|
PHP - Joomla- Display Page Only If User Came From Page2.
I have a php page that is linked to in a Joomla site in a Wrapper. I want to be able to block access to a php page unless it was called by
a link in the main menu. I figured I could use $_SERVER['HTTP_REFERER'] to accomplish this like so: Link from Main Menu -> top_secret.php Code: [Select] <?php //the following is placed in the header of top_secret.php web page $page1 = 'http://myweb.com/index.php?option=com_wrapper&view=wrapper&Itemid=201';//page that user must come from $menu_link = $_SERVER['HTTP_REFERER'];//page that user comes from if($page1 !== $menu_link) { header('Location: http://myweb.com/error_page.php'); } ?> Thus if some one tries to simply access the top_secret.php with out going through the joomla menu- they will be re-directed to an error page. My question to the guru's is- is this secure or can someone easily get to the top_secret.php without going through the menu. Keep in mind- that the menu the person must use is only accessible from a registered joomla user for that site. Hope that makes sense. Similar Tutorialshi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta I want to fetch data from a table let's say table "activities". Uid | day | activity | time | remarks 1. Mon. Act1. 3pm. Good 2. Mon. Act1. 5pm. Bad 1. Tue. Act2. 12am. Bad 1. Tue. Act5. 1am. Bad 1. Thur. Act8. 9pm. Good 2. Wed. Act4. 7am. Good
Now assuming I want to fetch all the data that is related to user Id 1 and display them in another table (Uid 1). Which is 4 rows according to the table, how do I go about it using select query? Thanks!!! I tried something like this but it displays just one row
<?php
$uid = $_SESSION['login'];
$sql2 = "SELECT * FROM Activities WHERE uid=? ORDER BY Uid LIMIT 6";
$stmt2 = $connection->prepare($sql2);
$stmt2->bind_param('i', $Uid);
$stmt2->execute();
$result2 = $stmt2->get_result();
$row2 = $result2->fetch_assoc();
//now am stuck here
?>
now trying to display the fetch those data for only Uid 1 in these simple format...
<table style="width:100%"> <tr> <th>Day</th> <th>Activity</th> <th>Remarks</th> </tr> <tr> <td>Mon</td> <td>Act1</td> <td>Good</td> </tr> <tr> <td>Tue</td> <td>Act2</td> <td>Bad</td> </tr> <tr> <td>Tue</td> <td>Act5</td> <td>Bad</td> </tr> </table>
Hi all I need some help with displaying user account details i am currently able to show only the email address and i would like to show the name school name and yeargroup heres my code for myaccount.php <?php require_once('Connections/isn_1.php'); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = "1,2,3,4"; $MM_donotCheckaccess = "false"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && false) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "login.php?login=false"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <!DOCTYPE HTML> <html> <head> <title>My Account - <?php echo($_SESSION['MM_Username']); ?></title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <style type="text/css"> @import url("style.css"); </style> </head> <body class="about"> <!-- Start NavBar --> <div id="topnavbar"> <dl> <dt id="home"><a href="index.php">Home</a></dt> <dt id="about"><a href="about.php">About</a></dt> <dt id="account"><a href="myaccount.php">Account</a></dt> <dt id="login"><a href="login.php">Login</a></dt> </dl> <dl id="rightnavbar"> <dt id="ISN"><a href="index.php">ISN</a></dt> </dl> </div> <!-- End NavBar --> <div id="page-container"> <div id="header"> </div> <div id="sidebar-a"></div> <div id="content"> <div class="padding"> <center> <table width="631" border="0"> <tr> <td colspan="2">Personal Details</td> </tr> <tr> <td width="229"> </td> <td width="648"></td> </tr> <tr> <td>Name</td> <td></td> </tr> <tr> <td>Email</td> <td><?php echo($_SESSION['MM_Username']); ?></td> </tr> <tr> <td>School Name</td> <td></td> </tr> <tr> <td>Year Group</td> <td></td> </tr> <tr> <td>DOB</td> <td></td> </tr> <tr> <td> </td> <td><a href="updateprofile.php">Modify my details</a></td> </tr> </table> <a href="logout.php">Logout?</a> </center> </div> </div> <div id="footer"> <div id="altnav"> <a href="index.php">Home</a> - <a href="login.php">Login</a> - <a href="register.php">Register</a> - <a href="about.php">About</a> - <a href="terms.php">Terms & Conditions</a> </div> <div id="copyright">© 2011 InterSchoolsNetwork, All Rights Reserved - A <a href="http://jordansmithsolutions.co.uk">Jordan Smith Solutions</a> & <a href="http://www.joecocorp.webs.com/">JoeCo Corp Production</a><br /> </div> </div> </div> </body> </html> <?php mysql_free_result($rsUpdateUser); ?> If you need any other code to help answer it for me then let me no please Code: [Select] <html> <title>Micro Elite Brigade - Registration</title><LINK REL="SHORTCUT ICON" HREF="images/favicon.png"><?php require_once('upper.php'); require_once('database.php'); echo $error_msg=''; if(isset($_POST['submit'])) { $LoginId=mysqli_real_escape_string($dbc,trim($_POST['LoginId'])); $Password1=mysqli_real_escape_string($dbc,trim($_POST['Password1'])); $Password2=mysqli_real_escape_string($dbc,trim($_POST['Password2'])); $Name=mysqli_real_escape_string($dbc,trim($_POST['Name'])); $Age=mysqli_real_escape_string($dbc,trim($_POST['Age'])); $BloodGroup=mysqli_real_escape_string($dbc,trim($_POST['BloodGroup'])); /*if(!isset($_POST['Sex'])) { echo 'Please enter Sex<br>'; }*/ //else{ $Sex= mysqli_real_escape_string($dbc,trim($_POST['Sex'])); //} $Qualification=mysqli_real_escape_string($dbc,trim($_POST['Qualification'])); $ContactNumber=mysqli_real_escape_string($dbc,trim($_POST['ContactNumber'])); $Email=mysqli_real_escape_string($dbc,trim($_POST['Email'])); $Address=mysqli_real_escape_string($dbc,trim($_POST['Address'])); $AboutYourself=mysqli_real_escape_string($dbc,trim($_POST['AboutYourself'])); //$countCheck=count($_POST['checkbox']); //echo $countCheck; //$checkbox=$_POST['checkbox']; //$countCheck=count($checkbox); if(empty($LoginId)){echo 'Please enter Login Id';} elseif(empty($Password1)){echo 'Please enter Password';} elseif(empty($Password2)){echo 'Please confirm Password';} elseif($Password1!==$Password2){echo 'Password didn\'t match';} elseif(empty($Name)){echo 'Please enter Name';} elseif(empty($Age)){echo 'Please enter Age';} elseif(!isset($_POST['Sex'])){echo 'Please enter Sex';} elseif(empty($Qualification)){echo 'Please enter Qualification';} elseif(empty($ContactNumber)){echo 'Please enter Contact Number';} elseif(empty($Email)){echo 'Please enter Email';} elseif(empty($Address)){echo 'Please enter Address';} elseif(empty($AboutYourself)){echo 'Please enter About Yourself';} elseif(!isset($_POST['checkbox'])){ echo 'You have to register at least one activity.';} elseif(!isset($_POST['TermsAndConditions'])){ echo 'You have to agree all Terms and Conditions of Elite Brigade.';} else { require_once('database.php'); $query="select * from registration where LoginId='$LoginId'"; $result=mysqli_query($dbc,$query); if(mysqli_num_rows($result)==0) { $checkbox=$_POST['checkbox']; $countCheck=count($_POST['checkbox']); $reg_id=' '; for($i=0;$i<$countCheck;$i++) { $reg_id=$reg_id.$checkbox[$i].','; $query="insert into activity_participation (LoginId,Title,Date) values ('$LoginId','$checkbox[$i]',CURDATE())"; $result=mysqli_query($dbc,$query) or die("Not Connected"); } $query="insert into registration (LoginId,Password,Name,Age,BloodGroup,Sex,Qualification,ContactNumber,Email,Address,AboutYourself,Activity)values ('$LoginId',SHA('$Password1'),'$Name','$Age','$BloodGroup','$Sex','$Qualification','$ContactNumber','$Email','$Address','$AboutYourself',',$reg_id')"; $result=mysqli_query($dbc,$query) or die("Not Connect"); echo ' Dear '.$Name.'.<br>Your request has been mailed to admin.<br>Your account is waiting for approval<br>'; $from= 'Elite Brigade'; $to='ankitp@rsquareonline.com'; $subject='New User Registration'; $message="Dear admin,\n\nA new user request for registration. Please check it out.\n\nRegards\nMicro"; mail($to,$subject,$message,'From:'.$from); //header('Location: index.php'); // header('Location: Registration.php'); } else { echo 'Dear '.$Name. ', <br> An account already exist with login-id<b> '.$LoginId.'</b> <br>Please try another login-id'; }} } ?> <html> <head> <link rel="stylesheet" type="text/css" href="css/style.css" /> <script type="text/javascript"> function lengthRestriction(elem, min, max){ var uInput = elem.value; if(uInput.length >= min && uInput.length <= max){ return true; }else{ alert("Please enter between " +min+ " and " +max+ " characters"); elem.value=""; return false; } } function emailValidator(elem, helperMsg){ var emailExp = /^[\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/; if(elem.value.match(emailExp)){ return true; }else{ alert(helperMsg); elem.value=""; return false; } } </script> </head> <body> <?php echo $error_msg; ?> <form action='<?php echo $_SERVER['PHP_SELF'];?>' id="commentForm" method='post'> <div class="registration_and_activity"> <table border="0" cellspacing="0" cellpadding="0" width="380"> <tr><td colspan="2"> <br/><h3>New User?</h3></td></tr> <tr><td width="120"> <em>*</em>Enter Login id</td><td width="150"><input type='text' name='LoginId' id='LoginId' value='<?php if(!empty($LoginId))echo $LoginId;?>' onblur="lengthRestriction(document.getElementById('LoginId'), 6, 20)")/></td></tr> <tr><td> <em>*</em>Enter Password</td> <td><head> <SCRIPT language=Javascript> function capLock(e){ kc = e.keyCode?e.keyCode:e.which; sk = e.shiftKey?e.shiftKey:((kc == 16)?true:false); if(((kc >= 65 && kc <= 90) && !sk)||((kc >= 97 && kc <= 122) && sk)) { if(document.getElementById('Password1').value=='') alert("Caps Lock is On"); } else document.getElementById('divMayus').style.visibility = 'hidden'; } </SCRIPT> </HEAD> <input onkeypress='return capLock(event)' type='password' name='Password1' id="Password1" value='<?php if(!empty($Password1))echo $Password1;?>' onblur="lengthRestriction(document.getElementById('Password1'), 4, 50)")/></td></tr> <tr><td> <em>*</em>Confirm Password</td><td><input type='password' name='Password2' value='<?php if(!empty($Password2))echo $Password2;?>' /></td></tr> <tr><td width="120"> <em>*</em>Enter Name</td> <td><input type='text' name='Name' Id="Name" value='<?php if(!empty($Name))echo $Name;?>' onblur="lengthRestriction(document.getElementById('Name'), 2, 30)")/></td></tr> <tr><td> <em>*</em>Enter Age</td><HEAD> <SCRIPT language=Javascript> function isNumberKey(evt) { var charCode = (evt.which) ? evt.which : event.keyCode if (charCode > 31 && (charCode < 48 || charCode > 57)) return false; return true; } </SCRIPT> </HEAD> <td><INPUT onkeypress='return isNumberKey(event)' type='text' name='Age' value='<?php if(!empty($Age))echo $Age;?>'/></td></tr> <tr><td> <em>*</em>Enter Blood</td><td><input type='text' name='BloodGroup' value='<?php if(!empty($BloodGroup))echo $BloodGroup;?>' id="BloodGroup" onblur="lengthRestriction(document.getElementById('BloodGroup'), 1, 3)") /></td></tr> <tr><td> <em>*</em>Enter Sex</td><td><input type='radio' name='Sex' style='width:16px; border:0;' value='Male'<?php if(isset($_POST['Sex'])) { echo "checked='checked'";} ?> />Male <input type='radio' name='Sex' style='width:16px; border:0;' value='Female' <?php if(isset($_POST['Sex'])) { echo "checked='checked'";} ?> />Female</td></tr> <tr><td> <em>*</em>Enter Qualification</td><td><input type='text' name='Qualification' value='<?php if(!empty($Qualification))echo $Qualification;?>' id="Qualification" onblur="lengthRestriction(document.getElementById('Qualification'), 3, 60)"/></td></tr> <tr><td> <em>*</em>Contact Number </td><td><input onkeypress='return isNumberKey(event)'type='text' name='ContactNumber' value='<?php if(!empty($ContactNumber))echo $ContactNumber;?>' /></td></tr> <tr><td> <em>*</em>Enter Email</td><td><input type='text' name='Email'class="email" value='<?php if(!empty($Email))echo $Email;?>' id="emailer" onblur="emailValidator(document.getElementById('emailer'), 'Not a Valid Email')"/></td></tr> <tr><td> <em>*</em>Enter Address</td><td><input type='text' name='Address' value='<?php if(!empty($Address))echo $Address;?>' id="Address" onblur="lengthRestriction(document.getElementById('Address'), 2, 100)")/></td></tr> <tr ><td > <em>*</em>About Yourself </td></tr> <tr><td colspan="2"><textarea rows='10' cols='40' name='AboutYourself' id="AboutYourself" onblur="lengthRestriction(document.getElementById('AboutYourself'), 5, 500)") /><?php if(!empty($Address))echo $Address;?></textarea></td></tr> <tr><td> <?php echo" <tr><td colspan='2'><em>*</em><b>Select fields for which you want to register</b></td></tr>"; require_once('database.php'); $query="select * from activity"; $result=mysqli_query($dbc,$query); while($row=mysqli_fetch_array($result)){ $Title=$row['Title']; $ActivityId=$row['ActivityId']; echo "<tr><td>$Title</td>"; echo "<td><input type='checkbox' name='checkbox[]' value='$Title' style='width:14px; text-align:right;'/></td></tr>";//value=$ActivityId tells ActivityId variable extracts with name="checkbox" echo "<br/>"; } echo " <tr> <table border='0' cellspacing='0' cellpadding='0' width='400' style='margin:10px 0 0 0;'> <td align='left' valign='top' scope='col' width='80'><em>*</em><input type='checkbox' name='TermsAndConditions' style='width:14px; text-align:right;'/></td> <td align='left' valign='top' scope='col'> I agree all <a href='TermsAndConditions.php'>Terms and conditions </a>of Elite Brigade.</td> </table> </tr>"; echo "<tr><td colspan='2' align='center'><input type='submit' value='Register' name='submit' style='background:url(./images/button_img2.png) no-repeat 10px 0px; width:100px; padding:3px 0 10px 0; color:#FEFBC4; border:0; margin:15px 0 5px 100px; '/></td></tr><br>"; echo " </td></tr></table> </div> </form> </body> </html>"; require_once('lower.php'); ?>Hi friends.......... I have two problems with this page....... 1--> When user not select radio button it should displays "Please enter Sex" but on submit it displays an error "Undefined index: Sex in C:\wamp\www\EliteBrigadeserver\RegistrationAndActivity.php on line 19 Please enter Sex." I want to remove this notice........ 2--> If user not fill any field and press submit then if user once selected his sex, it should remain selected. Help me please............ Anyone????????? thanks in advance................... Hi, I'm trying to display a user review system allowing user's to vote. This works fine, but I'm trying to user php to only display the rating system if the user is logged in and display alternate text if they are not. I am getting the following error: Parse error: syntax error, unexpected T_ELSE in XXXXXX on line 182 Here's the code: Code: [Select] <?php if ($_SESSION['username']){ $query = mysql_query("SELECT * FROM locations WHERE name = '$location'"); while($row = mysql_fetch_array($query)) { $rating = (int)$row[rating] ?> <div class="floatleft"> <div id="rating_<?php echo $row[id]; ?>"> <span class="star_1"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 0) { echo"class='hover'"; } ?> /></span> <span class="star_2"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 1.5) { echo"class='hover'"; } ?> /></span> <span class="star_3"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 2.5) { echo"class='hover'"; } ?> /></span> <span class="star_4"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 3.5) { echo"class='hover'"; } ?> /></span> <span class="star_5"><img src="fivestars/star_blank.png" alt="" <?php if($rating > 4.5) { echo"class='hover'"; } ?> /></span> </div> </div> <div class="star_rating"> (Rated <strong><?php echo $rating; ?></strong> Stars) </div> <div class="clearleft"> </div> } } <?php else { echo "Log in to review"; } ?> Thanks in advance for any help. I'm sure it's something trivial but I can't see it! Good Day PHP world,
I am encountering a problem in php code meant to allow the user to update their profile picture.
I am using jquery.min and jquery.js. The code below runs with no errors reported. The file has been successfully uploaded to upload path using this form.
upload.php
<form id="imageform" method="post" enctype="multipart/form-data" action='ajaximage.php'> <input type="file" name="photoimg" id="photoimg" class="stylesmall"/> </form>ajaximage.php
$path = "uploads/";
$valid_formats = array("jpg", "png", "gif", "bmp","jpeg");
if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST")
{
$name = $_FILES['photoimg']['name'];
$size = $_FILES['photoimg']['size'];
if(strlen($name))
{
list($txt, $ext) = explode(".", $name);
if(in_array($ext,$valid_formats))
{
if($size<(1024*1024)) // Image size max 1 MB
{
$actual_image_name = $name.".".$ext;
$tmp = $_FILES['photoimg']['tmp_name'];
if(move_uploaded_file($tmp, $path.$actual_image_name))
{
$query = "UPDATE users SET profile_image='$actual_image_name' WHERE student_id='{$_SESSION['user_id']}'";
$result = mysqli_query($link_id, $query);
echo "<img src='uploads/".$actual_image_name."' class='preview'>";
}
The problem is the image being uploaded does not display on the
Student_home.php
<div id="about-img">
<img class="profile-photo" align="middle" src='uploads/".$actual_image_name."' />
</div>
But the image uploaded will display when i write directly its filename example
<div id="about-img">
<img class="profile-photo" align="middle" src="uploads/107.jpg" />
</div>
My problem is i wanted to display the uploaded picture of the specific student on Student_Home.php
after the user has logged in, I would like to display their details by barcode id Login.php <?php $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); session_start(); // username and password sent from form $barcodeID=$_POST['barcode']; // To protect MySQL injection (more detail about MySQL injection) $barcodeID = stripslashes($barcodeID); $barcodeID = mysql_real_escape_string($barcodeID); $sql="SELECT * FROM $tbl_name WHERE BarcodeID='$barcodeID'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count > 0){ $data = mysql_fetch_array ($result); $_SESSION["user_id"] = $data["BarcodeID"]; $_SESSION["user_firstname"] = $data["Firstname"]; $_SESSION["user_surname"] = $data["Surname"]; $_SESSION["user_jobrole"] = $data["JobRole"]; $_SESSION["user_manager"] = $data["Manager"]; $_SESSION["user_priority"] = $data["Priority"]; $_SESSION["user_datejoined"] = $data["DateJoined"]; $_SESSION["user_times_loggged_in"] = $data["TimesLoggedOn"]; if ($_SESSION["user_priority"] == '1') { header("Location: AdminSection.php"); } else { header("Location:LoggedIn.php"); } if ($_SESSION["user_times_loggged_in"] == '0') { header("Location:UsingTheSystem.html"); } } ?> LoggedIn.php I keep getting the error undefined index "barcode"? <?php $barcodeID = $_POST["barcode"]; include 'dbcon.php'; $sql = "SELECT Firstname, Surname, JobRole, Manager" . " FROM users" . " WHERE BarcodeID = .'$barcodeID'" ; $rows = mysql_query($sql); echo $rows; ?> Any help will be greatly appreciated Thanks Dear everyone, I am reasonably new to php, so there is a chance that what I am asking for may exceed my grasp. Nevertheless I'd like to try: Is it possible to let the user choose (by using a drop down listbox for instance) which table from a database to display on a page? And/or which database to display on a page? Background information: I'm working on a website for my chess club. I've already got a working page (html,css) with a table of the standings (mysql, php) of the latest round (with position number, name, points, wins, losses, etc). By clicking on the column header, it sorts the respective column. What I'd finally like to do is let the user choose to display a different round (table), or even a different season (database). I could make a seperate page for each round, but I'd like to know if there's a more elegant way to do this by using only one page and one or more databases. Thanks in advance for any tips and best wishes from The Netherlands, Wouter. <?php echo $error_msg=''; if(isset($_POST['submit'])) { $LoginId=$_POST['LoginId']; $Password1=$_POST['Password1']; $Password2=$_POST['Password2']; $Name=$_POST['Name']; $Age=$_POST['Age']; $BloodGroup=$_POST['BloodGroup']; $Sex=$_POST['Sex']; $Qualification=$_POST['Qualification']; $Email=$_POST['Email']; $Address=$_POST['Address']; $AboutYourself=$_POST['AboutYourself']; [b]$countCheck=count($_POST['checkbox']); echo $countCheck;[/b] //$checkbox=$_POST['checkbox']; //$countCheck=count($checkbox); if(empty($LoginId)){echo 'Please enter Login Id';} elseif(empty($Password1)){echo 'Please enter Password';} elseif(empty($Password2)){echo 'Please confirm Password';} elseif($Password1!==$Password2){echo 'Password didn\'t match';} elseif(empty($Name)){echo 'Please enter Name';} elseif(empty($Age)){echo 'Please enter Age';} elseif(empty($Sex)){echo 'Please enter Sex';} elseif(empty($Qualification)){echo 'Please enter Qualification';} elseif(empty($Email)){echo 'Please enter Email';} elseif(empty($Address)){echo 'Please enter Address';} elseif(empty($AboutYourself)){echo 'Please enter About Yourself';} [b]elseif($countCheck==0){ echo 'You have to register at least one activity.';}[/b] else { $dbc=mysqli_connect('localhost','root','','nog'); $query="select * from registration where LoginId='$LoginId'"; $result=mysqli_query($dbc,$query); if(mysqli_num_rows($result)==0) { $checkbox=$_POST['checkbox']; $countCheck=count($_POST['checkbox']); $reg_id=' '; for($i=0;$i<$countCheck;$i++) { $reg_id=$reg_id.$checkbox[$i].','; } $query="insert into registration (LoginId,Password,Name,Age,BloodGroup,Sex,Qualification,Email,Address,AboutYourself,Activity)values ('$LoginId',SHA('$Password1'),'$Name','$Age','$BloodGroup','$Sex','$Qualification','$Email','$Address','$AboutYourself','$reg_id')"; $result=mysqli_query($dbc,$query) or die("Not Connect"); echo ' Dear '.$Name.'.<br>Your Account is waiting for approval<br>'; echo "<a href='RegistrationAndActivity.php'>Back to Home</a>"; //header('Location: index.php'); // header('Location: Registration.php'); } else { echo 'Dear '.$Name. ' <br>Account already exist with Login Id '.$LoginId.' <br>Try another Login Id'; }} } ?> <html> <body> <?php echo $error_msg; ?> <h3>New User?</h3> <form action='<?php echo $_SERVER['PHP_SELF'];?>' method='post'> Enter Login id<br><input type='text' name='LoginId' value='<?php if(!empty($LoginId))echo $LoginId;?>'/><br> Enter Password<br><input type='password' name='Password1' value='<?php if(!empty($Password1))echo $Password1;?>'/><br> Confirm Password<br><input type='password' name='Password2' value='<?php if(!empty($Password2))echo $Password2;?>'/><br> Enter Name<br><input type='text' name='Name' value='<?php if(!empty($Name))echo $Name;?>'/><br> Enter Age<br><HEAD> <SCRIPT language=Javascript> function isNumberKey(evt) { var charCode = (evt.which) ? evt.which : event.keyCode if (charCode > 31 && (charCode < 48 || charCode > 57)) return false; return true; } </SCRIPT> </HEAD> <INPUT onkeypress='return isNumberKey(event)' type='text' name='Age' value='<?php if(!empty($Age))echo $Age;?>'><br/> Enter Blood<br><input type='text' name='BloodGroup'value='<?php if(!empty($BloodGroup))echo $BloodGroup;?>'/><br> Enter Sex<br><input type='text' name='Sex'value='<?php if(!empty($Sex))echo $Sex;?>'/><br/> Enter Qualification<br><input type='text' name='Qualification' value='<?php if(!empty($Qualification))echo $Qualification;?>'/><br> Enter Email<br><input type='text' name='Email' value='<?php if(!empty($Email))echo $Email;?>'/><br> Enter Address<br><input type='text' name='Address' value='<?php if(!empty($Address))echo $Address;?>'/><br> About Yourself<br/><textarea rows='10' cols='22' name='AboutYourself' value='<?php if(!empty($AboutYourself))echo $AboutYourself;?>'></textarea><br/> <?php echo" <b>Select fields for which you want to register</b><br/>"; $dbc=mysqli_connect('localhost','root','','nog'); $query="select * from activity"; $result=mysqli_query($dbc,$query); while($row=mysqli_fetch_array($result)){ $Title=$row['Title']; $ActivityId=$row['ActivityId']; echo $Title; //echo $ActivityId; [b]echo "<input type='checkbox' name='checkbox[]' value=$ActivityId />"[/b];//value=$ActivityId tells ActivityId variable extracts with name="checkbox" echo "<br/>"; } echo "<input type='submit' value='Register' name='submit'/><br>"; echo "</form> </body> </html>";?> Quote Hi friends......... In above code I want to manadatory the checkboxes which works properly as well but when user not select any checkbox it should display "You have to register at least one activity." according to above code but user get an extra server error also "Notice: Undefined index: checkbox in C:\wamp\www\NGOProject\RegistrationAndActivity.php on line 16 You have to register at least one activity. " I don't want to display this extra server error "Notice: Undefined index: checkbox in C:\wamp\www\NGOProject\RegistrationAndActivity.php on line 16" to user............... please help me .......... Anyone??????????????? thanks in advance.................. First off, let me say that this will not be a public use site. We want to create a site that allows us to run queries in our database; this way we don't need to log into the MySQL server when ever we want to run a query. Basically, I am trying to create something as simple as a form with a text-input and a submit button. In this text-input, we will write a query (such as SELECT * FROM xxxx). When we hit submit, we would like to have the MySQL table printed out in a large textbox below. Our database has multiple tables, so something that works across the entire database seamlessly is key. Has anyone ever made anything like this? Is there another way to go about this? We really just want an easy way to run queries on the go. Thanks in advance to anyone who replies! Hi Guys, Quick question. I'm trying to get my head around how I would check that a user has reached a certain page from another page. So for example, the workflow through my site is something like the following: user registers a verification email is sent user clicks the link within the verification email to complete the sign up process user logs in and ONLY on a successful login will the following happen: checks are made to see if account has been verified if user has been verified, go to main menu if user has not been activated his account then he goes to a page that says account has not been activated The bit i'm struggling to get my head around is this... the user should only reach the page 'account has not been activated' page from the login page. If that page was called confirm-account.php. What can i do to stop a random person typing something along the lines of www.mywebsite.com/confirm-account.php and getting straight onto that page? or even upon the registration process if the user is taken to a page that says an email has been sent, how would i stop a random person just typing the url straight to that page and bypassing the pages I would expect them to have gone through before reaching that?? Cheers How Hey guys, I can't wrap my head around how to make this work right... I have three tables: Code: [Select] CREATE TABLE `games` ( `g_id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(150) DEFAULT NULL, PRIMARY KEY (`g_id`)); CREATE TABLE IF NOT EXISTS `game_player` ( `r_id` int(11) NOT NULL AUTO_INCREMENT, `p_id` int(11) DEFAULT NULL, `g_id` int(11) DEFAULT NULL, `bool` int(1) NOT NULL DEFAULT '0', PRIMARY KEY (`r_id`)); CREATE TABLE IF NOT EXISTS `players` ( `p_id` int(11) NOT NULL AUTO_INCREMENT, `playerid` varchar(150) NOT NULL, PRIMARY KEY (`p_id`), UNIQUE KEY `playerid` (`playerid`)); The players table is my list of users, and they're tied to the list of games via the game_player table. So here's my issue... I'm trying to show the full list of games, and then check mark each record where the player does play it. This is what I have so far - it shows all the games, but it's not checking the boxes. Code: [Select] $result = mysql_query("SELECT * FROM games") or die(mysql_error()); while($row = mysql_fetch_array($result)) { $newquery = "SELECT * FROM game_player, players WHERE game_player.p_id = players.p_id AND game_player.g_id = ".$row['g_id']. " AND players.playerid = {$userid}"; $query = mysql_query($newquery) or die(mysql_error()); if($query['bool'] == 1) { $set_checked = " CHECKED"; } else{ $set_checked = ""; } echo "<input type=\"checkbox\" name=\"box1\" value=\"".$query['g_id']."\"" . $set_checked . "/>".$row['name']."<br />\n"; } OK, Here is the code $sql = "SELECT TrialListing.listingID AS Trial, TrialClass.classID AS Class, place.place_name AS Place, CONCAT_WS( ' ', pedigree.pretitle, pedigree.`Name`) AS Hound, CONCAT_WS( ' ', ped2.pretitle, ped2. NAME )AS Sire, CONCAT_WS( ' ', ped3.pretitle, ped3. NAME )AS Dam, pedigree.Breeder, pedigree.`Owner`, CASE WHEN placement.place_id < 5 THEN TRUNCATE(TrialClass.number_of_entrants / placement.place_id,2) WHEN placement.place_id = 5 THEN '' ELSE 0 END AS Score FROM TrialListing Left Join TrialClass ON TrialListing.listingID = TrialClass.listingID JOIN placement ON placement.event_id = TrialClass.trialClassID JOIN pedigree ON pedigree.PedigreeId = placement.hound_id LEFT OUTER JOIN pedigree AS ped2 ON pedigree.SireId = ped2.PedigreeId LEFT OUTER JOIN pedigree AS ped3 ON pedigree.DamId = ped3.PedigreeId LEFT JOIN place ON place.place_id = placement.place_id WHERE TrialListing.listingID = 11 ORDER BY Class, FIELD(place.place_id, '1', '2', '3', '4', '0') "; // Database Query $result = mysql_query("$sql"); // Database Query result $num_rows = mysql_num_rows($result); // Starts the table echo "<table class=\"clubList\">\n <tr> <th>trialID</th> <th>ClassID</th> <th>Place</th> <th>Hound</th> <th>Sire</th> <th>Dam</th> <th>Score</th> </tr>"; // Create the contents of the table. for( $i = 0; $i < $row = mysql_fetch_array($result); $i++){ echo "<tr>\n" ."<td>".$row["Trial"]."</td>\n" ."<td>".$row["Class"]."</td>\n" ."<td>".$row["Place"]."</td>\n" ."<td>".$row["Hound"]."</td>\n" ."<td>".$row["Sire"]."</td>\n" ."<td>".$row["Dam"]."</td>\n" ."<td>".$row["Score"]."</td>\n" ."</tr>";} echo "</TABLE>"; Here is the output, I added the TrialID & ClassID for informational purposes, they do not need to be displayed in the live table. trialID ClassID Place Hound Sire Dam Score 11 1 1st Eaton Brook Tug Hill Tatonka Eaton Brook Hickety Hawk Eaton Brook Gunner's Beulah 43.00 11 1 2nd FC North Bend Igloo FC DFJ Murphy White IFC Brad-Ju's Bella Donna 21.50 11 1 3rd FC North Bend Igloo FC DFJ Murphy White IFC Brad-Ju's Bella Donna 14.33 11 1 4th Rail Road Spike VI Elwell's Mike Elwell's Hannah 10.75 11 1 NBQ FC Fish Creek Spike Fish Creek Bull II Fish Creek Susie [H849395] 11 2 1st Enman Hill Sweet Poppy FTCH Straight Arrow Lucky of Coos 32.00 11 2 2nd Fishflakes Penny At Harehaven FTCH Jill's Fair-Isle Spud FTCH Millbridge Brownie 16.00 11 2 3rd Line Elm Flakers IFC Flakers Rex IFC Line Elm Ginger 10.66 11 2 4th FTCH Fareast Mookie FTCH Mellowrun Sly FTCH Cape Breton Maude 8.00 11 2 NBQ FTCH Mellowrun Sly Mellowrun Skylighter FTCH Mellowrun Becka 11 3 1st Bojangle V Lee Otworth Half Acre's Cocoa Candy 23.00 11 3 2nd Gay Doll Gay Roll II Gay Idol 11.50 11 3 3rd Bruce's Blue Lady FC Kilsock's Blue Creek Bart Bishopville's Zippy 7.66 11 3 4th FC Pearson Creek Barbin FC Pearson Creek Barbarian FC B-Line Stubby 5.75 11 3 NBQ Sims Creek Cricket Ronnie Joe Sims Creek Tiny 11 4 1st FTCH Fareast Mookie FTCH Mellowrun Sly FTCH Cape Breton Maude 26.00 11 4 2nd FTCH Mellowrun Sly Mellowrun Skylighter FTCH Mellowrun Becka 13.00 11 4 3rd Fishflakes Penny At Harehaven FTCH Jill's Fair-Isle Spud FTCH Millbridge Brownie 8.66 11 4 4th Enman Hill Sweet Poppy FTCH Straight Arrow Lucky of Coos 6.50 11 4 NBQ Line Elm Flakers IFC Flakers Rex IFC Line Elm Ginger Below is what I would like to generate. How do I word or nest the proper PHP code/loops to accomplish this? ClassID Place Hound Sire Dam Score 1st Eaton Brook Tug Hill Tatonka Eaton Brook Hickety Hawk Eaton Brook Gunner's Beulah 43.00 2nd FC North Bend Igloo FC DFJ Murphy White IFC Brad-Ju's Bella Donna 21.50 3rd FC North Bend Igloo FC DFJ Murphy White IFC Brad-Ju's Bella Donna 14.33 4th Rail Road Spike VI Elwell's Mike Elwell's Hannah 10.75 NBQ FC Fish Creek Spike Fish Creek Bull II Fish Creek Susie [H849395] ClassID Place Hound Sire Dam Score 1st Enman Hill Sweet Poppy FTCH Straight Arrow Lucky of Coos 32.00 2nd Fishflakes Penny At Harehaven FTCH Jill's Fair-Isle Spud FTCH Millbridge Brownie 16.00 3rd Line Elm Flakers IFC Flakers Rex IFC Line Elm Ginger 10.66 4th FTCH Fareast Mookie FTCH Mellowrun Sly FTCH Cape Breton Maude 8.00 NBQ FTCH Mellowrun Sly Mellowrun Skylighter FTCH Mellowrun Becka ClassID Place Hound Sire Dam Score 1st Bojangle V Lee Otworth Half Acre's Cocoa Candy 23.00 2nd Gay Doll Gay Roll II Gay Idol 11.50 3rd Bruce's Blue Lady FC Kilsock's Blue Creek Bart Bishopville's Zippy 7.66 4th FC Pearson Creek Barbin FC Pearson Creek Barbarian FC B-Line Stubby 5.75 NBQ Sims Creek Cricket Ronnie Joe Sims Creek Tiny ClassID Place Hound Sire Dam Score 1st FTCH Fareast Mookie FTCH Mellowrun Sly FTCH Cape Breton Maude 26.00 2nd FTCH Mellowrun Sly Mellowrun Skylighter FTCH Mellowrun Becka 13.00 3rd Fishflakes Penny At Harehaven FTCH Jill's Fair-Isle Spud FTCH Millbridge Brownie 8.66 4th Enman Hill Sweet Poppy FTCH Straight Arrow Lucky of Coos 6.50 NBQ Line Elm Flakers IFC Flakers Rex IFC Line Elm Ginger Hi, I'm trying to build a pages for user preferences for digital tv. Each user has to login so we know which user to assign the preferences to. On the page i have a question about which genre of movies the user likes (so I have 1 table "Genre" with 10+ genres in it) So the first thing I do is display checkboxes with the genres that are in the DB. Now here are some things I don't really know: - I have a table userGenre that combines the users and the genres they've picked, so if userid 1 chooses 3 genres, it comes like this in the userGenre table ( userID: 1, genreID: 1 userID: 1, genreID: 3 userID: 1, genreID: .. I don't know if this is the best way though. - How can I display the genres they picked starting from the values in the DB? I have something now: "SELECT * FROM userGenre WHERE userID = " . $userID or something like that.. I don't know what to do next Hi, I have to ask about profile page for each user like facebook and netlog. As u can see in netlog it is like this http://en.netlog.com/ElegantLeo and i have a site http://cyprussaver.com/merchant.php?id=64 and here each merchant profile can be viewed like this but i need to show them like this http://cyprussaver.com/rocksman please guide me what i have to do in order to achieve this result. Thanks, Hanan ALi Hi, I'm trying to change an OpenSource software that is using PHP code, I'm somewhat new to PHP and am wanting to learn more on it, but I'm having trouble a couple of things. On rightcolumn.tpl, I include another file called login_rightside.tpl where it is a login box. What I want to do is if the user clicks "Register" and gets taken to "signup.php" then that login box on "login_rightside.tpl" should disappear. So basically my pseudocode is this: Code: [Select] if (current page = signup.php do nothing else {include file="login_leftside.tpl"} end if My problem is how to tell it that the current page is signup.php. If anyone can provide some help, I'd appreciate it. Whats going on PHPfreaks? So this is what I've been trying to do for the whole weekend and just can't figure it out. I want to let users create new pages on my site like wiki style but dont want a wiki or drupal or joomla or any of that. I know its possible with: $text = $_POST['text']; $file = fopen($text . ".php","x"); fwrite($file,"Welcome to your new page!"); but I'm not sure how to integrate it. For further clarification here's an example: You come to the site and there is a list of previously made user pages all with their own user generated name. What I want to have is a create new page button that opens a new page allows the user to upload images then submit it to the database and upon refresh of the page their page is now in the list. The create new page resets and is available for another user and on and on. Any help will be appreciated. I need to get this done it's driving me crazy. I have a site where the user must view a timed loader before playing an audio bible. I'm noticing some direct linking to the bible player instead of sitting through the loader... I need to check the previous page's url before actually loading the player. I through together a script last ween in javascript and people reported error, so I assumed it would be best server side anyway. I haven't coded anything in PHP since PHP3. So, I'm asking for your expert options and help... I haven't tested this yet, but is this the best method and are they any problems with this method (if it works). $realname = basename($_SERVER[loader], ".php"); if ($realname == 'loader.php') { return(); } else { // rediret to a notice to user that this isn't allow header( 'Location: http://www.yoursite.com/new_page.html' ) ; } <?php $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name="helpdesk"; // Database name $tbl_name="users"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $barcodeID=$_POST['barcode']; // To protect MySQL injection (more detail about MySQL injection) $barcodeID = stripslashes($barcodeID); $barcodeID = mysql_real_escape_string($barcodeID); $sql="SELECT * FROM $tbl_name WHERE BarcodeID='$barcodeID'"; $result=mysql_query($sql); $isAdmin = mysql_fetch_row($result); if ($result['Priority'] = "Admin") { header("location:AdminSection.php"); } else //do I have something missing here? { header("location:index.php"); } // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['barcode'] = $barcodeSession; $_SESSION['userlevel'] = $row['Priority']; if($row['userlevel'] == "Admin") { header("location:AdminSection.php"); }else{ header("location:index.php"); } header("location:LoggedIn.php"); } else { header("location:index.php"); } ?> When a user has been entered into the database with their priority set to Admin, it will no recognise it? Any help is apprectiated Thanks |
|||||||