|
PHP - User Signup Is Inserting To Mysql But The Passwords Coming Up Wrong, Any Advice?
Hi there I have a problem here, I think I may know what it is but just wanted some guidance on this issue.
I took the logic from a previous help from the people on this forum and here is my landing page: <?php // ini_set("display_errors", 1); // randomly starts a session! session_name("jeremyBasicLogin"); session_start(); if(isset($_SESSION['username'])) { // display whatever when the user is logged in: echo <<<ADDENTRY <html> <head> <title>User is now signed in:<title> </head> <body> <h1>You are now signed in!</h1> <p>You can do now what you want to do!</p> </body> </html> ADDENTRY; } else { // If anything else dont allow access and send back to original page! header("location: signin.php"); } ?> This is where the user goes to when they go to this system (not a functional system, ie it doesnt actually do anything its more for my own theory. As you wont have a session on the first turn to this page it goes to: signin.php which contains: <?php // ini_set("display_errors", 1); require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // Do a procedure to log the user in: // Santize User Inputs $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // cleans up with PHP first! $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 1) { session_name("jeremyBasicLogin"); session_start(); $_SESSION['is_logged_in'] = true; $_SESSION['username'] = $username; //print_r($_SESSION); // debug purposes only! $_SESSION['time_loggedin'] = time(); // this is adding to the array (have seen the output in the SESSION vars! // call function to update the time stamp in MySQL? header("location: index.php"); } else if(mysql_num_rows($result) != 1) { $message = "You typed the wrong password or Username Please retry!"; } } else { $message = ""; } // displays the login page: echo <<<LOGIN <html> <body> <h1>Example Login</h1> <form id="login" name="login" action="{$_SERVER['PHP_SELF']}" method="post"> <label for="username">Username: </label><input type="text" id="username" name="username" value="" /><br> <label for="password">Password: </label><input type="text" id="password" name="password" value="" /><br> <input type="submit" id="submit" name="submit" value="Login" /> </form> LOGIN; echo "<p>" . $message . "</p>"; echo <<<LOGIN <p>Please Login to View and Edit Your Entries</p> <p><a href="register.php">Click Here To Signup</a><p> </body> </html> LOGIN; ?> This checks through user inputs and hopefully logs them in, when Ive inserted the data into the database itself it works, if I try and login but if a user fills in this form: signup.php: <?php //ini_set("display_errors", 1); $message =''; require_once('func.db.connect.php'); if(array_key_exists('submit',$_POST)) { dbConnect(); // connect to database anyways! // do some safe protecting of the users variables, apply it to all details! $username = trim(stripslashes(mysql_real_escape_string($_POST['username']))); // cleans up with PHP first! $email = trim(stripslashes(mysql_real_escape_string($_POST['email']))); // cleans up with PHP first! $password = trim(stripslashes(mysql_real_escape_string(md5($_POST['password'])))); // does as above but also encrypts it using the md5 function! $password2 = trim(stripslashes(mysql_real_escape_string(md5($_POST['password2'])))); // does as above but also encrypts it using the md5 function! if($username != '' && $email != '' && $password != '' && $password2 != '') { // do whatever when not = to nothing/empty fields! if($password === $password2) { // do database stuff to enter users details $sql = "INSERT INTO `test`.`users` (`id` ,`username` ,`password`) VALUES ('' , '$username', MD5( '$password' ));"; $result = mysql_query($sql); if($result) { $message = 'You may now login by clicking <a href="index.php">here</a>'; } } else { // echo out a user message says they got their 2 passwords incorrectly typed: $message = 'Pleae re enter your password'; } } else { // they where obviously where empty $message = 'You missed out some required fields, please try again'; } } echo <<<REGISTER <html> <body> <h1>Register Form</h1> <p>Please fill in this form to register</p> <form id="register" name="register" action="{$_SERVER['PHP_SELF']}" method="post"> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" value="" /></td> </tr> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" value="" /></td> </tr> <tr> <td><label for="password">Password: </label></td> <td><input type="text" id="password" name="password" value="" /></td> </tr> <tr> <td><label for="password">Confirm Password: </label></td> <td><input type="text" id="password2" name="password2" value="" /></td> </tr> <tr> <td><input type="submit" id="submit" name="submit" value="Register" /></td> </tr> <table> REGISTER; echo "<p>" . $message . "</p>"; echo <<<REGISTER </form> </body> </html> REGISTER; ?> As I said when the user signs up when submitting the above form, it doesnt work, keeps coming up with a different value for the password, so I am about 99% certain its the password, but I have been maticulous about copying in the sanitize function for SQL injections and it just doesnt still work, really puzzled now. Any helps appreciated, Jeremy. Similar TutorialsHi, I have wondered if just one user should be used (e.g. root) for connecting to the database is the right way of doing things? (which is what I have always done). Would it be better to have a new user created in the privileges section in MySQL and have all operation/table access assigned appropriately for every single user that signs up? I would think that this would give a lot more security but would need a bit more work. What are your thoughts? hello, I have a search that matches users ISBN with two databases....code is below $query_search_exact_match = mysql_query("SELECT nvc_site.title, nvc_site.id, nvc_site.description, nvc_site.search_text, nvc_site.image, nvc_site.date, nvc_site.price, nvc_site.location_city, nvc_site_ads_extra.name, nvc_site_ads_extra.value, nvc_site_ads_extra.classified_id FROM nvc_site,nvc_site_ads_extra WHERE name = 'ISBN%3A' AND live=1") or die(mysql_error()); then i take the ISBN that the user entered and match that with the isbn's in the DB while ($fetch_extra = mysql_fetch_array($query_search_exact_match)) { $value = ereg_replace( "[^0-9]", "", $fetch_extra['value'] ); $to_find_isbn = mysql_real_escape_string(ereg_replace( "[^0-9]", "",$_POST['szs'])); if($value == $to_find_isbn) { echo "Match Found"; } else { echo "No Match Found"; } //ELSE doesn't work here.....it displays both the if and else at the same time } i need it to display no match found if there was no match found.....I am soo lost right now!! please help thank you I am trying to insert a new user into my database from my php code. This is the error message that I am getting from the webpage: Quote Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, previousOrder) VALUES ('c_s@gmail.com','test','3','callulm','Smith','17' at line 1 This is the code that I am using: Code: [Select] <?php $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("deliverpizza", $con); $sql="INSERT INTO customer(userName, password, privilege, firstName, lastName, address, postCode, order, previousOrder) VALUES ('$_POST[username]','$_POST[password]','$_POST[privilege]','$_POST[firstname]','$_POST[lastname]','$_POST[address]','$_POST[postcode]','$_POST[order]','$_POST[previousOrder]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) ?> Before I get into my problem a couple of things. First, this is a work project. My organization cannot afford a full time developer so as a database guy I'm being asked to develop a web based data system using php/html/mysql/javacript/etc. So I am not asking anyone to help me cheat or violate an honor code for a school project. Also I am having to learn PHP on the fly, by the seat of my pants. Second, my organization is using a version of PHP older that 5.5.X and I am powerless to update the version. So I know that some of the syntax I am using has been deprecated in more recent PHP versions. I don't mean to sound snarky or ungrateful but I really need some help solving this problem versus unhelpful comments about deprecated code. Third I am adapting code from the guys at TechStream so H/T to them. Here is what I am trying to build. My office helps other offices in my large organization manage their records through the creation of a file plan. We are currently using a clunky, user-unfriendly Access database that was created back in 2009. I am tasked to transition that Access hoopty into a proper, web-based, user friendly system. The index.php form page consists of 2 parts. You can see the original TechStream demo he http://demo.techstre...ssing-with-PHP/ I've adapted the top part of the form ("Travel Information") for my users to enter information about their office such as Office Name, Office Code, Office Chief, Creator (the user), Status and date. I've adapted the bottom part of the form ("Passenger Details") to be "Folder Details". This is an html table where users can add up to 10000 rows to list all the folders for their office by entering the folder name in the text box and then assign descriptors to each folder using the drop down menus. I've changed the drop down menus to reflect the descriptors we need, i.e. file-series, classification, media type. The user needs the flexibility to add folders as the number of folders will vary between offices. This adding and deleting of folders is accomplished dynamically through a javascript script.js file. Now, here's my problem. When the user clicks submit button that fires a php script that runs an insert into query to place the array data into the backend mysql database. However, when the foreach loop is only inserting the office office from the top portion of the form with the first folder in the bottom portion of the form. In other words let's say the user fills out the top part with his office information and then adds 5 folders into the html table at the botton. The first folder will be inserted into the database table with both office information and folder information. However the subsequent 4 folders will have their folder information inserted into the table but the office information fields will be null. The office information needs to be inserted with each folder the user adds to the html table piece. I suspect that my foreach loop is only capturing that office information on the first iteration of the loop and then flushing or deleting the office information after the first loop. Also, I suspect there is some disconnect between the html table for entering individual folders and the top part of the form that is not in html format. Any help I can get is most welcome. Thanks in advance! Code is below. index.php <?php
session_start();
if(!isset($_SESSION['myusername'])) {
header('Location:index.php');
}
echo $_SESSION['myusername'];
echo '<a href="logout.php"><span>Logout</span></a></li>';
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Records Management File Plan Application</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link rel="stylesheet" type="text/css" href="css/default.css"/>
<script type="text/javascript" src="js/script.js"></script>
</head>
<body>
<form action="InsertFileDetailArraytoDB.php" class="register" method="POST">
<h1>Office File Plan Application/h1>
<fieldset class="row1">
<legend>Office Information</legend>
<p>
<label>Office Code *
</label>
<input name="officecode[]" type="text" required="required"/>
<label>Date*
</label>
<select class="date" name="day[]">
<option value="1">01
</option>
<option value="2">02
</option>
<option value="3">03
</option>
<option value="4">04
</option>
<option value="5">05
</option>
<option value="6">06
</option>
<option value="7">07
</option>
<option value="8">08
</option>
<option value="9">09
</option>
<option value="10">10
</option>
<option value="11">11
</option>
<option value="12">12
</option>
<option value="13">13
</option>
<option value="14">14
</option>
<option value="15">15
</option>
<option value="16">16
</option>
<option value="17">17
</option>
<option value="18">18
</option>
<option value="19">19
</option>
<option value="20">20
</option>
<option value="21">21
</option>
<option value="22">22
</option>
<option value="23">23
</option>
<option value="24">24
</option>
<option value="25">25
</option>
<option value="26">26
</option>
<option value="27">27
</option>
<option value="28">28
</option>
<option value="29">29
</option>
<option value="30">30
</option>
<option value="31">31
</option>
</select>
<select name="month[]">
<option value="1">January
</option>
<option value="2">February
</option>
<option value="3">March
</option>
<option value="4">April
</option>
<option value="5">May
</option>
<option value="6">June
</option>
<option value="7">July
</option>
<option value="8">August
</option>
<option value="9">September
</option>
<option value="10">October
</option>
<option value="11">November
</option>
<option value="12">December
</option>
</select>
<select name="year[]">
<option value="2013">2013
</option>
<option value="2014">2014
</option>
<option value="2015">2015
</option>
<option value="2016">2016
</option>
</select>
</p>
<p>
<label>Office Chief*
</label>
<input name="officechief[]" required="required" type="text"/>
<label>Status*
</label>
<select name="status[]">
<option value="Draft">Draft
</option>
<option value="Submitted">Submitted
</option>
<option value="Approved">Approved
</option>
</select>
</p>
<p>
<label>Creator *
</label>
<input name="creator[]" required="required" type="text"/>
</p>
<div class="clear"></div>
</fieldset>
<fieldset class="row2">
<legend>Folder Details</legend>
<p>
<input type="button" value="Add Folder" onClick="addRow('dataTable')" />
<input type="button" value="Remove Folder" onClick="deleteRow('dataTable')" />
<p>(All actions apply only to entries with check marked check boxes.)</p>
</p>
<table id="dataTable" class="form" border="1">
<tbody>
<tr>
<p>
<td><input type="checkbox" required="required" name="chk[]" checked="checked" /></td>
<td>
<label>Folder Name</label>
<input type="text" required="required" name="BX_NAME[]">
</td>
<td>
<label for="BX_fileseries">File Series</label>
<select id="BX_fileseries required="required" name="BX_fileseries[]">
<option>100-01-Inspection and Survey/PII-NO</option>
<option>200-02-Credit Card Purchases/PII-NO</option>
<option>300-07-Time and Attendance/PII-YES</option>
</td>
<td>
<label for="BX_classification">Classification</label>
<select id="BX_classification" name="BX_classification" required="required">
<option>Unclassified</option>
<option>Confidential</option>
<option>Secret</option>
<option>Top Secret</option>
<option>Ridiculous Top Secret</option>
<option>Ludicrous Top Secret</option>
</select>
</td>
<td>
<label for="BX_media">Media</label>
<select id="BX_media" name="BX_media" required="required">
<option>Paper</option>
<option>Shared Drive</option>
<option>Film</option>
<option>Floppy Disk</option>
<option>Mixed</option>
<option>Other</option>
</select>
</td>
</p>
</tr>
</tbody>
</table>
<div class="clear"></div>
</fieldset>
<input class="submit" type="submit" value="File Plan Complete »" />
<div class="clear"></div>
</form>
</body>
</html>
PHP script with foreach loop to loop through the array from index.php and insert into database: InsertFileDetailArrayToDB.php /*
When the user has finished entering their folders, reviewed the form inputs for accuracy and clicks the submit button, this will loop through all folder entries and using the SQL insert into query will place them in the database. When it completes data insertion it will redirect the user back to the file detail input form*/
<?php
/*this part requires the user to be logged in and allows their user name to be included in the insert into query.
If you remove the "ob_start();" piece it will screw up the header statement down at the botton.
See the comments by the header statement for an explanation of its purpose*/
ob_start();
session_start();
if(!isset($_SESSION['myusername'])) {
header('Location:index.php')
}
/*these two lines would ordinarily display the user name and a link a
allowing the user to log out. However this php script does not output anything
so the user will never it.*/
echo $_SESSION['myusername'];
echo '<a href="logout.php"><span>Logout</span></a></li>';
?>
<?php
/*this include statement connects this script to the MySQL database
so the user form inputs can be inserted into the file_plan_details
table*/
include ('database_connection.php');
foreach($_POST['BX_NAME'] as $row=>$BX_NAME)
{
$BX_NAME1 = mysql_real_escape_string($_POST['BX_NAME');
$officecode1 = mysql_real_escape_string($_POST['officecode'][$row]);
$username1 = mysql_real_escape_string($_SESSION['myusername'][$row]);
$day1 = mysql_real_escape_string($_POST['day'][$row]);
$month1 = mysql_real_escape_string($_POST['month'][$row]);
$year1 = mysql_real_escape_string($_POST['year'][$row]);
$creator1 = mysql_real_escape_string($_POST['creator'][$row]);
$officechief1 = mysql_real_escape_string($_POST['officechief'][$row]);
$status1 = mysql_real_escape_string($_POST['status'][$row]);
$BX_fileseries1 = mysql_real_escape_string($_POST['BX_fileseries'][$row]);
$BX_classification1 = mysql_real_escape_string($_POST['BX_classification'][$row]);
$BX_media1 = mysql_real_escape_string($_POST['BX_media'][$row]);
$fileplandetailinsert1 = "INSERT INTO file_plan_details (folder_name, office_code, user_name, day, month, year, creator, office_chief, status, file_series, classification, media)
VALUES ('$BX_NAME1','$officecode1','$username1','$day1','$month1','$year1','$creator1','$officechief1','$status1','$BX_fileseries1','$BX_classification1','$BX_media1')";
mysql_query($fileplandetailinsert1);
}
/*this header statement redirects the user back to the folder detail input form after it inserts data into the db
After I build a main navigation page, I will switch out index.php with whatever I name
the script that will produce the main navigation page*/
header('Location:index.php');
?>
script.js
function addRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
if(rowCount < 10000){ // limit the user from creating fields more than your limits
var row = table.insertRow(rowCount);
var colCount = table.rows[0].cells.length;
for(var i=0; i<colCount; i++) {
var newcell = row.insertCell(i);
newcell.innerHTML = table.rows[0].cells[i].innerHTML;
}
}else{
alert("Maximum Passenger per ticket is 5.");
}
}
function deleteRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
for(var i=0; i<rowCount; i++) {
var row = table.rows[i];
var chkbox = row.cells[0].childNodes[0];
if(null != chkbox && true == chkbox.checked) {
if(rowCount <= 1) { // limit the user from removing all the fields
alert("Cannot Remove all the Passenger.");
break;
}
table.deleteRow(i);
rowCount--;
i--;
}
}
}
Edited by mac_gyver, 17 December 2014 - 01:13 PM. code tags around posted code please hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance Hi, I am getting frustrated beyond belief at the moment with trying to get a very simple script to run, I am using PHP 5.3.3 and MySQL 5.1 on a Win2k8 server with IIS7.5. Basically my script is connecting to a local database, running a single select query, returning those rows and building up a string from them. The problem is that I am receiving complete BS responses from PHP that the access is denied for the user being specified. This is complete rubbish since the user can connect via mysql, sqlyog, ASP.NET MVC without issue but for some bizarre reason it is not working via PHP. The code for the script is here : Code: [Select] <?php $mysql = mysql_connect('127.0.0.1:3306', 'myuser', 'mypass', 'mydatabase'); if (!$mysql) { die(mysql_error()); $content = "<nobr></nobr>"; } else { $result = mysql_query('SELECT * FROM tblEventGroup'); $content = "<nobr>"; if ($result) { while($row = mysql_fetch_assoc($result)) { $content .= "<span>"; $content .= $row['GroupName']; $content .= "</span>"; $content .= "<a href=\"../Event/EventSearch?groupid="; $content .= $row['GroupId']; $content .= "\" target=\"_blank\">Book here</a> "; } } mysql_close($mysql); $content .= "</nobr>"; } ?> I cannot for the life of me understand what the problem is, the return error is Access denied for user 'myuser'@'localhost' (using password: YES) For obvious reasons, I wouldn't want any links to these sites or resources in this thread. I'd like some advice on where to find *modern* hacking techniques used against php and mysql. I'd prefer some info on PM so that not everybody is exposed to such sites - even suggested queries for google because I'm having a hard time finding reliable information. Also, does anybody have any advice on security books for say network (apache), php, mysql? I doubt I'll get a pm so if I do, I'll donate $20 to charity today! lol Hi all! I hope that you are all having a great time with PHP. Well I am too. Problem: I want all users who register to a mock site to have a unique, yet random ID. This ID is used to give the user virtual coordinates. So what I thought was to give the users a 'coordinate' like x=123, y=123 . i.e. (123,123) One of my goals is to calculate the virtual distance between two users. I figured out the real-world solution to this problem (I hope that it is correct!). It is as follows: Code: [Select] User 1: (123,123), User 2: (111,111). Distance: (((123-111)^2)+((123-111)^2)))^1/2 Now to my problem... Is it possible for me to arrange a list of user-records for each user in order of the 'closest' (shortest distance) users to those farthest? Without having my databases ruined with too much entries, that is... My other problem is as to how to make the 'coordinates' unique to each user. All I know about that is about assigning random numbers for each, and this is not that efficient. If you think that my entire approach to the situation is bonkers , do let me know. I thank you for any help in advance! Regards, Thauwa Apologies if the title is quite vague, I suppose I am looking for some general advice on why some pages I write in PHP, which contain MySQL queries, might be running a bit slow. The following page takes up to 3 seconds to display:
<?php
session_start();
include('admin/user.php');
$connection = mysql_connect("$host","$user","$password")
or die(mysql_error());
mysql_select_db("$txt_db_name",$connection)
or die(mysql_error());
$id = $_REQUEST['id'];
// MATCH INFO
$get_details = mysql_query("
SELECT
MatchDateTime AS date,
DATE_FORMAT(MatchDateTime, '%Y-%m-%d') AS formatdate
FROM
tplss_matches
WHERE
MatchID = '$id'
LIMIT 1",$connection) or die(mysql_error());
$factsdata = mysql_fetch_array($get_details);
mysql_free_result($get_details);
$matchdate = $factsdata['date'];
$matchdate2 = $factsdata['formatdate'];
// -----------SHOW FACTS ABOUT THE STARTING LINEUP---------
echo"
<h5>Appearances & Goals To Date</h5>
<table width=100%>";
$get_starters = mysql_query("
SELECT P.PlayerID AS playerid, CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerNationID AS nation, P.PlayerPositionID as pos
FROM tplss_players P, tplss_appearances A
WHERE A.AppearancePlayerID = P.PlayerID AND A.AppearanceMatchID = '$id'
ORDER BY P.PlayerPositionID ASC
",$connection) or die(mysql_error());
$get_subbies = mysql_query("
SELECT P.PlayerID AS playerid, CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerNationID AS nation, P.PlayerPositionID as pos
FROM tplss_players P, tplss_substitutions S
WHERE S.SubstitutionPlayerIDIn = P.PlayerID AND S.SubstitutionMatchID = '$id'
ORDER BY P.PlayerPositionID ASC
",$connection) or die(mysql_error());
while($combstarters = mysql_fetch_array($get_starters))
{
echo"<tr>";
echo"<td><a href=\"player.php?id=$combstarters[playerid]\">$combstarters[name]</a>";
if($combstarters['pos'] == 1)
{ echo" (GK)"; }
echo"</td>";
$combpid = $combstarters['playerid'];
echo"
<td align=\"left\" style=\"vertical-align: middle;\">
<img src=\"images/flag_$combstarters[nation].jpg\" border=1>
</td>
";
$get_comb_apps = mysql_query("SELECT
COUNT(A.AppearancePlayerID) AS apps
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = '$combpid' AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
",$connection) or die(mysql_error());
$get_comb_ins = mysql_query("SELECT
COUNT(S.SubstitutionPlayerIDIn) AS ins
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = '$combpid' AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
",$connection) or die(mysql_error());
while($combdata = mysql_fetch_array($get_comb_apps))
{
while($idata = mysql_fetch_array($get_comb_ins))
{
$totalapps = $combdata['apps'] + $idata['ins'];
if($totalapps == 1)
{ echo"<td>$totalapps app (debut)</td>"; }
else
{ echo"<td>$totalapps apps</td>"; }
}
mysql_free_result($get_comb_ins);
}
mysql_free_result($get_comb_apps);
$get_goals_all = mysql_query("
SELECT COUNT(G.GoalPlayerID) AS total_goals
FROM tplss_goals G, tplss_matches M WHERE G.GoalPlayerID = '$combpid' AND G.GoalMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate' AND G.GoalOwn != 1
GROUP BY G.GoalPlayerID
",$connection) or die(mysql_error());
if(mysql_num_rows($get_goals_all) == 0)
{ echo"<td> - </td>"; }
while($combgoals = mysql_fetch_array($get_goals_all))
{
if($combgoals['total_goals'] == 1)
{ echo"<td>$combgoals[total_goals] goal</td>"; }
else
{ echo"<td>$combgoals[total_goals] goals</td>"; }
}
mysql_free_result($get_goals_all);
echo"</tr>";
}
while($combsubbies = mysql_fetch_array($get_subbies))
{
echo"<tr>";
echo"<td><a href=\"player.php?id=$combsubbies[playerid]\">$combsubbies[name]</a> (sub)";
if($combsubbies['pos'] == 1)
{ echo" (GK)"; }
echo"</td>";
$combpid = $combsubbies['playerid'];
echo"
<td align=\"left\" style=\"vertical-align: middle;\">
<img src=\"images/flag_$combsubbies[nation].jpg\" border=1>
</td>
";
$get_comb_apps = mysql_query("SELECT
COUNT(A.AppearancePlayerID) AS apps
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = '$combpid' AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
",$connection) or die(mysql_error());
$get_comb_ins = mysql_query("SELECT
COUNT(S.SubstitutionPlayerIDIn) AS ins
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = '$combpid' AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
",$connection) or die(mysql_error());
while($combdata = mysql_fetch_array($get_comb_apps))
{
while($idata = mysql_fetch_array($get_comb_ins))
{
$totalapps = $combdata['apps'] + $idata['ins'];
if($totalapps == 1)
{ echo"<td>$totalapps app (debut)</td>"; }
else
{ echo"<td>$totalapps apps</td>"; }
}
mysql_free_result($get_comb_ins);
}
mysql_free_result($get_comb_apps);
$get_goals_all = mysql_query("
SELECT COUNT(G.GoalPlayerID) AS total_goals
FROM tplss_goals G, tplss_matches M WHERE G.GoalPlayerID = '$combpid' AND G.GoalMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate' AND G.GoalOwn != 1
GROUP BY G.GoalPlayerID
",$connection) or die(mysql_error());
if(mysql_num_rows($get_goals_all) == 0)
{ echo"<td> - </td>"; }
while($combgoals = mysql_fetch_array($get_goals_all))
{
if($combgoals['total_goals'] == 1)
{ echo"<td>$combgoals[total_goals] goal</td>"; }
else
{ echo"<td>$combgoals[total_goals] goals</td>"; }
}
mysql_free_result($get_goals_all);
echo"</tr>";
}
echo"</table>";
// -----------SHOW FACTS ABOUT THE STARTING LINEUP---------
echo"<br>
<h5>Starting Lineup</h5>
<table width=100%>";
// GET YOUNGEST PLAYER IN STARTING LINEUP
$get_youngest_player = mysql_query("
SELECT
P.PlayerDOB AS dob,
DATE_FORMAT(P.PlayerDOB, '%d/%m/%Y') AS birth,
CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name,
P.PlayerID AS id
FROM
tplss_players P, tplss_appearances A, tplss_matches M
WHERE
P.PlayerID = A.AppearancePlayerID AND
A.AppearanceMatchID = M.MatchID AND
M.MatchDateTime = '$matchdate'
ORDER BY
dob DESC
LIMIT 0,1
",$connection) or die(mysql_error());
while($youngest = mysql_fetch_array($get_youngest_player))
{
echo"<tr>";
$dob = $youngest['dob'];
echo"<td width=30%>Youngest Player:</td><td width=70%><a href=\"player.php?id=$youngest[id]\">$youngest[name]</a> (";
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = ($now - $your_date) / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"$years years $remainder days)</td>
</tr>
";
}
mysql_free_result($get_youngest_player);
// GET OLDEST PLAYER IN STARTING LINEUP
$get_oldest_player = mysql_query("
SELECT
P.PlayerDOB AS dob,
DATE_FORMAT(P.PlayerDOB, '%d/%m/%Y') AS birth,
CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name,
P.PlayerID AS id
FROM
tplss_players P, tplss_appearances A, tplss_matches M
WHERE
P.PlayerID = A.AppearancePlayerID AND
A.AppearanceMatchID = M.MatchID AND
M.MatchDateTime = '$matchdate'
ORDER BY
dob ASC
LIMIT 0,1
",$connection) or die(mysql_error());
while($oldest = mysql_fetch_array($get_oldest_player))
{
echo"<tr>";
$dob = $oldest['dob'];
echo"<td width=30%>Oldest Player:</td><td width=70%><a href=\"player.php?id=$oldest[id]\">$oldest[name]</a> (";
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = ($now - $your_date) / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"$years years $remainder days)</td>";
echo"</tr>";
}
mysql_free_result($get_oldest_player);
// GET AVERAGE DOB OF STARTING XI
$get_average_dob = mysql_query("
SELECT
FROM_DAYS(AVG(TO_DAYS(P.PlayerDOB))) AS dob
FROM
tplss_players P, tplss_appearances A, tplss_matches M
WHERE
P.PlayerID = A.AppearancePlayerID AND
A.AppearanceMatchID = M.MatchID AND
M.MatchDateTime = '$matchdate'
",$connection) or die(mysql_error());
while($average = mysql_fetch_array($get_average_dob))
{
echo"<tr>";
$dob = $average['dob'];
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = $datediff_days / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"<td width=30%>Average Player Age:</td><td width=70%>$years years $remainder days</td>";
echo"</tr>";
}
mysql_free_result($get_average_dob);
$get_players = mysql_query("
SELECT
COUNT(P.PlayerID) AS players
FROM
tplss_players P, tplss_appearances A, tplss_matches M
WHERE
P.PlayerID = A.AppearancePlayerID AND
A.AppearanceMatchID = M.MatchID AND
M.MatchDateTime = '$matchdate'
GROUP BY M.MatchID
",$connection) or die(mysql_error());
$get_scots = mysql_query("
SELECT
COUNT(P.PlayerID) AS scots
FROM
tplss_players P, tplss_appearances A, tplss_matches M
WHERE
P.PlayerID = A.AppearancePlayerID AND
A.AppearanceMatchID = M.MatchID AND
M.MatchDateTime = '$matchdate' AND
P.PlayerNationID = 1
GROUP BY M.MatchID
",$connection) or die(mysql_error());
while($players = mysql_fetch_array($get_players))
{
echo"<tr>";
while($scots = mysql_fetch_array($get_scots))
{
$average = ($scots['scots'] / $players['players']) * 100;
$average = number_format((float)$average, 2, '.', '');
echo"<td width=30%>Domestic Players:</td><td width=70%>$scots[scots] ($average % of starting eleven)</td>";
}
echo"</tr>";
}
mysql_free_result($get_players);
echo"</table>";
?>
<?
// -----------SHOW FACTS ABOUT THE MATCHDAY SQUAD--------------
echo"<br>
<h5>Matchday Squad</h5>
<table width=100%>
";
// GET YOUNGEST PLAYER IN SQUAD
$get_youngest_player_all = mysql_query("
SELECT
P.PlayerDOB AS dob,
CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name,
P.PlayerID AS id
FROM
tplss_players P
INNER JOIN
(
SELECT AppearancePlayerID as PlayerID
, AppearanceMatchID as MatchID
FROM tplss_appearances
UNION
SELECT SubstitutePlayerID as PlayerID
, SubstituteMatchID as MatchID
FROM tplss_substitutes
)
as total USING (PlayerID)
INNER JOIN tplss_matches M USING (MatchID)
WHERE
M.MatchDateTime = '$matchdate'
ORDER BY
dob DESC
LIMIT 0,1
",$connection) or die(mysql_error());
while($youngest_all = mysql_fetch_array($get_youngest_player_all))
{
echo"<tr>";
$dob = $youngest_all['dob'];
echo"<td width=30%>Youngest Player:</td><td width=70%><a href=\"player.php?id=$youngest_all[id]\">$youngest_all[name]</a> (";
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = ($now - $your_date) / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"$years years $remainder days)</td>";
echo"</tr>";
}
// GET OLDEST PLAYER IN SQUAD
$get_oldest_player_all = mysql_query("
SELECT
P.PlayerDOB AS dob,
CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name,
P.PlayerID AS id
FROM
tplss_players P
INNER JOIN
(
SELECT AppearancePlayerID as PlayerID
, AppearanceMatchID as MatchID
FROM tplss_appearances
UNION
SELECT SubstitutePlayerID as PlayerID
, SubstituteMatchID as MatchID
FROM tplss_substitutes
)
as total USING (PlayerID)
INNER JOIN tplss_matches M USING (MatchID)
WHERE
M.MatchDateTime = '$matchdate'
ORDER BY
dob ASC
LIMIT 0,1
",$connection) or die(mysql_error());
while($oldest_all = mysql_fetch_array($get_oldest_player_all))
{
echo"<tr>";
$dob = $oldest_all['dob'];
echo"<td width=30%>Oldest Player:</td><td width=70%><a href=\"player.php?id=$oldest_all[id]\">$oldest_all[name]</a> (";
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = ($now - $your_date) / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"$years years $remainder days)</td>";
echo"</tr>";
}
// GET AVERAGE DOB OF WHOLE SQUAD
$get_average_dob_all = mysql_query("
SELECT
FROM_DAYS(AVG(TO_DAYS(P.PlayerDOB))) AS dob
FROM
tplss_players P
INNER JOIN
(
SELECT AppearancePlayerID as PlayerID
, AppearanceMatchID as MatchID
FROM tplss_appearances
UNION
SELECT SubstitutePlayerID as PlayerID
, SubstituteMatchID as MatchID
FROM tplss_substitutes
)
as total USING (PlayerID)
INNER JOIN tplss_matches M USING (MatchID)
WHERE
M.MatchDateTime = '$matchdate'
",$connection) or die(mysql_error());
while($average_all = mysql_fetch_array($get_average_dob_all))
{
echo"<tr>";
$dob = $average_all['dob'];
$now = strtotime("$matchdate");
$your_date = strtotime("$dob");
$datediff_days = $now - $your_date;
$datediff_years = ($now - $your_date) / 365;
$days = floor($datediff_days/(60*60*24));
$years = floor($datediff_years/(60*60*24));
$remainder = floor($datediff_days/(60*60*24)) - (floor($datediff_years/(60*60*24)) * 365);
echo"<td width=30%>Average Player Age:</td><td width=70%>$years years $remainder days</td>";
echo"</tr>";
}
$get_players_all = mysql_query("
SELECT
COUNT(P.PlayerID) AS allplayers
FROM
tplss_players P
INNER JOIN
(
SELECT AppearancePlayerID as PlayerID
, AppearanceMatchID as MatchID
FROM tplss_appearances
UNION
SELECT SubstitutePlayerID as PlayerID
, SubstituteMatchID as MatchID
FROM tplss_substitutes
)
as total USING (PlayerID)
INNER JOIN tplss_matches M USING (MatchID)
WHERE
M.MatchDateTime = '$matchdate'
GROUP BY M.MatchID
",$connection) or die(mysql_error());
$get_scots_all = mysql_query("
SELECT
COUNT(P.PlayerID) AS scots
FROM
tplss_players P
INNER JOIN
(
SELECT AppearancePlayerID as PlayerID
, AppearanceMatchID as MatchID
FROM tplss_appearances
UNION
SELECT SubstitutePlayerID as PlayerID
, SubstituteMatchID as MatchID
FROM tplss_substitutes
)
as total USING (PlayerID)
INNER JOIN tplss_matches M USING (MatchID)
WHERE
M.MatchDateTime = '$matchdate' AND
P.PlayerNationID = 1
GROUP BY M.MatchID
",$connection) or die(mysql_error());
while($players_all = mysql_fetch_array($get_players_all))
{
while($scots_all = mysql_fetch_array($get_scots_all))
{
echo"<tr>";
$average = ($scots_all['scots'] / $players_all['allplayers']) * 100;
$average = number_format((float)$average, 2, '.', '');
echo"<td width=30%>Domestic Players:</td><td width=70%>$scots_all[scots] ($average % of matchday squad)</td>";
echo"</tr>";
}
}
echo"</table>";
?>
<?
//--------------CHECK FOR ANY DEBUTS----------------
// GET STARTING XI FOR DEBUTS
$get_debuts = mysql_query("
SELECT CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerID AS id, DATE_FORMAT(P.PlayerSigned, '%M %D, %Y') AS signed
FROM tplss_players P, tplss_appearances A
WHERE A.AppearanceMatchID = '$id' AND P.PlayerID = A.AppearancePlayerID
ORDER BY name",$connection);
// GET SUBS FOR DEBUTS
$get_sub_debuts = mysql_query("
SELECT CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerID AS id, DATE_FORMAT(P.PlayerSigned, '%M %D, %Y') AS signed
FROM tplss_players P, tplss_substitutions S
WHERE S.SubstitutionMatchID = '$id' AND P.PlayerID = S.SubstitutionPlayerIDIn
ORDER BY name",$connection);
echo"<br><h5>First Team Debuts</h5>
<table width=100%>";
// SHOW ANY DEBUTS FOR PLAYERS IN STARTING XI
while($appdata = mysql_fetch_array($get_debuts))
{
$appplayerid = $appdata['id'];
$get_starts = mysql_query("
SELECT COUNT(A.AppearancePlayerID) AS total
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = $appplayerid AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY A.AppearancePlayerID
",$connection) or die(mysql_error());
$starts = mysql_fetch_array($get_starts);
$get_subst = mysql_query("
SELECT COUNT(S.SubstitutionPlayerIDIn) AS total
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = $appplayerid AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY S.SubstitutionPlayerIDIn
",$connection) or die(mysql_error());
$subst = mysql_fetch_array($get_subst);
$total_apps = $starts['total'] + $subst['total'];
$head_url = "images/heads/" . $appplayerid . ".jpg";
if($total_apps == 1)
{ echo"<tr>
<td width=20%>
<img src=\"";
if(file_exists($head_url))
{ echo"images/heads/$appplayerid.jpg"; }
else
{ echo"images/heads/none.jpg"; }
echo"\" width=\"50\" style=\"border:0px solid; border-radius:25px;\">
</td>
<td width=40%><a href=\"player.php?id=$appplayerid\">$appdata[name]</a></td><td width=40%>(Signed $appdata[signed])</td>"; }
else
{ echo""; }
}
mysql_free_result($get_debuts);
// SHOW ANY DEBUTS FOR PLAYERS COMING OFF BENCH
while($appdatas = mysql_fetch_array($get_sub_debuts))
{
$appplayerid = $appdatas['id'];
$get_starts = mysql_query("
SELECT COUNT(A.AppearancePlayerID) AS total
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = $appplayerid AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY A.AppearancePlayerID
",$connection) or die(mysql_error());
$starts = mysql_fetch_array($get_starts);
$get_subst = mysql_query("
SELECT COUNT(S.SubstitutionPlayerIDIn) AS total
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = $appplayerid AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY S.SubstitutionPlayerIDIn
",$connection) or die(mysql_error());
$subst = mysql_fetch_array($get_subst);
$total_apps = $starts['total'] + $subst['total'];
$head_url = "images/heads/" . $appplayerid . ".jpg";
if($total_apps == 1)
{ echo"<tr>
<td width=20%>
<img src=\"";
if(file_exists($head_url))
{ echo"images/heads/$appplayerid.jpg"; }
else
{ echo"images/heads/none.jpg"; }
echo"\" width=\"50\" style=\"border:0px solid; border-radius:25px;\">
</td>
<td width=40%><a href=\"player.php?id=$appplayerid\">$appdatas[name]</a></td><td width=40%>(Signed $appdatas[signed])</td>"; }
else
{ echo""; }
}
mysql_free_result($get_sub_debuts);
echo"</table>";
?>
<?php
// --------------------CHECK FOR ANY MILESTONES----------------
// GET STARTING XI FOR MILESTONES
$get_milestones = mysql_query("
SELECT CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerID AS id
FROM tplss_players P, tplss_appearances A
WHERE A.AppearanceMatchID = '$id' AND P.PlayerID = A.AppearancePlayerID
ORDER BY name",$connection);
// GET SUBS FOR MILESTONES
$get_sub_milestones = mysql_query("
SELECT CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerID AS id
FROM tplss_players P, tplss_substitutions S
WHERE S.SubstitutionMatchID = '$id' AND P.PlayerID = S.SubstitutionPlayerIDIn
ORDER BY name",$connection);
// GET SCORERS FOR GOAL CHECKS
$get_goals = mysql_query("
SELECT CONCAT(P.PlayerFirstName, ' ', P.PlayerLastName) AS name, P.PlayerID AS id
FROM tplss_players P, tplss_goals G
WHERE G.GoalMatchID = '$id' AND P.PlayerID = G.GoalPlayerID AND G.GoalOwn != 1
ORDER BY name",$connection);
echo"<Br><h5>Milestones</h5>
<table width=100%>";
// SHOW MILESTONES FOR STARTING XI
while($appdatam = mysql_fetch_array($get_milestones))
{
$appplayerid = $appdatam['id'];
$get_starts = mysql_query("
SELECT COUNT(A.AppearancePlayerID) AS total
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = $appplayerid AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY A.AppearancePlayerID
",$connection) or die(mysql_error());
$starts = mysql_fetch_array($get_starts);
$get_subst = mysql_query("
SELECT COUNT(S.SubstitutionPlayerIDIn) AS total
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = $appplayerid AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY S.SubstitutionPlayerIDIn
",$connection) or die(mysql_error());
$subst = mysql_fetch_array($get_subst);
$total_apps = $starts['total'] + $subst['total'];
echo"";
if($total_apps == '50')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> played his 50th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '100')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> played his 100th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '200')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> made his 200th competitive appearance for the Club.</td></tr>"; }
elseif($total_apps == '250')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> played his 250th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '300')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> made his 300th competitive appearance for the Club.</td></tr>"; }
elseif($total_apps == '400')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> played his 400th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '500')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatam[name]</a> made his 500th competitive appearance for the Club.</td></tr>"; }
else
{ echo""; }
echo"";
}
mysql_free_result($get_milestones);
// SHOW MILESTONES FOR SUBS
while($appdatams = mysql_fetch_array($get_sub_milestones))
{
$appplayerid = $appdatams['id'];
$get_starts = mysql_query("
SELECT COUNT(A.AppearancePlayerID) AS total
FROM tplss_appearances A, tplss_matches M
WHERE A.AppearancePlayerID = $appplayerid AND A.AppearanceMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY A.AppearancePlayerID
",$connection) or die(mysql_error());
$starts = mysql_fetch_array($get_starts);
$get_subst = mysql_query("
SELECT COUNT(S.SubstitutionPlayerIDIn) AS total
FROM tplss_substitutions S, tplss_matches M
WHERE S.SubstitutionPlayerIDIn = $appplayerid AND S.SubstitutionMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY S.SubstitutionPlayerIDIn
",$connection) or die(mysql_error());
$subst = mysql_fetch_array($get_subst);
$total_apps = $starts['total'] + $subst['total'];
if($total_apps == '50')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> played his 50th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '100')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> played his 100th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '200')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> made his 200th competitive appearance for the Club.</td></tr>"; }
elseif($total_apps == '250')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> played his 250th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '300')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> made his 300th competitive appearance for the Club.</td></tr>"; }
elseif($total_apps == '400')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> played his 400th major competitive game for the Club.</td></tr>"; }
elseif($total_apps == '500')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$appdatams[name]</a> made his 500th competitive appearance for the Club.</td></tr>"; }
else
{ echo""; }
}
mysql_free_result($get_sub_milestones);
// SHOW MILESTONES FOR STARTING XI
while($goaldata = mysql_fetch_array($get_goals))
{
$appplayerid = $goaldata['id'];
$get_goal_totals = mysql_query("
SELECT COUNT(G.GoalPlayerID) AS total
FROM tplss_goals G, tplss_matches M
WHERE G.GoalPlayerID = $appplayerid AND G.GoalMatchID = M.MatchID AND M.MatchDateTime <= '$matchdate'
GROUP BY G.GoalPlayerID
",$connection) or die(mysql_error());
$goals = mysql_fetch_array($get_goal_totals);
$total_goals = $goals['total'];
if($total_goals == '1')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> scored his first goal for the Club.</td></tr>"; }
elseif($total_goals == '10')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> reached 10 goals for the Club.</td></tr>"; }
elseif($total_goals == '25')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> scored for the 25th time for the Club.</td></tr>"; }
elseif($total_goals == '30')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> reached 30 goals for the Club.</td></tr>"; }
elseif($total_goals == '50')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> scored his 50th goal for the Club.</td></tr>"; }
elseif($total_goals == '75')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> reached 75 goals for the Club.</td></tr>"; }
elseif($total_goals == '100')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> scored his 100th goal for the Club.</td></tr>"; }
elseif($total_goals == '200')
{ echo"<tr><td width=100%><a href=\"player.php?id=$appplayerid\">$goaldata[name]</a> scored his 200th goal for the Club.</td></tr>"; }
else
{ echo""; }
}
echo"</table>";
mysql_free_result($get_goals);
?>
<hr>
Any suggestions or general advice would be greatly appreciated.
Basically, I'm still trying to wrap my head around OOP. What I'm trying to do here is a simple OOP user login script. But when I submit the form, all that happens is that the text fields reset them selves and nothing that I feel should be happening, happens. ie: I submit login data, and either it displays an error or reirects to index page. Neither happen, the form merely resets. Where am I going wrong? Code: [Select] <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label>Username<br> <input name="user" id="user_login" class="input" size="20" tabindex="10" type="text" /> </label> </p> <p> <label>Password<br> <input name="pass" id="user_pass" class="input" value="" size="20" tabindex="20" type="password"></label> </p> <p class="forgetmenot"><label><input name="rememberme" id="rememberme" value="forever" tabindex="90" type="checkbox"> Remember Me</label></p> <p class="submit"> <input name="login" id="submit" class="button-primary" value="Log In" tabindex="100" type="submit"> <input name="redirect_to" value="/users.php" type="hidden"> </p> </form> Code: [Select] <?php if(isset($_POST['login'])) { $username = $_POST['user']; $password = $_POST['pass']; include("./classes/class.users.php"); USERS::login($username, $password); } ?> Code: [Select] <?php // Yes, my DATABAASE::DoIT(1) // (0) is working as intended (from a different include file) class USERS { var $user; var $pass; var $email; ////////////////////////////////////////////////////////////////////////////////////////////// function login($user, $pass) { include("/var/www/config.php"); DATABASE::DoIt('1'); $hashword = sha1($CONFIG['salt1']."$pass".$CONFIG['salt2']); $sql = "SElECT * FROM users WHERE username='$user' AND hashword='$hashword'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1) { while ($row = mysql_fetch_assoc($result)) { define('USERS_AUTHENTICATED', true); $_SESSION['USERS_username'] = $row['username']; $_SESSION['USERS_userid'] = $row['userid']; DATABASE::DoIt('0'); header("Location: index.php"); } } else { $_SESSION['loginError'] = true; DATABASE::DoIt('0'); return $_SESSION['loginError']; } DATABASE::DoIt('0'); } } ?> Hi guys I am using the code found here http://www.elated.com/articles/cms-in-an-afternoon-php-mysql/ with some alterations to try and insert data in a database via a php form, i have completed the example shown on that site and it works perfect, but I am now trying to adjust the code so that i have a user and admin section, but the form will not submit to the database. Here is the for my form, page know as editArticles: Code: [Select] <?php include "templates/include/header.php" ?> <div id="userHeader"> <h2><spanH1>Advertise!</spanH1> Place an advert for your book</h2> <p>You are logged in as <b><?php echo htmlspecialchars( $_SESSION['username']) ?></b>. <a href="user.php?action=logout"?>Log out</a></p> </div> <h1><?php echo $results['pageTitle']?></h1> <form action="user.php?action=newArticle" method="post"> <input type="hidden" name="articleId" value="<?php echo $results['article']->id ?>"/> <?php if ( isset( $results['errorMessage'] ) ) { ?> <div class="errorMessage"><?php echo $results['errorMessage'] ?></div> <?php } ?> <ul> <li> <label for="booktitle">Book Title</label> <input type="text" name="booktitle" id="booktitle" placeholder="Title of the book" required autofocus maxlength="100" value="<?php echo htmlspecialchars( $results['article']->booktitle )?>" /> </li> <li> <label for="author">Book Author</label> <input type="text" name="author" id="author" placeholder="Author of the book" required autofocus maxlength="50" value="<?php echo htmlspecialchars( $results['article']->author )?>" /> </li> <li> <label for="edition">Edition</label> <input type="text" name="edition" id="edition" placeholder="Edition" required autofocus maxlength="2" value="<?php echo ( $results['article']->edition )?>" /> </li> <li> <label for="category">Category</label> <input type="text" name="category" id="category" placeholder="Book Category E.G Buisness" required autofocus maxlength="30" value="<?php echo htmlspecialchars( $results['article']->category )?>" /> </li> <li> <label for="module">Module</label> <input type="text" name="module" id="module" placeholder="Module" required autofocus maxlength="30" value="<?php echo ( $results['article']->module )?>" /> </li> <li> <label for="price">Price</label> <input type="text" name="price" id="price" placeholder="Price" required autofocus maxlength="30" value="<?php echo ( $results['article']->price )?>" /> </li> <li> <label for="condition">Condition</label> <input type="text" name="condition" id="condition" placeholder="condition" required autofocus maxlength="30" value="<?php echo ( $results['article']->condition )?>" /> </li> <li> <label for="description">Description</label> <textarea name="description" id="description" placeholder="Description of the book including condition and associated modules" required maxlength="500" style="height: 15em;"> <?php echo htmlspecialchars( $results['article']->description )?></textarea> </li> <li> <label for="Image">Image</label> <input type="file" name="Image" id="Image" /> </li> <li> <label for="pdate">Sale Date</label> <input type="date" name="pdate" id="pdate" placeholder="YYYY-MM-DD" required maxlength="10" value="<?php echo $results['article']->pdate ? date( "Y-m-d", $results['article']->pdate ) : "" ?>" /> </li> </ul> <div class="buttons"> <input type="submit" name="saveChanges" value="Save Changes" /> <input type="submit" formnovalidate name="cancel" value="Cancel" /> </div> </form> <?php if ( $results['article']->id ) { ?> <p><a href="admin.php?action=deleteArticle&articleId=<?php echo $results['article']->id ?>" onclick="return confirm('Delete This Article?')">Delete This Article</a></p> <?php } ?> <?php include "templates/include/footer.php" ?> This is the form for the php, as you can see the form action is "new article" This is the code for the action new article Code: [Select] function newArticle() { $results = array(); $results['pageTitle'] = "New Article"; $results['formAction'] = "newArticle"; if ( isset( $_POST['saveChanges'] ) ) { // User has posted the article edit form: save the new article $article = new Article; $article->storeFormValues( $_POST ); $article->insert(); header( "Location: admin.php?status=changesSaved" ); } elseif ( isset( $_POST['cancel'] ) ) { // User has cancelled their edits: return to the article list header( "Location: admin.php" ); } else { // User has not posted the article edit form yet: display the form $results['article'] = new Article; require( TEMPLATE_PATH . "/admin/editArticle.php" ); } } As you can see the template is set to the above form page editArticle Below is the code for the class "article" which contains the insert function and other functions such as construct, the storeFormValues which can is used in the "newArticle" function, and of course the insert function Code: [Select] class Article { public $id = null; public $booktitle = null; public $author = null; public $edition = null; public $category = null; public $module = null; public $price = null; public $condition = null; public $description = null; public $image = null; public $pdate = null; public function __construct( $data=array() ) { if ( isset( $data['id'] ) ) $this->id = (int) $data['id']; if ( isset( $data['booktitle'] ) ) $this->booktitle = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['booktitle'] ); if ( isset( $data['author'] ) ) $this->author = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['author'] ); if ( isset( $data['edition'] ) ) $this->edition = $data['edition']; if ( isset( $data['category'] ) ) $this->category = $data['category']; if ( isset( $data['module'] ) ) $this->module = $data['module']; if ( isset( $data['price'] ) ) $this->price =(int) $data['price']; if ( isset( $data['condition'] ) ) $this->condition = $data['condition']; if ( isset( $data['description'] ) ) $this->description = $data['description']; if ( isset( $data['image'] ) ) $this->image = $data['image']; if ( isset( $data['pdate'] ) ) $this->pdate = (int) $data['pdate']; } public function storeFormValues ( $params ) { // Store all the parameters $this->__construct( $params ); // Parse and store the publication date if ( isset($params['pdate']) ) { $sdate = explode ( '-', $params['pdate'] ); if ( count($pdate) == 3 ) { list ( $y, $m, $d ) = $pdate; $this->pdate = mktime ( 0, 0, 0, $m, $d, $y ); } } } public function insert() { // Does the Article object already have an ID? if ( !is_null( $this->id ) ) trigger_error ( "Article::insert(): Attempt to insert an Article object that already has its ID property set (to $this->id).", E_USER_ERROR ); // Insert the Article $conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD ); $sql = "INSERT INTO books ( booktitle, author, edition, category, module, price, condition, description, image, pdate ) VALUES ( :booktitle, :author, :edition, :category, :module, :price, :condition, :description, :image, FROM_UNIXTIME(:pdate) )"; $st = $conn->prepare ( $sql ); $st->bindValue( ":booktitle", $this->booktitle, PDO::PARAM_STR ); $st->bindValue( ":author", $this->author, PDO::PARAM_STR ); $st->bindValue( ":edition", $this->edition, PDO::PARAM_STR ); $st->bindValue( ":category", $this->category, PDO::PARAM_STR ); $st->bindValue( ":module", $this->module, PDO::PARAM_STR ); $st->bindValue( ":price", $this->price, PDO::PARAM_INT ); $st->bindValue( ":condition", $this->condition, PDO::PARAM_STR ); $st->bindValue( ":description", $this->description, PDO::PARAM_STR ); $st->bindValue( ":image", $this->image, PDO::PARAM_STR ); $st->bindValue( ":pdate", $this->pdate, PDO::PARAM_INT ); $st->execute(); $this->id = $conn->lastInsertId(); $conn = null; } I would truly appreciate if someone is able to figure out what is going wrong, btw i dont get any errors when i click the save it takes mw to the next page and show a message i have set saying the changes have been saved but it doesnt actually save to me database. If you have any questions or i need to explain more please let me know Thanks in advance Thanks for reading my post, Can someone point me to the right direction here; Am trying to insert a record in a text area field into PHP/MYSQl. This time around, I am reading what the user entered into the textarea before inserting. Take a look at this: TEXTAREA -> row 1: BOY row 2: GIRL Can I make it two rows in my database as opposed to one? I don't have a problem inserting, just how to insert as multiple if there are two rows. Thanks in advance Hi, Does anyone have any idea how to insert an entire php or html pages into mysql once the page has being created with php? E.g. np1.php <form action="np2.php" method="post"> Name of New Page: <input type="text" name="newpage_name" /> <input type="submit" /> </form> np2.php <?php $newpage_name = $_POST[ 'newpage_name' ]; $newpage_initial = "Input Contents Here."; //echo $editor_data; $newpage_file = "test/" . $newpage_name . ".php"; $newpage_save = fopen($newpage_file, 'w'); fwrite($newpage_save, $newpage_initial); fclose($newpage_save); ?> I have managed to create a new file with php but I also want it when I click on the submit button, it will also auto save that new php file or html file into mysql. Regards Jas As title says i need to block user for 30 minutes after he enter invalid data 3 times in a row. I know i need to enter ip and time in database, but how to stop form to be submited.
i have this code for count failed attempts, he increment value in session every time submit is pressed
// postavi ili povecaj broj u sessiji ako je Login button aktiviran
if (empty($_SESSION['failed_login']))
{
$_SESSION['failed_login'] = 1;
}
elseif (isset($_POST['login']))
{
$_SESSION['failed_login']++;
}
// if login fail 3 times
if ($_SESSION['failed_login'] > 3) {
$error[] = 'U failed to login 3 times ' . $_SESSION['failed_login'];
}
This is whole login.php
<?php
// protect page from direct access
if (!defined('AUTH')) { die('You are not authorized to see this page !'); }
if ($general->is_logged() === true)
{
header('Location: index.php');
exit();
}
$last_login_date = time();
$ip = $general->get_ip();
// postavi ili povecaj broj u sessiji ako je Login button aktiviran
if (empty($_SESSION['failed_login']))
{
$_SESSION['failed_login'] = 1;
}
elseif (isset($_POST['login']))
{
$_SESSION['failed_login']++;
}
// if login fail 3 times
if ($_SESSION['failed_login'] > 3) {
$error[] = 'U failed to login 3 times ' . $_SESSION['failed_login'];
}
// login form
if (isset($_POST['login']))
{
$username = trim($_POST['username']);
$password = trim($general->safepass($_POST['password']));
// if user entered username and password
if (empty($username) || empty($password))
{
$error[] = 'Please enter username and password';
}
else
{
// login query
$login = $users->login($username, $password);
// cookie login
if (isset($_POST['stay_logged']))
{
// check if username and password is valid
if ($login)
{
$user_id = $login['id'];
// expire time for cookie 1 month
$expire = time()+60*60*24*30;
// make random code for token
$rand = hash('sha512', mt_rand());
// set cookies
setcookie('token', $rand, $expire);
setcookie('username', $login['username'], $expire);
setcookie('id', $login['id'], $expire);
// update user last_login, ip, token code
$update_login_data = $users->update_cookie_login($last_login_date, $ip, $rand, $user_id);
// redirect user to index.php and exit script
header('Location: index.php');
exit();
}
else
{
// if username or password is not valid
$error[] = 'Invalid username or password';
}
}
// session login
else
{
// check if username and password is valid
if ($login)
{
// make sessions with user_id and username
$_SESSION['id'] = $login['id'];
$_SESSION['username'] = $login['username'];
$user_id = (int)$_SESSION['id'];
// update user last_login, ip
$update_login = $users->update_user_ip_login($last_login_date, $ip, $user_id);
// redirect user to index.php and exit script
header('Location: index.php');
exit();
}
else
{
// if username or password is not valid
$error[] = 'Invalid username or password';
}
}
}
}
?>
<h3>Log in</h3>
<?php
if (!empty($error)) {
echo '<div class="big-error-msg"><ul style="margin:0 0 0 20px;">';
foreach ($error as $error) {
echo '<li>'.$error. '</li>';
}
echo '</ul></div>';
}
?>
<form action="" method="POST" class="login-form">
<input type="text" name="username" placeholder="Username" required>
<input type="password" name="password" placeholder="Password" required><br><br>
<input type="checkbox" name="stay_logged"><label style="padding:0 0 0 10px;">Remember me ?</label><br>
<input type="submit" name="login" value="Log in" class="small-button">
<label>
<p><a href="index.php?page=forgotten_pass" title="Forgotten password ?">Forgotten password ?</a></p>
<p>Don't have an account ? <a href="index.php?page=register" title="Register">Register</a></p>
</label>
</form>
Hi guys, This is my first time to insert PDF into MySQL BLOB. Below is my form that i used Code: [Select] <?php <form enctype="multipart/form-data" name="frmUploadFile" action="ulf-exec.php" method="post"> <select name="title" id="title"> <option>xxx</option> <option>yyy</option> <option>zzz</option> </select> </label> <input name="des" type="text" class="dropdownlists1" id="des"></td> <input name="fileUpload" type="file" class="dropdownlists1" id="fileUpload" size="20" border=""></td> <input type="submit" name="button" id="button" value="Submit"> </form> ?> I have prepared my database based on the required but decided to test with echo just to confirm there's no issue with the code The action="ulf-exec.php" : Code: [Select] <?php function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $title = clean($_POST['title']); $des = clean($_POST['des']); $fileUpload = $_POST['fileUpload']; if(empty($des) || $fileUpload == "none") die("You must enter both a description and file"); $fileHandle = fopen($fileUpload, "r"); $fileContent = fread($fileHandle, $fileUpload_size); $fileContent = addslashes($fileContent); $date = date('d').'-'.date('m').'-'.date('y'); $time = date('h').':'.date('i').':'.date('s'); echo "<h1>File Uploaded</h1>"; echo "The details of the uploaded file are shown below:<br><br>"; echo "<b>File name:</b> $fileUpload_name <br>"; echo "<b>File type:</b> $fileUpload_type <br>"; echo "<b>File size:</b> $fileUpload_size <br>"; echo "<b>Uploaded to:</b> $fileUpload <br><br>"; echo "<a href='uploadfile.php'>Add Another File</a>"; ?> This is the error: Code: [Select] Warning: fopen() [function.fopen]: Filename cannot be empty in /ulf-exec.php on line 30 Warning: fread(): supplied argument is not a valid stream resource in ulf-exec.php on line 31 Hi All, I'm trying to insert a HTML code into one of the fileds so when you load the page it reads that code and shows you the picture that code is pointing you as you can see below but the problem is I have too many " and ' s so PHP wont pass it. $name = $_POST['name']; $title = $_POST['title']; $ext = $_POST['ext']; $cell = $_POST['cell']; $sec = $_POST['sec']; $emp = $_POST['emp']; $con = mysql_connect("localhost","root","PA55ss"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("movedb", $con); $sql="INSERT INTO sheet1sa (ext, F2, cell, name, dep, F6, empno) VALUES ('$ext', '$sec', '$cell', '$name', '$dep', '<img src='./pics/$empno.jpg' width="80" height='90' />", '$empno')"; BTW i need to make this code so it takes the "empno" value and insert it into that code before .JPG so when browser reads my database it will read it as "./pics/777788.JPG" Thanks for your help hey, here is the code I am using. Code: [Select] mysql_connect("localhost","XXXXXX","XXXXXX") or die("Could not connect."); mysql_select_db("XXXXXX"); $query="SELECT * FROM VIDEO_SESSIONS"; $result=mysql_query($query); while ($db_field = mysql_fetch_assoc($result)) { $timeslider = $db_field['timeslider']; } $message=$_POST['message']; $name=$me['first_name']; if(isset($_POST['submit'])){ if(strlen($message)<1) { print "You did not input a message"; } else if(strlen($name)<1) { print "Please login with Facebook to post a message"; } else { $insertmessage="INSERT INTO CHAT_SESSIONS (user_id,user_message,current_time) VALUES ('$name', '$message', '$timeslider')"; mysql_query($insertmessage); echo mysql_error(); } } ?> I am getting this error everytime I try and INSERT into the database " You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'current_time) VALUES ('Luke', 'Hello?', '00:23:00')' at line 2 " it works fine without the '$timeslider' which is a time stored on the database in the format 00:00:00 why does it not want to store the time back in a different table.. same format!? Hey Guys, I have to insert some data in MySQL but it wont work . Please have a look. <?php // to values are set to empty $vatsim=""; $ivao=""; // values from form in other page are set if(isset($_POST["pilotid"])) $pilotid=$_POST["pilotid"]; if(isset($_POST["network"])) $network=$_POST["network"]; if(isset($_POST["vid"])) $vid=$_POST["vid"]; if(isset($_POST["pilot"])) $pilot=$_POST["pilot"]; // if value is that copy data in this value, otherways in that value if ($network == "IVAO") { $ivao="$vid";} if ($network == "VATSIM") { $vatsim="$ivao";} // connect db include(dbconnect.inc.php); // first sql to update some data in one table $sql = "UPDATE `360283`.`jos_users` SET `IPS` = \'1\' WHERE `jos_users`.`id` = \'$pilotid\'"; $result1 = mysql_query($sql); // 2nd sql to insert some data in other table $sql2 = "INSERT INTO `360283`.`IPS_Pilots` (`ID`, `Name`, `Hours`, `Flights`, `LastFlight`, `IVAO`, `VATSIM`, `Enabled`, `Rating`) VALUES ('$pilotid', '$pilot', NULL, NULL, NULL, '$ivao', '$vatsim', '1', '0');"; $result2 = mysql_query($sql2); // sql to check if it was succesful $sql3 = "SELECT * FROM `IPS_Pilots` WHERE `ID` = '$pilotid' LIMIT 0, 30 "; $result3 = mysql_query($sql3); $num3 = mysql_numrows($result3); // echo succesfull or not if (!$num3) { echo "Sorry, but I failed to apply this pilot."; } else { echo "Pilot succesfully applied."; } ?> Thanks Hello I have a text list that looks like this: Code: [Select] ACACIA-Acacia spp.-Australia AMANITAS-Amanita muscaria-Siberia AYAHUASCA-Yage-Amazon Basin ... continues... i am trying to create a script that if i placed that text like that in a textarea and submitted the form it would explode each line one at a time by the "-" and add it into a mysql database (COMMON_NAME, GENUS_SPECIES, NATIVE_TO) I dont want to have to submit these one at a time and im sure this is very simple to do just im not understanding how to explode each line. maybe a code like; 1. counts the total number of lines and places it in a variable called lines 2. do while $lines > 0 3. for each $line explode by "-" 4. insert each piece of the exploded line into the database as (COMMON_NAME, GENUS_SPECIES, NATIVE_TO) as piece 0,1, & 2 5. after inserted subtract 1 from $lines or something similar to that effect. any help is greatly appreciated1
create table mimi (mimiId int(11) not null, mimiBody varchar(255) );
<?php
//connecting to database
include_once ('conn.php');
$sql ="SELECT mimiId, mimiBody FROM mimi";
$result = mysqli_query($conn, $sql );
$mimi = mysqli_fetch_assoc($result);
$mimiId ='<span>No: '.$mimi['mimiId'].'</span>';
$mimiBody ='<p class="leading text-justify">'.$mimi['mimiBody'].'</p>';
?>
//what is next?
i want to download pdf or text document after clicking button or link how to do that |
|||||||