PHP - Strange Url Problem

Hi. I have to check if a session is started or not, and then, check for the rank of the user. For that i use two functions like is_administrator,etc.

Well, but this isnt working. I cant get any clear way to know if a session have been already started or not.
Code: [Select]
function is_administrator() {
session_start();
if (isset($_SESSION['usr']) and empty($_SESSION['usr'])) {

$l = conect();
$user = $_SESSION['usr'];
$cons = "SELECT * FROM `users` WHERE usr='" . $user . '\';';
$res = mysql_query ($cons,$l);
$ob = mysql_fetch_array($res);

if ($ob['tipo'] == 'A') {
return true;
}

}
return false;
}

What i want to do is to check if a sesion exist, if not, return false. If the sesion exist, check for the user rank and return true/false.

I have done a simple insert query on a comment system but it works once and when i go back and try add another record it just doesnt work at all.

Code: [Select]
<?php 

include ("class.database.connection.php");   // the database connection class
include ("settings.config.php");  // hostname, password ect

$name = $_POST["UserName"];
$email = $_POST["UserEmail"];
$comment = $_POST["UserComment"];

$sql="INSERT INTO comments (name, email, comment)VALUES('$name', '$email', '$comment')";
$result=mysql_query($sql);


?>
if anyone can help me with this i would be a happy chappy!

Hi all!

Firstly, I'd like to say a big hello to everyone

Right, so I have a bit of a strange problem.  I get no error, but my page stalls.

So here's what I've got, a simple alphabet (A-Z) in capitals at the top of the page, created by:


$alphabet = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z');

// then further down the page I have it looped as so:
<?php foreach($alphabet as $link): ?>
    <a href="suppliers.php?filter=<?php echo $link; ?>">
        <?php echo $link; ?>
    </a> | 
<?php endforeach; ?>


So that's all cool.  I then have this at the top of the page:


$the_suppliers = (isset($_GET['filter']) && preg_match("/[^A-Z]*/",$_GET['filter'])) ? $suppliers -> get_all($_GET['filter']) : $suppliers -> get_all('all');



Now I have preg_match() in there as I was using ctype_alpha() to check for only alphabetical chars, and thought that might be my problem, but still get it with preg_match();

Anyway, my class method (get_all()) is:


                    public function get_all($filter){

global $database;

if($filter == 'all'){

$sql = "SELECT * FROM " . self::$table . " WHERE on_web = 1 ORDER BY RAND() LIMIT 10";

}else{

$sql = "SELECT * FROM " . self::$table . " WHERE on_web = 1 AND LEFT(name,1) = '" . $database -> sql_prep($filter) . "'";

}

return self::find_by_sql($sql);

}


Now this works fine for b-z, but for some reason when the filter=A it just hangs.....  I have ran the sql in phpmyamin and it returns the result straight away, so I know it's not the sql.

Does anyone here know where I might be going wrong here?  It's very odd and I've never come across this before, and not getting an error doesn't really help much.

Any suggestions or pointers will be gratefuly received

Hi Guys
First sorry for my bad english.

I have a strange problem with php upload form.

When i click on submit button ( with uploaded pdf ) nothing happens.
The pdf file is 17MB, but with smaller PDF the form works perfectly.

Here is the form code:

Code: [Select]
<form id="pdf" name="pdf" method="post" action="" target="_self" enctype="multipart/form-data" >
<p align ="center">
        <input type="hidden" name="app_id" value="<?php print $app_id?>">
        <input type="hidden" name="MAX_FILE_SIZE" value="1000000000000">
        <input type="file" name="file1" value="Upload PDF" device="files" accept="text/pdf" />
        <input type="submit" name="sent" value="Send" />
</p>
</form>
at the beginning of the upload.php i have the following lines:

Code: [Select]
$sent = isset($_POST['sent']) ? $_POST['sent'] : false;
When i debug $sent and $_POST i saw that they are empty  : (

With smaller PDF works perfectly but now with 17MB pdf $sent is empty,the result from print_r($_POST) is Array()

in php.ini i changed MAX UPLOAD to 20MB  and then restarted my apache , but i think this doesn't matter.

This problem is very strange : )

Thanks in advance:)

Hi!!!
i created this code for my chatroom!!
Code: [Select]
<?php $usern=$_SESSION['etchat_'.$this->_prefix.'username'];
$con1 = mysql_connect("localhost","manosir_main","***********");
if (!$con1)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("manosir_manoshos_main", $con1);
$query = "SELECT etchat_user_online_user_sex AS gender
          FROM db1_etchat_useronline
          WHERE etchat_user_online_user_name = '$usern'";
$result= mysql_query($query);
$user = mysql_fetch_assoc($result);



if($user['gender']=='m'){ ?> <span style=" font-size: 12px; font-family: tahoma; direction: rtl; font-weight: bold; color: #0000FF " > male</span>
 <?php } if($user['gender']=='f'){ ?>  <span style= "font-size: 12px; font-family: tahoma; direction: rtl; font-weight: bold; color: #FF47D1" > female</span><?php }  
mysql_close($con1); ?> it gets the users`s username when he login from session and get his/her sex by mysql!!!!!  the starnge part is this:  when i login to page it doesnt work..but when i refresh the page it works       in first opening the $usern is empty!! 
whats wrong!!!!!!!

I am trying to do isset($_GET but I have a bizarre problem come up.  I am using "id" as one of my fields but when I try to use it in the code it says it is not recognised.  However I use this field quite widely.

The code its coming up with is "Undefined variable: id" but I cant see why it has a problem with id.

My code is:

<?php

if(isset($_GET['id'])){

$sql = mysql_query("SELECT * FROM productfeed WHERE id='$id' LIMIT 1");

}
{


while($row = mysql_fetch_array($sql))

$id = $row['id'];
$image = $row['awImage'];
$link = $row['link'];
$description = $row['description'];
$fulldescription = $row['fulldescription'];
$price = $row['price'];

echo "<div class=\"productdisplayshell\"> <div class=\"productdisplayoutline\"> <div class=\"productborder\"><center>  <a href=\"$link\"  target=\"_blank\" ><img src=\"$image\" /></a> </center> </div></div> <div class=\"productdescriptionoutline\"><div class=\"productdescriptionbox\">  <a href=\"$link\"  target=\"_blank\" >$description</a> </div><div class=\"productfulldescriptionbox\">  $fulldescription </div></div> <div class=\"productpriceoutline\">  <div class=\"productpricebox\"><center>&#38;#163; $price</center></div>  <div class=\"productbuybutton\"><center><a href=\"$link\"  target=\"_blank\" ><img src=/images/buybutton.png /></a></center></div></div></div>";

} 


 

?>

Hi folks,

I have an initial redirect page which directs to my main page, sending two reference variables as $_GET parameters:

Code: [Select]
header("Location: /ob/index.php?id=".$id."&ref=".$ref);
The first thing this main page does is include a file which checks for those two values:

Code: [Select]
if (substr_count($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) ob_start("ob_gzhandler"); else ob_start();
session_start();
error_reporting(E_ALL);

if (isset($_GET['id']) && isset($_GET['ref'])){
$_SESSION['id'] = $_GET['id'];
$_SESSION['ref'] = $_GET['ref'];
}
if(!isset($_SESSION['id']) || $_SESSION['id']=="" || !isset($_SESSION['ref']) || $_SESSION['ref']==""){
echo ("This service requires a valid ID to run - your session may have expired, please refresh your browser to try again.");
exit;
}
The main page loads fine - meaning that the $_SESSION variables have been set correctly. However, when the next page loads (including the same file), the $_GET values obviously aren't there but the $_SESSION variables should be intact. I am getting fails every time though in Opera and Safari (have checked in IE, FF and Chrome and all seems well).

However, if I then refresh the browser - in both Opera and Safari - the next page loads fine and the $_SESSION variables are correctly set.

Any ideas on this at all?

Many thanks in advance,

Rich

Friends
this is a very strange problem i,m facing
i made a form by which you can enter comments to a topic
i get the comment title and comment topic and date and the name and e mail of the one who insert a comment
according to these variables


$id1=$row2['id'];
echo "$id1";
//Comment poster,s name
$name =strip_tags(@$_POST['coname']);
//Comment title
$title =strip_tags(@$_POST['comtitle']);
//ment poster,s email
$mail =strip_tags(@$_POST['comemail']);
//comment
$com =strip_tags(@$_POST['limitedtextarea']);
//comment,s date
$d= date("Y-m-d");
notice that i,m printing the topic id and i used the variable $id1 to get it inorder to use it to show the comments for this topic later and it shows the right id for the shown topic
then i used this code to insert these variable into the database
if(isset($_POST['add']) and $_POST['add']=='comm'){

$insertcomm =mysql_query("INSERT INTO comments
(com_name,com_title,com_mail,comment,com_date,tid)
VALUES
('$name','$title','$mail','$com','$d','$id1')") or die("comments were not inserted");
if(isset($insertcomm)){
echo "comment inserted ";}
}

Hi,
I've done a search and cant find anything related to my problem.
I have a newsfeed on my site and i want it to display with the latest news at the top.
I have this code:
Code: [Select]
$get_news = "SELECT title, text, DATE_FORMAT(datetime, '%e %b %Y at %T') AS datetime FROM newsfeed ORDER BY datetime DESC";
This works fine on one of my sites but on another i've just hit a problem. It seems to sort only by the day, not the rest of the date.
I made a news post today with date and time of "27 Mar 2011 at 12:54:02" but a post from "28 Jan 2011 at 19:59:52" is above it.

Any ideas why this is happening?

Thanks,
Alex

I submit text to my MySQL database using a form on my site. When I look at the text in my database, sometimes, there are strange characters. The strange characters are caused by quotation marks, em dashes, apostrophes and foreign letters of the alphabet. I think that this only happens when the source of the text is a Windows program. I understand that this is a character encoding issue, but I don't fully understand the subject. I've spent the last few hours researching it, but it's only confused me.   My site uses UTF-8 encoding:

<meta http-equiv="content-type" content="text/xml; charset=utf-8" />

The collation of my database is utf8_general_ci.   My form looks like this:

<form action="" method="post">
</form>

As you can see, an accept-charset="utf-8" attribute has not been specified.     Questions   1) I am guessing that my problem is that the Windows characters are being misinterpreted by my UTF-8 setup. Is that correct?   2) If so, is there a way that I can safely convert the Windows characters to UTF-8 during the submission process?   3) Should I also specify an accept-charset="utf-8" attribute on the form?   4) When I paste the Windows text directly into my database without using the form, the characters save without turning into the strange characters. But they don't render properly on my site. Can't browsers identify Windows characters?

This topic has been moved to JavaScript Help.

http://www.phpfreaks.com/forums/index.php?topic=325313.0

I have strange problem with SOAP. My file SchoolAPI look like that:


<?php
require_once('../require/constants.php');
require_once('../require/connection.inc.php');
 
class SchoolAPI{

private $dbh;

   

public function __construct()
    {
 

 

$this->dbh = new PDO(DRIVER.':host='.HOST.';dbname='.DB, USER, PASSWORD);
  

}
  

//function return all subcjects

public function getSubjects(){

$sth = $this->dbh->prepare('  SELECT id, nazwa ROM subjects');

$sth->execute(); 

 

return $sth->fetchAll(PDO::FETCH_NUM); 

//return array(array("1", "subject1"),array("2", "subject2"));

}

//function return all classes

public function getClasses(){

$sth = $this->dbh->prepare('  SELECT id, nazwa FROM classes');

$sth->execute();  
 

return $sth->fetchAll(PDO::FETCH_NUM);

//return array(array("1", "class1"),array("2", "class2"));

}
  
}
ini_set("soap.wsdl_cache_enabled", "0");
$server = new SoapServer("SchoolAPI.wsdl");
$server->setClass("SchoolAPI");
$server->handle();
?>


wsdl file is named SchoolAPI.wsdl and look like that:


<wsdl:definitions  

xmlns="http://schemas.xmlsoap.org/wsdl/" 

xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 

xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" 

xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 

xmlns:xsd="http://www.w3.org/2001/XMLSchema" 

xmlns:tns="http://schema.example.com" 

targetNamespace="http://schema.example.com" >
  
  <wsdl:types>
  

<xsd:schema targetNamespace="http://schema.example.com">

<xsd:complexType name="myarry2">

<xsd:sequence>

<xsd:element minOccurs="0" maxOccurs="unbounded" name="row" nillable="true" type="xsd:string" /> 

</xsd:sequence>

</xsd:complexType>

</xsd:schema>
    <xsd:schema targetNamespace="http://schema.example.com">

<xsd:complexType name="myarray">

<xsd:sequence>

<xsd:element minOccurs="0" maxOccurs="unbounded" name="table" nillable="true" type="tns:myarry2" /> 

</xsd:sequence>

</xsd:complexType>

</xsd:schema>
  </wsdl:types>

  <wsdl:message name="getSubjectsRequest"></wsdl:message>
  <wsdl:message name="getSubjectsResponse">
    <part name="getSubjectsReturn" type="tns:myarray"/>
  </wsdl:message>

  <wsdl:message name="getClassesRequest"></wsdl:message>
  <wsdl:message name="getClassesResponse">
    <part name="getClassesReturn" type="tns:myarray"/>
  </wsdl:message>

  <wsdl:portType name="SchoolAPIPortType">
    <wsdl:operation name="getSubjects">
      <wsdl:input message="tns:getSubjectsRequest"/>
      <wsdl:output message="tns:getSubjectsResponse"/>
    </wsdl:operation>

    <wsdl:operation name="getClasses">
      <wsdl:input message="tns:getClassesRequest"/>
      <wsdl:output message="tns:getClassesResponse"/>
    </wsdl:operation>
  </wsdl:portType>

  <wsdl:binding name="SchoolAPIBinding" type="tns:SchoolAPIPortType">
    <soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsdl:operation name="getSubjects">
      <soap:operation soapAction="urn:SchoolAPI/getSubjects" style="document"/>
      <wsdl:input> <soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>
    <wsdl:operation name="getClasses">
      <soap:operation soapAction="urn:SchoolAPI/getClasses" style="document"/>
      <wsdl:input> <soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>
  </wsdl:binding>
  
  <wsdl:service name="SchoolAPI">
    <wsdl:port name="SchoolAPIPort" binding="tns:SchoolAPIBinding">
      <soap:address location="http://localhost:82/myschool/webservices/SchoolAPI.php" />
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>


The problem is that correct data is returned olny by first function declarated in <wsdl:binding> section. In this example correct data will be return by getSubjects function, and function getClassses return null. However, if we change order and put getClasses operation first in binding section like this:


  <wsdl:binding name="SchoolAPIBinding" type="tns:SchoolAPIPortType">
    <soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>

 <wsdl:operation name="getClasses">
      <soap:operation soapAction="urn:SchoolAPI/getClasses" style="document"/>
      <wsdl:input> <soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>
    <wsdl:operation name="getSubjects">
      <soap:operation soapAction="urn:SchoolAPI/getSubjects" style="document"/>
      <wsdl:input> <soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>
  </wsdl:binding>


then correct data will be return by getClasses function, and getSubjects will return null. Do you know what is going on? I do my best to solve this problem and I have no idea what is wrong...

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<?php
session_start();
ini_set('display_errors', 'On');
error_reporting(-1);
//Connect to Database and Check cookies for logged in user
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASS);
mysql_select_db(MYSQL_DB_NAME);
if (!isset($_GET['act'])) {
    if (!isset($_POST['act'])) {
        $act = 'idx';
    }
    if (isset($_POST['act'])) { 
        $act = mysql_real_escape_string($_POST['act']); 
    }
}
if (isset($_GET['act'])) { $act = mysql_real_escape_string($_GET['act']); }
If ($act == 'login' && $_GET['CODE']=='1') {
    $usernameUsed = mysql_real_escape_string($_POST['Username']);
    $passwordUsed = mysql_real_escape_string($_POST['Password']);
    $SaltPassword = MEMBER_PASS_SALT_1.$passwordUsed.MEMBER_PASS_SALT_2;
    $HashPassword = md5($SaltPassword);

    $QueryLogin = "SELECT * FROM ".MEMBER_LOGIN_TABLE." WHERE username='{$usernameUsed}' AND password='{$HashPassword}'";
    $LoginResult = mysql_query($QueryLogin);
    if (mysql_num_rows($LoginResult) > 0) {
        $UserID = mysql_result($LoginResult, 0, 'user_id');
        $Id = uniqid();
        $IdQry = "UPDATE ".MEMBER_LOGIN_TABLE." SET `unique_id`='{$Id}' WHERE user_id='{$UserID}'";
        $IdRes = mysql_query($IdQry, $db);
        setcookie('RAYTH_MEMBER_ID', $Id, time()+2592000);
    }
}
If ($act == 'logout' && $_GET['CODE'] == '1') { setcookie('RAYTH_MEMBER_ID', "", time()-3600); }

if (isset($_COOKIE['RAYTH_SKIN'])) { $Skin = $_COOKIE['RAYTH_SKIN']; } Else { $Skin = 'redskin'; }

if (isset($_COOKIE['RAYTH_MEMBER_ID'])) {
    $Id = mysql_real_escape_string($_COOKIE['RAYTH_MEMBER_ID']);
    $MemIdQry = "SELECT user_id FROM ".MEMBER_LOGIN_TABLE." WHERE `unique_id`='{$Id}'";
    $memidres = mysql_query($MemIdQry, $db);
    $memidnum = mysql_num_rows($memidres);
    If ($memidnum < 1) { setcookie('RAYTH_MEMBER_ID', '', time()-3600); }
    Else { $memid = intval(mysql_result($memidres, 0, 'user_id')); }
}

if (isset($memid)) {
    $query_meminfo = "SELECT * FROM ".MEMBER_PROFILE_TABLE." WHERE `user_id`='{$memid}'";
    $query_result = mysql_query($query_meminfo, $db);
    $MemName = mysql_result($query_result, 0, 'display_name');
    $MemGroup = mysql_result($query_result, 0, 'Group');
    $AdsEnabled = mysql_result($query_result, 0, 'ads_enabled');
    $UserLevel = intval(mysql_result($query_result, 0, 'user_level'));
    $LevelQuery = "SELECT group_level FROM ".MEMBER_GROUPS." WHERE group_id='{$MemGroup}'";
    $LevelResult = intval(mysql_result(mysql_query($LevelQuery, $db), 0, 'group_level'));
    If ($UserLevel < $LevelResult) { $MemLevel = $LevelResult; }
    Else { $MemLevel = $UserLevel; }
}
else {
    $MemLevel = 0;
    $AdsEnabled = 'yes';
}
?>
<html>
    <HEAD>
        <title>Rayth.Info ..::Home::..</title>
        <?php 
        $File = './skins/'.$Skin.'/'.$Skin.'.php';
        If (file_exists($File)) {
        include("./skins/{$Skin}/{$Skin}.php");
        }
        Else { include("../skins/{$Skin}/{$Skin}.php"); }
        ?>


Ok this code is the Headers code which checks if user is logged in, what skin to load etc.
It is also used in the forum (so used in home and forum) via php include.

Now somethin strange happens.
If I use the home page to login (Rayth.Info) it logs me in for both home page and forum (rayth.info/forum)

Now, if I then logout, and goto the forum, relogin, it doesn't log me in on the home page.
Both pages use the same login/logout/register forms by php include and the same headers.php by include so I cant see any reason why this is happening. The cookie is obviously being set when user logs in since it sees them logged in on one page.

i have a form here that redirect to : "proc/edit.php?edit=<?php echo urlencode($function_name);?>"

Code: [Select]
<?php require_once("includes/functions.php");?>
<?php
session_start();
if (isset($_SESSION["user_name"])) { 
 require_once("includes/connection.php");
if(isset($_GET['functions'])){
 $function_name=$_GET['functions'];
 $function_type=$_GET['type'];
 $query = "SELECT * 
          FROM functions
          WHERE  function_name = '{$function_name}'
          ";
$result = mysql_query($query,$connection);
if($result){
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$function_description=$row['function_description']; ?>
<html>
<head>
<title>Edit Your function</title>
</head>
<body>
 <form name="edit_function_n" action="proc/edit.php?edit=<?php echo urlencode($function_name);?>" method="get">
Edit Your function name : <input type="text" name="new_function_name"/><br/><br/>
Edit Your description here :<br/><br/> <textarea name="new_function_description" rows="10" cols="30"></textarea><br/><br/>
<input type="submit" value="Change" /><br/><br/>
</form>
</body>
</html>

<?php 
}
elseif(!$result){ redirect("errors/error_db.html");}
}
}
else {
redirect("main.php?error=log");
}
//close connection!
mysql_close($connection);
?>

AND i have a proc php file that UPDATE the database with the new form variables and then redirect to show.php

Code: [Select]
<?php require_once("../includes/functions.php");?>
<?php
session_start();
if (isset($_SESSION["user_name"])) { 
 require_once("../includes/connection.php");
//ignore this , this is for deleting!
 if(isset($_GET['delete'])){
  //warning : using urldecode here is wrong cuz $_GET[var]; is already decoded!
  $function_to_delete=$_GET['delete'];
  $function_type=$_GET['functions'];
  $query="DELETE FROM functions
WHERE function_name='{$function_to_delete}'
";
  $result = mysql_query($query, $connection);
  if(!$result){redirect("../errors/error_db.html");}
elseif($result){
redirect("../show.php?functions={$function_type}&delete=suc");
}}

//the place for edit ! 
    elseif(isset($_GET['edit'])){
    $old_function_name=$_GET['edit'];
   $new_function_name=$_POST['new_function_name'];
   $new_function_description=$_POST['new_function_description'];
   $query="UPDATE functions
            SET function_name='{$new_function_name}', 
            function_description='{$new_function_description}'
WHERE function_name='{$old_function_name}'
";
  $result = mysql_query($query, $connection);
  if(!$result){redirect("../errors/error_db.html");}
elseif($result){redirect("../show.php?functions='{$function_type}'&edit=suc");}
}


}
else {
redirect("../main.php?error=log");
}
?>
<?php //close connection!
mysql_close($connection);
?>
 

The problem is i get redirect to a strange link that never existed and i never pointed to :

/proc/edit.php?new_function_name=($new_function_name)&new_function_description=($new_function_description)

with the variables replaces with their values and with no database update whatsoever!



I tried a lot with it with no result could someone help me out here!