|
PHP - Mysql & Header Re-direct Urgent Help Please!
Hello,
I'm having some major major issues, with a web hosting / PHP / MySQL database issue and if anyone can help that would be amazing! Okay first I have a MySQL database setup, with a table called "staff", within that there is a "username" and "password" field pretty self explanatory. I have a login in page (login.php) see first set of coding and a loginaction (loginaction.php) and what is suppose to happen is the loginaction checks the posted data against the database and if correct relocate to another page. I have had this coding and much more complex coding working on various other servers, but this is the first time I've ever dealt with BT Business webhosting, which is pretty useless right now and poor help to date from technicians who say it is a purely a coding issue. From what I have established I believe that the issue is occuring because BT don't have the apache server setup correctly for what I'm trying to do or that the browser is seeing the "$result" on "loginaction.php" and data, resulting in a white page of certain doom! Please help!! login.php [<?php include "sections/phparea.php";?> <?php include "sections/header.php";?> <?php include "sections/left.php";?> <!-- start content --> <div id="content"> <?php // Include the formatted error message if (isset($_SESSION['message'])) echo "<h4>".$_SESSION['message']."</h4>"; // Generate the login <form> layout ?> <form action="loginaction.php" method="post" enctype="multipart/form-data"> <table class="tablelogin" > <tr> <td> <label for="email">E-mail Address</label> </td> <td> <input type="text" name="email" id="email" /> </td> </tr> <tr> <td> <label for="password">Password</label> </td> <td> <input type="password" name="password" id="password" /> </td> </tr> <tr> <td> </td> <td> <a href="../ambustar/accountrecovery.php">Forgotten Password?</a> </td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> <input type="hidden" name="count" id="count" value="1" /> <input type="reset" name="reset" id="reset" value="Clear" /> <input type="submit" name="submit" id="submit" value="Log in" /> </td> </tr> </table> </form> </div> <!-- end content --> <?php include "sections/right.php";?> <?php include "sections/footer.php";?> ] loginaction.php [<?php session_start(); include "dbconnect.php"; $email =$_POST["email"]; $password =$_POST["password"]; $query = "SELECT * FROM staff WHERE username = '$email' AND password = '$password'"; $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); // see if any rows were returned if (mysql_num_rows($result) > 0) { header("Location: test.php"); } else { header("Location: login.php"); } ?> ] dbconnect.php [<?php $hostname = "sql5c30a.carrierzone.com"; $username = "user"; $password = "password"; $databaseName = "main_bikescarsandvans_co_uk"; $connection = mysql_connect($hostname, $username, $password); // or die ("Unable to connect!") mysql_select_db($databaseName) or die ("Unable to select database!"); ?> ] Similar TutorialsHi, I found a code for login page on web which would check against the database and login, I wanted to modify it so that once the password is verified the user will be directed to a new page with the session variables also active. I read about " header()" functionality which would achieve this so i added this to the code but my code seems to fail with the error "Cannot modify header information - headers already sent by (output started at C:\xampp\phpMyAdmin\scripts\login1.php:7) in C:\xampp\phpMyAdmin\scripts\login1.php on line 10 " The code for login1.php is as below- For quick understanding i have removed all the section related to DB validation ..so the below code must activate the next page "add_entry2.php" immediately after submit button is pressed. Please see below.. Thanks in advance. Code: [Select] <html> <head> <title>Login</title> </head> <body> <?php if (isset($_POST['submit'])) {if(!$_POST['uname'] | !$_POST['passwd']){die('You did not fill in a required field.'); } header('Location: add_entry2.php');} else {// if form hasn't been submitted ?> <h1>Login</h1> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table align="center" border="1" cellspacing="0" cellpadding="3"> <tr><td>Username:</td><td> <input type="text" name="uname" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="passwd" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> </body> </html> Okay so you may have noticed an earlier post from myself that problem have been fixed, Some background info, The website is currently on my test server so not connected to the internet. I have only been learning PHP for the last 3-4 days so I am fairly new to most things so please keep your explanations simple, The finished code here is being designed for use on large scale websites with a lot of users around 100,000+ per 24 hour period and therefor will need to be secure. Yet I have no idea how to do that, The script once finished will also be freely distributed and contributors will be fairly credited. I have some new problems that I need help fixing, So I am creating a PHP Blog connected to my MYSQL Database, Currently there is no admin backend that's a job for later but I do have the following files. index.php - This displays all blog posts for all my categorys news.php - This displays each blog post on there own config.php - This contains my server connect code I also have the following fields in my database articleid - Unique ID number of each blog post category - The category the blog post is in title - The title of each blog post body - The body of each post author - The name of the author date - date of posting But now I need to add some comments so can anyone please help out, The comments should only appear below the article on the 'news.php' page so I was hoping someone could write me a script to post and display the comments, (No login system needed I got that covered surprisingly.) if you can also give me a .sql file to add the needed tables to my database that would be greatly appreciated, Lastly would it be possible for someone to secure the script so it is invulnerable to SQL Injection attacks and any other form of attack that someone could pull off on the site. So bring on the code, Index.php Code: [Select] <?php include("config/config.php"); $data = mysql_query("SELECT * FROM blog ORDER by date ASC") or die(mysql_error()); while($row = mysql_fetch_array($data)) { echo "<table class='main'> <tr> <td> <a href='/news.php?articleid=" . $row['articleid'] . "' class='article_title'>" . $row['title'] . "</a> <p>" . $row['introduction'] . "</p></td><tr><td ALIGN='RIGHT' class='small'> Posted by:" . $row['author'] . ", on " . $row['date'] . ",</td></tr></table>"; } ?> Comments:I have removed all the junk out and left the basic script, news.php Code: [Select] <?php include("config/config.php"); $data = mysql_query("SELECT * FROM blog WHERE articleid = {$_GET['articleid']} ORDER by date ASC") or die(mysql_error()); while($row = mysql_fetch_array($data)) { echo "<table class='main'> <tr> <td> <a href='/news.php?articleid=" . $row['articleid'] . "' class='article_title'>" . $row['title'] . "</a> <p>" . $row['introduction'] . "</p></td><tr><td ALIGN='RIGHT' class='small'> Posted by:" . $row['author'] . ", on " . $row['date'] . ",</td></tr></table>"; } ?>Comments:So here's the complex bit if someone could please add the comments below the article here, Thanks again, Blaze, (Really bad PHP Programmer) Here is my code: // Start MySQL Query for Records $query = "SELECT codes_update_no_join_1b" . "SET orig_code_1 = new_code_1, orig_code_2 = new_code_2" . "WHERE concat(orig_code_1, orig_code_2) = concat(old_code_1, old_code_2)"; $results = mysql_query($query) or die(mysql_error()); // End MySQL Query for Records This query runs perfectly fine when run direct as SQL in phpMyAdmin, but throws this error when running in my script??? Why is this??? Code: [Select] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= new_code_1, orig_code_2 = new_code_2WHERE concat(orig_code_1, orig_c' at line 1 Hey all, first post to this site. I'm somewhat new to PHP, so bear with me - this might be an easy question, it might not be. Just looking for a little help. Basically, I have a query which takes commands from a form through AJAX (day, time, time1). The query executes a wildcard on a table named sip_data, searches for linked $id (so if $id=3, for example in multiple tables, it spits out the $name, $zip in a div). Here's the code: Code: [Select] <?php $dbhost = "localhost"; $dbuser = ""; $dbpass = ""; $dbname = ""; //Connect to MySQL Server $link = mysql_connect($dbhost, $dbuser, $dbpass); //Select Database mysql_select_db($dbname) or die(mysql_error()); // Retrieve data from Query String $id = $_GET['id']; $name = $_GET['name']; $zip = $_GET['zip']; $server_url = $_GET['server_url']; $day = $_GET['day']; $time = $_GET['time']; $time1 = $_GET['time1']; // Escape User Input to help prevent SQL Injection $id = mysql_real_escape_string($id); $name = mysql_real_escape_string($name); $zip = mysql_real_escape_string($zip); $server_url = mysql_real_escape_string($server_url); $day = mysql_real_escape_string($day); $time = mysql_real_escape_string($time); $time1 = mysql_real_escape_string($time1); //build query $query = "SELECT * FROM $day,sip_data WHERE $day.id=sip_data.id AND $day$time<=>$day$time1 ORDER BY zip ASC"; //Execute query $qry_result = mysql_query($query) or die(('No Results')); //Build Result String while($row = mysql_fetch_array($qry_result)) { echo "<table id=query_result align=left>"; echo "<tr>"; if($zip = $row[zip]); echo "<th><b>$row[zip]</b></th>"; echo "</tr>"; echo "<tr>"; echo "<td><a href=$row[server_url] rel=ajaxDiv>$row[name]</a></td>"; echo "</tr>"; echo "</table>"; } echo $display_string; ?> Basically, my issue with this is that some of the results within the sip_data DB will have zip codes that repeat. The current code prints out each results with the zip code and name - here's an image of a sample result: What I would like to do is avoid repeating the zip code and just group the results under each zip code, kinda like this: 55408 55412 55423 --------- ------------ ---------- example example example example example example Any help would be greatly appreciated. I feel like I'm so close to the answer, but just need a little guidance. Who knows, I might be way off. Thanks in advance! I have my template files and some functions in my server which are available for direct reach. like ; my "index.php" file includes "loginpage.php" form which is ok when I enter www.site.com/index.php but also when I enter to www.site.com/loginpage.php it works and shows me just login page. So this is what I dont want. How can I prevent to reach the files directly like this, I want them to work just for other pages of my website, not for directly seeing. By the way can this problem also be solved by hosting settings or mod_rewrite ? I just finished a page of code that passes all the debug tests except for the very last line on the page. </html>. The page has php and html, java script and some SQL. (see I'm learning and hadn't placed a post until I exhausted my limited resources. The Error Codeis: PHP Parse error: syntax error, unexpected $end in C:\wamp\www\registerform.php on line 292 Here's my concern: I read this error statement as an error()is missing. Please clarify something for me, You start the php code with <?php and end it with ?>. I also understand that the end() will stop all further operation. Correct. When you have a form call itself for data checking, and if the data is correct, send it to the appropriate database table, does one need to place the end() at the end of the php portion of the code? And if so, will it not stop any of the code from being read the first time the page is called? Also since the FORMs action calls for the page to load itself for data verification, how at the end of the checking do I go call another page? here's the page: The page is attached: Hello everyone, I have a question. I'm trying to figure out a way to make it so that when a user visits a page for a certain file, they are given the file to download but can't see the link to that file. Example: There is a file on http://serverB.com/file.rar A person goes to http://serverA.com/?file=file.rar They can download http://serverB.com/file.rar without seeing the link to that file. Is there any way to do this? Thanks. I have a php form for uploading file as the action sends to upload.php. How I can avoid any kind of direct access to upload.php? I want to kill the php process at the first line without performing the remaining code (it is very critical for me as I have a counter), except calls coming from form.php. I've just done a Contact Me form. Once a message has been sent, I'd like to direct the user to a new page saying 'thanks for getting in touch', just so it's clear the message has been sent. What's the best function to use for that? I tried require("message.php") and include() but the two files got mixed up and all I got was a mess! Thanks in advance for any help Trying to sort out setting a cookie that allows visitor to decide which sub domain to go directly to in subsequent visits. Somewhat complicated by the fact that the sub domains are running seprate instances of wordpress. Here's the code... any suggestions appreciated! Code: [Select] <?php if (isset($_POST['submitted'])) { $site=$_POST['site']; setcookie("SitePref",$site, time() + 60*60*24*30, 'historybee.com'); if ($site == 'ms') { header("Location: http://ms.historybee.com/"); } elseif ($site == 'hs') { define('WP_USE_THEMES', true); require('./wp-blog-header.php'); } } else { //if we have a cookie, load the site if (isset($_COOKIE['SitePref'])) { if (($_COOKIE['SitePref']) == 'hs') { define('WP_USE_THEMES', true); require('./wp-blog-header.php'); } else { header("Location: http://ms.historybee.com/"); } } else { //if we don't have a cookie, load the form ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>The National History Bee</title> </head> <body style="margin:0;padding:0;background: url('http://ms.historybee.com/wp-content/themes/makinghistoryblue/img/body_bg_hb5.jpg') repeat-x scroll center top #F2BF3B;"> <div align="center" style="width:800px;margin:0 auto;background:#fff;"> <p><img src="http://ms.historybee.com/wp-content/themes/makinghistoryblue/img/nhb_logo.png"> <p><h1>Welcome to the National History Bee!</h1> <p>The National History Bee has both High School and Middle School competitions. <p>Please choose which site you would like to visit. Your choice will be remembered for 30 days. <form action= "<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST"> <input type="radio" name="site" value="ms"> Middle School Competition <input type="radio" name="site" value="hs"> High School Competition <input type ="hidden" name="submitted" value="true"> <p><input type="submit" value="Remember My Choice"> </form> <br /><br /><br /> </div> </body> </html> <?php } } ?> Hello everyone, What is the best method of blocking direct access to certain files like functions, modules, and etc? I was trying the if ( ! defined('BASEPATH')) exit('No direct script access allowed');method but I feel like there must be a more convenient/better way. Any suggestions are appreciated, thank you. I want to perform a php process initiated by AJAX according to the method described in http://www.w3schools.com/PHP/php_ajax_database.asp with this line Code: [Select] xmlhttp.open("GET","getuser.php?q="+str,true); the php process in getuser.php is initiated. But how I can restrict direct access to getuser.php? If someone visit getuser.php?q=something; the process will be started for "something". I want to run the getuser.php process only and only when it is initiated from my main page. Hello, I want to prevent this page from being directly accessed by all via just putting its address in the address bar: http://www.mysite.com/page1/page2/signup.php I want to allow to be accessed this page only via clicking on a link in a particular page like: http://www.mysite.com/activate/index.php Please help me. A shipping vendor (like Stamps.Com) provides me a Printable Shipping Label to display on my website for Visitors to print.
When Visitors come to my page, my PHP code:
$Shipping_Label_Data = $LabelVendor->data[0]->contents; // vendor's API echo '<img src="/Label-Directory/'.$Order_Number.'.png" />'; Later I realized the security flaw: any snooper can fish for other Visitor's labels in my Label directory. What is the best way to prevent the display of other people's labels? Thank you!! I have solved this now. we have already see the facility in website gmail and facebook that when user log-in successfully then its redirects the page to another page automatically, can someone tell me how to redirect the page when log-in becomes successful ?
User tries to Log-in -> create session variable -> now redirect the page
I can verify user account details and set the session variable at the same time, but how to reload the page so that it finds the session and reload itself and then redirect the page to new page ??
Thanks for sparing your time here !!
I've got a question, I thought I'd be able to do this fairly easily. I don't want to do an .htaccess solution also. I tried this, define('ACCESS', TRUE); // then on other page if(!defined('ACCESS'){die('Direct access not allowed.');} Need some assistance, appreciated. This topic has been moved to PHP Applications. http://www.phpfreaks.com/forums/index.php?topic=350027.0 Hello everyone, I'm just starting out with PHP as I need to create an online bookstore for a school project. I'm working by a magazine which should teach you exactly how to do this using PHP, but I've had a bunch of problems with the code they use and I don't really know what's going on. Anyway, this looks really simple and basically what it does is allows you to post a comment on a book, then returns you to the book's page. Problem is, I'm getting the Header may not contain more than a single header, new line detected. error and I can't figure out why. I've tried researching into the matter but all the cases I found had to do with returning to an url, which is not my case. Anyway, here's the snippet of code: The form: Code: [Select] <div style="width:400px; border:1px solid #ffffff; background-color:#F9F1E7; padding:5px"> <b>Adauga opinia ta:</b> <hr size="1"> <form action="adauga_comentariu.php" method="POST"> Nume: <input type="text" name="nume_utilizator"><br><br> Email: <input type="text" name="adresa_email"><br><br> Comentariu: <br> <textarea name="comentariu" cols="45"></textarea><br><br> <input type="hidden" name="id_carte" value="<?=id_carte?>"> <center><input type="submit" value="Adauga"</center> </form> </div> The script adaugare_comentariu.php: Code: [Select] <?php ob_start(); include("conectare.php"); $numeFaraTags=strip_tags($_POST['nume_utilizator']); $emailFaraTags=strip_tags($_POST['adresa_email']); $comentariuFaraTags=strip_tags($_POST['comentariu']); $sql="insert into comentarii (id_carte, nume_utilizator, adresa_email, comentariu) values(".$_POST['id_carte'].", '".$numeFaraTags."','".$emailFaraTags."','".$comentariuFaraTags."')"; mysql_query($sql); $inapoi="carte.php?id_carte=".$_POST['id_carte']; header("location:urldecode($inapoi)"); ob_end_flush(); ?> conectare.php connects to the mysql database. $inapoi is the variable which returns the user to carte.php (the book he posted a comment on), where id_carte is the book's unique id. I'm getting Header may not contain more than a single header, new line detected on line ten, which is the header line. Can anyone help me? I've been stumped on this for a few days now and I've just let it pass and started working on other bits, but it's bugging me too much and I'd like to fix it. After searching postings on multiple forums, I am officially now "Freaking OUT" trying to understand something that is probably very simple, but cannot seem to grasp. I simply want to read basic .csv data that is sent/uploaded directly to a PHP page, and to then append each record that shows up to a single .csv file on the server. The incoming data is supposed incoming via $_POST['csv'] ... at least that's what I was told. Each.csv record line being sent/uploaded is very simple (either single or multiple records in one small file): text1,text2,text3,text4,text5 For additional processing I know about 'explode', etc., but right now I am stuck even trying to do an 'echo' to display the simple incoming data "as is". One option I tried was: $postdata = file_get_contents("php://input"); echo $postdata; In the Java App monitoring I get the following after 3 records are sent/uploaded to the PHP URL: Server response status line: HTTP/1.1 200 OK I find this strange since I did not include... http_response_code(200); ... in the page code. Obviously, I do NOT know what I am doing here {SIGH}. Any assistance or guidance is appreciated. Thank you ! - FreakingOUT
|
|||||||