|
PHP - Form Processing Not Running Database Commital Code.
I have this code
<?php session_start(); $error = 0; $valError = ""; // Form Page Submit Security $domain_list = explode(',',""); $ip_limit = 0; $active = 1; $active_message = <<<EOT Sorry, this form is currently disabled. EOT; include_once 'security/secure_submit.php'; include_once 'lib/utility.php'; $_SESSION["entry_key"] = isset($_SESSION["entry_key"]) ? $_SESSION["entry_key"] : md5(time() + rand(10000, 1000000)); // cname - text if(isset($_POST['cname']) && $_POST['cname'] != '') { $cname = isset($_POST['cname']) ? $_POST['cname'] : ''; $_SESSION['cname'] = $cname; } else { $error = '1'; $valError .= 'Company Name : is required.<br/>'; } if(isset($_SESSION['cname_is'])) { $_SESSION['cname_is'] = 0; } $cname = isset($_SESSION['cname']) ? $_SESSION['cname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['cname'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Company Name :'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['cname'] = "Company Name :"; // dname - text if(isset($_POST['dname']) && $_POST['dname'] != '') { $dname = isset($_POST['dname']) ? $_POST['dname'] : ''; $_SESSION['dname'] = $dname; } else { $error = '1'; $valError .= 'Domain Name : is required.<br/>'; } if(isset($_SESSION['dname_is'])) { $_SESSION['dname_is'] = 0; } $dname = isset($_SESSION['dname']) ? $_SESSION['dname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['dname'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Domain Name :'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['dname'] = "Domain Name :"; // ipaddress - text if(isset($_POST['ipaddress']) && $_POST['ipaddress'] != '') { $ipaddress = isset($_POST['ipaddress']) ? $_POST['ipaddress'] : ''; $_SESSION['ipaddress'] = $ipaddress; } else { $error = '1'; $valError .= 'IP Address : is required.<br/>'; } if(isset($_SESSION['ipaddress_is'])) { $_SESSION['ipaddress_is'] = 0; } $ipaddress = isset($_SESSION['ipaddress']) ? $_SESSION['ipaddress'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ipaddress'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['IP Address :'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ipaddress'] = "IP Address :"; // ns1 - text if(isset($_POST['ns1']) && $_POST['ns1'] != '') { $ns1 = isset($_POST['ns1']) ? $_POST['ns1'] : ''; $_SESSION['ns1'] = $ns1; } else { $error = '1'; $valError .= 'Name Server 1 : is required.<br/>'; } if(isset($_SESSION['ns1_is'])) { $_SESSION['ns1_is'] = 0; } $ns1 = isset($_SESSION['ns1']) ? $_SESSION['ns1'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns1'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 1 :'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns1'] = "Name Server 1 :"; // ns2 - text if(isset($_POST['ns2']) && $_POST['ns2'] != '') { $ns2 = isset($_POST['ns2']) ? $_POST['ns2'] : ''; $_SESSION['ns2'] = $ns2; } else { $error = '1'; $valError .= 'Name Server 2 : is required.<br/>'; } if(isset($_SESSION['ns2_is'])) { $_SESSION['ns2_is'] = 0; } $ns2 = isset($_SESSION['ns2']) ? $_SESSION['ns2'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns2'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 2 :'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns2'] = "Name Server 2 :"; // ftpserver - text if(isset($_POST['ftpserver']) && $_POST['ftpserver'] != '') { $ftpserver = isset($_POST['ftpserver']) ? $_POST['ftpserver'] : ''; $_SESSION['ftpserver'] = $ftpserver; } else { $error = '1'; $valError .= 'FTP Server Address : is required.<br/>'; } if(isset($_SESSION['ftpserver_is'])) { $_SESSION['ftpserver_is'] = 0; } $ftpserver = isset($_SESSION['ftpserver']) ? $_SESSION['ftpserver'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpserver'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Server Address :'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpserver'] = "FTP Server Address :"; // ftpuname - text if(isset($_POST['ftpuname']) && $_POST['ftpuname'] != '') { $ftpuname = isset($_POST['ftpuname']) ? $_POST['ftpuname'] : ''; $_SESSION['ftpuname'] = $ftpuname; } else { $error = '1'; $valError .= 'FTP Username : is required.<br/>'; } if(isset($_SESSION['ftpuname_is'])) { $_SESSION['ftpuname_is'] = 0; } $ftpuname = isset($_SESSION['ftpuname']) ? $_SESSION['ftpuname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpuname'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Username :'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpuname'] = "FTP Username :"; // ftppword - text if(isset($_POST['ftppword']) && $_POST['ftppword'] != '') { $ftppword = isset($_POST['ftppword']) ? $_POST['ftppword'] : ''; $_SESSION['ftppword'] = $ftppword; } else { $error = '1'; $valError .= 'FTP Password : is required.<br/>'; } if(isset($_SESSION['ftppword_is'])) { $_SESSION['ftppword_is'] = 0; } $ftppword = isset($_SESSION['ftppword']) ? $_SESSION['ftppword'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftppword'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Password :'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftppword'] = "FTP Password :"; // pop - text if(isset($_POST['pop']) && $_POST['pop'] != '') { $pop = isset($_POST['pop']) ? $_POST['pop'] : ''; $_SESSION['pop'] = $pop; } else { $error = '1'; $valError .= 'POP : is required.<br/>'; } if(isset($_SESSION['pop_is'])) { $_SESSION['pop_is'] = 0; } $pop = isset($_SESSION['pop']) ? $_SESSION['pop'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['pop'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['POP :'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['pop'] = "POP :"; // smtp - text if(isset($_POST['smtp']) && $_POST['smtp'] != '') { $smtp = isset($_POST['smtp']) ? $_POST['smtp'] : ''; $_SESSION['smtp'] = $smtp; } else { $error = '1'; $valError .= 'SMTP : is required.<br/>'; } if(isset($_SESSION['smtp_is'])) { $_SESSION['smtp_is'] = 0; } $smtp = isset($_SESSION['smtp']) ? $_SESSION['smtp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['smtp'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['SMTP :'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['smtp'] = "SMTP :"; // webmailaddy - text if(isset($_POST['webmailaddy']) && $_POST['webmailaddy'] != '') { $webmailaddy = isset($_POST['webmailaddy']) ? $_POST['webmailaddy'] : ''; $_SESSION['webmailaddy'] = $webmailaddy; } else { $error = '1'; $valError .= 'Webmail Address : is required.<br/>'; } if(isset($_SESSION['webmailaddy_is'])) { $_SESSION['webmailaddy_is'] = 0; } $webmailaddy = isset($_SESSION['webmailaddy']) ? $_SESSION['webmailaddy'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['webmailaddy'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Webmail Address :'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['webmailaddy'] = "Webmail Address :"; // adiskspace - text if(isset($_POST['adiskspace']) && $_POST['adiskspace'] != '') { $adiskspace = isset($_POST['adiskspace']) ? $_POST['adiskspace'] : ''; $_SESSION['adiskspace'] = $adiskspace; } else { $error = '1'; $valError .= 'Allocated Disk Space : is required.<br/>'; } if(isset($_SESSION['adiskspace_is'])) { $_SESSION['adiskspace_is'] = 0; } $adiskspace = isset($_SESSION['adiskspace']) ? $_SESSION['adiskspace'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adiskspace'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Disk Space :'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adiskspace'] = "Allocated Disk Space :"; // ambw - text if(isset($_POST['ambw']) && $_POST['ambw'] != '') { $ambw = isset($_POST['ambw']) ? $_POST['ambw'] : ''; $_SESSION['ambw'] = $ambw; } else { $error = '1'; $valError .= 'Allocated Monthly Bandwidth : is required.<br/>'; } if(isset($_SESSION['ambw_is'])) { $_SESSION['ambw_is'] = 0; } $ambw = isset($_SESSION['ambw']) ? $_SESSION['ambw'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ambw'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Monthly Bandwidth :'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ambw'] = "Allocated Monthly Bandwidth :"; // amboxes - text if(isset($_POST['amboxes']) && $_POST['amboxes'] != '') { $amboxes = isset($_POST['amboxes']) ? $_POST['amboxes'] : ''; $_SESSION['amboxes'] = $amboxes; } else { $error = '1'; $valError .= 'Allocated MailBoxes : is required.<br/>'; } if(isset($_SESSION['amboxes_is'])) { $_SESSION['amboxes_is'] = 0; } $amboxes = isset($_SESSION['amboxes']) ? $_SESSION['amboxes'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxes'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBoxes :'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxes'] = "Allocated MailBoxes :"; // amboxquota - text if(isset($_POST['amboxquota']) && $_POST['amboxquota'] != '') { $amboxquota = isset($_POST['amboxquota']) ? $_POST['amboxquota'] : ''; $_SESSION['amboxquota'] = $amboxquota; } else { $error = '1'; $valError .= 'Allocated MailBox Quoted : is required.<br/>'; } if(isset($_SESSION['amboxquota_is'])) { $_SESSION['amboxquota_is'] = 0; } $amboxquota = isset($_SESSION['amboxquota']) ? $_SESSION['amboxquota'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxquota'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBox Quoted :'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxquota'] = "Allocated MailBox Quoted :"; // adbase - text if(isset($_POST['adbase']) && $_POST['adbase'] != '') { $adbase = isset($_POST['adbase']) ? $_POST['adbase'] : ''; $_SESSION['adbase'] = $adbase; } else { $error = '1'; $valError .= 'Allocated Databases : is required.<br/>'; } if(isset($_SESSION['adbase_is'])) { $_SESSION['adbase_is'] = 0; } $adbase = isset($_SESSION['adbase']) ? $_SESSION['adbase'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adbase'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Databases :'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adbase'] = "Allocated Databases :"; // exp - text if(isset($_POST['exp']) && $_POST['exp'] != '') { $exp = isset($_POST['exp']) ? $_POST['exp'] : ''; $_SESSION['exp'] = $exp; } else { $error = '1'; $valError .= 'Expires On : is required.<br/>'; } if(isset($_SESSION['exp_is'])) { $_SESSION['exp_is'] = 0; } $exp = isset($_SESSION['exp']) ? $_SESSION['exp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['exp'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Expires On :'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['exp'] = "Expires On :"; if($error){ if(isset($_SESSION['pages']['page5.php'])) { unset($_SESSION['pages']['page5.php']); } $_SESSION["e_message"] = $valError; header("Location: index.php?section-hostingedit"); } else { $_SESSION['pages']['page5.php'] = 'pass'; // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } // conditional route code // default action header($route); } ?> the code that will not run is // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } If everything on the form passes it should process the data into the database. However it is not. I placed echo statements to see where it was getting to in the database interaction portion of the code but no dice. Any help is apreciated, thanks in advance. Similar TutorialsHello I code by hand (HTML & CF -14 years now), and some of my customers want the ability to do updates to their sites themselves using Adobe Contribute, and I can build any app they need that Contribute can't handle in CF if they host on my server - however, in this particular case, the site is hosted by GoDaddy which is no longer supporting CF. The site is PHP-enabled, and the client was using WordPress to update his entire site. Because of the blogging-centric features of Wordpress, a user can enter a "headline" then an associated story (commentary) - publish, and the headline ends up on one page linked to the page where the headline and story live. So, I need a simple form handler written in PHP that allows the client to enter his "headline" (which is a hard-coded link to the "rest of the story" page), the headline showing up above the story content (using a second form field) - not necessarily targeting <a href="#end-up-here"> - just simply land on the page where the content gets dynamically displayed. Thanks in advance for your patience and be kind---- I have never written a line of PHP- just thousands of lines of CF..... Norman Advance thank you. Can you help please. The error..... Warning: mysql_fetch_assoc() expects parameter 1 to be resource, string given in C:\wamp\www\test_dabase.php on line 24 code. Code: [Select] <?php //database connection. $DB = mysql_connect("localhost","root") or die(mysql_error()); if($DB){ //database name. $DB_NAME="mysql"; //select database and name. $CON=mysql_select_db($DB_NAME,$DB)or die(mysql_error()."\nPlease change database name"); // if connection. }if($CON){ //show tables. $mysql_show="SHOW TABLES"; //select show and show. $mysql_select2="mysql_query(".$mysql_show.") or die(mysql_error())"; } //if allowed to show. if($mysql_select2){ //while it and while($data=mysql_fetch_assoc($mysql_select2)){ //show it. echo $data; } } ?> Can you take a look at this page? It uses php code that I have been creating. I need it to accept the form even if checkboxes are left empty. Currently it comes up with an error. http://www.pilotrock.com/color_contact/ Here is the PHP code: <?php if(isset($_POST['Email_Address'])) { include 'lite_settings.php'; function died($error) { echo "Sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['organization']) || !isset($_POST['Full_Name']) || !isset($_POST['title']) || !isset($_POST['company']) || !isset($_POST['address']) || !isset($_POST['city_state']) || !isset($_POST['zip']) || !isset($_POST['Telephone_Number']) || !isset($_POST['cell_phone']) || !isset($_POST['fax']) || !isset($_POST['Email_Address']) || !isset($_POST['confirm_email']) || !isset($_POST['powder_coated_steel_blue']) || !isset($_POST['powder_coated_steel_black']) || !isset($_POST['powder_coated_steel_green']) || !isset($_POST['powder_coated_steel_brown']) || !isset($_POST['powder_coated_steel_yellow']) || !isset($_POST['powder_coated_steel_red']) || !isset($_POST['powder_coated_steel_gray']) || !isset($_POST['powder_coated_steel_burgendy']) || !isset($_POST['thermo_plastic_coated_type_expanded']) || !isset($_POST['thermo_plastic_coated_type_perforated']) || !isset($_POST['thermo_plastic_coated_black']) || !isset($_POST['thermo_plastic_coated_blue']) || !isset($_POST['thermo_plastic_coated_brown']) || !isset($_POST['thermo_plastic_coated_gray']) || !isset($_POST['thermo_plastic_coated_red']) || !isset($_POST['thermo_plastic_coated_green']) || !isset($_POST['recycle_plastic_red']) || !isset($_POST['recycle_plastic_yellow']) || !isset($_POST['recycle_plastic_black']) || !isset($_POST['recycle_plastic_blue']) || !isset($_POST['recycle_plastic_gold']) || !isset($_POST['recycle_plastic_redwood']) || !isset($_POST['recycle_plastic_cedar']) || !isset($_POST['recycle_plastic_green']) || !isset($_POST['recycle_plastic_gray']) || !isset($_POST['recycle_plastic_brown'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $organization = $_POST['organization']; // required $full_name = $_POST['Full_Name']; // required $title = $_POST['title']; // not required $company = $_POST['company']; // not required $address = $_POST['address']; // required $city_state = $_POST['city_state']; // required $zip = $_POST['zip']; // required $telephone = $_POST['Telephone_Number']; // required $cell_phone = $_POST['cell_phone']; // not required $fax = $_POST['fax']; // not required $email_from = $_POST['Email_Address']; // required $confirm_email = $_POST['confirm_email']; // required $powder_coated_steel_blue = $_POST['powder_coated_steel_blue']; // required $powder_coated_steel_black = $_POST['powder_coated_steel_black']; // required $powder_coated_steel_green = $_POST['powder_coated_steel_green']; // required $powder_coated_steel_brown = $_POST['powder_coated_steel_brown']; // required $powder_coated_steel_yellow = $_POST['powder_coated_steel_yellow']; // required $powder_coated_steel_red = $_POST['powder_coated_steel_red']; // required $powder_coated_steel_gray = $_POST['powder_coated_steel_gray']; // required $powder_coated_steel_burgendy = $_POST['powder_coated_steel_burgendy']; // required $thermo_plastic_coated_type_expanded = $_POST['thermo_plastic_coated_type_expanded']; // required $thermo_plastic_coated_type_perforated = $_POST['thermo_plastic_coated_type_perforated']; // required $thermo_plastic_coated_black = $_POST['thermo_plastic_coated_black']; // required $thermo_plastic_coated_blue = $_POST['thermo_plastic_coated_blue']; // required $thermo_plastic_coated_brown = $_POST['thermo_plastic_coated_brown']; // required $thermo_plastic_coated_gray = $_POST['thermo_plastic_coated_gray']; // required $thermo_plastic_coated_red = $_POST['thermo_plastic_coated_red']; // required $thermo_plastic_coated_green = $_POST['thermo_plastic_coated_green']; // required $recycle_plastic_red = $_POST['recycle_plastic_red']; // required $recycle_plastic_yellow = $_POST['recycle_plastic_yellow']; // required $recycle_plastic_black = $_POST['recycle_plastic_black']; // required $recycle_plastic_blue = $_POST['recycle_plastic_blue']; // required $recycle_plastic_gold = $_POST['recycle_plastic_gold']; // required $recycle_plastic_redwood = $_POST['recycle_plastic_redwood']; // required $recycle_plastic_cedar = $_POST['recycle_plastic_cedar']; // required $recycle_plastic_green = $_POST['recycle_plastic_green']; // required $recycle_plastic_gray = $_POST['recycle_plastic_gray']; // required $recycle_plastic_brown = $_POST['recycle_plastic_brown']; // required $error_message = ""; $email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$"; if(!eregi($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } if(strlen($full_name) < 2) { $error_message .= 'Your Name does not appear to be valid.<br />'; } if(strlen($address) < 2) { $error_message .= 'Your Address does not appear to be valid.<br />'; } if(strlen($city_state) < 2) { $error_message .= 'Your City/State does not appear to be valid.<br />'; } if(strlen($zip) < 2) { $error_message .= 'Your Zip/Postal Code does not appear to be valid.<br />'; } if(strlen($telephone) < 2) { $error_message .= 'Your Telephone Number does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\r\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Organization: ".clean_string($organization)."\r\n"; $email_message .= "Full Name: ".clean_string($full_name)."\r\n"; $email_message .= "Title: ".clean_string($title)."\r\n"; $email_message .= "Company Name: ".clean_string($company)."\r\n"; $email_message .= "Street Address: ".clean_string($address)."\r\n"; $email_message .= "City/State: ".clean_string($city_state)."\r\n"; $email_message .= "ZIP/Postal Code: ".clean_string($zip)."\r\n"; $email_message .= "Telephone: ".clean_string($telephone)."\r\n"; $email_message .= "Cell Phone: ".clean_string($cell_phone)."\r\n"; $email_message .= "Fax: ".clean_string($fax)."\r\n"; $email_message .= "Email: ".clean_string($email_from)."\r\n"; $email_message .= "Confirm Email: ".clean_string($confirm_email)."\r\n"; $email_message .= "Powder Coated Steel Blue: ".clean_string($powder_coated_steel_blue)."\r\n"; $email_message .= "Powder Coated Steel Black: ".clean_string($powder_coated_steel_black)."\r\n"; $email_message .= "Powder Coated Steel Green: ".clean_string($powder_coated_steel_green)."\r\n"; $email_message .= "Powder Coated Steel Brown: ".clean_string($powder_coated_steel_brown)."\r\n"; $email_message .= "Powder Coated Steel Yellow: ".clean_string($powder_coated_steel_yellow)."\r\n"; $email_message .= "Powder Coated Steel Red: ".clean_string($powder_coated_steel_red)."\r\n"; $email_message .= "Powder Coated Steel Gray: ".clean_string($powder_coated_steel_gray)."\r\n"; $email_message .= "Powder Coated Steel Burgendy: ".clean_string($powder_coated_steel_burgendy)."\r\n"; $email_message .= "Thermo Plastic Coated Type Expanded: ".clean_string($thermo_plastic_coated_type_expanded)."\r\n"; $email_message .= "Thermo Plastic Coated Type Perforated: ".clean_string($thermo_plastic_coated_type_perforated)."\r\n"; $email_message .= "Thermo Plastic Coated Black: ".clean_string($thermo_plastic_coated_black)."\r\n"; $email_message .= "Thermo Plastic Coated Blue: ".clean_string($thermo_plastic_coated_blue)."\r\n"; $email_message .= "Thermo Plastic Coated Brown: ".clean_string($thermo_plastic_coated_brown)."\r\n"; $email_message .= "Thermo Plastic Coated Gray: ".clean_string($thermo_plastic_coated_gray)."\r\n"; $email_message .= "Thermo Plastic Coated Red: ".clean_string($thermo_plastic_coated_red)."\r\n"; $email_message .= "Thermo Plastic Coated Green: ".clean_string($thermo_plastic_coated_green)."\r\n"; $email_message .= "Recycle Plastic Red: ".clean_string($recycle_plastic_red)."\r\n"; $email_message .= "Recycle Plastic Yellow: ".clean_string($recycle_plastic_yellow)."\r\n"; $email_message .= "Recycle Plastic Black: ".clean_string($recycle_plastic_black)."\r\n"; $email_message .= "Recycle Plastic Blue: ".clean_string($recycle_plastic_blue)."\r\n"; $email_message .= "Recycle Plastic Gold: ".clean_string($recycle_plastic_gold)."\r\n"; $email_message .= "Recycle Plastic Redwood: ".clean_string($recycle_plastic_redwood)."\r\n"; $email_message .= "Recycle Plastic Cedar: ".clean_string($recycle_plastic_cedar)."\r\n"; $email_message .= "Recycle Plastic Green: ".clean_string($recycle_plastic_green)."\r\n"; $email_message .= "Recycle Plastic Gray: ".clean_string($recycle_plastic_gray)."\r\n"; $email_message .= "Recycle Plastic Brown: ".clean_string($recycle_plastic_brown)."\r\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); header("Location: $thankyou"); ?> <script>location.replace('<?php echo $thankyou;?>')</script> <? } ?> I am trying to create a calendar of Events for my company's website. When I search for this type of calendar, I can find code that runs the calendar from one Events table. However, we could have an Event that has multiple performances. (For example, Lily Tomlin could be performing at the Atwood Concert Hall in Anchorage on 09/09/11 and at the Vagabond Blues in Palmer on 09/10/11.) So we have two tables to draw the information from: Events and Performance I can successfully create a MySQL query (see below) with PHP coding that will make a listing (as demostrated on our website http://www.centertix.net/). Code: [Select] "SELECT Events.PublishDate, Events.EventOnSaleDate, Events.BldgContractDate, Events.SetUpComplete, Events.EventTitle, Performance.PerfID, Performance.startDateTime, Performance.endDateTime, Performance.PerfType, venues.VenueName, venues.VenueCode FROM (Performance RIGHT JOIN Events ON Performance.EventID = Events.EventID) LEFT JOIN venues ON Performance.VenueCode = venues.VenueCode WHERE Events.BldgContractDate Is Not Null AND Events.SetUpComplete Is Not Null AND Performance.PerfType='Public Event'"However, I'm not advanced enough to create the if-clause or while-loop to check to see if the Performance.startDate = the calendar's date and then place the info into the appropriate calendar grid box. I think have determined where it should be place in my PHP code, but need help getting the calendar to work. Here's the code where I think it should go: Code: [Select] for($list_day = 1; $list_day <= $days_in_month; $list_day++): if(($list_day == date("j",mktime(0,0,0,$this->month))) && (date("F") == date("F",mktime(0,0,0,$this->month))) && (date("Y") == date("Y",mktime(0,0,0,$this->month,$list_day,$this->year)))) { $this->calendar.= '<td class="'. $this->style .'-current-day">'; } else { if(($running_day == "0") || ($running_day == "6")) { $this->calendar.= '<td class="'. $this->style .'-weekend-day">'; } else { $this->calendar.= '<td class="'. $this->style .'-day">'; } } /* add in the day number */ $this->calendar.= '<div class="'. $this->style .'-day-number">'.$list_day.'</div>'; /** QUERY THE DATABASE FOR AN ENTRY FOR THIS DAY !! IF MATCHES FOUND, PRINT THEM !! **/ $this->calendar.= '<div class="'. $this->style .'-text"><a href="">PERFORMANCE INFO</a></div>'. "\n"; /** QUERY THE DATABASE FOR AN ENTRY FOR THIS DAY !! IF NO MATCHES FOUND, PRINT NOTHING !! **/ $this->calendar.= str_repeat('<p> </p>',2); $this->calendar.= '</td>'; if($running_day == 6): $this->calendar.= '</tr>'; if(($day_counter+1) != $days_in_month): $this->calendar.= '<tr class="'. $this->style .'-row">'; endif; $running_day = -1; $days_in_this_week = 0; endif; $days_in_this_week++; $running_day++; $day_counter++; endfor; Please help me plug the calendar in with the appropriate events! If you would like to see how far I have gotten, you can check out this link: http://www.myalaskacenter.com/calendars/calendarSample2.php Per usual, I'm having an issue wrapping my head an issue, or I'm just not able to narrow the search well enough.
I have a form... method = post action = /process.php Upon hitting process.php, it will UPDATE a data table with the $_POST data it gets from the form. After that, I want to send it to PayPal.
It seems like at some point I was able to complete two 'actions' at once, but it's so long since I've created my own forms. Then again, maybe it was a redirect after executing the UPDATE. I just don't remember, and anything I search for doesn't seem to produce results of something that worked. Hi, I am just looking for some input on how I could make this form processing script more secure. In fact extremely secure. Like the most secure server side filtering can get! Code: [Select] <?php // Mail header removal function remove_headers($string) { $headers = array( "/to\:/i", "/from\:/i", "/bcc\:/i", "/cc\:/i", "/Content\-Transfer\-Encoding\:/i", "/Content\-Type\:/i", "/Mime\-Version\:/i" ); if (preg_replace($headers, '', $string) == $string) { return $string; } else { die('Spam much?'); } } // Build the email $to = 'info@example.com'; $subject = "Secure contact form message from: $subject"; $message = "$name said: $message"; $headers = "From: $email"; // field validation if ($subject=="" || $message=="" || $name=="") { print ("All form fields are required. Please go back and try again."); } else { // email validation if(!eregi('^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\.)*([a-z0-9-]+)(\.[a-z]{2,3})?)$', $email)) { print ("Your email address does not appear to be valid. Please go back and try again."); exit; } // Send the mail mail($to, $subject, $message, $headers); // Redirect header('Location: ../submitted.php'); } ?> So I know a little about PHP but I am no expert by any means. But I have a project that I am working on for a fantasy football league and need some help. My users pick players from a list and then their selections are put into a database. So more than one user is likely to pick the same player. Then I need to score the players based off their games for the week. So I have code that gets the Distinct PlayerID and creates a form to update the player score (see code below), but I have no idea how to process the form. It's a little more complicated then the forms I've used before because the MySQL query would need to UPDATE all the rows for each individual PlayerID. Am I making any sense? Anyway, here is the code. If anyone has suggestions on how to process this form or a better way of doing it then please let me know. <? print '<form id="form1" name="form1" method="post" action="update_player.php">'; // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID), PlayerName, Team From fantasy4.temp ORDER BY Team;") or die ('Could not connect: ' . mysql_error()); print' <center> <table align=center border=0 cellpadding=0 cellspacing=2 width=350> <tr align=center> <td width=50 align=center><b>Player ID </b></td> <td width=50 align=center><b>Team</b></td> <td width=200 align=center><b>Player Name</b></td> <td width=50 align=center><b>Score</b></td> <tr><td colspan="10" bgcolor="black" height="1"></td></tr> '; while($row=mysql_fetch_array($query)){ if($color == 1) { print '<tr bgcolor=#dDdDdD> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=0; } else { print '<tr> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=1; } } print '</table>'; print '<input type="submit" name="button" id="button" value="Update Player Scores" /></form>'; ?> This is what I tried that did not work <? // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID) From fantasy4.temp;") or die ('Could not connect: ' . mysql_error()); while($row=mysql_fetch_array($query)){ $PlayerID = $_POST[$row['PlayerID']]; } while($score = array($_POST['$PlayerID'])){ //Insert Query $query2=mysql_query("UPDATE fantasy4.temp set Score='$score' where PlayerID='$PlayerID'") or die ('Yikes could not connect: ' .mysql_error()); $result = @mysql_query($query2); } //Check whether the query was successful or not if($result) { header("location: register-success.php"); exit(); }else { die("Query failed - " .mysql_error()); } ?> I have a form that is not doing anything after I click "submit". The code is below and a demo with the code is he http://communitycouch.com/index.php?action=register Code: [Select] <?php /* Things to do: Create error to show error when special characters are inputted in First and Last Name Fields Verify Dates to be true upon submit (for bithdays) Create birthday variable to be submitted into database, also add is_numberic() change activate.php to index?action=activate */ if($action == 'register') { if (isset($_POST['submit'])) { $errors = array(); require_once('connection.php'); //////////Checks Username //////////Makes sure username is 4-20 characters and contains only letters and numbers if(ereg("[[:alnum:]]{4,20}",stripslashes(trim($_POST['username'])))) { $user = mysql_real_escape_string($_POST['username']); $query = "SELECT username FROM reg_vars WHERE username = '$username'"; $result = @mysql_query($query); $num = @mysql_num_rows($result); if ($num> 0) { $errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>'; } else { $username = mysql_real_escape_string($_POST['username']); } } else { $errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>'; } //////////Checks E-mail if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) ) || empty($_POST['email'])) { $errors[] = '<font color="red">Please provide a valid email address.</font>'; } else { $email = mysql_real_escape_string($_POST['email']); } ///////// Check Names if (empty($f_name)) { $error["f_name"] = "First Name is blank."; } if (empty($l_name)) { $error["l_name"] = "Last Name is blank."; } ////////// Check PASSWORDS if (!empty($_POST['password'])) { if ($_POST['password'] != $_POST['cpassword']) { $errors[] = '<font color="red">The passwords you have entered do not match.</font>'; } else { $password = $_POST['password']; } } else { $errors[] = '<font color="red">Please provide a password.</font>'; } /////////Send Activation E-mail //////// Add Birthday to the registrarion Variables if (empty($errors)) { $a = md5(uniqid(rand(), true)); $query = "INSERT INTO reg_vars (username, f_name, l_name, email, password, active) VALUES ('$username', '$email', SHA1('$password'), '$a')"; $result = @mysql_query($query); if (mysql_affected_rows() == 1) { ////////// Send the Activation email $body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n"; $body .= "http://www.communitycouch.com/activate.php?x=" . mysql_insert_id() . "&y=$a"; mail($_POST['email'], 'Registration Confirmation', $body, 'From: noreply@communitycouch.com'); ////////// Show thank you message echo '<h3>Thank You!</h3> You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.'; } else { echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>'; } } else { echo '<h3>Error!</h3> The following error(s) occured:<br />'; foreach ($errors as $msg) { echo " <div id=\"success_or_fail\"><font color=\"red\">$msg</font><br />\n</div>"; } } } echo " <div id=\"register_container\" class=\"Container\"> <div id=\"register_Center\" class=\"BoxCenter\"> "; echo" <div id=\"register_BoxContainer\" class=\"Container\"> <div class=\"HeaderLeft\"></div><div id=\"register_Header\" class=\"HeaderCenter\">Register for Community Couch</div><div class=\"HeaderRight\"></div><br /> <div id=\"register_Content\" class=\"BoxContent\"> <form name=\"reg_form\" action=\"";$_SERVER['PHP_SELF']; echo"\" method=\"post\" style=\"margin: 0;\"> <div class=\"Container FormBoxLeft\"> <b>Username:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"username\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>First Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"f_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Last Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"l_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Birthdate:</b> </div> <div class=\"Container FormBoxRight\"> <select name=\"month\"><option value=\"\">-Month-</option> <option value=\"01\">January</option> <option value=\"02\">February</option> <option value=\"03\">March</option> <option value=\"04\">April</option> <option value=\"05\">May</option> <option value=\"06\">June</option> <option value=\"07\">July</option> <option value=\"08\">August</option> <option value=\"09\">September</option> <option value=\"10\">October</option> <option value=\"11\">November</option> <option value=\"12\">December</option> </select> <select name=\"day\"> <option value=\"\"> -Day-</option>'; //Print 31 Days "; for ($x=1; $x<=31; $x++) { echo "<option value='".$x."'"; if(isset($_POST['submit']) && $day == $x) { echo " selected"; } echo ">".$x."</option>\n"; } echo "</select> <input name=\"year\" size=\"2\" maxlength=\"4\" type=\"text\"> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>E-Mail:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"email\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Display E-Mail to the Public:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"disp_email\" value=\"yes\" type=\"radio\" /> Yes <input name=\"disp_email\" value=\"no\" type=\"radio\" checked /> No </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"password\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Confirm Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"cpassword\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div id=\"register_submit\" class=\"Container\"> <input name=\"tos\" type=\"checkbox\" /> I have read and agree to the Terms of Use and Privacy Policy<br /> <input type=\"submit\" value=\"Submit\"><input type=\"reset\" value=\"Reset\"> </div> <br class=\"EndColumn\" /> </form> </div> <div class=\"FooterLeft\"></div><div id=\"register_Footer\" class=\"FooterCenter\"></div><div class=\"FooterRight\"></div> </div> </div> </div> <br class=\"EndColumn\" /> <br />"; }?> [\code] I've read the php manual and a good few posts with similar but not identical problems and I am struggling to understand how to do this. Ive tailored my test site to help describe the problems that I have. www.peterod.co.uk the form is the first link in the left hand bar. Here is the code that creates the form. <?php // make connection require_once "../classes/sqlconselfbuild.php"; $query = mysql_query("SELECT * FROM `materials` ORDER BY `id` ASC"); ?> <form action="../engines/testengine1.php" method="post"> <?php // results while ($row = mysql_fetch_array($query)): $id = $row['id']; ?> <p> id number: <input type="text" name="materials[<?php echo $id; ?>][name]" value="<?php echo $row['id']; ?>" /> Material: <input type="text" name="materials[<?php echo $id; ?>][material]" value="<?php echo $row['material']; ?>" /> Stage: <input type="text" name="materials[<?php echo $id; ?>] [stage]" value="<?php echo $row['stage']; ?>" /> Qantity: <input type="text" name="materials[<?php echo $id; ?>][quantity]" value="<?php echo $row['quantity']; ?>" /> Unit: <input type="text" name="materials[<?php echo $id; ?>][unit]" value="<?php echo $row['unit']; ?>" /> <br /> </p> <?php endwhile; ?> <input type="submit" name="submit" value="Submit" /> </form> I am unsure how to get this information to insert into the database. How do you use the UPDATE query with a loop generated form ? [php] Hi, I need to run a database insert when somebody clicks on an image. Should I use a php function ? or javascript ? or something else ? Many thanks in advance, Scott. Can someone give me some guidance of how to separate Form Display from Form Processing? I have always used forms that submitted back to themselves which isn't so bad, but then trying to cram in code to display the form, validation errors, and messages after the form is processed all in one file is insane?! Currently I am working on a simple "Add a Comment" form. It would be nice to have a separate form processing script, but I don't know where to begin... Debbie Hi, I'm new to php and just trying to make sense of things by trying stuff. I'm trying to make a very rudimentary CMS where form values are added to a mysql database. One of the inputs in the form ($body) is a textarea. I've messed around with this but there's a glitch somewhere-when I press the submit button I just get a blank page (the page for the form processing script). My guess is there's something not right with the "safety measures" I'm taking: trim,stripslashes,etc. Any help would be appreciated Code: [Select] <?php session_start(); if(!isset($_POST['Submit'])){ header("Location: home_manage.php"); exit(); } else{ $headline=$_POST['headline']; $author=$_POST['author']; $body=$_POST['body']; $headline=trim($headline); $author=trim($author); $body=trim($body); $message=array(); if((strlen($headline)!=0)&&(strlen($author)!=0)&&(strlen($body)!=0)){ $time=time(); $date=date('Y-m-d H:i:s',$time); $headline=strip_tags($headline); $author=strip_tags($author); $body="<p>".$body."</p>"; $order=array("\r\n", "\n", "\r"); $replace='</p><p>'; $body=str_ireplace($order,$replace,$body); $body=strip_tags($body,'<p><br />'); if(get_magic_quotes_gpc()) { $headline=stripslashes($headline); $author=stripslashes($author); $body=stripslashes($body); } $headline=htmlentities(mysql_real_escape_string($headline)); $author=htmlentities(mysql_real_escape_string($author)); $body=htmlentities(mysql_real_escape_string($body)); require('storage.inc'); $link = mysql_connect($host,$user,$db_password); $db = mysql_select_db($post_database,$link); $query= "INSERT INTO entry (entry_date,entry_head,entry_author,entry_text) VALUES ('$date','$headline','$author','$body')"; mysql_query($query); $message[]="<p class='announce'><b>Post titled ".$headline." has been added to the database.</b></p>"; } else{ if(strlen($headline)<1){$message[]="<p class='announce'><b>You must include a headline for this post.</b></p>";} if(strlen($author)<1){$message[]="<p class='announce'><b>You must include an author name for this post.</b></p>";} if(strlen($body)<1){$message[]="<p class='announce'><b>You must include some body text for this post.</b></p>";} } $_SESSION['msg']['up_err']=implode($message); header("Location: home_manage.php"); exit(); } ?> Having some issues getting this to work properly... I keep getting my own error message I know where it fails, but I can't seem to figure out why it fails. The test file I'm using is an MP3 file, which is why I'm here asking if anyone other than I can shed some experienced light on this :p Code: [Select] File Upload Failed! No File Exists!The file type or extension you are trying to upload is not allowed! You can only upload MP3 files to the server! My upload form looks like: <?php session_start(); define('PITCHFORK', true); if(!isset($_SESSION['USERS_AUTHENTICATED'])) { die("You must be logged in to do that"); } if(isset($_POST['upload'])) { include("config.php"); include("classes/class.media.upload.php"); $file = $_GET['file']; $upload = new Upload; $upload->doAudio($file); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PITCHFORK Login</title> <link rel="stylesheet" href="style/login.css" type="text/css" media="all"> <meta name="robots" content="noindex,nofollow"> </head> <body> <div id="login"><h1><a title="A SpaazZ Industries Concept"></a></h1> <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label>File (one at a time for now)<br> <input name="file" id="user_login" class="input" size="20" tabindex="10" type="file" /> </label> </p> <p> </p> <?php if(isset($_SESSION['errMessage'])) { echo("<div id=\"login_error\"><strong>ERROR</strong>:<br />"); echo($_SESSION['errMessage']); unset($_SESSION['errMessage']); echo("</div>"); } ?> <p class="submit"> <input name="upload" id="submit" class="button-primary" value="Upload File" tabindex="100" type="submit"> </p> </form> </div> </body> </html> My Upload Class looks liks: <?php // TO DO : ERROR HANDLING // AJAX INTERFACING session_start(); define('PITCHFORK', true); class Upload { // The path to local (relivent to the user uploading - on their computer) file var $file; public function doAudio($file) { $target_path = $_SESSION['USERS_Media_Folder']."/"; // Set at login in class.users.php $flag = 0; // Safety net, if this gets to 1 at any point in the process, we don't upload. $filename = $_FILES[$file]['name']; $filesize = $_FILES[$file]['size']; $mimetype = $_FILES[$file]['type']; $filename = htmlentities($filename); $filesize = htmlentities($filesize); $mimetype = htmlentities($mimetype); $target_path = $target_path . basename( $filename ); if($filename != ""){ echo "Beginning upload process for file named: ".$filename."<br>"; echo "Filesize: ".$filesize."<br>"; echo "Type: ".$mimetype."<br><br>"; } //First generate a MD5 hash of what the new file name will be //Force a MP3 extention on the file we are uploading $hashedfilename = md5_file($filename); $hashedfilename = $hashedfilename.".mp3"; //Check for empty file if($filename == ""){ $_SESSION['errMessage'] .= "No File Exists!"; $flag = $flag + 1; } //Now we check that the file doesn't already exist. $existname = $target_path.$hashedfilename; if(file_exists($existname)) { if($flag == 0) { $_SESSION['errMessage'] .= "Your file already exists on the server! Please choose another file to upload or rename the file on your computer and try uploading it again!"; } $flag = $flag + 1; } //Whitelisted files - Only allow files with MP3 extention onto server... $whitelist = array(".mp3"); foreach ($whitelist as $ending) { if(substr($filename, -(strlen($ending))) != $ending) { $_SESSION['errMessage'] .= "The file type or extention you are trying to upload is not allowed! You can only upload MP3 files to the server!"; $flag++; } } //Now we check the filesize. If it is too big or too small then we reject it //MP3 files should be at least 1MB and no more than 6.5 MB if($filesize > 6920600) { //File is too large if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too large! Your file can be up to 6.5 MB in size only. Please upload a smaller MP3 file or encode your file with a lower bitrate."; } $flag = $flag + 1; } if($filesize < 1048600) { //File is too small if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too small! Your file has been marked as suspicious because our system has determined that it is too small to be a valid MP3 file. Valid MP3 files must be bigger than 1 MB and smaller than 6.5 MB."; } $flag = $flag + 1; } //Check the mimetype of the file if($mimetype != "audio/x-mp3" and $mimetype != "audio/mpeg") { if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload does not contain expected data. Are you sure that the file is an MP3?"; } $flag = $flag + 1; } //Check that the file really is an MP3 file by reading the first few characters of the file $f = @fopen($_FILES[$file]['tmp_name'],'r'); $s = @fread($f,3); @fclose($f); if($s != "ID3") { if($flag == 0){ $_SESSION['errMessage'] .= "The file you are attempting to upload does not appear to be a valid MP3 file."; } $flag++; } //All checks are done, actually move the file... if($flag == 0) { if(move_uploaded_file($_FILES[$file]['tmp_name'], $target_path)) { //Change the filename to MD5 hash and FORCE a MP3 extention. if(@file_exists($target_path.$filename)) { //Rename the file to an MD5 version rename($target_path.$filename, $target_path.$hashedfilename); echo "The file ". basename( $filename ). " has been uploaded. Your file is <a href='$target_path$hashedfilename'>here</a>."; } else{ echo "There was an error uploading the file, please try again!"; } } else { echo "There was an error uploading the file, please try again!"; } } else { echo "File Upload Failed!<br>"; if($error != "") { echo $error; } } } // Close function doAudio } // Close Class audioUpload ?> I have a html for that posts to a form processing script which is fully functional atm, in the processing script i have if statements, if the condition is met it updates tables in database, if there not met i echo a "not met" statment. problem is my form processing script just goes straight back to the index.php page using the following code; header('Location: index.php'); here is the form processing script: <?php session_start(); header('Location: index.php'); include "connect.php"; $id = $_SESSION['id']; $user = $_SESSION['user']; $ticketNumber = $_POST[ticketNumber]; //echo $_POST[ticketNumber]; $today = date('Y-m-d H:i:s', time() - 3600); // Query "Ticket" Table to check if user has purchased a "regular" ticket within the last 24 hours $query24hour = mysql_query("SELECT * FROM tickets WHERE username = '$user' AND HOUR(TIMEDIFF(NOW() , purchaseDate)) < 24;") or die(mysql_error()); // Query "promoTickets" table to grab information of previous tickets bought to the "promotional" auction and LIMIT tickets to 1 per user for "promotional" auctions. $querySold = mysql_query("SELECT * FROM promoTickets WHERE promoID='$_POST[promoID]' AND (ticketNumber='$ticketNumber' OR username = '$user');") or die(mysql_error()); //echo $querySold; $sold = mysql_fetch_assoc($querySold); //print_r($sold); //echo $sold; //echo query24hour; $querycount24hour = mysql_num_rows($query24hour); //echo $querycount24hour; //check if ticket is sold and if user has purchased a "regular" ticket within 24 hours if(empty($sold)!=FALSE and $querycount24hour >= 1){ //Checks users balance to see if they have enough for the ticket $queryBal = mysql_query("SELECT user_iskbalance FROM users WHERE username = '$user';") or die(mysql_error()); //echo $querySold; //echo $user; //echo $queryBal; $balArray = mysql_fetch_assoc($queryBal); $bal = $balArray[user_iskbalance]; $newBal = $bal-$_POST[ticketPrice]; //check if he has the money to buy the ticket if($bal>=$_POST[ticketPrice]){ //remove the money $queryBalRemoveal = mysql_query("UPDATE `users` SET `user_iskbalance`='$newBal' WHERE `username`='$user';") or die(mysql_error()); //buy ticket & insert data into "promoTickets" table $query = mysql_query("INSERT INTO promoTickets(promoID, username, charID, ticketNumber, ticketPrice, purchaseDate) VALUES ('$_POST[promoID]', '$user', '$id', '$_POST[ticketNumber]', '$_POST[ticketPrice]', '$today');") or die(mysql_error()); } else{ die("Insufficent balance. Please add more ISK") ; } } else{ die("Ticket has already been Sold or you have already bought a ticket to this promotion..!"); } ?> any way i can get the errors to be passed onto the index.php (with the form) and echo them there? as it stands errors arnt shown to the users and its confusing people I want to run a php file which contains a long process and takes time. If I simply run the file on browsers, the process will be interrupted by any perturbation in the internet connection or closing the browser. How I can force the php process to continue running without connection to my local PC (server side controlling)? I am looking for something like what cron job does (but only one time, not periodically). Okay I want to run some code every 24 hours, what would be the best way to do this? Also I don't have root to the server or anything. Hey guys, I dont know if you can do this in PHP due to it only running when the page loads but I would like to make it so at the end of everyday "24:00" some code will run that will reset all users "Mana" and "Health". My guess would be JQuery or somthing like that? If anyone knows would be great for a reply. Cheers guys, Ruddy Hello there, I have a problem where the following code is running the query before it should. private function isAccountRegistered($AccountUsername, $AccountEmail) { global $Class; if($Class['MySQL']->currentRows("SELECT * FROM xhost_accounts WHERE account_username = '".$Class['MySQL']->parseClientInput($AccountUsername)."'") == 1) { return USERNAME_REGISTERED; } else if($Class['MySQL']->currentRows("SELECT * FROM xhost_accounts WHERE account_email = '".$Class['MySQL']->parseClientInput($AccountEmail)."'") == 1) { return EMAIL_REGISTERED; } } public function createClientAccount($AccountUsername, $AccountPassword, $AccountEmail, $AccountRealname) { global $Class; if($this->isAccountRegistered($AccountUsername, $AccountEmail) == USERNAME_REGISTERED) { echo("<div class=\"warning\">Unfortunately this username is in use by another member!, please select another!.</div>"); } else if($this->isAccountRegistered($AccountUsername, $AccountEmail) == EMAIL_REGISTERED) { echo("<div class=\"warning\">Unfortunately this email address is in use by another member!, please select another!.</div>"); } else { if($Class['MySQL']->Query("INSERT INTO xhost_accounts (account_username, account_password, account_email, account_realname, account_regdate, account_regtime, account_level, account_balance, account_notifications) VALUES('".$Class['MySQL']->parseClientInput($AccountUsername)."', '".md5($Class['MySQL']->parseClientInput($AccountPassword))."', '".$Class['MySQL']->parseClientInput($AccountEmail)."', '".$Class['MySQL']->parseClientInput($AccountRealname)."', '".date("d/m/y")."', '".time()."', '0', '0.00', 'Enabled')")) { $Class['Core']->refresh('index.php'); } else { echo("<div class=\"warning\">Unfortunately something went wrong there, please try again!.</div>"); } } } For some reason when the code above is run it executes if($Class['MySQL']->Query("INSERT INTO xhost_accounts (account_username, account_password, account_email, account_realname, account_regdate, account_regtime, account_level, account_balance, account_notifications) VALUES('".$Class['MySQL']->parseClientInput($AccountUsername)."', '".md5($Class['MySQL']->parseClientInput($AccountPassword))."', '".$Class['MySQL']->parseClientInput($AccountEmail)."', '".$Class['MySQL']->parseClientInput($AccountRealname)."', '".date("d/m/y")."', '".time()."', '0', '0.00', 'Enabled')")) Before it runs: if($this->isAccountRegistered($AccountUsername, $AccountEmail) == USERNAME_REGISTERED) { echo("<div class=\"warning\">Unfortunately this username is in use by another member!, please select another!.</div>"); } Causing it to say that the username is registered every time yet still inserting the account into the database, its returning that its registered because it inserts it before doing the check, does anybody have any idea why, this really has confused me, thanks for your time. Hi guys, I've just started using xampp for php. My friend sent me the files i've attached below to see if apache is working for me, but i don't understand why they won't work together. Basically the .html file opens a simple login which works fine. When the password is typed in it should direct me to some links, but for some reason it doesn't. It does however look like the apache server is working fine - it could be something with the code i'm really not to sure. When i try to log in these are one set of the errors it gives me: Warning: file_get_contents(listlinks.array) [function.file-get-contents]: failed to open stream: No such file or directory in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 8 Warning: sqlite_open() [function.sqlite-open]: unable to open database: /Applications/XAMPP/xamppfiles/htdocs/Test1/userlinks.sqlite in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 16 Warning: sqlite_query() expects parameter 1 to be resource, string given in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 20 Warning: sqlite_fetch_array() expects parameter 1 to be resource, null given in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 21 Warning: Cannot modify header information - headers already sent by (output started at /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php: in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 25 Warning: sqlite_close() expects parameter 1 to be resource, boolean given in /Applications/XAMPP/xamppfiles/htdocs/test1/userlinks.php on line 61 I've literally just started learning web scripting so i apologise for over-looking anything simple. The login.php file is also supposed to be .html aswel - i just changed it to upload. Thanks in advance, Josh. I have some PHP/HTML code being used in a WordPress site. The PHP outside of WordPress works in any browser. When I open it in Chrome in WP, it runs no problem. Within WP in Safari(unsupported plug in error pops up but I have deactivated all plugins) and Firefox, nothing shows up. This is the page: https://searchsoftball.com/search/
I can reproduce the problem in Chrome making one change but I do not know how to fix it. <?php $result = $con->query($sql); while($row = $result->fetch_assoc()){ ?> <tr> <td><?php echo $row['School'];?></td> <td><?php echo $row['City'];?></td> <td><?php echo $row['State'];?></td> <td><?php echo $row['Conference'];?></td> <td><?php echo $row['Division'];?></td> <td><?php echo '<a href="'.$row['Main'].'"target ="_blank">Main</a>';?></td> <td><?php echo '<a href="'.$row['Softball'].'"target ="_blank">Softball</a>';?></td> <td><?php echo '<a href="'.$row['Camp'].'"target ="_blank">Camp</a>';?></td> </tr> <?php <--- remove this
} <— and this I can provide the full code if needed. Thanks in advance |
|||||||