|
PHP - Send Form Data To 1 Url While Redirecting To Another Page?
Hi,
I am sending data from a form to a URL using $_GET but I would also like the user to be redirected to a thankyou page which is a different URL. Does anyone know if this is possible? Thanks, Similar TutorialsHi there, I wrote a pretty simple html form that inputs data into my database. I've included a truncated version of it, There are a lot more fields. Basically when i hit the submit it processes input.php but after its been successful the page is still at input.php in the browser Is there anyway to take the page back to the page i was using to input data Code: [Select] <form action="insert.php" method="post"> <p>Adornment Name: <br> <input type="text" name="name"> <br> <br> Quality: <br> <select name="quality"> <option value="Other">Other Not Listed</option> <option value="Superior">Superior</option> <option value="Greater">Greater</option> <option value="Lesser">Lesser</option> <option value="Raid">Raid</option> <option value="Faction">Faction</option> </select> </form> Code: [Select] include 'db_connect.php'; $sql="INSERT INTO $db_table (name, quality) VALUES ( '$_POST[name]', '$_POST[quality]')"; if (!mysql_query($sql,$db)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($db) ?> ..and its not working (i replaced <textarea> with <div> to apply some html tags inside it ) and this is my form : Code: [Select] <form action="proc.php" method="post"> <div id="text" name="question_text" class="text" contenteditable="true"></div> </form> but when i submit some text the $_POST['question_text'] is not set ! I needed a server side PHP validation script for my form to use on top of client side Javascript as a backup. I found a nice package where I just include the validator and set a few options then it does the rest. However it doesn't seem to work with the action="whateveraction.php" for the form. It will skip all the validation and immediately go to the action script. So I left that blank as you can see in the form below and figured I would send the post data somehow to the script using PHP when the validation is successful. However I am stumped on how to do that can I get some coding help? This is the small validation script. I will attach the formvalidator.php in this post. Code: [Select] <?php require_once "formvalidator.php"; if(isset($_POST['submit'])) { $validator = new FormValidator(); $validator->addValidation("age","req","Please fill in your Age"); $validator->addValidation("mcid","req","Please fill in your Minecraft Username"); $validator->addValidation("description","req","Please fill in a Description"); if($validator->ValidateForm()) { //need something here to have it send the post data to /mcbuildapp/form_submit.php } else { echo "<div class=blockrow><b><font size=5>Form Errors:</font><b></div>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<div class=blockrow><p><font color=red>$inp_err</font></p>\n</div>"; } } } Then the form if it matters.... Code: [Select] <div class="blockrow"> <font size=4><b>Minecraft Building Rights Application</b></font> <br /> <br /> <b>Failing to fill in any of these fields sufficiently will result in an automatic denial of your application!</b><br /> <b>Think of it this way, being lazy and applying wrong is only wasting your time. Take the time to do it correctly the first time.</b> <br /> <br /> <b><font color=red>To ensure proper user authentication and security you must first join the server at least once before applying for your building rights to work!</font></b> <br /> <br /> <form action="" id="mcbuilderapp" name="mcbuilderapp" method="post"> <label><b>Your Minecraft Username (required)</b><br /> Use exact capitalization and punctuation that matches your Minecraft.net account!</label> <br /> <br /> <input type="text" name="mcid" id="mcid" maxlength="25"/> <br /> <br /> <label><b>Your Age (required)</b></label> <br /> <br /> <input type="text" name="age" id="age" maxlength="3"/> <br /> <br /> <label><b>Describe Yourself (required)</b><br /> Describe yourself in <b>no less</b> than 3 sentences using <b>correct grammar</b>.</label> <br /> <br /> <textarea name="description" id="description" minlength="10" maxlength="1000" cols=60 rows=5 wrap="physical"> </textarea> <br /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </div> MOD EDIT: PHP manual tags changed to code tags . . . [attachment deleted by admin] How to send multipart/form-data ? via curl or so ... here i am going to send it - http://dezend.me/dezend/ The top half of this code works great ( where the HR line across ) now I'm trying to get it to post the some of the same data to another process script. I keep getting errors. can some please tell me what I'm doing wrong or missing. <?php function dataPost($fieldValue){ //extract data from the post extract($_POST); //set POST variables $url = 'http://www.domain.com/processform1.phpp'; $fields = array( 'how_you_heard_about_us'=>$how_you_heard_about_us, 'how_you_heard_about_us_other'=>$how_you_heard_about_us_other, 'chk_atm_machines'=>$chk_atm_machines, 'custom1'=>$custom1, 'txt_business_adrss'=>$txt_business_adrss, 'txt_city'=>$txt_city, 'txt_state'=>$txt_state, 'txt_zip'=>$txt_zip, 'txt_country'=>$txt_country, 'txt_phone'=>$txt_phone, 'txt_fax'=>$txt_fax, 'txt_website'=>$txt_website, 'firstname'=>$firstname, ); //url-ify the data for the POST foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } rtrim($fields_string,'&'); //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_POST,count($fields)); curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string); //execute post $result = curl_exec($ch); //close connection curl_close($ch); from here down I'm not to sure with..... //create array of data to be posted $post_data['firstname'] = 'firstname'; $post_data['custom1'] = 'custom1'; $post_data['txt_state'] = 'txt_state'; //traverse array and prepare data for posting (key1=value1) foreach ( $post_data as $key => $value) { $post_items[] = $key . '=' . $value; } //create the final string to be posted using implode() $post_string = implode ('&', $post_items); //create cURL connection $curl_connection = curl_init('http://www.domain.com/processform2.php'); //set options curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"); curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1); //set data to be posted curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string); //perform our request $result = curl_exec($curl_connection); //show information regarding the request print_r(curl_getinfo($curl_connection)); echo curl_errno($curl_connection) . '-' . curl_error($curl_connection); //close the connection curl_close($curl_connection); } dataPost('Some Data'); ?> Ok i am stuck, i created a php script that draws data from a mysql dB into a php page. How can I send the page as the body in email? I do not need to preview the page, but can send it without ever viewing if that helps. When I put my code into a variable it does nothing. Is it caching? Should I load the results into mysql then send?please advise.. This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=320495.0 I have phpmailer on a website and after clicking send, it goes to the forms action page and don't seem to redirect to the enquiry confirmation page, the forms action page is a blank white page which am guessing is correct as it's PHP coding but thought it should redirect. I don't get any errors showing what the issue is. I have the phpmailer uploaded onto the FTP server and has the class.phpmailer.php file inside the phpmailer folder. The client has their email going through office365. Below is the code I have +
<?php
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
//index.php
$error = '';
$name = '';
$email = '';
$subject = '';
$message = '';
function clean_text($string)
{
$string = trim($string);
$string = stripslashes($string);
$string = htmlspecialchars($string);
return $string;
}
if(isset($_POST["submit"]))
{
if(empty($_POST["name"]))
{
$error .= '<p><label class="text-danger">Please Enter your Name</label></p>';
}
else
{
$name = clean_text($_POST["name"]);
if(!preg_match("/^[a-zA-Z ]*$/",$name))
{
$error .= '<p><label class="text-danger">Only letters and white space allowed</label></p>';
}
}
if(empty($_POST["email"]))
{
$error .= '<p><label class="text-danger">Please Enter your Email</label></p>';
}
else
{
$email = clean_text($_POST["email"]);
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$error .= '<p><label class="text-danger">Invalid email format</label></p>';
}
}
if(empty($_POST["subject"]))
{
$error .= '<p><label class="text-danger">Subject is required</label></p>';
}
else
{
$subject = clean_text($_POST["subject"]);
}
if(empty($_POST["message"]))
{
$error .= '<p><label class="text-danger">Message is required</label></p>';
}
else
{
$message = clean_text($_POST["message"]);
}
if($error == '')
{
require 'phpmailer/class.phpmailer.php';
$mail = new PHPMailer;
$mail->SMTPDebug = 2;
$mail->IsSMTP(); //Sets Mailer to send message using SMTP
$mail->Host = 'smtp.office365.com'; //Sets the SMTP hosts
$mail->Port = '587'; //Sets the default SMTP server port
$mail->SMTPSecure = 'tls'; //Sets connection prefix. Options are "", "ssl" or "tls"
$mail->SMTPAuth = true; //Sets SMTP authentication. Utilizes the Username and Password variables
$mail->Username = 'email@domain.co.uk'; //Sets SMTP username
$mail->Password = 'password'; //Sets SMTP password
$mail->From = $_POST["email"]; //Sets the From email address for the message
$mail->FromName = $_POST["name"]; //Sets the From name of the message
$mail->AddAddress('email@domain.co.uk', 'Name');//Adds a "To" address
$mail->AddCC($_POST["email"], $_POST["name"]); //Adds a "Cc" address
$mail->WordWrap = 50; //Sets word wrapping on the body of the message to a given number of characters
$mail->IsHTML(true); //Sets message type to HTML
$mail->Subject = "New Website Enquiry"; //Sets the Subject of the message
$mail->Body = "Name: " . $_POST["name"] . "<br><br>" . "Email: " . $_POST["email"] . "<br><br>" . "Subject: " . $_POST["subject"] . "<br><br>" . "Message: " . "<br>" . $_POST["message"]; //An HTML or plain text message body
if (!$mail->Send()) //Send an Email. Return true on success or false on error
{
header('Location: https://www.domain.co.uk/enquiry-confirmation.php');
}
else
{
$error = '<label class="text-danger">There is an Error</label>';
}
$name = '';
$email = '';
$subject = '';
$message = '';
}
}
?>
Hi I have tried and tried and tried again to get this to work
in simple terms I have very little knowledge with PHP and even less with mysql
I have a paid subscription and domain in order to learn more and I feel I have made ok progress so far
then I realised how unsafe my current work is;
here is my experience this far
I created a site for a group of voluntary online game hosts where they can posts points from their tournaments in a forum
and some info pages to go with this,
however what I did was create a base template and style sheet and then an admin dashboard linked to individual forms to allow the group admin to edit the info pages they go to my form and enter the desired info and submit this then sends through and action file which posts the text and <BR> to a .txt file,
then the connecting page reads the .txt file using the PHP code of " <? php include ( 'index.txt'); ?>
yes you are seeing this correctly I have allowed a direct edit of text in a .txt file rather silly of me but I didn't realise how unsafe this was until now I guess its a good job I trust that the admin has no knowledge or skills in coding
ok since all this I have created a DB in MySQL on my server,
My server uses PHPMyAdmin I have create a DB named " mnvbcou1_content1 " and a table named " home " with rows " ID " and " home "
what I am trying to do:
I want my page to display the content of the table row home and a form once submitted to send to the table row home
or if needed I can re make this DB if the names are not suitable
I have tried to create the needed coding to make this work but for some reason this just will not work I have already added 2 rows to my table to try and make the page to display the content but it just is not working I got an error every time
so I hope that someone out there is rather patient and is willing to help me learn how to do this correctly and safely,
also this is a closed group website the address to this site is only known by a handful of none programmers I am mainly trying to make this work for my own personal knowledge and server safety please help me
Here's the code that deals with the client side:
<?php
session_start();
if(!isset($_SESSION['Logged_in'])){
header("Location: /page.php?page=login");
}
?>
<!DOCTYPE Html>
<html>
<head>
<!--Connections made and head included-->
<?php require_once("../INC/head.php"); ?>
<?php require_once("../Scripts/DB/connect.php"); ?>
<!--Asynchronously Return User Names-->
<script>
$(document).ready(function(){
function search(){
var textboxvalue = $('input[name=search]').val();
$.ajax(
{
type: "GET",
url: 'search.php',
data: {Search: textboxvalue},
success: function(result)
{
$("#results").html(result);
}
});
};
</script>
</head>
<body>
<div id="header-wrapper">
<?php include_once("../INC/nav2.php"); ?>
</div>
<div id="content">
<h1 style="color: red; text-align: center;">Member Directory</h1>
<form onsubmit="search()">
<label for="search">Search for User:</label>
<input type="text" size="70px" id="search" name="search">
</form>
<a href="index.php?do=">Show All Users</a>|<a href="index.php?do=ONLINE">Show All Online Users</a>
<div id="results">
<!--Results will be returned HERE!-->
</div>
search.php
<?php //testing if data is sent ok echo "<h1>Hello</h1><br>" . $_GET['search']; ?>This is the link I get after sending foo. http://www.family-li...php?&search=foo Is that mean it was sent, but I'm not processing it correctly? I'm new to the whole AJAX thing. Is it okay to redirect a user to another page - which displays an outcome message - after a form is submitted? Debbie I have a program that is loaded into an iframe, more specifically the fancybox modal window app. It is the one here http://www.phpfreaks.com/forums/index.php?topic=332297.0 which dragonSA and others so graciously helped me with. On completion of the program (no errors), I want it to redirect the entire page to a new one. (the user successfully logs in) The problem it seems is that my header('URL'); redirects to the page, but within the iframe. I want the top frame to redirect, and obviously closing the modal window. I did some research and it seems that frames are client-side while PHP is getting processed server-side so it's unable to target another frame. I believe that this makes it out of PHP's scope to do this, but I am not sure. I did some more research and a lot of people on the web are using javascript to do this, but none of the examples showed how it could be implemented in something like mine (after a true if statement inside the php script). Code: [Select] // the following code is inside a <?php ?> statement if (count($aError) == 0) { header( 'Location: http://www.site.com/welcome.html' ) ; } How can I write a 404 file to redirected any 'not found' page with structure of example.com/something/more/final.html to example.com/search?q=something+more+final Thanks Hi, Struggling to find the problem just getting page is not redirecting properly from browser Code: [Select] <?php function seoclean_ad( $uc_string ) { $seo_clean_string = strtolower( "{$uc_string}" ); $seo_clean_string = str_replace( " ", "_".SS_SEOSPREP."", "{$seo_clean_string}" ); $seo_clean_string = str_replace( "&", "and", "{$seo_clean_string}" ); $seo_clean_string = preg_replace( "[^A-Za-z0-9_-]", "", $seo_clean_string ); $seo_clean_string = "{$seo_clean_string}".SEO_SUFFIX.""; return $seo_clean_string; } function prepare_template_output( $data ) { if ( is_array( $data ) ) { $ret = array( ); foreach ( $data as $key => $value ) { $ret[$key] = prepare_template_output( $value ); } return $ret; } if ( !is_numeric( $data ) ) { $data = stripslashes( $data ); $data = trim( $data ); $data = htmlentities( $data ); } return $data; } function ukDate( $inDate ) { global $outDate; list( $uYear, $uMonth, $uDay ) = explode( "-", "{$inDate}" ); $outDate = "{$uDay}-{$uMonth}-{$uYear}"; return $outDate; } function write_cache( $f_cache_data, $f_cache_file ) { if ( !( $fp = fopen( $f_cache_file, "w" ) ) ) { trigger_error( "Error opening cache file" ); exit( ); } if ( !flock( $fp, LOCK_EX ) ) { trigger_error( "Unable to lock file" ); exit( ); } if ( !fwrite( $fp, serialize( $f_cache_data ) ) ) { trigger_error( "Error writing to cache file" ); exit( ); } flock( $fp, LOCK_UN ); fclose( $fp ); } function read_cache( $f_cache_file ) { if ( !file_exists( $f_cache_file ) ) { trigger_error( "Invalid cache file" ); exit( ); } return unserialize( file_get_contents( $f_cache_file ) ); } function list_options( $arrayname, $mode ) { global $row; global $row_2; $sarray = ""; foreach ( $arrayname as $v ) { if ( !isset( $row['salutation'] ) && $row['salutation'] == $v || isset( $row_2['salutation'] ) && $row_2['salutation'] == $v ) { if ( !isset( $mode ) ) { echo "<option value=\"".$v."\" selected>{$v}</option>\n"; } else { $sarray .= "<option value=\"".$v."\" selected>{$v}</option>\n"; } } else if ( !isset( $mode ) ) { echo "<option value=\"".$v."\">{$v}</option>\n"; } else { $sarray .= "<option value=\"".$v."\">{$v}</option>\n"; } } return $sarray; } function genprevnext( $total_pages, $position, $nresults, $scriptis, $extras ) { global $shopurl; global $seoFriend; global $connection; global $instdir; global $smode; if ( !empty( $smode ) ) { $smodebits = "{$smode}/"; } else { $smodebits = ""; } if ( !empty( $_GET['smode'] ) ) { $smodebits = "".htmlentities( $_GET['smode'] )."/"; } else { $smodebits = ""; } $disppages = intval( $total_pages / $nresults ); if ( $total_pages % $nresults ) { ++$disppages; } if ( $nresults <= $position ) { $current_page_num = $position / $nresults + 1; } else { $current_page_num = 1; } $limit = $nresults; $stages = 3; $position = $position; $page = $position / $nresults + 1; if ( $page ) { $start = ( $page - 1 ) * $limit; } else { $start = 0; } if ( $page == 0 ) { $page = 1; } $prev = $page - 1; $next = $page + 1; $lastpage = ceil( $total_pages / $limit ); $LastPagem1 = $lastpage - 1; $paginglinks = ""; if ( 1 < $lastpage ) { if ( 1 < $page ) { $prevoffset = $position - $nresults; $paginate .= "<a href=\"".$scriptis."?position={$prevoffset}&nresults={$nresults}{$extras}\">« Prev</a>"; } else { $paginate .= "<span class='pagination-disabled'>« Prev</span>"; } if ( $lastpage < 7 + $stages * 2 ) { $counter = 1; for ( ; $counter <= $lastpage; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } break; } } while ( 1 ); } else if ( 5 + $stages * 2 < $lastpage ) { if ( $page < 1 + $stages * 2 ) { $counter = 1; for ( ; $counter < 4 + $stages * 2; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } $paginglinks .= "..."; $newoffsetlm1 = $LastPagem1 * $limit - $limit; $newoffsetlp = $lastpage * $limit - $limit; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>"; } else if ( $page < $lastpage - $stages * 2 && $stages * 2 < $page ) { $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>"; $paginglinks .= "..."; $counter = $page - $stages; for ( ; $counter <= $page + $stages; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } $paginglinks .= "..."; $newoffsetlm1 = $LastPagem1 * $limit - $limit; $newoffsetlp = $lastpage * $limit - $limit; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>"; $paginglinks .= "..."; $counter = $lastpage - ( 2 + $stages * 2 ); for ( ; $counter <= $lastpage; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } } } $paginate .= $paginglinks; if ( $page < $counter - 1 ) { $newoffset = $position + $nresults; $paginate .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">Next »</a>"; } else { $paginate .= "<span class=\"pagination-disabled\">Next »</span>"; } } if ( $nresults < $total_pages ) { echo $paginate; } function buildCategorySelect( ) { global $connection; global $category_id; $level = "0"; $sql = "SELECT * from categories WHERE category_parent_id='deftl'"; if ( !( $result = @mysql_query( $sql, $connection ) ) ) { exit( "** COULD NOT BUILD CATEGORY DROP DOWN ** ".mysql_error( ) ); } while ( $row = mysql_fetch_array( $result ) ) { $parent = "{$row['category_id']}"; $row[category_name] = stripslashes( "{$row['category_name']}" ); if ( $category_id == $row[category_id] ) { echo "<option value=\"".$row['category_id']."\" selected>+ {$row['category_name']}</option>\n"; } else { echo "<option value=\"".$row['category_id']."\">+ {$row['category_name']}</option>\n"; } getchildren( $parent, $level ); } } function getChildren( $parent, $level ) { global $connection; global $category_id; ++$level; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { $parent = "{$row1['category_id']}"; if ( $category_id == $row1[category_id] ) { echo "<option value=\"".$row1['category_id']."\" selected>"; } else { echo "<option value=\"".$row1['category_id']."\">"; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } echo "|--[".$level."]"; echo " ".$row1['category_name']."</option>\n"; getchildren( $parent, $level ); } } function getChildrenSEL( $parent, $myparent, $level ) { global $connection; global $https; global $category_id; ++$level; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { $parent = "{$row1['category_id']}"; if ( $myparent == $row1[category_id] ) { echo "<option value=\"".$row1['category_id']."\" selected>"; } else if ( $category_id == $row1[category_id] ) { echo "<option value=\"deftl\">"; } else { echo "<option value=\"".$row1['category_id']."\">"; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } echo "|".$level."|"; echo "{$row1['category_name']}</option>\n"; getchildrensel( $parent, $myparent, $level ); } } function makeCategoryMap( ) { global $connection; global $adminurl; $level = "0"; $sql = "SELECT * from categories WHERE category_parent_id='deftl'"; if ( !( $result = @mysql_query( $sql, $connection ) ) ) { exit( "Couldn't build category tree parent part: ".mysql_error( ) ); } while ( $row = mysql_fetch_array( $result ) ) { $parent = "{$row['category_id']}"; $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from products db" ); } $numrows = mysql_num_rows( $result3 ); if ( $numrows < 1 ) { $linker = ""; } else { $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row['category_id']}'\" value=\"Products ({$numrows})\" />"; } $row[category_name] = stripslashes( "{$row['category_name']}" ); echo "<tr>\n\t\t\t\t<td> + <a href=\"".$adminurl."products/editcategory.php?category_id={$row['category_id']}\" title=\"{$row['category_desc']}\">{$row['category_name']}</a> </td>\n\t\t\t\t<td>"; if ( $row[category_publish] == Y ) { echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=N'\" />"; } else { echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=Y'\" />"; } echo "</td>\n\t\t\t\t<td> <input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row['category_id']}'\" value=\"Add\" /> {$linker} </td>\n\t\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row['category_id']}\",\"Are you sure you want to delete this category?\");' /> </td>\n\t\t\t</tr>\n"; getchildrenlist( $parent, $level ); } } function getChildrenList( $parent, $level ) { global $connection; global $adminurl; ++$level; $where_in_level = "0"; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."'"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { ++$where_in_level; $parent = "{$row1['category_id']}"; $level_indent = $level - 1; $i = 0; for ( ; $i < $level_indent; ++$i ) { echo " "; } if ( $last_level == $level ) { echo " "; } else { echo " "; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from products db" ); } $numrows = mysql_num_rows( $result3 ); if ( $numrows < 1 ) { $linker = ""; } else { $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row1['category_id']}'\" value=\"Products ({$numrows})\" />"; } echo "\t<tr>\n\t\t<td> » (".$level.") <a href=\"{$adminurl}products/editcategory.php?category_id={$row1['category_id']}\" title=\"{$row1['category_desc']}\">{$row1['category_name']}</a></td>\n\t\t\t<td>"; if ( $row1[category_publish] == Y ) { echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=N'\" />"; } else { echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=Y'\" />"; } echo "</td> \n\t\t\t<td><input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row1['category_id']}'\" value=\"Add\" /> {$linker}</td>\n\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row1['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row1['category_id']}\",\"Are you sure you want to delete this category?\");' /></td>\n\t</tr>\n"; getchildrenlist( $parent, $level ); $last_level = $level; } } function productcheckcategories( ) { global $connection; global $oktoadd; $sql3 = "SELECT * from categories"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from category db" ); } $numrows = mysql_num_rows( $result3 ); if ( 1 <= $numrows ) { $oktoadd = "Y"; } } function countrycompareDD( $country_dd ) { global $connection; echo "<select name=\"country\">"; $sql3 = "SELECT country_short, country_long from country WHERE zone_id !='0'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't execute request 1" ); } while ( $row3 = mysql_fetch_array( $result3 ) ) { if ( $row3[country_short] == $country_dd ) { echo "<option value=\"".$row3['country_short']."\" selected>{$row3['country_long']}</option>\n"; } else { echo "<option value=\"".$row3['country_short']."\">{$row3['country_long']}</option>\n"; } } echo "</select>"; } function alternatecolour( $level ) { global $altclass; $class_1 = " class=altlight"; $class_2 = " class=altdark"; $altclass = $class_1; $level % 2 ? 0 : ( $altclass = $class_2 ); } function check_email_address( $email ) { if ( !preg_match( "/[^@]{1,64}@[^@]{1,255}/i", $email ) ) { return FALSE; } $email_array = explode( "@", $email ); $local_array = explode( ".", $email_array[0] ); $i = 0; for ( ; $i < sizeof( $local_array ); ++$i ) { if ( preg_match( ">^(([A-Za-z0-9!#\$%&'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$>i", $local_array[$i] ) ) { continue; } return FALSE; } if ( !preg_match( "/^\\[?[0-9\\.]+\\]?\$/i", $email_array[1] ) ) { $domain_array = explode( ".", $email_array[1] ); if ( sizeof( $domain_array ) < 2 ) { return FALSE; } $i = 0; for ( ; $i < sizeof( $domain_array ); ++$i ) { if ( preg_match( "/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$/i", $domain_array[$i] ) ) { continue; } return FALSE; } } return TRUE; } if ( get_magic_quotes_gpc( ) ) { $in = array( $GLOBALS['_GET'], $GLOBALS['_POST'], $GLOBALS['_COOKIE'] ); while ( list( $k, $v ) = each( &$in ) ) { foreach ( $v as $key => $val ) { if ( !is_array( $val ) ) { $in[$k][$key] = stripslashes( $val ); } else { $in[] =& $in[$k][$key]; } } } unset( $in ); } if ( isset( $_POST ) || isset( $_GET ) ) { $in = array( $GLOBALS['_GET'], $GLOBALS['_POST'] ); while ( list( $k, $v ) = each( &$in ) ) { foreach ( $v as $key => $val ) { if ( !is_array( $val ) ) { if ( ( $key == "txtContent" || $key == "category_desc" || !( $key == "metaadd" ) && !( $admin_ok_check == $_SESSION[admin_ok] ) ) || !preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/updatecurrency.php/", "{$_SERVER['PHP_SELF']}" ) ) { if ( !preg_match( "/createcurrency.php/", "{$_SERVER['PHP_SELF']}" ) ) { $val = preg_replace( "/\\s+/", " ", $val ); $in[$k][$key] = htmlentities( trim( $val ) ); } } } else { $in[] =& $in[$k][$key]; } } } unset( $in ); } $sYear = "2007"; $cwd = dirname( __FILE__ ); $instdir = str_replace( "private", "", "{$cwd}" ); include( "{$instdir}private/config.php" ); include( "{$instdir}private/cache.php" ); include( "{$instdir}private/pca_config.php" ); if ( empty( $shopurl ) ) { header( "Location: install/" ); exit( ); } include( "{$instdir}private/db_connect.php" ); include( "{$instdir}private/messages.php" ); include( "{$instdir}private/shop_messages.php" ); $admin_dirs = array( "settings", "orders", "newsletter", "reports", "shoppers", "products", "content" ); $mtta = array( "mail", "smtp" ); $ppgfields = array( "ppemail", "ppmerchantid", "ppsecret", "pptestmode", "ppinstid", "ppintip", "ppextip", "ppgiftaid", "ppApply3DSecure", "ppApplyAVSCV2", "ppauthmode", "ppsignature" ); $category_style = array( "List with Thumbnail", "List no Thumbnail", "Grid" ); $category_sort_order = array( "Alphabetical", "Newest Items First", "Newest Items Last", "Featured Items First", "Custom Sort", "Price Low - High", "Price High - Low" ); $sf_style = array( "List", "Grid" ); $sf_sort_order = array( "Alphabetical", "By ID", "Randomised" ); $cf_sort_order = array( "Alphabetical", "By ID", "Custom" ); $allow_next = array( "selectdeliveryaddress.php", "revieworder.php", "reviewproduct.php", "revieworder.php?clearptid=Y", "orders.php" ); if ( $_GET[next] && !in_array( "{$_GET['next']}", $allow_next ) ) { echo "Not allowed!"; exit( ); } if ( !ctype_digit( $_GET[cmsid] ) ) { $GLOBALS['_GET'][cmsid] = ""; } $GLOBALS['_GET'][cmsid] = mysql_real_escape_string( "{$_GET['cmsid']}" ); if ( !ctype_digit( $_GET[category_id] ) ) { $GLOBALS['_GET'][category_id] = ""; } $GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" ); if ( !ctype_digit( $_GET[product_id] ) ) { $GLOBALS['_GET'][product_id] = ""; } $GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" ); if ( !ctype_digit( $_GET[product_xo_id] ) ) { $GLOBALS['_GET'][product_xo_id] = ""; } $GLOBALS['_GET'][product_xo_id] = mysql_real_escape_string( "{$_GET['product_xo_id']}" ); if ( !ctype_digit( $_GET[o_id] ) ) { $GLOBALS['_GET'][o_id] = ""; } $GLOBALS['_GET'][o_id] = mysql_real_escape_string( "{$_GET['o_id']}" ); if ( !ctype_digit( $_GET[p_id] ) ) { $GLOBALS['_GET'][p_id] = ""; } $GLOBALS['_GET'][p_id] = mysql_real_escape_string( "{$_GET['p_id']}" ); if ( !ctype_digit( $_GET[a_id] ) ) { $GLOBALS['_GET'][a_id] = ""; } $GLOBALS['_GET'][a_id] = mysql_real_escape_string( "{$_GET['a_id']}" ); $GLOBALS['_POST'][query_string] = mysql_real_escape_string( "{$_POST['query_string']}" ); if ( !ctype_digit( $_POST[pre_xo_id] ) ) { $GLOBALS['_POST'][pre_xo_id] = ""; } $GLOBALS['_POST'][pre_xo_id] = mysql_real_escape_string( "{$_POST['pre_xo_id']}" ); if ( !ctype_digit( $_POST[p_id] ) ) { $GLOBALS['_POST'][p_id] = ""; } $GLOBALS['_POST'][p_id] = mysql_real_escape_string( "{$_POST['p_id']}" ); if ( !ctype_digit( $_POST[qty] ) ) { $GLOBALS['_POST'][qty] = ""; } $GLOBALS['_POST'][qty] = mysql_real_escape_string( "{$_POST['qty']}" ); $GLOBALS['_POST'][loginemail] = mysql_real_escape_string( "{$_POST['loginemail']}" ); $GLOBALS['_POST'][loginpass] = mysql_real_escape_string( "{$_POST['loginpass']}" ); if ( $_POST[mail_outs] != "Y" && $_POST[mail_outs] != "N" ) { $GLOBALS['_POST'][mail_outs] = "Y"; } $GLOBALS['_POST'][mail_outs] = mysql_real_escape_string( "{$_POST['mail_outs']}" ); $GLOBALS['_POST'][old_password] = mysql_real_escape_string( "{$_POST['old_password']}" ); $GLOBALS['_POST'][confirm_password] = mysql_real_escape_string( "{$_POST['confirm_password']}" ); $search = array( "@<script[^>]*?>.*?</script>@si", "@<[\\/\\!]*?[^<>]*?>@si", "@&(quot|#34);@i", "@&(amp|#38);@i", "@&(lt|#60);@i", "@&(gt|#62);@i", "@&(nbsp|#160);@i", "@&(iexcl|#161);@i", "@&(cent|#162);@i", "@&(pound|#163);@i", "@&(copy|#169);@i", "@&#(\\d+);@e" ); $replace = array( "", "", "\\1", "\"", "&", "<", ">", " ", chr( 161 ), chr( 162 ), chr( 163 ), chr( 169 ), "chr(\\1)" ); $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" ); $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" ); $GLOBALS['_POST'][company] = preg_replace( $search, $replace, $_POST[company] ); $GLOBALS['_POST'][first_name] = mysql_real_escape_string( "{$_POST['first_name']}" ); $GLOBALS['_POST'][first_name] = preg_replace( $search, $replace, $_POST[first_name] ); $GLOBALS['_POST'][last_name] = mysql_real_escape_string( "{$_POST['last_name']}" ); $GLOBALS['_POST'][last_name] = preg_replace( $search, $replace, $_POST[last_name] ); $GLOBALS['_POST'][email] = mysql_real_escape_string( "{$_POST['email']}" ); $GLOBALS['_POST'][email] = preg_replace( $search, $replace, $_POST[email] ); $GLOBALS['_POST'][no_name] = mysql_real_escape_string( "{$_POST['no_name']}" ); $GLOBALS['_POST'][no_name] = preg_replace( $search, $replace, $_POST[no_name] ); $GLOBALS['_POST'][street] = mysql_real_escape_string( "{$_POST['street']}" ); $GLOBALS['_POST'][street] = preg_replace( $search, $replace, $_POST[street] ); $GLOBALS['_POST'][town] = mysql_real_escape_string( "{$_POST['town']}" ); $GLOBALS[ I keep getting a 'The page isn't redirecting properly error on Firefox. Anyone have an idea? I think it has something to do with the header() function, but I can't seem to pinpoint it. Code for the two files are below. Code: [Select] login.php <?php require_once('./lib/myform.class.php'); require_once('./functions.php'); $page = 'Login Page'; $myStyles = './css/mystyles.css'; if (isset($_POST['submit'])) { $error_ar = array(); $values_ar = array(); $username = sanatize($_POST['username']); $password = sanatize($_POST['password']); if (empty($username)) { $error_ar['username'] = 'You must enter your username'; //echo $arr_error['username']; } else { $values_ar['username'] = $_POST['username']; } if (empty($password)) { $error_ar['password'] = 'You must enter a password'; } } if (count($error_ar) == 0) { session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = md5($password); header('Location: processform.php'); exit(); } ?> <html> <head> <title><?php print $page ?></title> <link href="<?php print $myStyles ?>" rel="stylesheet" type="text/css"> </head> <body> <div id="container"> <div id="form"> <?php $f = new myForm($error_ar); $f->beginForm("login.php"); $f->beginFieldset(array('class'=>'form')); $f->addLegend($page); $f->beginList(); $f->beginListItem(); $f->addLabel('username', 'Username'); $f->addInput('text', 'username', $values_ar['username'], array('class'=>'text', 'id'=>'username')); $f->endListItem(); $f->beginListItem(); $f->addLabel('password', 'Password'); $f->addPassword(); $f->endListItem(); $f->endList(); $f->endFieldset(); $f->beginFieldset(array('class'=>'form')); $f->addLegend('Submit'); $f->beginList(); $f->beginListItem(); $f->submitButton('Login', array('class'=>'submit')); $f->endListItem(); $f->endList(); $f->endFieldset(); echo $f->printForm(); ?> </div> </div> </body> </html> Code: [Select] processform.php <?php session_start(); require_once('./lib/mysqldb.class.php'); if (!isset($_SESSION['username'])) { header('Location: login.php'); exit(); } $db = new MySQLDB(); $username = $_SESSION['username']; $password = $_SESSION['password']; if ($db->authenticateUser($username, $password)) { echo "SUCCESS!!!"; } else { $_SESSION = array(); session_destroy(); header('Location: login.php'); } ?> The following should be redirecting to a certain page based upon the variables given. If someone is logged into the admincp but enters the address index.php?admincp=users, all that shows up is a blank page, it should re-direct back to the admincp main page; aka index.php?admincp. Everything other than this is working... It's just not going back to the admincp when index.php?admincp=users is entered. <?php require_once 'db_select.php'; require_once 'func.php'; session_start(); $cadmin2=$_SESSION['admin_check']; if($cadmin2=="4" && isset($_SESSION['mypassword3']) && $_SESSION['mypassword3']==$_SESSION['mypassword2']){ $SQL1="SELECT position FROM $tbl_name4 WHERE film_number='1' ORDER BY ABS(cost) ASC"; $result1=mysql_query($SQL1) or die(mysql_error()); if($_GET['do']=="add"){ $section.=' - Add User'; $content.=' <div class="main"> <div class="main_header">Add New User</div> <div class="user_form"> <form action="./index.php?admincp=users&do=process&source=new" method="post"> <p><label>Name:</label> <input type="text" name="name" size="30" /></p> <p><label>E-Mail:</label> <input type="email" name="email" size="32" /></p> <p><label>Amount:</label> <input type="text" name="amount" size="8" /></p> <p><label>Username:</label> <input type="text" name="username" size="30" /></p> <p> <label>Level:</label> <select name="level"> <option value=""></option> <option value="nickel">Nickel</option> <option value="copper">Copper</option> <option value="bronze">Bronze</option> <option value="silver">Silver</option> <option value="gold">Gold</option> <option value="platinum">Platinum</option> <option value="palladium">Palladium</option> </select> </p> <p> <label>User Level:</label> <select name="user_level"> <option value="0">No Account</option> <option value="1">Credit Purchase</option> <option value="2">Donation</option> <option value="3">Moderator</option> <option value="4">Admin</option> </select> </p> <p><label>Credit:</label> <select name="credit"> <option value=""></option>'; while($row1=mysql_fetch_array($result1)){ extract($row1); $content.='<option value="'.ucfirst($position).'">'.ucfirst($position).'</option>'; } $content.=' </select> <!--<label>Film Number:</label> <select name="film_number"> <option value=""></option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> </select>--> </p> <p><label>Password:</label> <input type="text" name="password" size="30" /></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> '; } elseif($_GET['do']=="edit"){ if(isset($_GET['id'])){ $id=(int)$_GET['id']; $edit_user_query="SELECT * FROM $tbl_name WHERE $tbl_name.donor_id=$id"; $edit_user_result=mysql_query($edit_user_query); while($edit_user_row=mysql_fetch_array($edit_user_result)){ extract($edit_user_row); } $credits_query="SELECT * FROM donors_credits WHERE donor_id=".$id." ORDER BY id"; $credits_result=mysql_query($credits_query); while($credits_row=mysql_fetch_array($credits_result)){ $credits[]=$credits_row['credit']; } if(count($credits) > 0){ $credit=implode(", ",$credits); } if(!empty($amount)){ $amount=number_format($amount, 2, '.', ','); } $section.=' - Edit User: '.$username.''; $content.=' <div class="main"> <div class="main_header">Edit User - '.(!empty($username) ? ''.$username.'' : ''.$name.'').'</div> <div class="user_form"> <form action="./index.php?admincp=users&do=process&source=edit&id='.$id.'" method="post"> <p><label>Name:</label> <input type="text" name="name" size="30" value="'.$name.'" /></p> <p><label>E-Mail:</label> <input type="email" name="email" size="32" value="'.$email.'" /></p> <p><label>Amount:</label> <input type="text" name="amount" size="8" value="'.$amount.'" /></p> <p><label>Username:</label> <input type="text" name="username" size="30" value="'.$username.'" /></p> <p> <label>Level:</label> <select name="level"> <option value=""'.(empty($level) ? ' selected="selected"' : '').'></option> <option value="nickel"'.($level=="nickel" ? ' selected="selected"' : '').'>Nickel</option> <option value="copper"'.($level=="copper" ? ' selected="selected"' : '').'>Copper</option> <option value="bronze"'.($level=="bronze" ? ' selected="selected"' : '').'>Bronze</option> <option value="silver"'.($level=="silver" ? ' selected="selected"' : '').'>Silver</option> <option value="gold"'.($level=="gold" ? ' selected="selected"' : '').'>Gold</option> <option value="platinum"'.($level=="platinum" ? ' selected="selected"' : '').'>Platinum</option> <option value="palladium"'.($level=="palladium" ? ' selected="selected"' : '').'>Palladium</option> </select> (Blank if something other than Donation) </p> <p> <label>User Level:</label> <select name="user_level"> <option value="0"'.($admin=="0" ? ' selected="selected"' : '').'>No Account</option> <option value="1"'.($admin=="1" ? ' selected="selected"' : '').'>Credit Purchase</option> <option value="2"'.($admin=="2" ? ' selected="selected"' : '').'>Donation</option> <option value="3"'.($admin=="3" ? ' selected="selected"' : '').'>Moderator</option> <option value="4"'.($admin=="4" ? ' selected="selected"' : '').'>Admin</option> </select> </p> <p><label>Credit:</label> <input type="text" name="credit_old" size="30" value="'.$credit.'" disabled="disabled" /></p> <p><label>New Credit:</label> <select name="credit"> <option value=""></option>'; while($row1=mysql_fetch_array($result1)){ extract($row1); $content.='<option value="'.ucfirst($position).'">'.ucfirst($position).'</option>'; } $content.=' </select> <!--<label>Film Number:</label> <select name="film_number"> <option value=""></option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> </select>--> </p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> '; } else{ $user_list_query="SELECT * FROM $tbl_name"; $user_list_result=mysql_query($user_list_query); $content=''; while($user_list_row=mysql_fetch_array($user_list_result)){ extract($user_list_row); $content.='<div class="center"><a href="./index.php?admincp=users&do=edit&id='.$donor_id.'">'.(!empty($username) ? ''.$username.'' : ''.$name.'').'</a></div>'; } } } elseif($_GET['do']="process"){ $source=sanitize($_GET['source']); $name=sanitize($_POST['name']); $email=sanitize($_POST['email']); $amount=amount_verify(sanitize($_POST['amount'])); $username=sanitize($_POST['username']); $level=sanitize($_POST['level']); $password=kam3($_POST['password']); $admin=sanitize($_POST['user_level']); //$film_number=sanitize($_POST['film_number']); $credits=sanitize($_POST['credit']); $credits=explode(",",$credits); array_walk($credits, 'trim_value'); if($amount=="00" || $amount==".00"){ $amount=""; } if($_GET['source']=="new"){ $add_user_query="INSERT INTO $tbl_name (username, name, level, amount, password, admin, email) VALUES ('$username', '$name', '$level', '$amount', '$password', '$admin', '$email')"; mysql_query($add_user_query); $insert_id=mysql_insert_id(); if(!empty($credits)){ $CreditArray = array(); foreach($credits as $credit){ $CreditArray[] = "('$credit',$insert_id)"; } if(mysql_affected_rows()==1){ $content.='<div class="center">User Added.</div>'; } if (count($CreditArray) > 0 ){ $credit_array_query="INSERT INTO $tbl_name2 (credit,donor_id) VALUES " . implode(',',$CreditArray); mysql_query($credit_array_query); } } } elseif($_GET['source']=="edit"){ $insert_id=$_GET['id']; $edit_user_query="UPDATE $tbl_name SET username='$username', name='$name', level='$level', amount='$amount', admin='$admin', email='$email' WHERE donor_id='$insert_id'"; mysql_query($edit_user_query); if(!empty($credits)){ $CreditArray = array(); foreach($credits as $credit){ $CreditArray[] = "('$credit',$insert_id)"; } if(mysql_affected_rows()==1){ $content.='<div class="center">User Edited.</div>'; } if (count($CreditArray) > 0 ){ $credit_array_query="INSERT $tbl_name2 (credit,donor_id) VALUES " . implode(',',$CreditArray); mysql_query($credit_array_query); } } } } else{ header('Location: ./index.php?admincp'); } } else{ header("Location: ./index.php?usercp"); } ?> I am trying to integrate facebook login into my application. If the user isn't logged in, I want to make sure that they get sent to the index page, but this doesn't work. Code: [Select] <?php if ($user) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { $user = null; //echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>'; } } else { header('Location: /'); } ?> Any thoughts on how to fix? There seems to be something wrong with my code when run in Firefox I get an error, the full code is: Code: [Select] <head> <script type="text/javascript" src="tabber.js"></script> <link rel="stylesheet" href="example.css" TYPE="text/css" MEDIA="screen"> <link rel="stylesheet" href="example-print.css" TYPE="text/css" MEDIA="print"> <script type="text/javascript"> </script> </head> <div class="tabber"> <?php if (!isset($_GET["name"]) || empty($_GET["name"])) { $corpname = rawurlencode(stripslashes($_POST['corpname'])); } else { $corpname = rawurlencode(stripslashes($_GET['name'])); } //Check if Corp is in DataBase $sql = "SELECT * FROM `corps` where `name` = '$corpname'"; $result = mysql_query($sql); $num = mysql_num_rows($result); // If Corp Is In DB if ($num > 0) { While ($row = mysql_fetch_array($result)) { ?> <div class="tabbertab"> <h2>Corp Info</h2> <table width ="700" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="128" rowspan="7"><?php echo "<img src=http://image.eveonline.com/Corporation/".$row['id']."_128.png width=128 height=128 />"; ?></td> <td width="128">Corp Name</td> <td><?php echo "<a href= http://eve.battleclinic.com/killboard/combat_record.php?type=corp&name=".rawurlencode($row['name'])." target=_blank>".$row['name']."</a>"; ?></td> </tr> <tr> <td width="128">Ticker</td> <td><?php echo $row['ticker']; ?></td> </tr> <tr> <td width="128">Allance</td> <td><?php $alliance = $row['alliance']; if($alliance =="0") { $alliance0 = "No Alliance"; echo $alliance0; } Else { $sql = "SELECT * FROM `alliance` WHERE `id` = '$alliance'"; $result = mysql_query($sql); $num=mysql_numrows($result); $i=0; while ($i < $num) { $alliance0=mysql_result($result,$i,"name"); $i++; } echo $alliance0; } ?></td> </tr> <tr> <td width="128">CEO Name</td> <td><?php echo "<a href=main.php?id=pilotsearch.php&name=".$row['ceo'].">".$row['ceo']."</a>"; ?></td> </tr> <tr> <td width="128">Headquarters</td> <td><?php echo $row['hq']; ?></td> </tr> <tr> <td width="128">Tax Rate</td> <td><?php echo $row['tax']; ?> %</td> </tr> <tr> <td width="128">Member Count</td> <td><?php echo $row['members']; ?></td> </tr> </table> </div> <div class="tabbertab"> <?php $query=mysql_query("SELECT DISTINCT(name) FROM `characters` WHERE `corporation` = '$corpname' ORDER BY name ASC") or die("Error Occured,please try again"); $numm = mysql_num_rows($query); echo "<h2>Known Members (".$numm."/".$row['members'].") </h2>"; echo "<table border='0' width='100%' cellspacing='0' cellpadding='0'>"; $left = true; while($row=mysql_fetch_array($query)) { if ($left) { echo "<tr>"; } echo "<td align='left' width='50%' cellspacing='0' cellpadding='0' >"; echo "<a href=main.php?id=pilotsearch.php&name=".rawurlencode($row['name']).">".$row['name']."</a>"; echo"</td>"; if (!$left) { echo"</tr>"; } $left = !$left; } echo"</table>"; ?> </div> <div class="tabbertab"> <?php $sql = "SELECT * FROM `corpwhsystems` WHERE `corpname` = '$corpname'"; $result = mysql_query($sql); $num_rows = mysql_num_rows($result); echo"<h2>WH Locations (".$num_rows.")</h2>"; $i=0; ?> <table width="728" border="0"> <tr> <td><strong>System Name</strong></td> <td><strong>System Class</strong></td> <td><strong>Effect</strong></td> <td><strong>Date Added</strong></td> <td><strong>Added By</strong></td> </tr> <?php while ($i <= $num_rows) { $sname=mysql_result($result,$i,"systemname"); $sclass=mysql_result($result,$i,"systemtype"); $anomaly=mysql_result($result,$i,"anomaly"); $addedby=mysql_result($result,$i,"updatedby"); $dateupdated=mysql_result($result,$i,"dateupdated"); ?> <tr> <td> <?php echo $sname; ?></td> <td> <?php echo $sclass; ?></td> <td> <?php echo $anomaly; ?></td> <td> <?php echo $dateupdated; ?></td> <td> <?php echo $addedby; ?></td> <?php $i++; } ?> </tr> </table> <hr /> <form action="main.php?id=addwh.php" method="post"> Add WH Location: <input name="location" type="text" /> <select name="systemtype"> <option value="Class 1">Class 1</option> <option value="Class 2">Class 2</option> <option value="Class 3">Class 3</option> <option value="Class 4">Class 4</option> <option value="Class 5">Class 5</option> <option value="Class 6">Class 6</option> </select> <select name="anomaly"> <option value="None">None</option> <option value="Magnetar">Magnetar</option> <option value="Red Giant">Red Giant</option> <option value="Pulsar">Pulsar</option> <option value="Wolf Rayet">Wolf Rayet</option> <option value="Cataclysmic Variable">Cataclysmic Variable</option> <option value="Black Hole">Black Hole</option> </select> <input name="corpname" type="hidden" value="<?php echo $cnamedb; ?>" /> <input name="addwh" type="submit" value="Add" /> </form> </div> <div class="tabbertab"> <?php $sql = "SELECT * FROM `corps` WHERE `name` = '$corpname' AND `notedate` != '0000-00-00'"; $result = mysql_query($sql); $num_rows = mysql_num_rows($result); echo"<h2>Notes(".$num_rows.")</h2>"; $i=0; ?> <table width="700" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="480"><strong>Note</strong></td> <td width="119"><strong>Note Date</strong></td> <td width="101"><strong>Added By</strong></td> </tr> <?php while ($i <= $num_rows) { $notes=mysql_result($result,$i,"notes"); $notedate=mysql_result($result,$i,"notedate"); $updatedby=mysql_result($result,$i,"updatedby"); ?> <tr> <td><br /> <?php echo $notes; ?></td> <td width="136"><br /> <?php echo $notedate; ?></td> <td width="105"><br /> <?php echo $updatedby; ?></td> </tr> <?php $i++; } ?> </table> <hr /> <form action="main.php?id=updatecorptint.php" method="post"> <strong>Add Notes:</strong> <textarea name="notes" cols="50" rows="10"></textarea> <input name="cname" type="hidden" value="<?php echo $cnamedb; ?>" /> <input name="add" type="submit" value="Add Notes" /> </form> </div> <div class="tabbertab"> <?php $sql = "SELECT * FROM `pos` WHERE `corp` = '$corpname'"; $result = mysql_query($sql); $num_rows = mysql_num_rows($result); echo"<h2>POS (".$num_rows.")</h2>"; $i=0; ?> POS: <table width="700" border="0" cellspacing="0" cellpadding="0"> <tr> <td><strong>Location</strong></td> <td><strong>Type</strong></td> <td><strong>Size</strong></td> <td><strong>Corp Hangars</strong></td> <td><strong>Ship Hangars</strong></td> <td><strong>Notes</strong></td> </tr> <?php while ($i <= $num_rows) { $location=mysql_result($result,$i,"location"); $type=mysql_result($result,$i,"type"); $size=mysql_result($result,$i,"size"); $changar=mysql_result($result,$i,"changar"); $shangar=mysql_result($result,$i,"shangar"); $notes=mysql_result($result,$i,"notes"); ?> <tr> <td><br /><?php echo $location; ?></td> <td><br /><?php echo $type; ?></td> <td><br /><?php echo $size; ?></td> <td><br /><?php echo $changar; ?></td> <td><br /><?php echo $shangar; ?></td> <td><br /><?php echo $notes; ?></td> </tr> <?php $i++; } ?> </table> <hr /> <form action="main.php?id=addpos.php" method="post"> <table width="350" border="0" cellspacing="0" cellpadding="0"> <tr> <td>Location:</td> <td><label for="location"></label> <input type="text" name="location" id="location" /></td> <td>Type:</td> <td><select name="type"> <option value="Amarr">Amarr</option> <option value="Angel">Angel</option> <option value="Blood">Blood</option> <option value="Caldari">Caldari</option> <option value="Dark Blood">Dark Blood</option> <option value="Domination">Domination</option> <option value="Dread Guristas">Dread Guristas</option> <option value="Gallente">Gallente</option> <option value="Gurstas">Gurstas</option> <option value="Minmatar">Minmatar</option> <option value="Sansha">Sansha</option> <option value="Serpentis">Serpentis</option> <option value="Shadow">Shadow</option> <option value="True Sansha">True Sansha</option> </select></td> <td>Size:</td> <td><select name="size"> <option value="Large">Large</option> <option value="Medium">Medium</option> <option value="Small">Small</option> </select></td> </tr> <tr> <td>Corp Hangars:</td> <td><input name="changar" type="text" size="10" /></td> <td>Ship Hangars:</td> <td><input name="shangar" type="text" size="10" /></td> <td>Notes:</td> <td><textarea name="notes"></textarea></td> </tr> </table> <input name="cname" type="hidden" value="<?php echo $cnamedb; ?>" /> <input name="submit1" type="submit" value="Add POS" /> </form> </div> </div> <?php }} // IF Corp Is Not In DB ELSE { $url = 'http://api.eve-dev.com/eve/CharacterID.xml.aspx?names='.$corpname.''; $xml = simpleXML_load_file($url,"SimpleXMLElement",LIBXML_NOCDATA); $url = 'http://api.eve-dev.com/eve/CharacterID.xml.aspx?names='.$corpname.''; $xml = simpleXML_load_file($url,"SimpleXMLElement",LIBXML_NOCDATA); $corpid = $xml->result->rowset->row['characterID']; $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; if($corpid == 0 OR $cname =="") { Echo $corpname."<br>No Corp Found In EVE Database"; } ELSE { $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; $ticker = $xml1->result->ticker; $ceo = $xml1->result->ceoName; $station = $xml1->result->stationName; $descrption = $xml1->result->description; $alliance = $xml1->result->allianceID; $tax = $xml1->result->taxRate; $members = $xml1->result->memberCount; $username = $_SESSION['username']; mysql_query("INSERT INTO `corps` (`editid` , `id` , `name` , `ticker` , `alliance` , `ceo` , `tax` , `members` , `hq` , `apidate` , `notes` , `notedate` , `updatedby`) VALUES ( '' , '$corpid', '$cname', '$ticker', '$alliance', '$ceo', '$tax', '$members', '$station', NOW(), '', '', '$username')"); header('Location: main.php?id=corpsearch.php&name='.$corpname); exit; } } ?> The problem area is somewhere in here (I think): Code: [Select] // IF Corp Is Not In DB ELSE { $url = 'http://api.eve-dev.com/eve/CharacterID.xml.aspx?names='.$corpname.''; $xml = simpleXML_load_file($url,"SimpleXMLElement",LIBXML_NOCDATA); $url = 'http://api.eve-dev.com/eve/CharacterID.xml.aspx?names='.$corpname.''; $xml = simpleXML_load_file($url,"SimpleXMLElement",LIBXML_NOCDATA); $corpid = $xml->result->rowset->row['characterID']; $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; if($corpid == 0 OR $cname =="") { Echo $corpname."<br>No Corp Found In EVE Database"; } ELSE { $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; $url1 = 'http://api.eve-dev.com/corp/CorporationSheet.xml.aspx?CorporationID='.$corpid.''; $xml1 = simpleXML_load_file($url1,"SimpleXMLElement"); $cname = $xml1->result->corporationName; $ticker = $xml1->result->ticker; $ceo = $xml1->result->ceoName; $station = $xml1->result->stationName; $descrption = $xml1->result->description; $alliance = $xml1->result->allianceID; $tax = $xml1->result->taxRate; $members = $xml1->result->memberCount; $username = $_SESSION['username']; mysql_query("INSERT INTO `corps` (`editid` , `id` , `name` , `ticker` , `alliance` , `ceo` , `tax` , `members` , `hq` , `apidate` , `notes` , `notedate` , `updatedby`) VALUES ( '' , '$corpid', '$cname', '$ticker', '$alliance', '$ceo', '$tax', '$members', '$station', NOW(), '', '', '$username')"); header('Location: main.php?id=corpsearch.php&name='.$corpname); exit; } } ?> Any one with any ideas? My website has been working just fine, and I negated a condition to trigger an error message, and now I keep getting this... Quote The page isn't redirecting properly Here is the file I am working with... <?php //Build Date: 2012-03-10 // ************************ // Update Last Activity. * // ************************ if ((isset($_SESSION['loggedIn'])) && ($_SESSION['loggedIn'] == TRUE)){ // Initialize variables. $loggedIn = 1; $memberID = (isset($_SESSION['memberID']) ? $_SESSION['memberID'] : ''); // ************************ // Update Member Record. * // ************************ // Connect to the database. require_once(WEB_ROOT . 'private/mysqli_connect.php'); // Build query. $q = "UPDATE member SET logged_in=?, last_activity=now() WHERE id=? LIMIT 1"; // Prepare statement. $stmt = mysqli_prepare($dbc, $q); // Bind variables to query. mysqli_stmt_bind_param($stmt, 'ii', $loggedIn, $memberID); // Execute query. $success = mysqli_stmt_execute($stmt); // Verify Update. if ($success === FALSE){ // Update Failed. $_SESSION['resultsCode'] = 'MEMBER_UPDATE_FAILED_2126'; // Redirect to Display Outcome. header("Location: " . BASE_URL . "/members/results.php"); // End script. exit(); } /* $affectedRows = mysqli_stmt_affected_rows($stmt); echo $affectedRows; exit(); // Verify Update. if ($affectedRows!==1){ //echo mysqli_stmt_affected_rows($stmt); //exit(); // Update Failed. $_SESSION['resultsCode'] = 'MEMBER_UPDATE_FAILED_2126'; // Redirect to Display Outcome. header("Location: " . BASE_URL . "/members/results.php"); // End script. exit(); }//End of UPDATE MEMBER RECORD */ // Close prepared statement. mysqli_stmt_close($stmt); // Close the connection. // mysqli_close($dbc); }//End of UPDATE LAST ACTIVITY ?> This file is included by all other pages so that as a User navigates my site I am constantly updating the "last_activity" field in the database. If I change the condition from... Code: [Select] if ($success === FALSE){ ...to... Code: [Select] if ($success !== FALSE){ ...then I get this error?! (Where I am at, the Internet is on and offline. Could that be a factor??) I am REALLY CONFUSED what is happening here... Debbie |
|||||||