|
PHP - Php Login/register Multiple Tables
Hi there, I've just registered here and had a quick look around but couldn't find the answer I was looking for so I hope I'm posting this question in the right place.
I want to write a PHP Login/Registration script that I can run on a website I am developing for a client but this website has more than one piece of software on it (each with it's own user-tables) and this is the first time I have had to integrate software before so I need a bit of help. When a user fills in the registration form, that data needs to be sent to the relevent user-tables for each application running on the website & when a user logs in, they need to be authenticated for each of the applications also so that we can have a one-click login process. I hop Similar TutorialsHello everyone,i was trying to make a register/login pages on my own and well i got stuck..and my good friend google couldn't help me :S So well i came to ask proffesionals Okay here is it: First thing i don't get is about email activation that i wanted to use on my register page... I got do_reg.php file that looks like this: Code: [Select] <?php include 'connection.php'; //grab data from form $name = $_POST['username']; $pass = $_POST['password']; $pass_conf = $_POST['pass_conf']; $email = $_POST['email']; $ip = $_POST['ip']; //if else if($name == false || $pass == false || $pass_conf == false || $email == false){ echo "Please fill in all the required fields."; }; if($pass != $pass_conf){ echo "Blah..Passwords do not match."; }else{ //generate random code $code = rand(11111111,99999999); //send email $subject = "Activate your account"; $headers = "From: admin@mysite.com"; $body = "Hello $name,\n\nYou registered and need to activate your account. Click the link below or paste it into the URL bar of your browser\n\n http://localhot/login/activate.php?code=$code\n\nThanks!"; if (!mail($email,$subject,$body,$headers)) echo "Error,what a shame!"; else { $sql = mysql_query("INSERT INTO users (username,password,email,code,active,ip) VALUES('$name','$pass','$email','$code',0,'$ip')") or die(mysql_error()); $result = mysql_query($sql); echo "Thank you for registering! But your account is not still active :'( Please check your email ($email) for activation code! :)"; } }; ?>I went through thousands of erros and still couldn't make it work,i am using xampp localhost server for now and maybe that is the reason it wont work even if i tried to activate SMTP and that stuff in php.ini conf file (as my friend google told me).. So this is one of the errors: Quote Warning: mail() [function.mail]: SMTP server response: 550 relaying denied in C:\xampp\htdocs\login\do_reg.php on line 25 Error,what a shame! Now the next thing i couldn't understand is where is the error inside this script... (do_login.php) Code: [Select] <?php include 'connection.php'; $session_username = $_SESSION['username']; if($_POST['login']) { //get form data $username = $_POST['username']; $password = $_POST['password']; } if(!$username||!$password) echo "Username and password missing!"; else { //login $login = mysql_query("SELECT * FROM users WHERE username='$username'"); } if (mysql_query($login)==0) echo "No souch user!"; else { while ($login_row = mysql_fetch_assoc($login)) { $password_db = $login_row['password']; $password = md5($password); if ($password!=$password_db) echo "Incorect password!"; else { //check if active $active = $login_row['active']; $email = $login_row['email']; if ($active==0) echo "You haven't activated your account, please check your email ($email) for activation!"; else { $_SESSION['username']=$username; //assign session header("Location: index.php");//refresh } } } } ?> Thank you for your spent time and help.. My issue is that I cannot get my user information to (1) upload to the database, and (2) if I manually put information in the data base I cannot retrive it when trying to log in.. I assume its a connection issue, but I cannot seem to find it. Thanks in advance for the help! This is my "init.inc.php" script... Code: [Select] <?php session_start(); $exceptions = array('register','login'); $page = substr(end(explode('/',$_SERVER['SCRIPT_NAME'])),0,-4); if(in_array($page, $exceptions) === false){ if(isset($SESSION['username']) === false){ header('Location: login.php'); die(); } } mysql_connect('localhost','root',''); mysql_select_db('newlogin'); $path = dirname(__FILE__); include("{$path}/inc/user.inc.php"); ?> This is my "user.inc.php" script... Code: [Select] <?php // check is the given username exisits in the table function user_exists($user){ $user = mysql_real_escape_string($user); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}'"); return (mysql_result($total, 0) == '1') ? true : false; } // checks is the username and password are valid function valid_credentials($user, $pass){ $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } //adds user to the database function add_user($user, $pass){ $user = mysql_real_escape_string(htmlentities($user)); $pass = sha1($pass); mysql_query("INSERT INTO 'user_tbl' ('user_name', 'user_password') VALUES ('{$user}', '{$pass}')"); } ?> Finally this is my "register.php" Page... Code: [Select] <?php error_reporting(0); include('core/init.inc.php'); $errors = array(); if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){ if(empty($_POST['username'])){ $errors[] = "The username field cannot be empty!"; } if(empty($_POST['password']) || empty($_POST['repeat_password'])){ $errors[] = "The password fields cannot be empty!"; } if($_POST['password'] !== $_POST['repeat_password']){ $errors[] = "Password verification failed !"; } if(user_exists($_POST['username'])){ $errors[] = "That username has already been taken!"; } if(empty($errors)){ add_user($_POST['username'], $_POST['password']); $_SESSION['username'] = htmlentities($_POST['username']); header('Location: protected.php'); die(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <div> <?php if( empty($errors) === false){ ?> <ul> <?php foreach($errors as $error){ echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> </div> <form action="" method="post"> <p> <label for="username"> Username:</label> <input type="text" name="username" id="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" /> </p> <p> <label for="password"> Password:</label> <input type="password" name="password" id="password" /> </p> <p> <label for="repeat_password"> Repeat Password:</label> <input type="password" name="repeat_password" id="repeat_password" /> </p> <p> <input type="submit" value="Register" /> </p> </form> </body> </html> Hello,
i got a problem with a part of my code :
<?php Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. Code: [Select] <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code Code: [Select] define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: Code: [Select] $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: Code: [Select] <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works If I wanted to create a custom CMS that will allow people to be able to upload files, register a new account, to be able to add to a blog article, edit one's article but not someone else's, edit one's profile, be able to leave comments, edit comments as well as edit their blog articles in something similar to this forum's post box (with Bold, Italic, etc options), how would I go about it? Hi, currently in my registration code, the userId allows only six digits as the user ID. I need help in performing the following task 1. Modify the account creation screen to allow users to enter EITHER a 6-digit ID OR a 9 character ID. Any 6-digit PLID will be stored with the perpended B11. 2.Modify the login utility for the users to allow them to use either the 6-digit or 9-character IDs which means you will need to prepend the B11 to any 6-digit PLID to find their record in the database. 3.Convert existing PLIDs in the database to the new format by prepending the B11. Any coding help will be greatly appreciated. This topic has been moved to Application Design. http://www.phpfreaks.com/forums/index.php?topic=313919.0 I have a form where a user can duplicate part of a form like below: I've named the fields with the HTML arrays (ie. "fieldName[]") and came up with this: //--> CONTROLLERS $system_controllers_qty = $_POST['system_controllers_qty']; $system_controllers_make = $_POST['system_controllers_make']; $system_controllers_model = $_POST['system_controllers_model']; $system_controllers_serial_no = $_POST['system_controllers_serial_no']; for ($i = 0; $i < count($system_controllers_qty); $i++) { echo "qty " . clean($system_controllers_qty[$i]) . "<br/>"; echo "make " . clean($system_controllers_make[$i]) . "<br/>"; echo "model " . clean($system_controllers_model[$i]) . "<br/>"; echo "serial_no " . clean($system_controllers_serial_no[$i]) . "<br/>"; } //--> CPUS $system_cpus_qty = $_POST['system_cpus_qty']; $system_cpus_model = $_POST['system_cpus_model']; $system_cpus_serial_no = $_POST['system_cpus_serial_no']; $system_cpus_speed = $_POST['system_cpus_speed']; for ($i = 0; $i < count($system_cpus_qty); $i++) { echo "qty " . clean($system_cpus_qty[$i]) . "<br/>"; echo "model " . clean($system_cpus_model[$i]) . "<br/>"; echo "serial_no " . clean($system_cpus_serial_no[$i]) . "<br/>"; echo "speed " . clean($system_cpus_speed[$i]) . "<br/>"; } //--> DISKS $system_disks_qty = $_POST['system_disks_qty']; $system_disks_make = $_POST['system_disks_make']; $system_disks_model_no = $_POST['system_disks_model_no']; $system_disks_size = $_POST['system_disks_size']; $system_disks_serial_no = $_POST['system_disks_serial_no']; for ($i = 0; $i < count($system_disks_qty); $i++) { echo "qty " . clean($system_disks_qty[$i]) . "<br/>"; echo "make " . clean($system_disks_make[$i]) . "<br/>"; echo "model_no " . clean($system_disks_model_no[$i]) . "<br/>"; echo "size " . clean($system_disks_size[$i]) . "<br/>"; echo "serial_no " . clean($system_disks_serial_no[$i]) . "<br/>"; } //--> MEMORY $system_memory_qty = $_POST['system_memory_qty']; $system_memory_serial_no = $_POST['system_memory_serial_no']; $system_memory_manf = $_POST['system_memory_manf']; $system_memory_part_no = $_POST['system_memory_part_no']; $system_memory_size = $_POST['system_memory_size']; for ($i = 0; $i < count($system_memory_qty); $i++) { echo "qty " . clean($system_memory_qty[$i]) . "<br/>"; echo "serial " . clean($system_memory_serial_no[$i]) . "<br/>"; echo "manf " . clean($system_memory_manf[$i]) . "<br/>"; echo "part_no " . clean($system_memory_part_no[$i]) . "<br/>"; echo "size " . clean($system_memory_size[$i]) . "<br/>"; } This just outputs all the fields I post at the moment. Say I have 3 different disk types, it's going to loop 3 times. Is it possible to make this all into 1 giant query or am I better off doing each query separately? Each section is a different table. I have a search where I want to be able to search a string of words. The search is going to be looking in 2 different table joined by a left outer join. The tables are "quotes" and "categories". $sql="SELECT q.id, q.username, q.quote, q.by, q.voteup, q.votedown, q.servtime, c.quote_id, c.label FROM quotes q LEFT OUTER JOIN categories c ON q.id = c.quote_id WHERE ( q.username LIKE '$srch' OR q.quote LIKE '$srch' OR q.`by` LIKE '$srch' OR c.label LIKE '$srch')"; The above mysql statement works and returns values..BUT if say, I search "john" and "funny", and a quote is posted by the user "john", but has a category of "funny" it will output the same quote twice. I was wondering if there was a way to see if a quote has either 1 term or both terms, if so display that quote but only display it once. Below is what the query is outputting. [100] => Array ( [id] => 100 [username] => John [quote] => new test quote blah blah [by] => John [voteup] => 0 [votedown] => 0 [servtime] => 2010-12-02 @ 16:27:03 [label] => Array ( [0] => Historic [1] => Serious [2] => Funny ) ) Here is the code in full. //// $sword = explode(" ",$search); foreach($sword as $sterm){ $srch="%".$sterm."%"; echo"$srch<br />"; $sql="SELECT q.id, q.username, q.quote, q.by, q.voteup, q.votedown, q.servtime, c.quote_id, c.label FROM quotes q LEFT OUTER JOIN categories c ON q.id = c.quote_id WHERE ( q.username LIKE '$srch' OR q.quote LIKE '$srch' OR q.`by` LIKE '$srch' OR c.label LIKE '$srch')"; $result=mysql_query($sql); while($row=mysql_fetch_object($result)){ $quote[$row->id]['id'] = $row->id; $quote[$row->id]['username'] = $row->username; $quote[$row->id]['quote'] = $row->quote; $quote[$row->id]['by'] = $row->by; $quote[$row->id]['voteup'] = $row->voteup; $quote[$row->id]['votedown'] = $row->votedown; $quote[$row->id]['servtime'] = $row->servtime; $quote[$row->id]['label'][] = $row->label; } echo"<pre>"; print_r($quote); echo"</pre>"; I don't think this is the fastest way of doing this, as it loops for each item in the db, per each keyword that is search. Any help would be great!! -BaSk I am trying to export multiple csv files to download from 2 separate tables in my database. Some background: I have a web app that links to a phpmyadmin database. There are 2 tables in the database (entering and exiting). These tables hold the phone inventory information of employees currently entering or exiting the organization. The fields in my tables a location, firstname, lastname, username, extension, mac, type What I am trying to do is export the data in these 2 tables to CSV (which I have working now) but I need to have multiple CSVs for each. For example, for my exiting table, I need to have one CSV export all the fields in the table and I also need another CSV to export just the location and username field. I have a simple html form with a submit button which is currently working now: <form action="exportexiting.php" method="POST" style="width: 456px; height: 157px"> <div> <fieldset> <legend style="width: 102px; height: 25px"><strong>Entering CSV:</strong></legend> <input name="Export" type="submit" id="Export" value="Export"> </fieldset><br/> </div> </form> This links to my exportexiting.php file: <?php $host = 'localhost'; $user = 'root'; $pass = 'xxxx'; $db = 'PhoneInventory'; $table = 'exiting'; // Connect to the database $link = mysql_connect($host, $user, $pass); mysql_select_db($db); require 'exportcsv.inc.php'; exportMysqlToCsv($table); ?> Then to exportcsv.inc.php: <?php function exportMysqlToCsv($table,$filename = 'export.csv') { $csv_terminated = "\n"; $csv_separator = ","; $csv_enclosed = ''; $csv_escaped = "\\"; $sql_query = "select * from $table"; // Gets the data from the database $result = mysql_query($sql_query); $fields_cnt = mysql_num_fields($result); $schema_insert = ''; for ($i = 0; $i < $fields_cnt; $i++) { $l = $csv_enclosed . str_replace($csv_enclosed, $csv_escaped . $csv_enclosed, stripslashes(mysql_field_name($result, $i))) . $csv_enclosed; $schema_insert .= $l; $schema_insert .= $csv_separator; } // end for $out = trim(substr($schema_insert, 0, -1)); $out .= $csv_terminated; // Format the data while ($row = mysql_fetch_array($result)) { $schema_insert = ''; for ($j = 0; $j < $fields_cnt; $j++) { if ($row[$j] == '0' || $row[$j] != '') { if ($csv_enclosed == '') { $schema_insert .= $row[$j]; } else { $schema_insert .= $csv_enclosed . str_replace($csv_enclosed, $csv_escaped . $csv_enclosed, $row[$j]) . $csv_enclosed; } } else { $schema_insert .= ''; } if ($j < $fields_cnt - 1) { $schema_insert .= $csv_separator; } } // end for $out .= $schema_insert; $out .= $csv_terminated; } // end while header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-Length: " . strlen($out)); // Output to browser with appropriate mime type, you choose header("Content-type: text/x-csv"); //header("Content-type: text/csv"); //header("Content-type: application/csv"); header("Content-Disposition: attachment; filename=$filename"); echo $out; exit; } ?> Again, this is working perfectly for only exporting all the data from the exiting table into one CSV file. My question is, how can I make my one submit button export the 2 CSV files that I need? Thanks for the help... Right I'm going to try and explain what i'm trying to do and i'll post the code i have at the bottom. Whatever I do I seem to get a new error and I can't get any closer to getting the script right!!! I give up myself. There's only so much one man can take!!!!!!! I have a database with two table. Members owners Both tables have the same fields for the login section! username password (stored in md5 format) access_level Now I'm trying to make a script that selects both tables and finds the username. then checks that the md5 of the password entered into the field is equal to the stored md5 password in the database. if details are correct it sends the person to the correct page while updating a table called mem_logins with the email of the user loging in as a feild along with the time, If there is no account at all it sends them to the create account page, if the access level is equal to 1 or 50 it sends them to the check_email.php Now I'm very new to php and therefore have most certainly written the script wrong. I have been tryig to sort the errors for days and now, have given up. Can anyone help? Here is the code as it stands and at the minute im getting this error..... mysql_num_rows(): supplied argument is not a valid MySQL result resource in site on line 11 <?php include('Connections/YA1.php'); session_start(); ?> <?php if(isset($_POST['submit3'])) { $qCheckUserInfo = "SELECT * FROM Members, owners WHERE username='".mysql_real_escape_string($_POST['username3'])."'"; $rCheckUserInfo = mysql_query($qCheckUserInfo); $numUsers = mysql_num_rows($rCheckUserInfo); if($numUsers == 0) { $message = "Incorrect login details"; $success = 0; } else { $userInfo = mysql_fetch_array($rCheckUserInfo); $password = $userInfo['password']; $email = $userInfo ['email']; if($password == md5($_POST['password3'])) { $success = 1; $_SESSION['logged'] = 1; $_SESSION['club_id'] = $userInfo['club_id']; $_SESSION['username'] = $userInfo['username']; $today = date("Y-m-d h:m:s"); if($_SESSION['access_level'] == 1) { $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')"; mysql_query($sql) or die ("could not execute insert."); header('Location: check_email.php'); } else if($_SESSION['access_level'] == 2) { $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')"; mysql_query($sql) or die ("could not execute insert."); header('Location: members/index.php'); } else if($_SESSION['access_level'] ==50) { $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')"; mysql_query($sql) or die ("could not execute insert."); header('Location: check_email.php'); } else if($_SESSION['access_level'] == 51) { $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')"; mysql_query($sql) or die ("could not execute insert."); header('Location: clubs/index.php'); } else if($_SESSION['access_level'] == 99) { $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')"; mysql_query($sql) or die ("could not execute insert."); header('Location: admin/D/index.php'); } } else { $message = "Incorrect login details"; $success = 0; } } } ?> <body> <div id="wrapper"> <div id="title_box"> <div id="logo"><img src="image/your_arena.jpg" /></div> <div id="login_box"> <?php if($success==0) { echo $message; } else { echo ' '; } ?> <?php if($success != 1 && !($_SESSION['logged'])) { ?><?php ?> <form METHOD="POST" name="login_form" class="black_text" id="login_form"> <table width="252" border="0" align="right" cellpadding="0" cellspacing="5" id="login_tab"> <tr> <td width="84"><div align="left">Username:</div></td> <td><input name="username3" type="text" class="form_fields" value="<?php echo $_POST['username3']; ?>" id="username3" tabindex="1" /></td> </tr> <tr> <td><div align="left">Password:</div></td> <td><input name="password3" type="password" class="form_fields" id="password3" tabindex="2" /></td> </tr> <tr> <td colspan="2"></td> </tr> <tr> <td colspan="2" class="forgotten_pass"><div align="right">Forgotten your password?</div></td> </tr> <tr> <td height="24"><div align="left"></div></td> <td><div align="right"> <input name="submit3" type="submit" id="submit3" tabindex="3" value="Login" /> </div></td> </tr> </table> <?php } //end fail if ?> </form> </div> </div> <?php include('nav.php');?> <div id="test">main page </div> <?php include('footer.php');?> </div> </body> </html> How do I search through table 1, 2, 3 where a=x and b=y and c=z? Hey, I have a query running inner joins... which currently works, but I need some more information pulled from other tables... Code: [Select] define('WPSC_TABLE_PRODUCT_LIST', "{$wp_table_prefix}wpsc_product_list"); define('WPSC_TABLE_PRODUCTMETA', "{$wp_table_prefix}wpsc_productmeta"); define('WPSC_TABLE_CATREF', "{$wp_table_prefix}wpsc_item_category_assoc"); define('WPSC_TABLE_CATNAME', "{$wp_table_prefix}wpsc_product_categories"); $cf="Linked Products"; $sku = get_post_meta($post->ID, $cf, true); $array = explode(",",$sku); $products = array_count_values($array); foreach($products as $key => $value) { $product = $wpdb->get_row("SELECT meta.product_id AS pid, list.name AS name, list.price AS price, retailer.category_id AS catid FROM ".WPSC_TABLE_PRODUCTMETA." AS meta INNER JOIN ".WPSC_TABLE_PRODUCT_LIST." AS list ON ( list.id = meta.product_id ) INNER JOIN ".WPSC_TABLE_SHOPNAME." AS retailer ON ( retailer.product_id = meta.product_id ) WHERE `meta_key` IN ( 'sku' ) AND `meta_value` IN ( '{$key}' ) ORDER BY list.id DESC"); ?> But I also need the category name - So I have to cross reference the following... wordpdem_wpsc_product_list id name 433 itemone 432 itemtwo 431 itemthree wordpdem_wpsc_item_category_assoc id product_id category_id 1 433 1 2 432 2 3 410 3 wordpdem_wpsc_product_categories id name 1 Bread 2 Fish 3 Snacks I've now written: Code: [Select] SELECT meta.product_id AS pid, list.name AS name, list.price AS price, retailer.category_id AS catid, category.name AS catname FROM wordpdem_wpsc_productmeta AS meta INNER JOIN wordpdem_wpsc_product_list AS list ON ( list.id = meta.product_id ) INNER JOIN wordpdem_wpsc_item_category_assoc AS retailer ON ( retailer.product_id = meta.product_id ) INNER JOIN `wordpdem_wpsc_product_categories``wordpdem_wpsc_product_list` AS category ON ( retailer.category_id = category.id ) WHERE `meta_key` IN ( 'sku' ) AND `meta_value` IN ( '{$key}' ) ORDER BY list.id DESC However it fails on line 12 (the Where statement...) Any ideas what I've done wrong? Hi All, I am adding a button that will delete many things in the system which all have the same $job_id There is going to be 10 or so tables that need to delete * where $job_id = ? Is there a better way to do this rather than just iterating my code 10 times. I was looking at just joining but isnt one benefit of prepared statements that they can be used again and again to increase speed. I'm not sure if this belongs in the PHP or SQL sections or both but- Is it possible to insert form data (one record) into 2 different tables when I click submit? As is, I have 2 distinct log-in scripts each linked to 2 separate databases . I want to merge them into one log-in form that populates both tables(in different dbs). I don't want my visitors to log into 2 different forms. Can one form's action attribute send the POST data to two different processing scripts? and can the input from a text box be sent to 2 different fields? I don't have any code, I just wanted to know if it can be done or point me to a sample that I can work from. Need help in updating the tables I have array of data coming from a form which I'm inserting in my DB. I have 5 tables product filter product_filter heater product_heater Im able to put the data in the "product", "filter" & "heater" tables but i dont know how to put data inside the "product_filter" & "product_heater" table. Any help or direction to any tutorails is appreciated. My Tables structu product id int(5) product text cost text details text filter id int(5) filter text imgpath text product_filter id int(5) id_product int(5) id_filter int(5) heater id int(5) heater text imgpath text product_heater id int(5) id_product int(5) id_heater int(5) Code: [Select] // Product data Update $name = mysql_real_escape_string($_POST['product']); $cost = mysql_real_escape_string($_POST['cost']); $details = mysql_real_escape_string($_POST['details']); $sql_title = "INSERT INTO product ( id , product , cost , details , ) VALUES ( NULL , '$name' , '$cost' , '$details')"; if (!mysql_query($sql_title,$con)) { die('Error: ' . mysql_error()); } echo "records for product added<br />"; // Filter update // This is the array which is coming from the form /* Array ( [0] => ehiem [1] => Hagan [2] => Rena [3] => jobo ) Array ( [0] => img1.jpg [1] => img2.jpg [2] => img3.jpg [3] => img4.jpg ) */ $filtername = mysql_real_escape_string($filtername); $filterimgpath = mysql_real_escape_string($filterimg); $combined_array = array_combine($filtername, $filterimgpath); $values = array(); foreach ($combined_array as $filtername => $filterimgpath) { $values[] = "('$filtername', '$filterimgpath')"; } $sql = "INSERT INTO filter (filter , imgpath) VALUES " . implode(', ', $values); //echo $lastid = mysql_insert_id()."<br />"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "records added<br />"; //Product Filter Update table // This is where Im stuck. Not able to even think of anything.... // heater update // This is the array which is coming from the form /* Array ( [0] => ehiem [1] => Dolphin [2] => Rena [3] => jobo ) Array ( [0] => img1.jpg [1] => img2.jpg [2] => img3.jpg [3] => img4.jpg ) */ $heatername = mysql_real_escape_string($heatername); $heaterimgpath = mysql_real_escape_string($heaterimg); $combined_array = array_combine($heatername, $heaterimgpath); $values = array(); foreach ($combined_array as $heatername => $heaterimgpath) { $values[] = "('$heatername', '$heaterimgpath')"; } $sql = "INSERT INTO heater (heater , imgpath) VALUES " . implode(', ', $values); //echo $lastid = mysql_insert_id()."<br />"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "records added<br />"; //Product heater Update table // This is where Im stuck. Not able to even think of anything.... $query = mysql_query("SELECT COUNT(tickets.id),tickets.id,tickets.status,tickets.date,tickets.question,tickets.title,users.position FROM tickets,users WHERE tickets.id='$existing' users.username='$username'"); How do I get it so it selects data from the table tickets where id='$existing', but I also want to get a user's (who is viewing the ID) position (rank). $username is a session. So, any thoughts on how I would do so? My updated code: <?php session_start(); include("../includes/mysql.php"); include("../includes/config.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link href="../style.css" rel="stylesheet" type="text/css" /> <title><?php echo $title; ?></title> </head> <body> <div id="container"> <div id="content"> <div id="left"> <div class="menu"> <?php include("../includes/navigation.php"); ?> <div class="menufooter"></div> </div> <?php include("../includes/menu.php"); ?> </div> <div id="middle"> <?php $existing = $_POST['existing']; $ip = $_SERVER['REMOTE_ADDR']; $username = $_SESSION['user']; $query = mysql_query("SELECT COUNT(tickets.id),tickets.id,tickets.status,tickets.date,tickets.question,tickets.title,users.position FROM tickets,users WHERE tickets.id='$existing' OR users.username='$username'"); $get = mysql_fetch_assoc($query); if(!$existing) { echo ' <div class="post"> <div class="postheader"><h1>Error</h1></div> <div class="postcontent"> <p>You have not enetered in a ticket ID. Please go back and do so.</p> </div> <div class="postfooter"></div> </div> '; } elseif($get['COUNT(id)'] < 1) { echo ' <div class="post"> <div class="postheader"><h1>Error</h1></div> <div class="postcontent"> <p>The ticket ID you are trying to use doesnt exist. Please go back or submit another ticket.</p> </div> <div class="postfooter"></div> </div> '; } elseif($get['tickets.ip']==$ip || $get['user.position'] >= 1) { $status["tickets.status"]["0"] = "Waiting for support..."; $status["tickets.status"]["1"] = "Waiting for user..."; $status["tickets.status"]["2"] = "Ticket Closed..."; $status["tickets.status"]["3"] = "Ticket Opened..."; echo ' <div class="post"> <div class="postheader"><h1>View Ticket Status - ID '. $get["id"] .'</h1></div> <div class="postcontent"> <p>Title: '. $get["tickets.title"] .' - Posted on: '. $get["tickets.date"] .'</p> <p>Ticket Status: '. $status[$get["tickets.status"]] .'</p> <p>Question: '. nl2br($get["tickets.question"]) .'</p> </div> <div class="postfooter"></div> </div> '; } else { echo ' <div class="post"> <div class="postheader"><h1>Error</h1></div> <div class="postcontent"> <p>This is not your ticket. You only have permission to view your tickets. Please go back.</p> </div> <div class="postfooter"></div> </div> '; } ?> </div> </div> </div> </body> </html> Hi, I'm very new to PHP and have managed to get through most of the problems I've encountered so far, but I have got to one point that I can't seem to solve. I have two mysql tables (Categories & Products), I have a page that shows the categories (generated from the categories table) and when a category is selected it lists the products in that category. Due to stock etc. not all categories always have products associated to them. The Category & Product Tables are automatically updated, so what I need to do is only show categories that have products associated to them, both tables have a column category_no, and nothing I've tried so far seems to work. The code I have so far is:- Code: [Select] Require_once('config.php'); Mysql_connect(db_host, db_user, db_password); @mysql_select_db(db_database) or die( "unable to select database"); $query="select * from categories"; $result=mysql_query($query); $num=mysql_numrows($result); Mysql_close(); Thanks Pete hi im trying to echo out all the possibilities from one column in 2 different tables, both with the same structure. if that makes sense this is what i have $query = mysql_query("SELECT * FROM stanjamesprem,centrebetprem GROUP BY eventname ORDER BY eventtime "); while($row = mysql_fetch_assoc($query)) { echo $row[eventname]; } if i take one of the tables out it works fine but if i have 2 table names it doenst work please help me cheers matt any questions please ask away |
|||||||