|
PHP - How To Stop Errors On Page
Hi I have an include page full of functions in a secure folder with htaccess. My problem is if the include file does not exsist, I get the following.
Warning: include(secure/SecureFunctions.php) [function.include]: failed to open stream: No such file or directory in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 Warning: include(secure/SecureFunctions.php) [function.include]: failed to open stream: No such file or directory in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 Warning: include() [function.include]: Failed opening 'secure/SecureFunctions.php' for inclusion (include_path='.:/usr/share/pear-php5') in /home/fhlinux190/d/otoole.co.uk/user/htdocs/streetangels/index.php on line 3 TIA Desmond. Fatal error: Call to undefined function session_init() in /home/fhlinux190/d/des-otoole.co.uk/user/htdocs/streetangels/index.php on line 6 Is there any way to suppress this as it is giving hackers information. Similar TutorialsI have never had to use this function before, but it was recommended to improve the security of my script. I have tried implementing mysql_real_escape_string() in every way I thought possible, but I keep getting random php errors. I am simply trying to sanitize the data from my query (as shown below)... Where would you recommend I call the function and what variable should I store in it? $posts_by_city_sql = "SELECT id, city_id, title FROM postings WHERE city_id='$_GET[id]'"; $posts_by_city_results = (mysqli_query($cxn, $posts_by_city_sql)) or die("Was not able to grab the Postings!"); //$title = $_GET['title']; // mysql_real_escape_string($title); while($posts_by_city_row = mysqli_fetch_array($posts_by_city_results)) { echo "<li><a href='posting_details.php?id=$posts_by_city_row[id]'>$posts_by_city_row[title]</a></li>"; } Hello everyone, I'm not a php coder so I really need help on a simple question... I am trying to direct users to a page in my mySQL database (http://www.educatorsoverseas.com/index.php?section=teacher&act=registration) via the button form below: <FORM METHOD="LINK" ACTION="http://www.educatorsoverseas.com/index.php?section=teacher&act=registration" target="_blank"> <INPUT TYPE="submit" VALUE="Sign Up"> </FORM> But when when users click on the button it is directing instead to the mySQL authentication page (http://www.educatorsoverseas.com/index.php?section=auth). I don't know why this is happening but can anyone tell me how to make it go to the proper page? When I copy and paste the correct page it works, so I am at a loss as to what to do. i have a form with two buttons, one is for submitting the form while button is for generating a random a code and placing it in a textfield. this works fine but the problem is anytime i click on the generate button, it refreshes the page thereby validating the form , which i don't want. How do i make it perform the function without refreshing the page.... Hi, I'm new. I have been searching for this, but couldn't find my answer ... I've got a form on page A, with its 'action' attribute set to page B.php. Page B does nothing but process the form data & put it in a database. At the bottom of B.php there's a header redirect to page C. My problem is that page B shows up briefly in the browser, looking all blank and weird. Is there a sensible way around this? I just want it to do its stuff in the background. I realise I should be Ajaxing it all but, apart from the fact that I struggle with Ajax operations longer than a couple of lines, it's important that the site should work without javascript. I HOPE this is a really easy one! Thanks Hi guys, basically my problem is I have a jquery pop out window that holds a login form using the "require_once" function but when I enter my login details and send them, if there is another another form on the page e.g contact form it will send that form aswell so it will come up for the errors for the register form because they are empty. can anyone tell me how to stop this from happening? Hi All, Is there any way that PHP can detect if a page has been refreshed? Basically I have a form that when submitted, inserts a row in to a database, but I am finding that when I refresh the page, it repeats the insert statement. Any ideas? Thanks Matt Hi Guys, Im trying to create a registration form so users can sign up to my website, however i have noticed that when the page is refreshed the form automatically submits. Please could somebody help me stop this? Thanks <body> <form name="registration_form" method="post" onsubmit="return Validate();"> First Name: <input type="text" name="first_name"><br /> Last Name: <input type="text" name="last_name"><br /> Email: <input type="text" name="email"><br /> Confirm Email: <input type="text" name="confirm_email"><br /> Username: <input type="text" name="username"><br /> Password: <input type="password" name="password"><br /> Confirm Password: <input type="password" name="confirm_password"><br /> <input type="submit" value="Register"> </form> <?php $connect=mysql_connect("localhost","leemp5_admin","p7031521"); mysql_select_db("leemp5_database",$connect) or die (mysql_errno().":<b> ".mysql_error()."</b>"); $insert_query = 'insert into users (username,first_name,last_name,email,password) values ( "' . $_POST['username'] . '", "' . $_POST['first_name'] . '", "' . $_POST['last_name'] . '", "' . $_POST['email'] . '", "' . $_POST['password'] . '" )'; mysql_query($insert_query); ?> </body> <?xml-stylesheet href="/player.xsl" type="text/xsl"?> <config> <auto_start>false</auto_start> <player_skin>/test.swf</player_skin> <main_title>Test</main_title> <playlist_title>PLAYLIST</playlist_title> <time_text>TOTAL TIME</time_text> <pan_labels>L,R</pan_labels> <scroller_speed>1</scroller_speed> <scroller_marquee_content>#TRACK_NAME#</scroller_marquee_content> <repeat_is_enabled>false</repeat_is_enabled> <shuffle_is_enabled>false</shuffle_is_enabled> <default_volume>75</default_volume> <default_pan>0</default_pan> <play_list> <item>test.mp3;Test Soundtrack</item> </play_list> </config>Hi, The above code is from an XML file and I added the <?xml line of code to the XML file, but doing so causes the whole page to no longer display the track information (just blank). Is there there a way I could modify that text to try and call it another way? Thanks Edited by hexcode, 16 July 2014 - 02:52 PM. i have a problem i just noticed....i've built a shopping cart that totals quantities of items and shipping etc then a submit button to a payment page... but if a user refreshes the same page after first coming to the cart page it messes up all the totals and data..... i know this has to be a common problem with webpages... does anyone have any advice on combating this issue? any advice is much appreciated..thanks! Hey guys! Merry Christmas!!!! Here's my problem. I have a script where I use the code include("pagerefresh.php"); where pagerefresh.php is <?php $page = $_SERVER['PHP_SELF']; $sec = "0"; header("Refresh: $sec; url=$page"); ?> I use the include function several times on the page and everything's cool with it. But once I put this: <html> <head> <title>Title</title> <script type="text/javascript"> <?php some mysql function include("timecounter.js"); ?> </script> </head> in the page, the following error pops out whenever I use some of the form functions in the page. I read the php.net manuals and discovered that the include part should come before Code: [Select] Warning: Cannot modify header information - headers already sent by (output started at D:\Hosting\rrr\html\rrr\rrr\rrr.php:191) in D:\Hosting\rrr\html\rrr\rrr\pagerefresh.php on line 4 Oh, and I also put the javascript code directly into the page, without the include function, the same results pop out. :/ . Though I suspect that it is immaterial here, the javascript code is: Code: [Select] var month = '<?php echo "$cmonth"; ?>'; // 1 through 12 or '*' within the next month, '0' for the current month m var day = '<?php echo "$cday"; ?>'; // day of month or + day offset d var dow = 0; // day of week sun=1 sat=7 or 0 for whatever day it falls on var hour = '<?php echo "$chour"; ?>'; // 0 through 23 for the hour of the day H var min = '<?php echo "$cminute"; ?>'; // 0 through 59 for minutes after the hour i var tz = -7; // offset in hours from UTC to your timezone var lab = 'cd'; // id of the entry on the page where the counter is to be inserted function start() {displayCountdown(setCountdown(month,day,hour,min,tz),lab);} loaded(lab,start); // Countdown Javascript // copyright 20th April 2005, 1st November 2009 by Stephen Chapman // permission to use this Javascript on your web page is granted // provided that all of the code in this script (including these // comments) is used without any alteration // you may change the start function if required var pageLoaded = 0; window.onload = function() {pageLoaded = 1;} function loaded(i,f) {if (document.getElementById && document.getElementById(i) != null) f(); else if (!pageLoaded) setTimeout('loaded(\''+i+'\','+f+')',100); } function setCountdown(month,day,hour,min,tz) {var m = month; if (month=='*') m = 0; var c = setC(m,day,hour,tz); if (month == '*' && c < 0) c = setC('*',day,hour,tz); return c;} function setC(month,day,hour,tz) {var toDate = new Date();if (day.substr(0,1) == '+') {var day1 = parseInt(day.substr(1));toDate.setDate(toDate.getDate()+day1);} else{toDate.setDate(day);}if (month == '*')toDate.setMonth(toDate.getMonth() + 1);else if (month > 0) { if (month <= toDate.getMonth())toDate.setFullYear(toDate.getFullYear() + 1);toDate.setMonth(month-1);} if (dow >0) toDate.setDate(toDate.getDate()+(dow-1-toDate.getDay())%7); toDate.setHours(hour);toDate.setMinutes(min-(tz*60));toDate.setSeconds(0);var fromDate = new Date();fromDate.setMinutes(fromDate.getMinutes() + fromDate.getTimezoneOffset());var diffDate = new Date(0);diffDate.setMilliseconds(toDate - fromDate);return Math.floor(diffDate.valueOf()/1000);} function displayCountdown(countdn,cd) {if (countdn < 0) document.getElementById(cd).innerHTML = "Building Completed"; else {var secs = countdn % 60; if (secs < 10) secs = '0'+secs;var countdn1 = (countdn - secs) / 60;var mins = countdn1 % 60; if (mins < 10) mins = '0'+mins;countdn1 = (countdn1 - mins) / 60;var hours = countdn1 % 24;var days = (countdn1 - hours) / 24;document.getElementById(cd).innerHTML = days+' days and '+hours+' : '+mins+' : '+secs;setTimeout('displayCountdown('+(countdn-1)+',\''+cd+'\');',999);}} Thanks in advance. And Merry Christmas!!!!! Thauwa Hello, I am a C++ coder who is new to php so please excuse my n00bness. I have a form which I am then passing into a MySQL database via a php script. I am also using fwrite to try and create a .php site out of the variables entered into the form. Everything is working fine and I have managed to do this with a .html site but when I try to pass php into fwrite it doesn't work. example code $newhtml = fopen("backup/$v_uniquename.php", "w"); fwrite($newhtml, ' <html code here> '); works like a charm but when I use something like (just an example) $newhtml = fopen("backup/$v_uniquename.php", "w"); fwrite($newhtml, ' <?php while($row = mysql_fetch_array($result_date)){ $date = $row['1']; $team1 = $row['2']; $team2 = $row['3']; ?> '); I get errors and I am assuming it is because I am passing using ' ' within the php code within a fwrite function. Is this correct? and is there a work around way to make a php page using this method or something similar. Hello. I have a basic form and I want to check for errors by making sure the user inputs everything, if not an error explaining to the user what needs to be fixed. (very common on all forms) When I use echo in my script, it displays at the top of my browser. How do I put the error codes right beside my form elements? I currently don't have all the error checking included but I want to get a few sorted out before anything else. Form Page: http://www.fusionfashionhair.com/registration.php My PHP Code all above DOCTYPE in the php file. Code: [Select] <?php $submit = $_POST['submit']; // Form Data // Check all form inputs using check_input function $name = strip_tags($_POST['name']); $address = strip_tags($_POST['address']); $email = strip_tags($_POST['email']); $repeatemail = strip_tags($_POST['repeatemail']); $phone = strip_tags($_POST['phone'], "Enter your Phone Number"); $salonname = strip_tags($_POST['salonname']); $salonaddress = strip_tags($_POST['salonaddress']); $salonprov = strip_tags($_POST['salonprov']); $salonpostal = strip_tags($_POST['salonpostal']); $salonconfirm = strip_tags($_POST['salonconfirm']); $enewsletter = strip_tags($_POST['enewsletter']); $saloncountry = strip_tags($_POST['saloncountry']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $date = date("Y-m-d"); // Set e-mail recipient $myemail = "info@fusionfashionhair.com"; if ($submit) { //check for existance if ($name&&$password&&$repeatpassword&&$email) { if ($password==$repeatpassword) { if ($email==$repeatemail) { //check password length if (strlen($password)>32||strlen($password)<6) { echo '<p class="formecho">Password must be between 6 and 32 characters</p>'; } else { // Thank you Page $insertGoTo = "thankyou.php"; header(sprintf("Location: %s", $insertGoTo)); // encrypt password $temppass = $password; $password = md5($password); $repeatpassword = md5($repeatpassword); // dBase file include "dbConfig.php"; //open database //generate random number for activation process $random = md5(rand(23456789,987654321)); // register the user! // Set default username $username = $email; // INSERT INTO user... replace user with table name // make sure you have the same number and order of values as the database has $queryreg = mysql_query(" INSERT INTO user VALUES ('','$name','$username','$password','$date','$email','$phone','$address','$salonname','$salonaddress','$salonprov','$salonpostal','$saloncountry','$salonconfirm','$enewsletter','$random','0')"); //Insert ID based on last ID in database $lastid = mysql_insert_id(); //send activation email $to = $email; $subject = "Activate Salon Member Acctount at Fusion Fashion Hair"; $headers = "From: webmaster@fusionfashionhair.com"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " $name from $salonname is wanting a membership, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Username = $username \n Password = $temppass \n Thank you, Customer Service "; //function to send email mail($to, $subject, $body, $headers); } } else echo '<p class="formecho">Your passwords do not match!</p>'; } else echo '<p class="formecho">Your Emails do not match!</p>'; }//End check Existance else echo '<p class="formecho">Please fill in <b>ALL</b> fields!</p>'; }// End if Sumbit ?> Hello, i just install LAMP server. wrote simple code <?php #error_reporting(E_ALL); #printf "hello"; print "print_keyword."; ?>but in browser, it does not show me an error. i m using linux envionment. plz help. any help would be appriciable. Hi, Please bear with me, I have no real experience with PHP but am using it for the first time in a page for maintenance purposes. One of the things I am trying to do is include a random page from within a certain folder (folder: 'modules/did-you-know'). Inside this folder there are currently three files named in this format 'did-you-know-###.php' - where ### is the page number. I have no problems including the named page individually, but it is when randomising it where it causes errors. The code I am using is the following: Code: [Select] <?php $i=0; $myDirectory = dir("modules/did-you-know"); while($file=$myDirectory->read()) { $array[$i]=$file; $i++; } $myDirectory->close(); $num = count($array); $random = rand(0, $num); include "$array[$random]"; ?> When I load the page, I get numerous errors, as follows: Warning: include(..) [function.include]: failed to open stream: Operation not permitted in /home/{USERNAME}/public_html/test2/index.php on line 103 Warning: include(..) [function.include]: failed to open stream: Operation not permitted in /home/{USERNAME}/public_html/test2/index.php on line 103 Warning: include() [function.include]: Failed opening '..' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/{USERNAME}/public_html/test2/index.php on line 103 Warning: include(did-you-know-002.php) [function.include]: failed to open stream: No such file or directory in /home/{USERNAME}/public_html/test2/index.php on line 103 Warning: include(did-you-know-002.php) [function.include]: failed to open stream: No such file or directory in /home/{USERNAME}/public_html/test2/index.php on line 103 Warning: include() [function.include]: Failed opening 'did-you-know-002.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/{USERNAME}/public_html/test2/index.php on line 103 Now, it's clear from the above that it is (at least sometimes) reading the files from within the 'did-you-know' directory, so not sure why I am getting these errors. (Especially the last one, as that would suggest an error to do with permissions, would it not?) Line 103 is the "include" line. Any help would be appreciated. Thanks Hey everyone, So here is my problem. I have some code to display the amount of views that page has got. In this case it is the thread in my forums section. I have used the same code to show how many people have views a certain persons profile page and that works fine but when I use it on my forum thread page I get this error. Quote You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id='20' LIMIT 1' at line 1 Here is the section of code: Code: [Select] <?php $thread_id = preg_replace('#[^0-9]#i', '', $_GET['id']); $getThreadViews = mysql_query("SELECT view_count FROM forum_posts WHERE id='$thread_id' LIMIT 1") or die (mysql_error()); $row = mysql_fetch_assoc($getThreadViews); $counter = $row['view_count']; if($counter == 0){ $counter = 1; $startCounter = mysql_query("INSERT INTO forum_posts (view_count) VALUES ('$counter') WHERE id='$thread_id' LIMIT 1") or die (mysql_error()); } $threadViews = $counter+1; $appendCounter = mysql_query("UPDATE forum_posts SET view_count='$view_count' WHERE id='$thread_id'") or die (mysql_error()); ?> I have checked that there are no spelling errors so just wanted to show it to a fresh pair of eyes because its really starting to annoy me. Thanks in advance for any help. Hey all, I have a CRUD php project I am working on. I have insert working reading and deleteing. The only one I have left is update. My page submits the form but when the btn is clicked my page refreshes and does not update in the db. All the controls are cleared. Im assuming I’m missing something simple or just have a small mistake that is running past me,
<?php
error_reporting(E_ALL & ~E_NOTICE);
// include config for Database
require_once "php/config.php";
// Declare the variables that will be used.
$name = $language = $datenow = "";
$nameerror = $langerror = $dateerror = "";
// Process form data when its submitted
if(isset($_POST["id"]) && !empty($_POST["id"])) {
// Get hidden input value.
$id = $_POST["id"];
$input_name = trim($_POST["name"]);
if(empty($input_name)) {
$nameerror = "Name is required. ";
} elseif (!filter_var($input_name, FILTER_VALIDATE_REGEXP,
array("options"=>array("regexp"=>"/^[a-zA-Z\s]+$/")))) {
$nameerror = "Please enter a valid name. ";
} else {
//$namesafe = mysqli_real_escape_string($connection, $input_name);
$name = $input_name;
}
// Validate language entered
$input_lang = trim($_POST["language"]);
if(empty($input_lang)) {
$langerror = "Please enter a language. ";
} else {
$language = $input_lang;
}
// Get current Date and Time
$currentDate = date("Y-m-d H:i:s");
// OR
$datetimeobj = new DateTime();
$datetimeobj->format("Y-m-d H:i:s");
//if(empty($nameerror) && empty($langerror) && empty($dateerror)) {
if($name != "" && $language != "") {
$sql = "UPDATE users SET name=:name, language=:language, " .
"date=:date WHERE id=:id";
error_log($sql);
if($stmt = $pdoConnect->prepare($sql)) {
$stmt->bindParam(":name", $param_name);
$stmt->bindParam(":language", $param_lang);
$stmt->bindParam(":date", $param_date);
$stmt->bindParam(":id", $param_id);
$para_name = $name;
$param_lang = $lang;
$param_date = $date;
$param_id = $id;
if($stmt->execute()) {
header("location: index.php");
exit();
} else {
echo "Something went wrong, try again later.";
}
}
} else {
$errormsg = '<div > 'All fields are required to continue</div>';
}
unset($stmt);
unset($pdoConnect);
} else {
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))) {
$id = trim($_GET["id"]);
$sql = "SELECT * FROM users WHERE id = :id";
if($stmt = $pdoConnect->prepare($sql)) {
$stmt->bindParam(":id", $param_id);
$param_id = $id;
if($stmt->execute()) {
if($stmt->rowCount() == 1) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
//$id = $row["id"];
$name = $row["name"];
$language = $row["language"];
$userdate = $row["date"];
} else {
header("location: error.php");
exit();
}
} else {
echo "Something went wrong with UPDATE, try again later.";
}
}
// Close $stmt statement
unset($stmt);
// Close connection
unset($pdoConnect);
} else {
// URL doesn't contain valid 'id' parameter.
header("location: error.php");
exit();
}
}
?>
Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta How do I display the actual errors in IIS 7.5? If I miss a semicolon, I get: "HTTP Error 500.0 - Internal Server Error" absolutely useless. In prior versions, I could see the line and get to the PHP error. How do I display PHP errors? I've added: set_ini('display_errors', '1'); but it doesn't help. I have a system setup to pull a while() query out of a file. As follows: // In another file that is included into the one I'm running. $support_1_start = './includes/modules/while/support.1.open.php'; $support_1_stop = './includes/modules/while/support.1.close.php'; // The actual file. include($support_1_start); // This starts the mysql while() query. ?> // Data should be displayed here... <?php include($support_2_stop); // This ends the mysql while() query. The only problem is that I'm getting the following error: Code: [Select] Parse error: syntax error, unexpected $end in /home/nuke/public_html/includes/modules/while/support.1.open.php on line 16 I assume its because I included the while() function, but didn't close it in that file, but instead another file. Maybe you know how to fix this? If you want my complete source code in order of what is ran: http://www.nuclear.apnx.us/source.txt |
|||||||