PHP - Friend Image - Kinda Linking Database

Hi guys,

I need your help with my php script. On my script, I'm currently working with image where I can hot-link them from another website while it is on protected. when you click right-mouse button on firefox, you could see something like "view page source" which is disabled. when you click on "save page as", you can save the image as "image.php". when you open them, you would not be able to read due to the image but you can find the real image link in image.php where i want to protect them.

here's the currently code:

Code: [Select]
<?php
session_start();
    define('DB_HOST', 'localhost');
    define('DB_USER', 'myusername');
    define('DB_PASSWORD', 'mypassword');
    define('DB_DATABASE', 'mydbname');

$id = (int)$_GET['id'];

$errmsg_arr = array();
$errflag = false;

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
    die('Failed to connect to server: ' . mysql_error());
}

$db = mysql_select_db(DB_DATABASE);
if(!$db) {
    die("Unable to select database");
}   

function clean($var)
{
    return mysql_real_escape_string(strip_tags($var));
}
  $qrytable1="SELECT images FROM image_list WHERE id=$id";
  $result1=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error());

while ($row = mysql_fetch_array($result1)) {
   $image = $row['images'];
   $details = getimagesize($image); 
   header ('Content-Type: ' . image_type_to_mime_type($details[2]));
   echo readfile($image), "<p id='images'>",  $row['images'] . "</p>";
 } 
?>

I guess that there must be a way to protected the url in the php script where i can hide them. It should be easy to modify but I am not sure what line I need to adjust to make it protected.

Can you please help me in what line I need to modify in order to protected the hot-linking in my php?

I have a script to check for duplicate username's on signup.  Even when there is no entry found and the script preforms the update statement, the error will come back indicating the requested name already exists.


#Check to see if requested name already exists
$name = $_POST['name'];
$siteid = $_POST['siteid'];
$checkname = mysql_query("SELECT * FROM projects WHERE url = '$name'");
$founduser = mysql_num_rows($checkname);

if ($founduser != 0) {
echo"$name already exists in the database.  Please select another name";}

if ($founduser == 0) {
mysql_query("UPDATE projects SET url = '$name' WHERE siteid = $siteid"); die; echo"URL updated successfully";}


If I remove the UPDATE statement and simply return an echo statement for each IF statement, everything works fine:


if ($founduser != 0) {
echo"$name already exists in the database.  Please select another name";}

if ($founduser == 0) {
echo"$name is available";}


So what's happening is, when $founduser == 0, the update script preforms just fine and the database is populated correctly, but then the entire script will then re-run itself and find the name that was just entered, resulting in $founduser != 0. 
 

How do I stop the script when it preforms the UPDATE statement?  I tried putting die; in after the UPDATE statement, but the entire script still re-runs itself.  I am pulling my hair out here...

The alias form isn't being read for some reason, with having $alias = $_POST['alias']; i don't quiet understand why this isn't it isn't being picked up as a variable below, any clues? cheers
Code: [Select]
<?php include("header.php"); 
if(isset($_POST['formAlias']) &&
$_POST['formAlias'] == 'Yes') 
{
$alias = $_POST['alias'];
$alias = preg_replace("/[^a-zA-Z0-9_]/", "", $alias);
$namelength = strlen($alias);
if($namelength < 3){
$error1="Your alias must be at least 3 characters!</span></div>";
echo $error1;
}else{
}
$query = sprintf("SELECT COUNT(id) FROM players WHERE UPPER(alias) = UPPER('$alias')",
mysql_real_escape_string($alias));
$result = mysql_query($query);
list($count) = mysql_fetch_row($result);
if($count >= 1) { 
$error1="$alias is already taken.";
echo $error1;
}else{
}
$sql = "updatehereble";
mysql_query($sql) or die(mysql_error());
}else{
}
?>
</p>
<p>
 <input name="alias" type="text" id="alias">
</p>
<form action="alias.php" method="post">
Do you wish to use an alias?
  <input type="checkbox" name="formAlias" value="Yes" />
<input type="submit" name="formSubmit" value="Submit" />
</form>

hope i'm in the right place.

Hello,my name is carlton.
i have a html form i created in dreamweaver cs.
i have the accompanying .php script to forward
user details to the server. i fill in the form,
hit the submit button and nothing appears in
the table i created. the testing server has been
successfully configured the database "babiesnmovies"
is recognized by dreamweaver.
PLS tell me what i'm missing.

below is a copy of the form and the script.

Thank you so much.


//this is the HTML registration web form i created in dreamweaver//

  Code: [Select]
<legend>Parents Contact Information</legend>
      </h3>
      <form id="form1" name="form1" method="PUT" action="babiesnmovies.php">
        <p>
          <label for="babiesnmovies.com/register">Your First Name</label>
          <input type="text" name="yourfirstname" id="babiesnmovies.com/register" />
          <label for="babiesnmovies.com/registered">Your Last Name</label>
          <input type="text" name="yourlastname" id="babiesnmovies.com/registered" />
        </p>
        <label for="babiesnmovies.com/yourname">Your Phone Number</label>
        <input type="text" name="yourphonenumber" id="babiesnmovies.com/yourname" />
        <label for="babiesnmovies.com/email">Your E-mail</label>
        <input type="text" name="youremail" id="babiesnmovies.com/email" />
        </p>
    </form>
        <p>&nbsp;</p>
    <h3>
      <legend>Baby's Vitals</legend>
    </h3>
    <form id="form2" name="form2" method="PUT" action="babiesnmovies.php">
      <p>
        <label for="babiesnmovies.com/baby'slast">Baby's First Name</label>
        <input type="text" name="babysfirstname" id="babiesnmovies.com/baby'sfirst" />
        <label for="babiesnmovies.com/babies">Baby's Middle Name</label>
        <input type="text" name="babysmiddlename" id="babiesnmovies.com/babies" />
      </p>
      <p>
        <label for="babyslastname">Baby's Last Name</label>
        <input type="text" name="babyslastname" id="babyslastname" />
      </p>
      <p>
        <label for="babiesnmovies.com/babybday">Baby's Birthdate</label>
        <input type="text" name="babysbirthdate" id="babiesnmovies.com/babybday" />
        <label for="babiesnmovies.com/babyage">Baby's Age</label>
        <input type="text" name="babysage" id="babiesnmovies.com/babyage" />
       
      </p>
      <p>
        <label for="babiesnmovies.com/baby">Baby's Height</label>
        <input type="text" name="babysheight" id="babiesnmovies.com/baby" />
        <label for="babiesnmovies.com/babyweight">Baby's Weight</label>
        <input type="text" name="babysweight" id="babiesnmovies.com/babyweight" />
      </p>
      <p>
        <label for="babiesnmovies.com/babyeyes">Baby's Eye Color</label>
        <input type="text" name="babyseyecolor" id="babiesnmovies.com/babyeyes" />
        <label for="babiesnmovies.com/babyhair">Baby's Hair Color</label>
        <input type="text" name="babyshaircolor" id="babiesnmovies.com/babyhair" />
      </p>
      <p>
        <label for="babiesnmovies.com/babyrace">Baby's Ethnicity</label>
        <input type="text" name="babysethnicity" id="babiesnmovies.com/babyrace" />
      </p>
      <p><input name="formsubmit" type="submit" value="Submit" />
    </form>
//this is the babiesnmovies.php script//

<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_babiesnmovies = "XXX";
$database_babiesnmovies = "XXX";
$username_babiesnmovies = "XXX";
$password_babiesnmovies = "XXX";
$babiesnmovies = mysql_pconnect($hostname_babiesnmovies, $username_babiesnmovies, $password_babiesnmovies) or trigger_error(mysql_error(),E_USER_ERROR); 


mysql_select_db("db337879506", $con);
 $sql="INSERT INTO register (id, YourFirstName, YourLastName, YourPhoneNumber, YourEmailAddress, BabysFirstName, BabysMiddleName,
 BabysLastName, BabysBirthdate, BabysAge, BabysHeight, BabysWeight, BabysEyeColor, BabysHairColor, BabysEthnicity) values ( 'NULL','$yourfirstname',                  '$yourlastname', '$yourphonenumber', 'youremailaddress', '$babysfirstname', '$babysmiddlename', '$babyslastname', '$babysbirthdate', '$babysage', '$babysheight', '$babysweight', '$babyseyecolor', '$babyshaircolor', '$babysethnicity')";



$yourfirstname = $_POST ['YourFirstName'];
$yourlastname = $_POST ['YourLastName'];
$yourphonenumber = $_POST ['YourPhoneNumber'];
$youremailaddress = $_POST ['YourE-mailAddress'];
$babysfirstname = $_POST ['BabysFirstName'];
$babysmiddlename = $_POST ['BabysMiddleName'];
$babyslastname = $_POST ['BabysLastName'];
$babysbirthdate = $_POST ['BabysBirthdate'];
$babysage = $_POST ['BabysAge'];
$babysheight = $_POST ['BabysHeight'];
$babysweight = $_POST ['BabysWeight'];
$babyseyecolor = $_POST ['BabysEyeColor'];
$babyshaircolor = $_POST ['BabysHairColor'];
$babysethicity = $_POST ['Babys Ethnicity'];

?>


Thank you.

I have a simple tell a friend script that works fine for the moment.  its a simple....




$email = $_POST['email'];



                   { mail("$email","Request","Dear Member,
\n\nbla bla bla bla bla\n\n\n\n"); }


I have an issue now though.  The form now needs to be able to send 5 separate emails to 5 different people.  How would this be done or is this even possible with the code I have?


$email1 = $_POST['email1'];
$email2 = $_POST['email2'];

Hello All,

I'm making a networking script for my cms to allow users to befriend each other, I've got adding each other as friends down, that is no longer an issue.
My issue is displaying friends on a profile page.

Say Matt added Frank, and frank accepted the request, well on Matts page it'll show frank as a friend, but on franks page it won't show Matt as a friend.

My MySQL table has just 4 Rows

id | user_id | friend_id | approved

-id is a primary unique key
-user_id is who sent the reuqest
-friend_id is the id of the user the request was sent to
-approved is the status, 0 for no accepted, 1 for accepted.

On the user profile page, this is the sql query used to generate the friends list

$friends = $db->get_table("SELECT * FROM zxt_friends WHERE user_id = '{$u['id']}' AND approved = '1'");
foreach ($friends AS $friend)
{

$friend['friend_name'] =$zext->user_cache[$friend['friend_id']]['username'];

$avatar = $zext->user_cache[$friend['friend_id']]['avatar'];
        $friend_html = $friend['friend_name'].$avatar;
}


Before I tried using a different sql query, it looked like this:
$friends = $db->get_table("SELECT * FROM zxt_friends WHERE user_id = '{$u['id']}' OR friend_id = '{$u['id']}' AND approved = '1'");

But the approved status was ignored, and it was all kinds of messed up, on my page it would show that Matt is indeed friends with frank, and a member that had not approved the reuqest yet, and on Frank's page it showed that he was a friend with himself when that wasn't even the case.

I've looked at array_push but I can't seem to figure out the query or what I need to add the the loop, any help would be much appreciated.

Thanks, Matt.

I have made a mutual friend system like facebook and it shows all the mutual friends but sometimes it shows it twice because your 2 friends might be friends with one person so it echos the same person twice so i wanna only show the person once and the most repeated should show on the top and the less repeated person should show at bottom!

This topic has done the Monster Mash to MySQL Help.

http://www.phpfreaks.com/forums/index.php?topic=343718.0

Hi everyone,

I built a php site which uses $_GET['id'] to create a page for every picture in a gallery.

I added a Google Friend Connect(http://www.google.com/friendconnect) widget which is suppost to allow ratings and comments on every page but every page is treated as index.php

page examples

http://daroom.info/index.php?id=2053345520104164875S600x600Q85.jpg

http://daroom.info/index.php?id=21.jpg

Does anyone have any solutions to this problem?

Hey everyone,

I'm currently working on a friends online script and i have a slight problem that i need help with.

Basically the code first searches "TBL_Friends" to see if you have any friends added. If it returns results it then turns your friends ID's into a variable. It then searches "TBL_Users_Online" to see if any body is logged based on the friend's ID it returned before. The first bit of the code works and it retrieves all the friends i got added. The second half is odd, if i have one or two friends added it will show that one is online. If i have more then three friends added it returns no results. I know my code is a bit sloppy and probably not the best way of writing it, im still learning PHP.

Anyways this is the code, any help is appreciated.

Code: [Select]
<?php
$FriendsOnline = mysql_query("SELECT Sender_ID FROM TBL_User_Friends WHERE Reciever_ID = $UserID");
while($fo=mysql_fetch_array($FriendsOnline))
{
     $FriendsOnlineID = $fo[Sender_ID];

     $FriendsOnlineNumber = mysql_query("SELECT * FROM TBL_Users_Online WHERE User_ID = $FriendsOnlineID");
     $FriendsNumber = mysql_num_rows($FriendsOnlineNumber);

     echo $FriendsNumber;
}
?>
$SenderID = Friends ID
$Reciever_ID = User ID
$UserID = User ID

Hi, I've read a lot of places that it's not recommended to store binary files in my db.
So instead I'm supposed to upload the image to a directory, and store the link to that directory in database.

First, how would I make a form that uploads the picture to the directory (And what kinda directories are we talking?).

Secondly, how would I retrieve that link? And I guess I should rename the picture..

I'd appreciate any help, or a good tutorial (Haven't found any myself).

Right ive got a user profile that i want a add friend button but i coded a little something what i fort wud work but no luck
<?php
session_start();
include "includes/db_connect.php";
include "includes/functions.php";
include"includes/smile.php";
logincheck();
$username=$_SESSION['username'];
$viewuser=$_GET['viewuser'];

$fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$viewuser'"));
if (!$fetch){
echo "No such user";


$totalf = mysql_num_rows(mysql_query("SELECT * FROM friends WHERE username = '$viewuser' AND active='1'"));

$invite_text="<div>$username Has Sent You A Friend Request<br>
<input name=Yes_Accept type=submit id=yes value=Accept Invite class=abutton>&nbsp;<input name=No_accept type=submit value=Decline Invite class=abutton></div><input type=hidden name=invite_id value=$bar2>";
if (($_GET['fri'])){
$exicst=mysql_query("SELECT * FROM users WHERE username='$viewuser'");
$nums=mysql_num_rows($exicst);
$adding=mysql_fetch_object($exicst);
$already=mysql_num_rows(mysql_query("SELECT * FROM friends WHERE type='Friend' AND person='$viewuser' AND username='$username'"));
if ($already != "0"){
echo "<center><font color=orange><b><br>This user is already your friend.<br><br></font>";
}elseif ($already == "0"){


mysql_query("INSERT INTO `friends` ( `id` , `username` , `person` , `type` , `active`) 
VALUES (
'', '$username', '$viewuser', 'Friend' , '0'
)");
mysql_query("INSERT INTO `friends` ( `id` , `username` , `person` , `type` , `active`) 
VALUES (
'', '$viewuser', '$username', 'Friend' , '0'
)");
mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read`) 
VALUES (
'', '$viewuser', '$username', '$invite_text' , 'Friend Request' , '$date' , '0'
)");
$bar2=mysql_insert_id();
echo "<center><font color=orange><br>Your Friend Invitation Was Sent To $viewuser<br><br></font>";
exit();
}
}}
?>
<a href=?fri=Yes>Add Friend +</a>

It just adds a blank person and comes back with No Such User and Your Friend Invitation Was Sent To

I think ive put some things in the wrong place to be honest but as im not a pro i easily miss things

Hello,
Five images will be displayed inside a division.
There will be a previous and next button/link.
If someone click the next button the next image will be added in that div and the first image will be gone from that div.
The previous button/link will do the same thing.

Is it possible with php?
I am confused if it's a javascript or ajax question.

Thanks.

Im working on a "Friend-request"-script, but something is wrong in my "answer"-script...

See the script below:

Code: [Select]
    if (isset($_POST['submit_ansReq_answer'])) {
   
        $answer = $_POST['ansReq_what'];
        $uid= $_SESSION['userid'];
        $fid= $_POST['fid'];
       
       
        $db=friend_db;
        $dbname=bannaky_basic;
        include('config.php');
       
       
        ///////////// IF ACCEPTED
       
        if ($answer == "acceptReq") {
       
        $reqStat = "YES";
        $reqEcho = "Answered YES";
       
        }
   
        ///////////// ELSE IF DENIED
   
        else if ($answer == "denyReq") {
       
        $reqStat = "NO";
        $reqEcho = "Answered NO";
       
        }
       
        $query = "UPDATE $db SET req_accept='$reqStat' WHERE friend_id='$uid' AND user_id='$fid'";
           
            mysql_query($query);
           
           
            echo "$reqEcho";

If the user hits the Accept-button, everything works fine and is registered in the SQL database. But when hitting the Deny-button nothing happens... I get to the page and $regEcho works, but $reqStat=NO; wont save in the SQL database...

Probably a simple solution to this that im not seeing.... Please help me out before i loose my mind.

Need some help here!

I want to build a friendgroup - I have a full working friendsystem.

My ide is this. I got a list of friends, make a group named Test. Put selected friends in there, make another group and put another friends in there.

Some idees how to do that with prepared statements??

I search for tutorials, but couldn't find any. Any suggestions?

The functions I need is this:

1. Make group
2. Add friend to group
3. Show group with selected friends
4. Rename groups
5. Move friend from one group to another
6. Delete group with all friends inside
7. Delete a empty group
8. Option to search for friends inside a group

Tutorial, free source code - everything would help to solve this mystery !

So far is this the code I made, and didn't work at all

public function create_friendgroup($profileownerid, $friends = NULL, $name)
{

   $sql = "SELECT fg_friends_id FROM friend_groups WHERE fg_member_id = '$profileownerid' LIMIT 1";

      if($stmt = $this->conn->prepare($sql))
      {
         $stmt->execute();
         $stmt->bind_result($friend);
         $stmt->fetch();
         $stmt->close();

      }

   if($friend != null)
      {
         $ua = explode(",", $friend);
         $ua = array_unique($ua);

         foreach ($ua as $u)
         {
         if($u !=NULL && $u !=$profileownerid)
         {
         $oldusers .= "{$u},";
      }   }
   }

$newusers = $profileownerid;
      if ($oldusers != null)
         {
         $newusers .= "," . $oldusers;
         }

$sql = "INSERT INTO friend_groups(fg_member_id,fg_friends_id, fg_name, fg_created_date) VALUES (?,?,?,?)";

$date = date("d-m-Y H:i");
      
      if($stmt = $this->conn->prepare($sql))
      {
         $stmt->bind_param('iiss',$profileownerid,$friends = trim($newusers, ","), $name,$date);
         $stmt->execute();
         $stmt->close();
      }
}







K.F