PHP - Clearing Get Variables.

For some reason if the user has the user has 5 failed attempts at logging in and then they have to wait 10 minutes to try again well if they are able to login successfully its supposed to clear the locked out user and for some reason its not. Anyone see why it isn't?


Code: [Select]
<?php
// User is registered and verified
                    $query = "SELECT * FROM users_logins_attempts WHERE users_id = '".$users_id."'";
                    $result = mysqli_query($dbc,$query);
                    $row = mysqli_fetch_array($result);
                    
                    $lock_date = $row['lock_date'];

                    // Find out if user is locked out of their account
                    if (($lock_date != "0000-00-00 00:00:00") && strtotime($lock_date) >= time()) {
                        $locked = "yes";

                            // Account locked error
                            $errors = true;
                            $message = "Account is locked! Please try again later!";
                            
                            $output = array('errorsExist' => $errors, 'message' => $message);
                            
} else {
                            $locked = "no";
                            // Clear the lock
                            $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'";
                            $result = mysqli_query($dbc,$query);
                            
                            // Account locked error
                            $errors = true;
                            $message = "Account is unlocked. You may now try to log in again!";
                            
                            $output = array('errorsExist' => $errors, 'message' => $message);

}
                            
                    if($locked == "yes"){
/*hack around messy nested if statments*/    
                    } else {
                        
                        if ($lock_date != "0000-00-00 00:00:00") {
                            $locked = "yes";
    
                            // Clear the lock
                            $query = "UPDATE users_logins_attempts SET lockDate = NULL, ip_address = NULL, failed_logins = 0 WHERE users_id = '".$users_id."'";
                            $result = mysqli_query($dbc,$query);   
                                
     } 
?>

I downloaded a script for a poll/voting kinda thing for all my site visitors a while ago and then I tweaked it a bit. It is linked to a database. It grabs the question and possible answers from one database. It also stores user votes, ip addresses, and the date they voted in a database.    I went to change the question and possible answers in my poll by simply changing the options in the Database. This worked fine, but I found a big problem! If you have already voted in the poll, then it displays the results to you every time you visit the site . I assumed this was based off your IP since it is recorded in the database. So logically I thought if you cleared all the IP's in the DB, then the new question would display for every user, but to my alarm it is based off cookies. This is problem because even though I changed the question and options, if people have not cleared their cookies from the last time then the poll still displays the results even though they have not voted on the new question yet. Is there someway to clear everyone cookies or make the poll start fresh for everyone without drastically changing the code and how the entire thing works?
Edited by ryanmetzler3, 24 May 2014 - 09:33 PM.

 
I'm calling a function that resets a couple arrays:


public function resetStuff() {
$this->someArray = array();
$this->someOtherArray = array();
}

However, someOtherArray is not resetting!! How could that be?

I can add debug statements to echo the size of the arrays before and after the function calls. It shows that:
someArray went from n to 0
someOtherArray went from n to n

How is that possible??

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=359149.0

Morning All,

Should be a quick one for the seasoned veterans! I'm learning the in's and out's of sanitizing my variables for input into my database (mysql).

The following is my code;

Code: [Select]
$Username = mysql_real_escape_string($_POST['username']);
$PWord = mysql_real_escape_string($_POST['pword']);
$Email = mysql_real_escape_string($_POST['email']);
$Fullname = mysql_real_escape_string($_POST['fullname']);
$Address_1 = mysql_real_escape_string($_POST['address_1']);
$Address_2 = mysql_real_escape_string($_POST['address_2']);
$City = mysql_real_escape_string($_POST['city']);
$Zip = mysql_real_escape_string($_POST['zip']);
$Country = mysql_real_escape_string($_POST['country']);

The following is my output;

Error executing INSERT statement - INSERT INTO tblUser(User_Name, Full_Name, Email, Address_1, Address_2, City, Zip, Country, PWord)VALUES ('','','','','','','','','')

Any ideas?

Also; is mysql_real_escape_string valid for use on all types of input from the input box?

Hi, I'm quite a newbie to PHP and am doing a website. Have got a login working and the registration half way there, but am now in process of putting validation in Registration form. Have got the errors appearing if domething isn't filled in or if the username is taken however, it clears all the fields and i would like it to keep the values in them if possible. Is there an easy way round this?

I can give my code if needed

Cozzy

I'm teaching myself a bit of OOP in php.  found that i could pass an object into the SESSION array if i serialize() the object and then unserialize() it where i need it in other page files.  all seems to work well until it comes time for a user to logout from my application and attempt to destroy the session.  at times, when they log back in, this serialized SESSION value seems to still be set while other SESSION values have been cleared.  at least i *thinnk* this is what is going on.   in my logout handler, i have the following:

    $_SESSION = array(); // clear all SESSION vars
    setcookie(); // clear cookies
    session_destroy();

but the above does not seem to be working.  my guess is there is something native to serialized SESSION values that im not yet aware of.  any help here would be much appreciated.

Code: [Select]
$genre = $_POST['listMovies'];
$result = mysql_query("SELECT * FROM  movieTable SORT BY title");
$column = 1; define("COLUMNS", 2);
$movieCounter = 0;
echo "<h1>by " .$genre ."</h1><table>";
while ($info = mysql_fetch_array($result)) {
$genre1 = $info['genre1'];
$genre2 = $info['genre2'];
$genre3 = $info['genre3'];
$title =  $info['title'];
        $link = $info['imdbLink'];

       
if ($genre == $genre1 || $genre == $genre2 || $genre == $genre3) {
$movieCounter++;

                if ($column == 1) {echo "<tr>";}
echo "<td><a href='" .$link ."'>".$title ."</a></td>";
$column++;
if ($column > COLUMNS) {
echo "</tr>";
$column = 1;
}             
}
}

echo "<table><tr><td>" .$movieCounter ." movies found.</td></tr></table>";
if ($column > 1 && $column <= COLUMNS) {
while ($column++ <= COLUMNS) echo "<td></td>";
echo "</tr>";
}
echo "</table>";
$genre = "";
now that you have the code, i have 2 questions about this.  first one is this.  whenever i first load this code everything is empty as it should be.  then i select from a form a movie genre and everything work lovely.  the problem is that the movies that are loaded are still there when i come back to the page.  i need a way to clearing this out everytime the code is run, while still displaying the movies.

also .. this is just a php noob question here.  why is that when i run a query like this


Code: [Select]
$result = mysql_query("SELECT * FROM  movieTable SORT BY title");
i cannot use mysql_fetch_array or mysql_fetch_row? 

but it works when i do it like this

Code: [Select]
$result = mysql_query("SELECT * FROM  movieTable");
like i said that's just a noob question that i cannot for the life of me figure out. 

thanks for the help, this forum has been the biggest help to me learning php.

does anyone know how to decode this XML variable value into string values? I also need to know the oposite way: creating variable values into xml. I've tried several code examples but they did filter the requested data.

Code: [Select]
$xml='<?xml version="1.0" encoding="utf-8"?>
<elements>
<text identifier="ed9cdd4c-ae8b-4ecb-bca7-e12a5153bc02">
  <value/>
</text>
<textarea identifier="a77f06fc-1561-453c-a429-8dd05cdc29f5">
  <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.</p>]]></value>
</textarea>
<textarea identifier="1a85a7a6-2aba-4480-925b-6b97d311ee6c">
  <value><![CDATA[<p style="text-align: justify;">Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy  eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed  diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum.  Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor  sit amet.</p>]]></value>
</textarea>
<image identifier="ffcc1c50-8dbd-4115-b463-b43bdcd44a57">
  <file><![CDATA[images/stories/red/cars/autobedrijf.png]]></file>
  <title/>
  <link/>
  <target/>
  <rel/>
  <lightbox_image/>
  <width><![CDATA[250]]></width>
  <height><![CDATA[187]]></height>
</image>
<text identifier="4339a108-f907-4661-9aab-d6f3f00e736e">
  <value><![CDATA[Kramer 5]]></value>
</text>
<text identifier="ea0666d7-51e3-4e52-8617-25e3ad61f8b8">
  <value><![CDATA[6000 RS]]></value>
</text>
<text identifier="90a18889-884b-4d53-a302-4e6e4595efa0">
  <value><![CDATA[Eindhoven]]></value>
</text>
<text identifier="410d72e0-29b3-4a92-b7d7-f01e828b1586">
  <value><![CDATA[APK Pick up and return]]></value>
</text>
<text identifier="45b86f23-e656-4a81-bb8f-84e5ea76f71f">
  <value><![CDATA[15% korting op grote beurt]]></value>
</text>
<text identifier="3dbbe1c6-15d6-4375-9f2f-f0e7287e29f3">
  <value><![CDATA[Gratis opslag zomerbanden]]></value>
</text>
<text identifier="2e878db0-605d-4d58-9806-8e75bced67a4">
  <value><![CDATA[Gratis abonnement of grote beurt]]></value>
</text>
<text identifier="94e3e08f-e008-487b-9cbd-25d108a9705e">
  <value/>
</text>
<text identifier="73e74b73-f509-4de7-91cf-e919d14bdb0b">
  <value/>
</text>
<text identifier="b870164b-fe78-45b0-b840-8ebceb9b9cb6">
  <value><![CDATA[040 123 45 67]]></value>
</text>
<text identifier="8a91aab2-7862-4a04-bd28-07f1ff4acce5">
  <value/>
</text>
<email identifier="3f15b5e4-0dea-4114-a870-1106b85248de">
  <value/>
  <text/>
  <subject/>
  <body/>
</email>
<link identifier="0b3d983e-b2fa-4728-afa0-a0b640fa34dc">
  <value/>
  <text/>
  <target/>
  <custom_title/>
  <rel/>
</link>
<relateditems identifier="7056f1d2-5253-40b6-8efd-d289b10a8c69"/>
<rating identifier="cf6dd846-5774-47aa-8ca7-c1623c06e130">
  <votes><![CDATA[1]]></votes>
  <value><![CDATA[1.0000]]></value>
</rating>
<googlemaps identifier="160bd40a-3e0e-48de-b6cd-56cdcc9db892">
  <location><![CDATA[50.895711,5.955427]]></location>
</googlemaps>
</elements>';

I've got a basic form setup on my site that requires the user to fill out the required fields. When one of the fields isn't filled out, the error message for that specific input area is displayed, etc. However, all the information from the form that the user filled out is removed..

I want the user to be able to fill out the form, hit submit, and if any errors, show the specific error but also keep the input boxes populated with the data the user filled out so he/she does not have to re type everything.

if(!empty($_POST['submitFeature']))
{
    // set variables
    $featurename = mysql_real_escape_string($_POST['featurename']);
    $name = mysql_real_escape_string($_POST['name']);
    $email = mysql_real_escape_string($_POST['email']);
    $email2 = mysql_real_escape_string($_POST['email2']);
    $age = mysql_real_escape_string($_POST['age']);
    $city = mysql_real_escape_string($_POST['city']);
    $state = mysql_real_escape_string($_POST['state']);
    $src = $_FILES['featureupload']['tmp_name'];
    $featuresize = $_FILES['featureupload']['size'];
    $limitsize = 3000000;
        


    if(!empty($featurename) && !empty($name) && !empty($email) && !empty($email2) &&  !empty($city) &&  !empty($state) && ($email == $email2) && !empty($_FILES['featureupload']['tmp_name']) && ($featuresize < $limitsize))
    {

    // IF ALL IS CORRECT, SUBMIT INFO 
    
    } else {
        print '
        <ul class="errorlist">
            <li class="alert">Please fill out the required fields.</li>
        ';
    
        if (empty($name))
        {
            echo ' <li>* Full Name</li>' . "\n";
            $errorname = 'TRUE';
        } if (empty($email))
        {
            echo ' <li>* Email</li>' . "\n";
            $erroremail = 'TRUE';
        } 
        print '
        </ul>
        ';
    }
    // 1 - B. END REQUIRED FIELDS ERROR CODES
    
}
?>

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
    <div style="float: left;">
        <span class="copy-answer">Your Information</span>
    
        <div class="formSec"><label for="name" class="required">Full Name: <?php if(isset($errorname)){echo '<span class="error">*<span>';}?></label>
        <input type="text" name="name" id="name" value="" maxlength="25" /></div>
        
        <div class="formSec"><label for="email" class="required">Email: <?php if(isset($erroremail)){echo '<span class="error">*<span>';}?></label>
        <input type="text" name="email" id="email" value="" /></div>
      
    <input class="submit" type="submit" name="submitFeature" value="Submit Your Feature" />
</form>

Hi. I have some code which needs to return a single variable from the function and stored as a variable within this page, so it can be echoed later on in the page. I couldn't get it to return as a variable, so i used "return compact();" to return the variable and "extract (myFunction());" to extract it to variables. However, when I turned on php's display errors and error reporting function, I got an error message saying "Warning: extract() [function.extract]: First argument should be an array in /my/web/site/index.php on line 6" (which is where my extract function is). This works fine with passing more than one variables through, is there another way pass one variable from a function to be stored as a variable on the page which called the function?

Here is the function:
Code: [Select]
<?php
//This is a list of numeric error codes against their text. this will return the error code as the variable $issue
function checkLoginIssue() {

//If there is an error code
if (isset($_GET["issue"])) {
 
  //cycle through the list until the code is reached, return the text and break the switch
    switch ($_GET["issue"]) {

      case "1":
              $issue = '<p class="warning">Please log in to view this page</p>';
              break;
  
      case "2":
              $issue = '<p class="warning">Wrong Username or Password</p>';
              break;

        case "3":
              $issue = '<p class="warning">No user found with those details</p>';
              break;

    }
 
 //return the variable in an array with a single value
 return compact('issue');
 
}
 
}
?>
And here is the code which calls the function:
Code: [Select]
<?php
extract(checkLoginIssue());
?>

I'm learning PHP, and in the course of this, I'm writing a little app which posts to the same php file. HOWEVER, when I run the app again, the POST values remain. I can use unset() but, is there another way to clear POST data?

RON

Hello,
Is it possible to use variables that are declared outside or plainly within a class, and if its possible, how?
thanks in advance

It echos that there are to many.. how would I do this

Saying like if I had 100 $Variable[] it would echo that there are to many?

$Variable[] = "";
$Variable[] = "";
$Variable[] = "";
$Variable[] = "";
$Variable[] = "";
$Variable[] = "";

Hi guys

I have two variables but
$no1=$row[no1];
$no2=$row[no2];

I need to have another variable where i can merge these two as i need to insert them to database with sapce in between each variable like:

$numbers= $no1 $no2;

by doing this i get syntax error, do u know whats the best way to do this?