|
PHP - Php Registration System - Added To Database Even If There's Errors
Ok, first off, I tested my own coded reg system and when I make an error test, the error shows but the user info gets added to the database. How can I stop letting the code add the user to the database when an error occurs.
<?php include "lang.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PokePals - Registering</title> <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js" /> <link rel="stylesheet" type="text/css" href="style.css" /></head> <body> <?php include "navbar.php"; ?> <?php // Important stuff goes here include "sql_local.php"; include "ban.php"; // Now for the registration page echo "<div class='panel'>"; if (isset($_POST["submit"])) { // Define the variables here $user = mysql_real_escape_string ($_POST["user"]); $pass1 = mysql_real_escape_string ($_POST["pass"]); $pass2 = mysql_real_escape_string ($_POST["passconf"]); $email = mysql_real_escape_string ($_POST["email"]); $email2 = mysql_real_escape_string ($_POST["email2"]); $dpfc = mysql_real_escape_string ($_POST["dpfc"]); $platinumfc = mysql_real_escape_string ($_POST["platinumfc"]); $hgssfc = mysql_real_escape_string ($_POST["hgssfc"]); $otherfc = mysql_real_escape_string ($_POST["otherfc"]); $favoritepkmn = mysql_real_escape_string ($_POST["favoritepkmn"]); $aboutme = mysql_real_escape_string ($_POST["aboutme"]); $hobbies = mysql_real_escape_string ($_POST["hobbies"]); $favorites = mysql_real_escape_string ($_POST["favorites"]); $gender = mysql_real_escape_string ($_POST["gender"]); // Now check for some errors // Did he/she fill out the form completely? Lets find out function errors() { if (!$_POST["user"] | !$_POST["pass"] | !$_POST["email"] ) { echo "<div class='error'>Please fill in the required fields</div>"; } // Passwords match if ($_POST['pass'] != $_POST['passconf']) { echo "<div class='error'>Password does not match with the other one</div>"; } // Email match if ($_POST['email'] != $_POST['email2']) { echo "<div class='error'>Email does not match with the other one</div>"; } } // Is the user banned? foreach($banned_ips as $ip_ban) { if($user_ip == $ip_ban) { die ("<div class='error'>Your IP address is banned from registering. Contact the site administrator for more info</div>"); } } // If there are no errors, start adding the information to the database if (!errors()) { // Secure the passwords $securepass = md5($pass1); // Submit to the database $insertuser = "INSERT INTO users (user, password, email, dpfc, platinumfc, hgssfc, otherfc, favoritepkmn, aboutme, hobbies, favorites, gender, regip) values ('$user', '$securepass', '$email', '$dpfc', '$platinumfc', '$hgssfc', '$otherfc', '$favoritepkmn', '$aboutme', '$hobbies', '$favorites', '$gender', '$user_ip')"; $add = mysql_query($insertuser, $con) or die ('Error: ' . mysql_error() . ' Please contact an admin'); if ($add) { echo ("<h3>Registration Success</h3><p>You may now login using your username and password. Start hatching some eggs now!</p>"); } } } ?> <div class='registerform'><form action='register.php' method='post'> <label>Username *</label> <input type='text' name='user' class='form1' value='<?php echo @$_POST['user']; ?>' /> <fieldset><legend>Password</legend> <label>Enter your password *</label> <input type='password' name='pass' class='form1' value='<?php echo @$_POST['pass']; ?>' /> <label>Password again *</label> <input type='password' name='passconf' class='form1' value='<?php echo @$_POST['passconf']; ?>' /> </fieldset> <fieldset><legend>Email</legend> <label>Enter your email *</label> <input type="text" name="email" class="form1" value="<?php echo @$_POST['email']; ?>" /> <label>Enter email again *</label> <input type="text" name="email2" class="form1" value="<?php echo @$_POST['email2']; ?>" /> </fieldset> <input type="submit" name="submit" class="submitbutton" value="Register!" /> </form> Similar TutorialsI'm trying to teach myself how to use functions and includes in my scripts. As an exercise I am trying to create a registration system that I can re-use on other future projects. I have my main register.php page as follows: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title>Register</title> </head> <body> <?php ini_set('display_errors', 1); ini_set('log_errors', 1); ini_set('error_log', dirname(__FILE__) . '/error_log.txt'); error_reporting(E_ALL); // Check to see if query string is set, if not pass empty array to function. if((!isset($_GET['success'])) && (!isset($_GET['active'])) && (!isset($_GET['valid']))) { include ('registerform.php'); $invalidcode = array(); regform($invalidcode); } //If success is set, use value to determine response if(isset($_GET['success'])) { if($_GET['success'] == "false") { echo "There has been an error with your registration. You will be redirected to the registration page in 5 SECONDS."; echo "<meta http-equiv=refresh content =\"5; URL=index.php\">"; } if($_GET['success'] == "true") { echo "Thanks for registering. An activation email has been sent to your registered email address.<br />"; echo "Please check you email and follow the activation link contained within it."; } } //if active is set, determine response (note: code to be added here in future) if(isset($_GET['active'])) { if($_GET['active'] == "true") { echo "Thank you for activating this account.<br />"; echo "You may now return to the home page and login!"; } } //if valid is set there was a problem with the form validation. //get valid from query string, convert back to an array and pass array to the form display script if(isset($_GET['valid'])) { $invalidcode = $_GET['valid']; $invalidcode = unserialize(urldecode($invalidcode)); include ('registerform.php'); regform($invalidcode); } ?> </body> </html> When the page loads it first checks for any variables passed in the url to determine action. Heres the code for the function regform(): <?php function regform($errors) { //set variables to initial value to prevent undefined variable error $errors0 = 0; $errors1 = 0; $errors2 = 0; $errors3 = 0; $errors4 = 0; $errors5 = 0; $errors6 = 0; $errors7 = 0; //check to make sure the array that was passed was not empty //from my validation script the errors are in matching order to the display on this page. //I have only prepared 2 errors for this inital testing, there will be one for each field on the form. $i = count($errors); if($i > 0){ $errors0 = $errors[0]; $errors1 = $errors[1]; //$errors2 = $errors[2]; //$errors3 = $errors[3]; //$errors4 = $errors[4]; //$errors5 = $errors[5]; //$errors6 = $errors[6]; //$errors7 = $errors[7]; } echo "<form id='register' name='register' method='post' action='doreg.php' >"; echo "<table>"; //if the variable = 1 there was an error validating the field in the validate script if($errors0 == 1){ echo "<tr><td><font color='red'>First Name</font></td><td><input type='text' name='firstname' /></td><tr>"; } else { echo "<tr><td>First Name</td><td><input type='text' name='firstname' /></td><tr>"; } if($errors1 == 1){ echo "<tr><td><font color='red'>Last Name</font></td><td><input type='text' name='lastname' /></td><tr>"; } else { echo "<tr><td>Last Name</td><td><input type='text' name='lastname' /></td><tr>"; } //additional errors to be added, as per abov,e for the code below echo "<tr><td>Email Address</td><td><input type='text' name='email' /></td><tr>"; echo "<tr><td>Password</td><td><input type='password' name='password1' /></td><tr>"; echo "<tr><td>Confirm Password</td><td><input type='password' name='password2' /></td><tr>"; echo "<tr><td></td><td></td><tr>"; echo "<tr><td>Accept Terms?</td><td><input type='checkbox' name='accept' /></td><tr>"; echo "<tr><td>Security String</td><td><input type='text' name='secstring' /></td><tr>"; echo "<tr><td></td><td><input type='submit' name='submit' value='submit' /></td><tr>"; echo "<tr><td></td><td><input type='hidden' name='form_submit' value='1' /></td><tr>"; echo "</table>"; echo "</form>"; } ?> So the form takes the array ?valid passed to the register page and determines which fields had a validation error and highlights them red. (I'll modify this highlighting to be what ever I need later...just testing my logic ) The form then calls doreg.php on submit. This will firstly run the validate script, then perform DB actions if all ok, else it will return to register with the error array passed in a query string: <?php if($_POST['form_submit'] == 1) { include ('validate.php'); //the validate script returns $errorarray. Need to figure out better way to test values to determine if any error flags are set if(($errorarray[0]!=0) or ($errorarray[1]!=0) or ($errorarray[2]!=0)) { $errorarray = urlencode(serialize($errorarray)); echo "<meta http-equiv=refresh content=\"0; URL=register.php?valid=$errorarray\">" ; } echo "<meta http-equiv=refresh content=\"0; URL=register.php?success=true\">"; } ?> php] And finally there is the actual validation script. I was hoping to be able to use this for all form validations across the site. I'll just add if(isset) for the various form fields and make sure I standardize my field names across my sites forms. [php] <?php $errorarray = array(); if($_POST['firstname'] == "") { $errorarray[0] = 1; } else {$errorarray[0] = 0; } if($_POST['lastname'] == "") { $errorarray[1] = 1; } else {$errorarray[1] = 0; } if($_POST['email'] == "") { $errorarray[2] = 1; } else {$errorarray[2] = 0; } return $errorarray; ?> For this example I have just done simple empty string checks. I'd really appreciate any advice on the code I've written to date. Im quite sure there are more elegant ways to achieve what these scripts do and I would greatfully accept any feedback. (Be gentle...I'm new ) Thanks Hi All, I have currently been working on a login/registration system for a university project and I am now struggling with the login section. The problem is with one particular function and an if statement. The function checks to see if the username and password entered matches the username and password in the database but each time I get it echoing username/password incorrect. the function is Code: [Select] function valid_credentials($user, $pass) { $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT(`user_username`) FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } and the statement is Code: [Select] if (valid_credentials($_POST['username'], $_POST['password']) == false) { $errors = 'Username/Password incorrect.'; } Any help would be greatly appreciated as this has been bugging me for the past 5 days :/ I'm trying to make a simple but secure login/user registration for this site I'm building. I'm new to php, so I followed some tutorials from www.newthinktank.com. http://www.newthinktank.com/2011/01/php-security-pt-2/ http://www.newthinktank.com/2011/01/php-security-pt-4-set-up-captcha// http://www.newthinktank.com/2011/01/web-design-and-programming-pt-21-secure-login-script/ But I'm having a couple of problems. On the registration.php file, whenever I type in wrong information, the validation error messages don't display and also whenever I click the submit button, the form doesn't do anything. It doesn't insert information into my database. It just shows the empty form. On my login.php file, again the validation errors don't display and I can't tell if I'm logged in or not. The form redirects to my index page, but the user box that shows the different menus depending on whether or not someone is logged in stays in guest mode. I don't get any php error messages on either file. Here's my code: register.php file: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled</title> <link href="_css/page_layout.css" rel="stylesheet" type="text/css" /> <link href="_css/page_text.css" rel="stylesheet" type="text/css" /> <link href="_css/sidebarLeft.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <?php include('_includes/template/header.php'); ?> <?php include('_includes/template/nav.php'); ?> <?php include('_includes/template/sidebar_left.php'); ?> <div id="mainContent"> <div class="content"> <?php require_once('_includes/connectvars.php'); if (isset($_POST['submitted'])) { if (preg_match ('%^[A-Za-z\.\' \-]{2,20}$%', stripslashes(trim($_POST['first_name'])))) { $firstname = escape_data($_POST['first_name']); } else { $firstname = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid first name!</font></p>'; } if (preg_match ('%^[A-Za-z\.\' \-]{2,40}$%', stripslashes(trim($_POST['last_name'])))) { $lastname = escape_data($_POST['last_name']); } else { $lastname = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid last name!</font></p>'; } if (preg_match ('%^(0?[1-9]|[12][0-9]|3[01])[-/. ](0?[1-9]|1[0-2])[-/.](19|20)\d{2}$%', stripslashes(trim($_POST['birth_date'])))) { $birthdate = escape_data($_POST['birth_date']); } else { $birthdate = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid date of birth!</font></p>'; } $gender = escape_data($_POST['gender']); if (preg_match ('%^[0-9]{5}$%', stripslashes(trim($_POST['zip_code'])))) { $zipcode = escape_data($_POST['zip_code']); } else { $zipcode = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid 5 digit zip code!</font></p>'; } if (preg_match ('%^[A-Za-z0-9._\%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$%', stripslashes(trim($_POST['email'])))) { $email = escape_data($_POST['email']); } else { $email = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid email address!</font></p>'; } if (preg_match ('%^[a-z\d_]{2,20}$%', stripslashes(trim($_POST['username'])))) { $username = escape_data($_POST['username']); } else { $username = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid username!</font></p>'; } if (preg_match ('%\A(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])\S{6,}\z%', stripslashes(trim($_POST['password1'])))) { if (($_POST['password1'] == $_POST['password2']) && ($_POST['password1'] != $_POST['username'])) { $password = escape_data($_POST['password1']); } elseif ($_POST['password1'] == $_POST['username']) { $password = FALSE; echo '<p><font color="red" size="+1″>Your password cannot be the same as the username!</font></p>'; } else { $password = FALSE; echo '<p><font color="red" size="+1″>Your password did not match the confirmed password!</font></p>'; } } else { $password = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid password!</font></p>'; } $captchchk = 1; require_once('_includes/recaptchalib.php'); $privatekey = "My private key goes here...i know"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { echo '<p><font color="red" size="+1″>The CAPTCHA Code wasn\'t entered correctly! </font></p>'; $captchchk = 0; } if ($firstname && $lastname && $birthdate && $gender && $zipcode && $email && $username && $password) { $query = "SELECT user_id FROM users WHERE username='$username'"; $result = mysql_query($query) or trigger_error("Sorry, that username is taken"); if(mysql_num_rows($result) == 0) { $a = md5(uniqid(rand(), true)); $query = "INSERT INTO users(zip_code, username, first_name, password, activation_code, join_date, last_name, gender, birth_date, email) VALUES ('$zipcode', '$username', '$firstname', SHA('$password'), '$a', NOW(), '$lastname', '$gender', '$birthdate', '$email')"; $result = mysql_query($query) or trigger_error("Sorry an error happened"); if(mysql_affected_rows() == 1) { $body = "Thanks for registering. Activate account by clicking this link: <br />"; $body .= "http://localhost/activate.php?x=" . mysql_insert_id() . "&y=$activationcode"; mail($email, 'Registration Confirmation', '$body', 'From: admin@mysite.com'); echo '<br /><br /><h1>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h1>'; } exit(); } else { echo '<p><font color="red" size="+1″>You could not be registered due to a system error. We apologize for any inconvenience.</font></p>'; } } else { echo '<p><font color="red" size="+1″>That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font></p>'; } mysql_close(); } ?> <h1>Register</h1> <br /> <p>Please fill out the form below. All fields required.</p> <br /> <center><form action="register.php" method="POST" id="regform"> <table width="550" border="0"> <tr> <td width="200"><p>First Name:</p></td> <td width="200"><label for="first_name"></label> <input name="first_name" type="text" id="first_name" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>"/></td> <td width="200"> </td> </tr> <tr> <td><p>Last Name:</p></td> <td><label for="last_name"></label> <input name="last_name" type="text" id="last_name" maxlength="45" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Birthdate:</p></td> <td><label for="birth_date"></label> <input name="birth_date" type="text" id="birth_date" maxlength="10" value="<?php if (isset($_POST['birth_date'])) echo $_POST['birth_date']; ?>"/></td> <td><p>(Format: MM/DD/YYYY)</p></td> </tr> <tr> <td><p>Gender</p></td> <td><p> <label> <input type="radio" name="gender" value="F" id="gender_0" /> F </label> <label> <input type="radio" name="gender" value="M" id="gender_1" /> M </label> <input name="gender" type="hidden" value="" /> <br /> </p></td> <td> </td> </tr> <tr> <td><p>Zip Code</p></td> <td><label for="zip_code"></label> <input name="zip_code" type="text" id="zip_code" maxlength="5" value="<?php if (isset($_POST['zip_code'])) echo $_POST['zip_code']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Email:</p></td> <td><label for="email"></label> <input name="email" type="text" id="email" maxlength="255" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Username:</p></td> <td><label for="username"></label> <input name="username" type="text" id="username" maxlength="60" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Choose New Password:</p></td> <td><label for="password1"></label> <input name="password1" type="password" id="password1" maxlength="40" /></td> <td> </td> </tr> <tr> <td><p>Confirm New Password:</p></td> <td><label for="password2"></label> <input name="password2" type="password" id="password2" maxlength="40" /></td> <td> </td> </tr> </table> </br> <?php require_once('_includes/recaptchalib.php'); $publickey = "my public key goes here...i know"; // you got this from the signup page echo recaptcha_get_html($publickey); ?> <br /> <input type="submit" name="submit_signup" id="submit_signup" value="Sign Up" /> <input type="hidden" name="submitted" value="TRUE" /> </form></center> <br /> <br /> </div> </div> <?php include('_includes/template/sidebar_right.php'); ?> <?php include('_includes/template/footer.php'); ?> </div> </body> </html> login.php file: Code: [Select] <?php session_start(); require_once('_includes/connectvars.php'); ?> <?php if (isset($_POST['submitLogin'])) { if (preg_match ('%^[A-Za-z0-9]\S{6,20}$%', stripslashes(trim($_POST['username'])))) { $username = escape_data($_POST['username']); } else { $username = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid username!</font></p>'; } if (preg_match ('%^[A-Za-z0-9]\S{6,20}$%', stripslashes(trim($_POST['password'])))) { $password = escape_data($_POST['password']); } else { $password = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid password!</font></p>'; } if ($username && $password) { $query = "SELECT user_id, level_access, username, password, join_date, first_name, last_name, birth_date, gender, zip_code, email, activation_code FROM users WHERE username='$username' AND password=SHA('$password')"; $result = mysql_query ($query) or trigger_error("Either the Username or Password are incorrect"); if (mysql_affected_rows() == 1) { $row = mysql_fetch_array ($result, MYSQL_NUM); mysql_free_result($result); $_SESSION['first_name'] = $row[5]; $_SESSION['username'] = $row[2]; $tokenId = rand(10000, 9999999); $query2 = "update users set tokenid = $tokenId where username = '$_SESSION[username]'"; $result2 = mysql_query ($query2); $_SESSION['token_id'] = $tokenId; session_regenerate_id(); header("Location: http://localhost/mysite/index.php"); mysql_close(); exit(); } } else { echo '<br><br><p><font color="red" size="+1″>Either the Username or Password are incorrect</font></p>'; mysql_close(); exit(); } echo '<br><br><p><font color="red" size="+1″>Either the Userid or Password are incorrect</font></p>'; mysql_close(); exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled</title> <link href="_css/page_layout.css" rel="stylesheet" type="text/css" /> <link href="_css/page_text.css" rel="stylesheet" type="text/css" /> <link href="_css/sidebarLeft.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <?php include('_includes/template/header.php'); ?> <?php include('_includes/template/nav.php'); ?> <?php include('_includes/template/sidebar_left.php'); ?> <div id="mainContent"> <div class="content"> <h1>Login</h1> <form action="login.php" method="post" name="login" id="login"> <table width="200" border="0"> <tr> <td><p>Username:</p></td> <td><label for="username"></label> <input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>"/></td> </tr> <tr> <td><p>Password:</p></td> <td><label for="password"></label> <input type="password" name="password" id="password" /></td> </tr> </table> <br /> <p> <label> <input type="radio" name="remember_me" value="radio" id="remember_me_0" /> Keep me logged in </label> <br /> </p> <br /> <input type="submit" name="submitLogin" value="Login" /> <input type="hidden" name="submitted" value="TRUE" /> </form> <br /> <p>Not a member? <a href="register.php">Create an account!</a></p> <br /> <p>Forgot password?</p> </div> </div> <?php include('_includes/template/sidebar_right.php'); ?> <?php include('_includes/template/footer.php'); ?> </div> </body> </html> Here's the code that shows the different menus depending on if someone is logged in or not. Code: [Select] <div class="login"> <?php echo '<p>'; echo 'Welcome '; if (isset($_SESSION['first_name'])) { echo " {$_SESSION['first_name']}!</br></br>"; } else { echo 'Guest!'; } if (isset($_SESSION['username']) AND (substr($_SERVER['PHP_SELF'], -10) != 'logout.php')) { echo '<a href="add_event.php">Add an Event</a></br> <a href="my_profile.php">My Profile</a></br> <a href="logout.php"><p>Logout</a></br>'; } else { echo '</br> <a href="register.php">Register</a></br> <a href="login.php">Login</a></br>'; } echo'</p>'; ?> </div> I have a membership site that a user creates a username and password at registration. The user logs in and all that works. The usersname is located in the database under users. Each page is protected and you must login to access it. Here is the code for that
checkLogin('2');
$getuser = getUserRecords($_SESSION['user_id']);
If the user login is correct they have access to the page. This all works fine as I said. On this page is a form that gets filled out. All the data except the username is added to the database for the contents of this form. I need to have the username added to the database to track who the data belongs to. Here is the code I have for this, can some tell me where I messed up.
The line under the the code <body> pulls the username and the echo command prints the username on the page. I repeated this code under the
if ($_SERVER['REQUEST_METHOD'] == "POST") code and it also prints the username.
<?php
// this is processed when the form is submitted
// back on to this page (POST METHOD)
if ($_SERVER['REQUEST_METHOD'] == "POST")
{ $usernow = $getuser[0]['username'];
$userid = $usernow;
echo "$userid";
# escape data and set variables
$userid = addslashes($_POST["userid"]);
$date = addslashes($_POST["date"]);
$temperature = addslashes($_POST["temperature"]);
$ph = addslashes($_POST["ph"]);
$ammonia = addslashes($_POST["ammonia"]);
$nitrite = addslashes($_POST["nitrite"]);
$nitrate = addslashes($_POST["nitrate"]);
$phosphate = addslashes($_POST["phosphate"]);
$gh = addslashes($_POST["gh"]);
$kh = addslashes($_POST["kh"]);
$iron = addslashes($_POST["iron"]);
$potassium = addslashes($_POST["potassium"]);
$notes = addslashes($_POST["notes"]);
// # setup SQL statement
$sql = " INSERT INTO water_parameters ";
$sql .= " (id, userid, date, temperature, ph, ammonia, nitrite, nitrate, phosphate, gh, kh, iron, potassium, notes) VALUES ";
$sql .= " ('', '$userid', '$date', '$temperature', '$ph', '$ammonia', '$nitrite', '$nitrate', '$phosphate', '$gh', '$kh', '$iron', '$potassium', '$notes') ";
// #execute SQL statement
$result = mysql_query($sql);
// # check for error
if (mysql_error()) { print "Database ERROR: " . mysql_error(); }
print "<h3><font color=red>New Water Parameters Were Added</font></h3>";
}
?>
I have a code that works but it wont add the data to my database. It says the data has been added but the actual data is not actually added. I have checked through this code to see any errors but I cant find any. Can someone help me Code: [Select] $sqll= takeanexam($_SESSION['username1'], $_SESSION['ssubject'], $_SESSION['smodule']); // mysql_data_seek(sqll, 0); while($info = mysql_fetch_array( $sqll )) { $questionId = $info['Que_ID']; $choice = array(); for ($i =1; $i < 5; $i++) { if (empty($_POST['choice'][$questionId][$i])) { $choice[$i] = 0; } else { $choice[$i] = 1; } } $username= $_SESSION['username1']; mysql_query("INSERT INTO answer (Ans_Answer1, Ans_Answer2, Ans_Answer3, Ans_Answer4, Que_ID, Use_ID) VALUES ({$choice[1]}, {$choice[2]}, {$choice[3]}, {$choice[4]}, $questionId, $username)"); } hello everyone, I am about to start coding my pages to display results from a database but before i do i want to know information about the following : Is it best to upload images to a database?and display them accordingly? or is it best to use images from a directory? What is most commonly used and or more reliable? Another topic i have trouble finding information on is actually positioning the output from you mysql database, is this practice done with tables?fields and rows? What is this method called? And is there more then one way to go about controlling result layout on your page? Sorry about the 1001 questions , but i am unable to find a clear answer on the topic ..especially question two . Thanks in advance. hello, i'm actually doing a javascript here to create dynamic textboxes when a button is clicked. now my problem is, how to get all the values from these textboxes and save these values altogether in a column on the table.. i know few php coding methods like $_POST in handling values from txtboxes and saving it to database but it doesn't include working with javascript and dynamic textboxes.. and i'm actually doubtful if this is possible..so any help from you guys i would deeply appreciate. heres my code: Code: [Select] <html> <head> <script type="text/JavaScript"> function AddTextBox() { document.getElementById('container').innerHTML+='<input type="text" name="block"><br>'; } </script> </head> <body> <input type="text" name="block"> <div id="container"></div> <br> <button onclick="AddTextBox();">Add another textbox</button> </body> </html> Hello, iv got a code that validates form fields: ////////////////////duomenys is regform.php $username = $_POST['regname']; $email= $_POST['regemail']; $password1 = $_POST['regpass1']; $password2 = $_POST['regpass2']; /////////////////////////////////////////// ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if(isset($_POST['regsubmit'])){ ////////////////////////////////////tikrina ar viskas uzpildyta if($username !="" && $email !="" && $password1 !="" && $password2 !="" && $password1 == $password2) { /////////////////////////////////////////////////////////////// if (pg_num_rows($result)) { exit('Toks vartotojas jau egzistuoja, pasirinkite kita vartotojo varda'); } else ///////////////////ideda duomenys is regform.php i duomenu baze $insert = "INSERT into duom(name, email, pass) VALUES('".$username."','".$email."','".$password1."')"; pg_query($insert); echo "Registracija pavyko!"; /////////////////////////////////////////////////////////////// } else echo "Blogai uzpildyti domenys!"; } everything is working but i need to add 1 more thing to this - to see if email already exists in the databse. I did it for username but idk how to add the same code for email. Heres the code to check if username already exists: ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); $result = pg_query('SELECT 1 FROM duom WHERE LOWER(name)=\''.strtolower(pg_escape_string($username)).'\'')or exit(pg_last_error()); if (pg_num_rows($result)) { exit('Username already exists); thanks in advance Could anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.
So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it.
<html lang="eng">
<head>
<link rel="stylesheet" href="style.css">
<title>name</title>
</head>
<body>
<div class="formdiv">
<h2>Log in or register</h2>
<form action="" method="post">
<p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required>
<p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required>
<?php
if (isset($_POST['saveBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = register($username);
if ($error == '') {
echo "User: $username has been registered!<br/>";
}
else echo $error;
}
?>
<input type="submit" name="saveBtn" value="Save new user">
<input type="submit" name="loginBtn" value="Login">
</form>
</div>
<?php // Registration
function register($user){
$textError = '';
// Check and see if user exists
$UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
$textError = "Username already exists!";
break;
}
}
if ($textError == ''){
$hash = password_hash('', PASSWORD_DEFAULT);
fwrite($UserPassTxt, "\n$user: $hash");
}
fclose($UserPassTxt); // Closes txt doc
return $textError;
}
?>
<?php //Login
function login($user, $pass){
}
?>
</body>
///here's my best attempt at the function
<?php //Login
$error = '0';
if (isset($_POST['loginBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = login($username,$password);
}
function login($user, $pass){
$errorText = '';
$validUser = false;
$UserPassTxt = fopen("userpwd.txt","r");
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){
$validUser= true;
$_SESSION['user'] = $user;
}
break;
}
}
fclose($UserPassTxt);
if ($validUser != true) $errorText = "Not correct username or password";
if ($validUser == true) $_SESSION['validUser'] = true;
else $_SESSION['validUser'] = false;
return $errorText;
}
function logoutUser(){
unset($_SESSION['validUser']);
unset($_SESSION['user']);
}
function checkUser(){
if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){
header('Location: index.php');
}
}
?>
Ok Here is my Problem the following works great except it does not add the $user var to the account_details. As well as outputs md5 wrong it outputs something but its different than the password should be. Heres my PHP code: Code: [Select] <?php session_start(); /** * @author Brian T. Flores * @copyright 2010 - 2014 */ error_reporting(E_ALL); $conn = mysql_connect($db_host, $db_user, $db_pass) or die ('Error connecting to mysql'); mysql_select_db($db_name); if($_GET['goahead']==1){ // If GoAhead Is set if(isset($_GET['user'])){ // If isset GoAhead $user = mysql_real_escape_string($_GET['user']); // Clean User for Transfer. $user_check = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'"); // Check to see if username is taken. $ucount = mysql_num_rows($user_check); // Get Username Check Count if($ucount!=""){ // If Username is Taken. die(3); // Die Error Number 3 } // End If Username is Taken. if(isset($_GET['pass'])){ // If password is set. $pass = mysql_real_escape_string($_GET['pass']); // Clean Password for Transfer. $encPass = md5($pass); // Encrypt Password if(isset($_GET['race'])){// If Race is Set. $race = mysql_real_escape_string($_GET['race']); // Clean Race for Transfer. if(isset($_GET['email'])){ // If Email is set. $email = mysql_real_escape_string($_GET['email']); // Clean Email for Transfer. $email_check = mysql_query("SELECT * FROM `account_details` WHERE `email` = '$email'");// Check to see if Email is Taken. $ecount = mysql_num_rows($email_check); // Get Email Check Count. if($ecount!=""){ // If Email is Taken. die(2); // Die Error Number 2 } // End If Email is Taken. if(isset($_GET['email2'])){ // If email confirmation is set. $email2 = mysql_escape_string($_GET['email2']); // Clean Email Confirmation for Transfer. if($email == $email2){ // If emails match. if(isset($_GET['planet'])){ // If Planet Name is Set. $pname = mysql_real_escape_string($_GET['planet']); // Clean Planet Name for Transfer. if(isset($_GET['security_code'])){ // If Security Code Input is set. $security_code = mysql_real_escape_string($_GET['security_code']); // Clean Security Code. $security_enc = md5($security_code); // Encrypt Security Code. $security_code2 = $_SESSION['image_random_value']; // Get Security Code Session if($security_enc == $security_code2){ // If Codes Match. $randActive = rand(11111111111111111111,99999999999999999999); // Get Activation Link pre-encrypt. $activation_link = md5($randActive); // Get Encrypted Activation Link. $q = "INSERT INTO `account_details` (`username01`, `password01`, `loggedIn`, `currentlyLogged`, `active`, `activelink`, `race`, `email`) VALUES ('$user', '$encPass', 0, 0, 0, '$activation_link', '$race', '$email');"; // ^ Add Account Query. $res = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // ^ Add Account to SQL. $q = mysql_query("SELECT * FROM `account_details` WHERE `username01` = '$user'")or die(mysql_error()); // ^ Get Information from New Account. $newuserinfo = mysql_fetch_array($q);// Get New User Information $id = $newuserinfo['id']; // Set New Account Id. $q="INSERT INTO `planets` (`owner`, `name`, `recource1`, `recource2`, `recource3`, `recource4`, `recource5`, `turns_01`, `untrained_units_01`, `attackers_01`, `defenders_01`, `miners_01`, `covert_01`, `anticovert_01`, `ship_01`, `ship_02`, `ship_03`, `ship_04`, `ship_05`, `ship_06`, `ship_07`, `building01`, `building02`, `building03`, `building04`, `building05`, `building06`, `building07`, `building08`, `building09`) VALUES ('$id', '$pname', 35000, 15000, 12000, 135000, 125000, 220, 150, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0);"; // ^ Add Planet Query. $res2 = mysql_query($q) or die("Error Detected! <br />".mysql_error()); // Add Planet to SQL. $body = " Hello ".$user.", Congradulations! Your account on Ultimate Conquest has been Registed Today! Click the following Link to Activate Account: http://testing.ultimateconquest.net/activate.php?code=".$activation_link." If you have not registered an account and have found this message in error please click the following link to report this error: http://testing.ultimateconquest.net/errorreg.php?account=".$user." Thank you for registering for Ultimate Conquest - ULC, Head Admin Brian Flores AKA Photonic.... "; // Activation Email Information. if (mail($email, "Activate your ULC Ultimate Conquest Account! No-Reply!", $body)) { // If Email Is Sent. die("1"); // Die Error Number 1 } // End Send Email }else{ // If Security Codes do Not Match. die("12"); // Die Error Number 12 } }else{ // If Security Code is Not Set die("11"); // Die Error Number 13 } }else{ // If Planet Name is Not Set. die("10"); // Die Error Number 10. } }else{ // If Emails do not match. die("9"); // Die Error Number 9. } }else{ // If email confirmation is not set. die("8"); // Die Error Number 8. } }else{ // If email is not set. die("7"); // Die Error Number 7. } }else{ // If race is not set. die("6"); // Die Error Number 6. } }else{ // If Password is not set. die("5"); // Die Error Number 5. } }else{ // If Username is not set. die("4"); // Die Error Number 4. } }else{ // If GoAhead is Not Set. die("Go Ahead Not Established By Game System!"); } ?> Here is the Register Function in Javascript: Code: [Select] function regMast(){ var user = document.getElementById('username_client').value; var pass = document.getElementById('password_client').value; var race1 = document.getElementById('races1').value; if(race1 !=""){var race = document.getElementById('races1').value;} var race2 = document.getElementById('races2').value; if(race2 !=""){var race = document.getElementById('races2').value;} var race3 = document.getElementById('races3').value; if(race3 !=""){var race = document.getElementById('races3').value;} var race4 = document.getElementById('races4').value; if(race4 !=""){var race = document.getElementById('races4').value;} var planet_name = document.getElementById('pname').value; var email = document.getElementById('email').value; var email2 = document.getElementById('email2').value; var security_code = document.getElementById('security_code').value; var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); } catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } // Create a function that will receive data sent from the server ajaxRequest.onreadystatechange = function(){ if(ajaxRequest.readyState == 4){ var returni = ajaxRequest.responseText; if(returni == "1"){ document.getElementById('reg_error').innerHTML = 'Registration Completed! Check Activation Email for more information.'; } if(returni == "2"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Address Already Taken!'; } if(returni == "3"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Already Taken!'; } if(returni == "4"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Username Field Empty!'; } if(returni == "5"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Password Field Empty!'; } if(returni == "6"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You must select a race!'; } if(returni == "7"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Field Empty!'; } if(returni == "8"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Email Confirmation Field Empty!'; } if(returni == "9"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Emails did not Match!'; } if(returni == "10"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! Planet Name Field Empty!'; } if(returni == "11"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! You did not Input the Security Code!'; } if(returni == "12"){ document.getElementById('reg_error').innerHTML = 'Registration Incomplete! The Security Code you Inputed did not Match the Image!'; }else{ document.getElementById('reg_error').innerHTML = returni; } } } var queryString = "?goahead=1&user=" + user + "&pass=" + pass + "&race=" + race + "&email=" + email + "&email2=" + email2 + "&security_code=" + security_code + "&planet=" + planet_name; ajaxRequest.open("GET", "register.php" + queryString, true); ajaxRequest.send(null); } I need help trying to figure out why my form won't write the database it is supposed to - i checked the connection to the database and it works and the user seems to have permission to edit database - the error I get is "Error: User not added to database." from "register.php". Can someone please look over my code and see if the problem is coming from somewhere within?
I created a connection file (connect.php)
<?
session_start();
// Replace the variable values below
// with your specific database information.
$host = "localhost";
$user = "master";
$pass = "hidden";
$db = "user";
// This part sets up the connection to the
// database (so you don't need to reopen the connection
// again on the same page).
$ms = mysql_pconnect($host, $user, $pass);
if ( !$ms )
{
echo "Error connecting to database.\n";
}
// Then you need to make sure the database you want
// is selected.
mysql_select_db($db);
?>
Then there is the php script (register.php):
<?php
session_start();
// connect.php is a file that contains your
// database connection information. This
// tutorial assumes a connection is made from
// this existing file.
require('connect.php');
// If the values are posted, insert them into the database.
if (isset($_POST['email']) && isset($_POST['password'])){
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$password = $_POST['password'];
$query = "INSERT INTO `member` (firstname, lastname, email, password) VALUES ('$firstname', '$lastname', '$email' '$password')";
$result = mysql_query($query);
if ( !mysql_insert_id() )
{
die("Error: User not added to database.");
}
else
{
// Redirect to thank you page.
Header("Location: surveylanding_no-sidebar.html");
}
}
?>
Here is the HTML form:
<form name="htmlform" method="post" class="form" action="register.php">
<p class="firstname">
<input type="text" name="firstname" id="firstname" />
<label for="firstname">First Name</label>
</p>
<p class="lastname">
<input type="text" name="lastname" id="lastname" />
<label for="lastname">Last Name</label>
</p>
<p class="email">
<input type="email" name="email" id="email" />
<label for="email">Email</label>
</p>
<p class="Password">
<input type="password" name="password" id="password" />
<label for="password">Password</label>
</p>
<p class="submit">
<input type="submit" value="Register"/>
</p>
</form>
Dear All, I have written the following code for "Forgot Password" link on my website www.computationalphotography.in. Below is my code: Code: [Select] <?php include_once"configure.php"; $email=$_POST['email']; $email=mysql_real_escape_string($email); if($email<>""){ $check_user_data = mysql_query("SELECT * FROM registration WHERE email = '$email'") or die(mysql_error()); if(mysql_num_rows($check_user_data) == 0) {echo '<script language="javascript">alert("This email address does not exist. Please try again.")</script>;';unset($email);} else {$row = mysql_fetch_array($check_user_data);$email=$row['email']; $to = $email; $subject = "Here are your login details . . . "; $message = "This is in response to your request for login details on www.computationalphotography.in.\nYour username is $row['email']\n.Your password is $row['password'].\n"; $headers = "From: ".$psbhostemailaddress."\r\nReply-To: ".$email; if(mail($to, $subject, $message, $headers)){echo "<center><font face='Verdana' size='2'><b><br><br><br><br><br>THANK YOU</b> <br>Your passwords are posted to your email address. Please check your mail soon.</center>";} else{echo "<center><font face='Verdana' size='2' color=red>There is some system problem in sending login details to your address. <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} }} ?> On execution I am receiving the error: Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/computat/public_html/forgotpassword.php on line 22 Kindly help me out! Thank you. Here is my code to update a blog entry. When submitted there is no error but the database is not updated with the new info. I have a similar script on a different page and it works fine so I am confused to why this is happening. I am also a PHP beginner. Here is my code: Code: [Select] <?php include_once ("scripts/checkuserlog.php"); include_once ("scripts/connectToMysql.php"); if (!$_SESSION['idx']) { $msgToUser = '<br /><br /><font color="#FF0000">Only site members can do that</font><p><a href="register.php">Join Here</a></p>'; include_once 'msgToUser.php'; exit(); } else if ($logOptions_id != $_SESSION['id']) { $msgToUser = '<br /><br /><font color="#FF0000">Only site members can do that</font><p><a href="register.php">Join Here</a></p>'; include_once 'msgToUser.php'; exit(); } $date = date("m.d.y"); $workoutName = ''; $workoutDescription = ''; $id = $_GET['id']; if(isset($_POST['workoutName'])){ $workoutName = $_POST['workoutName']; $workoutDescription = $_POST['workoutDescription']; $blogUpdate = mysql_query("UPDATE blog SET workoutName='$workoutName', workoutDescription='$workoutDescription' WHERE id='$id' LIMIT 1") or die (mysql_error()); if ($blogUpdate){ $successMsg = 'Blog entry updated successfully'; } else { $errorMsg = 'Problems arose during the information exchange, please try again later.'; } } $sql = mysql_query("SELECT * FROM blog WHERE id='$id' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $workoutName = $row['workoutName']; $workoutDescription = $row['workoutDescription']; $dateOfEntry = $row['datetime']; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>S.F.I - Edit Blog Entry</title> <link href="style/main.css" rel="stylesheet" type="text/css" /> <link href="style/layout.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="container"> <?php include_once ("bannerFiles/bannerTemplate.php"); ?> <?php include_once ("bannerFiles/bannerMenu.php"); ?> <br /><br /> <div id="content"> <table bgcolor="#DBE4FD" width="950px"> <form action="editBlogPost.php" method="post" enctype="multipart/form-data"> <tr> <td width="200px"><span class="blackText">Workout Name:</span></td><td width="650px"><input name="workoutName" type="text" id="workoutName" value="<?php echo ("$workoutName");?>"/> <span class="blackText">Date of entry: <?php echo ("$dateOfEntry"); ?></span></td></tr> <tr> <td><span class="blackText">Workout Description:</span></td><td><textarea name="workoutDescription" cols="75" rows="10" id="workoutDescription" /><?php echo ("$workoutDescription"); ?></textarea></td></tr> <tr><td><input name="submit" id="submit" type="submit" value="Update" /></td><td><span class="errorMsg"><?php echo ("$errorMsg"); ?><?php echo ("$successMsg"); ?></span></td> </tr> </form> </table> </div> <br /><br /> <?php include_once ("footerFiles/footerTemplate.php"); ?> </div> </body> </html> Thanks in advance for any help I've been following a tutorial on making a fairly simple login script. It's my first time really playing with php and sticking with it and so far so good. But I can't figure this one out. It's using a fairly simple email activation thing but the activation link isn't working. It echos that it was successful, but the database hasn't been updated at all. I double checked and the ID and activation code are both correct, but the 'group' is still set to 0. Help? <?php $title = "Account Activation"; require_once('header.php'); $id = $_GET['id']; $code = $_GET['code']; if ($id&&$code) { $check = mysql_query("SELECT * FROM users WHERE id='$id' AND actcode='$code'"); $checknum = mysql_num_rows($check); if ($checknum==1) { //activate the account $activate = mysql_query("UPDATE users SET group='1' WHERE id='$id'"); echo("Your account is activated. You may now log in."); require_once "footer.php"; } else echo("Invalid ID or activation code."); require_once "footer.php"; die(); } else echo("Data Missing!"); require_once "footer.php"; die(); require_once "footer.php"; ?> Im not to sure what I have done wrong here, I have tried a few }'s in places incase I have missed one, im still quite new to pdo so im not sure. Can anyone see why it isnt updating the database? Cheers Code: [Select] <?php if ($enemy_hp <= 0) { $sql = "UPDATE game_status SET battle = '1' WHERE id=1"; } else { $sql = "UPDATE game_character SET current_hp = (current_hp-100) WHERE id=1"; $statement = $dbh->prepare($sql); $statement->execute(); } ?> I'm looking to open a custom giftcard shop in which I'll be selling giftcards at 75%-95% of the face value. (I usually buy them off ebay cheap and resell them). I've already got the login system complete by using one I found online. What I'm looking to do now is make the shop section now where I can import a text document with the giftcard #, and Pin number to have them all show up in a list (but have only the first 6 numbers show up and the rest stared out with "***" until purchased, with the option to add each individual one to the cart (checkboxes beside each one). But I want them to be able to buy them with "credits". Credits being a site currency I'd like to be created. I want users to be able to buy these "credits" with the LibertyReserve API. These credits are to be attached to their login until used up. 1 credit = 1$ LR I notice Libertyreserve has a sample shop script: http://www.libertyreserve.com/en/home/downloads , but it doesnt exactly have the credit features and cart features I stated above, however I'm sure can be somewhat useful in coding what I need. Any help would be greatly appreciated, since I have no idea where to start. I'm sure this is basic to some, and well I'm looking to hire someone if they are confident they can complete this quick, otherwise any free feedback would help so much. Here is the site so far... http://www.eliteids.com/lrstore I have a database table of plants, one of chemicals, one of products, one of illnesses. Each table is connected, for example lets say opium poppies. They contain the chemical morphine. Morphine is used in painkiller products. Its used to treat pain and other illnesses. On the opium poppy page, I want to list all the chemicals found in the poppy. All the products (i.e. opium, laudanum) made from the poppy. All the illnesses which are treated with the poppy. Users need to be able to edit this page, and enter chemicals, products or illnesses that are related to this plant. They also need to be able to edit the info on the page.
Making database relations is a pain in the ass with CakePHP. I don't want to waste any more time so I'm thinking maybe making it as a wordpress plugin is the way to go. How would you go about this? Is there an easier way than wordpress, like a better CMS, or framework? If I use wordpress, should I do all the DB interactions with AJAX to avoid having to interact with the DB through wordpress (this gave me massive trouble in the past since I had my data in an external db)?
Hello, I am making a small CMS and I having some trouble with making a dynamic menu. I am wondering for a few days how I should make this menu system. I have the follow MySQL table: Code: [Select] CREATE TABLE `pages` ( `id` int(4) unsigned NOT NULL AUTO_INCREMENT, `time` varchar(10) DEFAULT NULL, `lastby` varchar(2) DEFAULT NULL, `order_id` varchar(2) DEFAULT NULL, `text` text, PRIMARY KEY (`id`) ) ENGINE=InnoDB; Now I would like to have a menu system as following that I make menu's in a menu table with a name and a menu ID and that I could place those pages as parent or as subparent. How could I manage to turn my theory into reality? this is on amensharma.co.uk/testing Code: [Select] <?php $db_link = mysql_connect("amensharma.co.uk","amenshar_admin","amen001"); if (!$db_link) { die('Could not connect: ' . mysql_error()); } $db_selected = mysql_select_db('amenshar_calender', $db_link); if (!$db_selected) { die ('Can\'t use database : ' . mysql_error()); } ?> this is the error it returns Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'amenshar_admin'@'neptune.servers.rbl-mer.misp.co.uk' (using password: YES) in /home/amenshar/public_html/testing/functions/database.php on line 4 Could not connect: Access denied for user 'amenshar_admin'@'neptune.servers.rbl-mer.misp.co.uk' (using password: YES) bit stumped here any help would be great all the details are correct, just confused why im having these errors |
|||||||