(true == $show_form) { ?> Similar TutorialsThis is what I have for the form (in short version) along with the text area and submit button. The form shows up OK on the Internet http://www.lakegenevapieco.com/test_product_list.php The problem is when I fill it out & submit it doesn't do two things: 1) It doesn't E-Mail me the information 2) It doesn't say, Thank you for using our mail form. It actually says page not available. Here is the code: <html> <head> <meta http-equiv="Content-Language" content="en-us"> <title>Products to be listed on the web site for the month of</title> </head> <body> Products to be listed on the web site for the month of <select size="1" name="MONTH"> <option selected>PICK MONTH</option> <option>1-JANUARY</option> <option>2-FEBUARY</option> <option>3-MARCH</option> <option>4-APRIL</option> <option>5-MAY</option> <option>6-JUNE</option> <option>7-JULY</option> <option>8-AUGUST</option> <option>9-SEPTEMBER</option> <option>10-OCTOBER</option> <option>11-NOVEMBER</option> <option>12-DECEMBER</option> </select> <select size="1" name="YEAR"> <option selected>PICK YEAR</option> <option>2010</option> <option>2011</option> <option>2012</option> <option>2013</option> <option>2014</option> <option>2015</option> </select></p> <p><input type="checkbox" name="PumpkinSB" value="ON"> Pumpkin Price increase to <input type="text" name="PriceIncreaseTo151" size="20" value="$"></p> <p><input type="checkbox" name="PumpkinWalnutSB" value="ON"> Pumpkin Walnut Price increase to <input type="text" name="PriceIncreaseTo152" size="20" value="$"></p> <p><input type="checkbox" name="RaspberrySB" value="ON"> Raspberry Price increase to <input type="text" name="PriceIncreaseTo153" size="20" value="$"></p> <p> </p> <p> </p> <p> <?php function spamcheck($field) { //filter_var() sanitizes the e-mail //address using FILTER_SANITIZE_EMAIL $field=filter_var($field, FILTER_SANITIZE_EMAIL); //filter_var() validates the e-mail //address using FILTER_VALIDATE_EMAIL if(filter_var($field, FILTER_VALIDATE_EMAIL)) { return TRUE; } else { return FALSE; } } if (isset($_REQUEST['email'])) {//if "email" is filled out, proceed //check if the email address is invalid $mailcheck = spamcheck($_REQUEST['email']); if ($mailcheck==FALSE) { echo "Invalid input"; } else {//send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("myemail@mia.net", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } } else {//if "email" is not filled out, display the form echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; } ?> </p> </form> </body> </html> Hi Guys What code would you use to check that a form field does not exceed 100 characters? Thanks for any help. I use this type of a code to send automatic emails from my website: Code: [Select] $headers = ; $headers .= ; $to = ; Click here to go to Google. ", $headers); I am having hard time figuring out how to do hyperlink on words (like here). If I do something like this: Code: [Select] <a href='http://www.google.com'>here</a> it spits out that exact thing out. Thanks you for your input Advance thank you. Can you help please. The error..... Warning: mysql_fetch_assoc() expects parameter 1 to be resource, string given in C:\wamp\www\test_dabase.php on line 24 code. Code: [Select] <?php //database connection. $DB = mysql_connect("localhost","root") or die(mysql_error()); if($DB){ //database name. $DB_NAME="mysql"; //select database and name. $CON=mysql_select_db($DB_NAME,$DB)or die(mysql_error()."\nPlease change database name"); // if connection. }if($CON){ //show tables. $mysql_show="SHOW TABLES"; //select show and show. $mysql_select2="mysql_query(".$mysql_show.") or die(mysql_error())"; } //if allowed to show. if($mysql_select2){ //while it and while($data=mysql_fetch_assoc($mysql_select2)){ //show it. echo $data; } } ?> Hi. I currently have php java to get my database results and limit the amount of data shown by a given value. The js includes buttons to go forward or backward in the database. Everything is all fine and dandy except I'm trying to add a very simple search for the user as well. I want the user to be able to select either "firstname" or "lastname" to search through the database and display the resulting rows based of the first three characters entered into the search criteria. I'm not sure where to start on this... Do I have to add something the js (I'm not very familiar with js), or should I add mysql_query's in the php linked file? Current Page Code: Link To Current Page Test Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <div id="container2"> <!-- Header Secion edit header.php if needed--> <?php require("../header.php"); ?> <div id="BasCon"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" > </input> </div> <table id="tbl_search"> <tr> <td colspan="5"><b>MEMBER LIST</b></td> </tr> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> <div class="formdiv"> <label for="searchby">Search By:</label> <?php //get databast access file require "../dbConfigtest.php"; $query = "SELECT firstname,lastname FROM $usertable"; $result = mysql_query($query) or die(mysql_error()); ?> <select size="1" name="searchby" class="searchby"> <?php $i = 0; while ($i < mysql_num_fields($result)){ $fieldname = mysql_field_name($result, $i); echo '<option value="'.$fieldname.'">'.$fieldname.'</option>'; $i++; } ?> </select> <label for="newsearch">Search Value:</label> <input name='newsearch' type='text' value='' maxlength="32" /> <p> </p> <input class="button" type="submit" value="Search" name="search" /> </div><!--End Div formdiv--> <p> </p> <p> </p> </form> </div> <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" /> <div id="footer_abv_2"></div> <!-- end #footer abv --> <!-- Footer Secion edit footer.php if needed--> <?php require("../footer.php"); ?> </div> <!-- end #container2 --> </body> </html> PHP Code from "pagelisting.php" which is called from the java. <? //get databast access file include "../dbConfigtest.php"; //////////////////////////////// Main Code sarts ///////////////////////////////////////////// $endrecord=$_GET['endrecord'];// To take care global variable if OFF if(strlen($endrecord) > 0 and !is_numeric($endrecord)){ echo "Data Error"; exit; } $limit=25;// Number of records per page $nume=mysql_num_rows(mysql_query("select * from $usertable")); //echo "endrecord=$endrecord limit=$limit "; if($endrecord < $limit) {$endrecord = 0;} switch($_GET['direction']) { case "fw": $eu = $endrecord ; break; case "bk": $eu = $endrecord - 2*$limit; break; default: echo "Data Error"; exit; break; } if($eu < 0){$eu=0;} $endrecord =$eu+$limit; $t=mysql_query("select * from $usertable limit $eu,$limit"); $str= "{ \"data\" : ["; while($nt=mysql_fetch_array($t)){ $str=$str."{\"id\" : \"$nt[id]\", \"firstname\" : \"$nt[firstname]\", \"lastname\" : \"$nt[lastname]\", \"email\" : \"$nt[email]\", \"enewsletter\" : \"$nt[enewsletter]\"},"; //$str=$str."{\"myclass\" : \"$nt[class]\"},"; } $str=substr($str,0,(strLen($str)-1)); if(($endrecord) < $nume ){$end="yes";} else{$end="no";} if(($endrecord) > $limit ){$startrecord="yes";} else{$startrecord="no";} $str=$str."],\"value\" : [{\"endrecord\" : $endrecord,\"limit\" : $limit,\"end\" : \"$end\",\"startrecord\" : \"$startrecord\"}]}"; echo $str; //echo json_encode($str); ///////////////////////////////////////////////////////////////////////////////////////////// ?> Current js Code: Code: [Select] function ajaxFunction(val) { //document.writeln(val) var httpxml; try { // Firefox, Opera 8.0+, Safari httpxml=new XMLHttpRequest(); } catch (e) { // Internet Explorer try { httpxml=new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { httpxml=new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { alert("Your browser does not support AJAX!"); return false; } } } function stateChanged() { if(httpxml.readyState==4) { var myObject = eval('(' + httpxml.responseText + ')'); var str="<table><tr><th>LINK</th><th>ID</th><th>FirstName</th><th>LastName</th><th>Email</th></tr>"; for(i=0;i<myObject.data.length;i++) { //var sPath = window.location.pathname; //var sPath = sPath.substring(sPath.lastIndexOf('/') + 1); var sPath = "testing/member_update_test.php"; var site_link = "www.nessphysiotherapy.com/"; var urlLink = site_link + sPath + "?id=" + myObject.data[i].id; var site_title = "EDIT"; str = str + "<tr><td>" + "<a href=\"http:\/\/" + urlLink + "\" title=\"site_title\">" +site_title + "<\/a>" + "<td>" + myObject.data[i].id + "</td><td>" + myObject.data[i].firstname + "</td><td>" + myObject.data[i].lastname + "</td><td>" + myObject.data[i].email + "</td></tr>" } var endrecord=myObject.value[0].endrecord document.forms.myForm.st.value=endrecord; if(myObject.value[0].end =="yes"){ document.getElementById("fwd").style.display='inline'; }else{document.getElementById("fwd").style.display='none';} if(myObject.value[0].startrecord =="yes"){ document.getElementById("back").style.display='inline'; }else{document.getElementById("back").style.display='none';} str = str + "</table>" document.getElementById("txtHint").innerHTML=str; } } var url="../scripts/pagelisting.php"; var myendrecord=document.forms.myForm.st.value; url=url+"?endrecord="+myendrecord; url=url+"&direction="+val; url=url+"&sid="+Math.random(); //alert(url) httpxml.onreadystatechange=stateChanged; httpxml.open("GET",url,true); httpxml.send(null); document.getElementById("txtHint").innerHTML="Please Wait...."; } Example: i have an array of names array{ => john [1] = ted [2] = jeff } and i display them like this: john, ted, jeff but jeff is currently logged in so i want his name to display first(i have my reasons lol) how would i go about this? i got as far as: if(in_array($user->user_name, $likes)) { $user_key = array_search($user->user_name, $likes); } then hit a brain freeze. Thanks Can you help me integrate this code :
<form method="post" action="submit.php"> <input type="checkbox" class="required" /> Click to check <br /> <input disabled="disabled" type='submit' id="submitBtn" value="Submit"> </form>In to this Contact Form code, please? <form action="../page.php?page=1" method="post" name="contact_us" onSubmit="return capCheck(this);"> <table cellpadding="5" width="100%"> <tr> <td width="10" class="required_field">*</td> <td width="80">Your Name</td> <td><input type="text" name="name" maxlength="40" style="width:400px;/></td> </tr> <tr> <td class="required_field">*</td> <td>Email Address</td> <td><input type="text" name="email" maxlength="40" style="width:400px;/></td> </tr> <tr> <td></td> <td>Comments:</td> <td><textarea name="comments" style="width: 400px; height: 250px;"></textarea></td> </tr> </table> </form hi, this piece of code is not working, is it ok? Code: [Select] $query1 = "SELECT * FROM members_copy WHERE RSUSER = '".$RSUSER."' AND RSPASS = '".$RSPASS."'"; $result1 = mysql_query($query1); $row1 = mysql_fetch_array($result1); $_SESSION['USERID']=$row1['USERID']; $_SESSION['rsTown']=$row1['rsTown']; $_SESSION['RSEMAIL']=$row1['RSEMAIL']; $_SESSION['RSUSER']=$row1['RSUSER']; $pSQL = "INSERT INTO favepub_copy (USERID,PUBID)"; $pSQL = $pSQL."SELECT ".$_SESSION['USERID'].", PUBID "; $pSQL = $pSQL."FROM pubs "; $pSQL = $pSQL."WHERE rsTown = '".$rsTown; //echo "hello world"; //echo $pSQL; //exit(); mysql_query($pSQL); Hello Everyone I am new to php and indeed Web Development. After testing and Playing a bit, I can get the following code to work as two files, the form calling the *.php file to insert into the database, however, I am trying to create one html/php file that displays the form and then executes the php code to insert into the database once user clickes the button. Please can you assist me with the code? I have something horribly wrong and I cannot find it. Code: [Select] <?php> <html> <head> <title>Personal Details</title> </head> <body> <form method="post" action="contactdetails.html"><font face="Arial"> Call Sign:<br> <input name="callsign" size="5" type="text"><br> Surame:<br> <input name="surname" size="30" type="text"><br> First Name:<br> <input name="firstnames" size="30" type="text"><br> Known as:<br> <input name="knownas" size="30" type="text"><br> RSA ID No.:<br> <input name="rsaid" size="13" type="text"><br> Birth Date:<br> <input name="birthdate" size="12" type="text"><br> <input name="Insert" value="Next" type="submit"></form> </font><br> </body> </html> //php to insert data into table $callsign = $_POST['callsign']; $surname = $_POST['surname']; $firstnames = $_POST['firstnames']; $knownas = $_POST['knownas']; $rsaid = $_POST['rsaid']; $birthdate = $_POST['birthdate']; mysql_connect ("localhost", "jredpixm_testuse", "PHPDevelopment") or die ('I cannot connect to the database because: ' .mysql_error()); mysql_select_db ("jredpixm_test"); $query="INSERT INTO personal_details (callsign, surname, firstnames, knownas, rsaid, birthdate)Values ('$callsign', '$surname', '$firstnames', '$knownas', '$rsaid', '$birthdate')"; mysql_query($query) or die ('Error updating Database'); echo "<p>Thanks, your information has been added to the database.</p>"; ?> Regards Allen basically this is a search function <form method="post" action="test1.php"> <input type = "hidden" name="submitted" value ="true" /> <label>TYPE: <select name="field"> <option value = "sid">StudentID</option> <option value = "sname">StudentName</option> </select> </label> <label>WORD: <input type="text" name="searchword" /> </label> <input type="submit" /> </form> ------------- <?php if (isset($_POST['submitted'])){ $con = mysql_connect("localhost","root",""); mysql_select_db("uni", $con); $field= $_POST['field']; $searchword = $_POST['searchword']; $query = "SELECT* FROM student WHERE $field = '$searchword'"; $result = mysqli_query($con,$query) or die ('error data'); //-----------> error line echo"<table>"; echo "<tr><th>StudentID</th><th>StudentName</th></tr>"; while($row = mysqli_fetch_array($result)){ echo "<tr><td>"; echo "$row ['sid']"; echo "</td><td>"; echo "$row ['sname']"; echo "</td></tr>"; } echo"</table>"; } mysql_close($con); ?> NB: the error message "Warning: mysqli_query() expects parameter 1 to be mysqli, resource given in C:\wamp\www\test1.php on line 21 error data" I am new to PHP. I developed this class, I wonder if there's anything wrong or that I can improve. I could not test it because I'm in school. Thanks in advance. Code: [Select] <? class user { var $userID, $schoolID, $userName, $userPass, $dbHost, $dbUser, $dbName, $dbPass, $dbUserTable; $dbSchoolTable; function dbInfo() { $this->dbHost = 'localhost'; $this->dbUser = ''; $this->dbName = ''; $this->dbPass = ''; $this->dbUserTable = ''; $this->dbSchoolTable = ''; } function registerUser($userName, $userPass) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "INSERT INTO $this->dbUserTable VALUES (NULL, \"$userName\", \"$userPass\")"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $this->userID = mysql_insert_id(); } mysql_close($dbLink); $this->userName = $userName; $this->userPass = $userPass; } function registerSchool($schoolName) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "INSERT INTO $this->dbSchoolTable VALUES (NULL, \"$schoolName\")"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $this->schoolID = mysql_insert_id(); } mysql_close($dbLink); $this->schoolName = $schoolName; } function userLogin() { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "SELECT * FROM $this->dbUserTable WHERE userName = \"$this->userName\" AND userPass = \"$this->userPass\" LIMIT 1"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { while($row = mysql_fetch_array($result)) { session_start(); $_SESSION['userID'] = $row['userID']; session_write_close(); } } mysql_close($dbLink); } function changePass($newPass) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "SELECT * FROM $this->dbUserTable WHERE userName = \"$this->userName\" LIMIT 1"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $query = "UPDATE $this->dbUserTable SET userPass = \"$newPass\" WHERE userName = \"$this->userName\""; $result = mysql_query($query); if(!$result) { echo "Fail"; } else { $this->userPass = $newPass; } } mysql_close($dbLink); } } ?> My application just broke about 2 hours ago and for the life of me I don't know what I did to it?! (I was coding a different file, and when I tried to run the main - unrelated index.php - things stopped working?!) Here is a snippet of the suspect code... if ($rows == 0){ // Email and Username are available. // Add User to the database. $q = "INSERT INTO users(username, email, pass, first_name, last_name, date_expires) VALUES('$u', '$e', '" . get_password_hash($p) . "', '$fn', '$ln', ADDDATE(NOW()), INTERVAL 1 MONTH))"; $r = mysqli_query($dbc, $q); When I step through my code in NetBeans, the INSERT is failing and I don't know why because I haven't touched this code since this morning and it was working all day... Please help! TomTees Hello, I am trying to get a news script to work, but I can't get it to insert anything into the database. I cannot figure it out for the life of me. Code: (newsupdate.php) [Select] <form name="shout" action="post.php" method="post"> <p><b>Name:</b><br/><input type="text" name="name" size="15"/></p> <p><b>Message</b>:<br/> <textarea wrap="physical" name="message" rows="3" cols="25">News goes here! </textarea></p> <p><input type="submit" value="Shout now!"/> <input type="reset" value="Clear"/></p> </form> Code: (post.php) [Select] <? $name = $_POST["name"]; $message = $_POST["message"]; include("dbconnect.php"); $date = date("M j y"); $menu = MYSQL_QUERY("INSERT INTO adminnews (id,name,date,message)". "VALUES ('NULL', '$name', '$date', '$message')"); echo("Shout-out added! You will be redirected to the main page shortly. If you are not, click <a href='index.php'>here</a>."); ?> dbconnect.php is just the configuration for connecting to the database, and I have checked that all ready. A log-in script uses it just fine. I am showing Youtube videos on my site and am pulling the data in from an xml file... However this is the problem I'm having... When I pull in the video the output is working correctly until you get the image file... it's HUGE... NOT what I wanted so I set about trying to figure out how to resize the image... I have tried many things but no luck. I don't have access to the google api to change the picture size sooooo... I"m trying to do so within the php I do have..here is what I have... $videos[$i]['img'] = $matches[0]; That output shows the HUGE picture.... Here is what I've tried to do ... $videos[$i]['img'] = $matches[0] "width=100px height=100px"; That is a no go... it crashes the site and I know it's a quote thing.. I do know that the first example outputs the image... or puts the img in a string to be output according to the video, I understand that. How do I resize the img to make it smaller? Here is the entire code for the parsing of the xml file.... <head> <link rel="stylesheet" href="modules/mod_jusertube/css/mediaboxAdvBlack21.css" type="text/css" media="screen" /> <script src="modules/mod_jusertube/js/mootools-more-1.3.js" type="text/javascript"></script> <script src="modules/mod_jusertube/js/mediaboxAdv-1.4.0.js" type="text/javascript"></script> <script src="modules/mod_jusertube/js/an7effects-1.5.5.js" type="text/javascript"></script> </head> <?php /** * @Copyright Copyright (C) 2010- Md. Afzal Hossain * @license GNU/GPL http://www.gnu.org/copyleft/gpl.html **/ /* This file is part of mod_lcc. mod_lcc is free softwa you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. mod_lcc is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with mod_lcc. If not, see <http://www.gnu.org/licenses/>. */ // no direct access defined('_JEXEC') or die('Restricted access'); class FeedReader { var $cachetime; var $filepath; function __construct($updatefeed = 300){ $this->cachetime = $updatefeed; $this->filepath = dirname(__FILE__).DS; } function get_youtube_top($youtubeuser,$totalvid){ $filename = $this->filepath.'youtube_'.$youtubeuser.'.xml'; if(is_file($filename)){ $utime = filemtime($filename); $chtime = time() - 60*$this->cachetime; if($utime>$chtime) $updated = true; else $updated = false; } else{ $updated = false; } if(!$updated){ $link="http://gdata.youtube.com/feeds/base/users/$youtubeuser/uploads?alt=rss"; $ch = curl_init($link); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, 0); $data = curl_exec($ch); curl_close($ch); if(strlen($data)>100) file_put_contents($filename,$data); } if(is_file($filename)){ $data = file_get_contents($filename); } else{ return false; } $rss = new SimpleXMLElement($data); $i = 0; $videos = array(); foreach($rss->channel->item as $item){ //$guid_split = explode('/',$item->guid); //$videos[$i]['id'] = $guid_split[6]; $videos[$i]['title'] = (string) $item->title; $videos[$i]['link'] = (string) $item->link; //$videos[$i]['embed'] = '<object width="100" height="125"><param name="movie" value="http://www.youtube.com/watch/'.$guid_split[6].'"><param name="allowFullScreen" value="true"><param name="allowScriptAccess" value="always"><embed src="http://www.youtube.com/v/'.$guid_split[6].'" type="application/x-shockwave-flash" allowfullscreen="true" allowScriptAccess="always" width="640" height="385"></object>'; $description = (string) $item->description; $matches = array(); preg_match("/<img[^<>]+>/",$description,$matches); $videos[$i]['img'] = $matches[0]; $i++; if($i>=$totalvid) break; } return $videos; } } Thanks guys!! Again! i have this code... and i want to make it more dynamic.... Code: [Select] <?php $content = $content[1].$content[2].$content[3].$content[4].$content[5].$content[6].$content[7].$content[8].$content[9].$content[10].$content[11].$content[12] .$content[13].$content[14].$content[15].$content[16] .$content[17].$content[18].$content[19].$content[20].$content[21].$content[22].$content[23].$content[24]; $sql = mysql_query ("insert into database (content) values ('$content')") or die(mysql_error()); ?> for example... instead content[1]. content[2]. content[3] ...etc... i want something like this....... $content = $content[from 1 to 24]; or $content = $content[from 1 to 777]; any solutions? Can someone advise me how to check for malicious PHP code? If I download a script from somewhere, how can I make sure it's not malicious? If bad, maybe it could delete files?? Or send spam? Or EVEN 'send home' code - so that they can track your usage - OK if I consent - not OK if haven't consented and they're doing it sneakily! Sending spam has been a problem when installing Joomla plugins Are there specific commands I should watch out for in PHP scripts? Like send mail or something? I'm sure the baddies would be clever and maybe use IP numbers to send out to instead of domain names? Is there a PHP code checker online? Something that tells you what your PHP script does? Simple things: like tell you if it sends out mail or makes contact outside or deletes files This would be great - it would save a lot of time going through hundreds/thousands of lines of code Thanks OM will this code check if value is null Code: [Select] if($_SESSION["cart"] != null) try { $sql = "SELECT StudentID,CourseID FROM student,course WHERE StudentID =" . $_POST['sid'] AND CourseID =".$_POST['cid'] ; //-----> error line $query = mysql_query($sql) or trigger_error('MySQL error: ' . mysql_error()); if (mysql_num_rows($query) > 0) { throw new Exception('StudentID already taken'); } } NB: basicaly im inserting data into a table from another two table field. can someone check if what the problem with my code Code: [Select] $avatar2 = mysql_query("SELECT `users`.`imagelocation' FROM `users` `forum_replies` WHERE `users`.`id`= `forum_replies`.`uid`")or die(mysql_error()); |
|||||||