|
PHP - Checking User Input In Time Range
Hey guys and gals!
This is my first post here and needing a bit of help with my php code! So here is the deal, i have 3 tables in ms sql 2000 which i will be using on this project. i have an employee table that has the regular information such as: TABLE employee( uniqueid, employee_number, lastname, firstname, dob, address, city, state, zip ) TABLE employee_docs( uniqueid, employee_number, doc_type int, date_received, date_issued, date_expired ) TABLE doc_type(uniqueid, description, valid_month) so basically from the employee_doc table, the doc_type column is an int and will have the description of the document as well as valid month column which will tell you how long the document type is valid until. the Description gives a brief description of what the product is. The uniqueid is used as what ever number is chose from the employee_docs table will represent the document type from table doc_type. ok so now that i gave a brief explanation of the tables i am working with, I can tell you what i need. i need a php page that will display: employee number, lastname, firstname, doc_type, date_received, date_issued, date_expired. Code: [Select] select pn.empnum as employeeid, (pn.lastname + ', ' + pn.firstname)as [Full Name], dt.description as doc_type, formatDate(pd.received) as [Date Received], formatDate(pd.expired)as [Date Expired], formatDate(pd.issued) as [Date In Service] from personnel_document pd left join document_types dt on (dt.uniqueid = pd.doc_type) left join personnel pn on (pd.empnum = pn.empnum) where pd.empnum = '$EmpNum' now, I went ahead and did this for the html part: Code: [Select] <table border=0> <tr> <td height=20px weight=1px valign=bottom><span class=underline>DESCRIPTION</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE RECEIVED</span></td> <td height=20px weight=1px valign=bottom><span class=underline>LICENSE NUMBER</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE IN SERVICE</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE EXPIRED</span></td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PHYSICAL EXAM</span></td> <td valign=top><input class=demog_box type=text size=10 name= phexam_dr id=phexam_dr onBlur= 'formatDate(this)' value='<?php echo $phexam_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ln id=phexam_ln onBlur='formatDate(this)' value='<?php echo $phexam_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_is id=phexam_is onBlur= 'formatDate(this)' value='<?php echo $phexam_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ex id=phexam_ex onBlur='formatDate(this)' value='<?php echo $phexam_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name= prolic_dr id=prolic_dr onBlur='formatDate(this)' value='<?php echo $prolic_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ln id=prolic_ln onBlur='formatDate(this)' value='<?php echo $prolic_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_is id=prolic_is onBlur='formatDate(this)' value='<?php echo $prolic_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ex id=prolic_ex onBlur='formatDate(this)' value='<?php echo $prolic_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL INSURANCE</span></td> <td valign=top><input class=demog_box type=text size=10 name= proins_dr id=proins_dr onBlur='formatDate(this)' value='<?php echo $proins_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ln id=proins_ln onBlur='formatDate(this)' value='<?php echo $proins_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_is id=proins_is onBlur='formatDate(this)' value='<?php echo $proins_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ex id=proins_ex onBlur='formatDate(this)' value='<?php echo $proins_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>DRIVER'S LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name=dl_dr id=dl_dr onBlur='formatDate(this)' value='<?php echo $dl_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ln id=dl_ln onBlur='formatDate(this)' value='<?php echo $dl_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_is id=dl_is onBlur='formatDate(this)' value='<?php echo $dl_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ex id=dl_ex onBlur='formatDate(this)' value='<?php echo $dl_ex; ?>'> </td> </tr> <tr> </tr> <tr> </table> I am now doing the the sql statement to insert into my db but i am stuck. i basically want to get the information that the user enters for each field and save it on the employees profile. $querydoc = "update personnel_document set empnum = '$EmpNum' , doc_type = ???, date_received = ????, date_expired = ????, date issued = ??? where empnum = '$EmpNum' "; The problem is that since each description has a different variable im not sure how to update it.... would I have to create a new update for each description? also I hard coded the name of each description but i believe it is better if i echo the description name from the db as i cant use taht as the doc_type... i am pretty confused, if anyone has a better way of doing this i would really appreciate it! eventually i also want to make sure that the description is expired to to with the fields I have there and promp the user of something that is expired. Once again, any help given is much appreciated!!! Similar TutorialsSet up: * XAMPP 1.7.3 * Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l * MySQL 5.1.41 + PBXT engine * PHP 5.3.1 * phpMyAdmin 3.2.4 * Perl 5.10.1 * FileZilla FTP Server 0.9.33 * Mercury Mail Transport System 4.72 I'm trying to set up a multipage registration script. It's tuff! I've set up some basic scripts to distribute variables into the correct tables from previous forms using a session. But I want the script to check the input from form one is valid before it moves on to form 2. Here are my scripts: form 1: <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form2.php" method="post"> <table> <tr> <td><label for="name">Username:</label></td> <td><input type="text" name="name" id="name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="password">Password:</label></td> <td><input type="password" name="password" id="password" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="first_name">First name:</label></td> <td><input type="text" name="first_name" id="first_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="last_name">Last name:</label></td> <td><input type="text" name="last_name" id="last_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="email">Email:</label></td> <td><input type="text" name="email" id="email" size="20" maxlength="50" value=""/></td> </tr><tr> <td><label for="address">Address:</label></td> <td><input type="text" name="address" id="address" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="city">City/Town:</label></td> <td><input type="text" name="city" id="city" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="county">County:</label></td> <td><input type="text" name="county" id="county" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="post">Postcode:</label></td> <td><input type="text" name="post" id="post" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="home">Home Number:</label></td> <td><input type="text" name="home" id="home" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="mobile">Mobile:</label></td> <td><input type="text" name="mobile" id="mobile" size="20" maxlength="20" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> Form 2: <?php //let's start the session session_start(); //now, let's register our session variables session_register('name'); session_register('password'); session_register('first_name'); session_register('last_name'); session_register('email'); session_register('address'); session_register('city'); session_register('county'); session_register('post'); session_register('home'); session_register('mobile'); //finally, let's store our posted values in the session variables $_SESSION['name'] = $_POST['name']; $_SESSION['password'] = $_POST['password']; $_SESSION['first_name'] = $_POST['first_name']; $_SESSION['last_name'] = $_POST['last_name']; $_SESSION['email'] = $_POST['email']; $_SESSION['address'] = $_POST['address']; $_SESSION['city'] = $_POST['city']; $_SESSION['county'] = $_POST['county']; $_SESSION['post'] = $_POST['post']; $_SESSION['home'] = $_POST['home']; $_SESSION['mobile'] = $_POST['mobile']; ?> <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form3.php" method="post"> <table> <tr> <td><label for="bio">Biography:</label></td> <td><input type="text" name="bio" id="bio" size="400" maxlength="500" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> I've also got form3.php and process_forms.php(that's where I mysql_real_escape_string and input the data) but that's probably not relevant. How would I get this to work? Are there any sites I should look at that you'd recommend? Any help appreciated. i have the below code which i wrote this monring, for some reason when i assign $date to fetch data from my database i just get the echo of "You had an Error" yet if i manually assign $date as the following it works: Code: [Select] $date = strtotime("2011-09-20"); i have it set exactly the same in the database cus if i echo $date i get: Code: [Select] 2011-09-20 whats going on? date in php is a cruel function to play around with.. here is my code: Code: [Select] <?php // Query the DB to fetch all data where member_id matches that set in session $reminder = mysql_query("SELECT * FROM `reminders` WHERE member_id=$_SESSION[SESS_MEMBER_ID]") or die(mysql_error()); //While Loop the results while($fetch = mysql_fetch_array( $reminder )) { // Start date (TODAY!) $s_date = strtotime("now"); // End Date (+7 days from today) $e_date = strtotime("+1 week"); // Fetches Date stamp from "reminderDate" row in DB $date = $fetch['reminderDate']; // Checks if the date is between 2 ranges set above if($date > $s_date && $date < $e_date) //Echo The Results { echo "<div class='notification error png_bg'><a href='#' class='close'><img src='img/cross_grey_small.png' title='Close this notification' alt='close' /></a><div>Custom Error Notification BOX!</div></div>"; } else { echo "You had an Error"; //echo $date; // TEST that date outputs datestamp "2011-09-02" } //END LOOP } ?> I can not get the below to work: if(time() < strtotime("11/21/2011 3:30AM EST") && time() > strtotime("11/21/2011 2:30PM EST")) It should be evaluating to true between 3:30 AM and 2:30 PM EST for today. Now that it's past 2:30PM it should be evaluating to false, but it's coming up as true. Edit: Nevermind. Cache/Cookies Issue. Hi Folks, I'm creating an equipment reservation system for a client. Every reservation has an equipmentID, ReservationDate, StartTime, EndTime. So, basically my script searches existing records for a given date and EquipmentID. I'm having trouble with how best to approach validation on new reservations to ensure there are no conflicts. Lets say two existing reservations for a given date/equipment are found. One reservation has a startTime of 8AM and endTime of 9AM. The second has a startTime of 12PM and endTime of 3PM. Is there a simple way to check if the user's submitted values for StartTime and EndTime conflict with existing reservations? Any input would be greatly appreciated! Thanks! -John I need to query a database for a starting time for a meeting, and if the start time is at 7pm, I need to allow access to a page from 6pm til 11pm. Not a problem. The problem lies when the ending time (4 hours after the start time) crosses over to a new day. Here's what I have: Code: [Select] <?php elseif ($row['meeting'] == "7:00pm") { $starthour = 18; $endhour = 23; } elseif ($row['meeting'] == "8:00pm") { $starthour = 19; $endhour = 0; } if ($thishour <= $endhour && $thishour >= $starthour) { include "meeting_ok.php"; } else { echo "Meeting room is unavailable at this time...."; } ?> The "0" for endhour is throwing things off. How should I best account for a new day? Thanks! So basically I have a site, and on that site, I have a page that submits a form and updates a database. I have it set up so that someone can enter in Multiple values into a textarea, one on each line, and it will submit each of those values as a new row in the database, but for the life of me, I cannot figure out how to check those values against the actual users. It is basically a point system, where the staff can award points users of the site. But at the moment, a Staff member could enter in Jibberish, and it would insert that into the database, but I want it to check my users table to make sure the user exists before it inserts it into the database. here is my code: <?php include 'global.php'; echo $headersidebar; if ($_COOKIE['access'] == $accessstaff) { if(count($_POST)) { $array = preg_split('/(\r?\n)+/', $_POST['studentname']); foreach($array as $students) { $statusmsg = '<center><span style="background: #A6FF9E;">You have successfully submitted points to the database.</span></center>'; mysql_query("INSERT INTO points (giver, receiver, points, category, reason, date, status) VALUES ('{$_COOKIE['username']}', '{$students}', '{$_POST['pointamt']}', '{$_POST['pointcat']}', '{$_POST['pointreason']}', '{$date}', 'Validating')"); } } $addpointspage = $statusmsg . ' <form action="submit_points.php" method="post"> <table class="table" > <tr> <td colspan="10"> <h1><strong><center>Submit Points</center></strong></h1> </td> </tr> <tr> <td colspan="10" rowspan="100"> <center>Please remember to follow the house point limits when submitting house points.</center> </td> </tr> </table> <table class="table"> <tr> <td style="width: 15%;" valign="top"> Student Name:<br> <span style="font-size: 60%;">(List as many as you want; One per Line)</span> </td> <td colspan="10"> <center><textarea name="studentname" cols="60" rows="10"></textarea></center> </td> </tr> <tr> <td style="width: 15%;" valign="top"> Amount of Points: </td> <td> <input style="position: relative; left: 16px;" type="text" size="15" name="pointamt" /> </td> <td> Do not put anything that is not a number into this box. </td> </tr> <tr> <td style="width: 15%;" valign="top"> Point Category: </td> <td colspan="10"> <select name="pointcat" style="position: relative; left: 16px;"> <option SELECTED value="">-------</option> <option>Class Work</option> <option>Class Exam</option> <option>Extra Work</option> <option>Contests</option> <option>Teacher\'s Assistant</option> <option>Negative Points</option> </select> </td> </tr> <tr> <td style="width: 15%;" valign="top"> Reason: </td> <td colspan="10"> <input style="position: relative; left: 16px;" name="pointreason" type="text" size="80" /> </td> </tr> <tr> <td> </td> <td colspan="10"> <input style="position: relative; left: 16px;" type="submit" value="Submit Points" /> </td> </tr> </table </form> '; } elseif (1==1) { $addpointspage = $accessdenied; } echo ' <!-- start content --> <div id="content"> <div class="post"> <div class="entry"> <p><strong>' . $addpointspage . '</p> <p class="links">' . $addpointslink . '</p> </div> </div> </div> <!-- end content --> <div style="clear: both;"> </div> </div> <!-- end page --> </div>'; echo $footer; ?> I am fairly new to PHP, so I would appreciate any help someone could give me; I am not too good with arrays and such, so this one has got me stumped. Hi! I have this to check if now is between start time and end time: [date_default_timezone_set('Europe/Belgrade'); $TimeNow = date("H:i" ,time()); $today_date = date('d-m-y'); $GetTimeTable = "SELECT * FROM timetable WHERE username='$username' AND Subject_date='$today_date'"; $ConnectTimeTable = $database->query($GetTimeTable); $TimeTable = mysql_fetch_array($ConnectTimeTable); $Subject = $TimeTable['Subject']; $Start_time = $TimeTable['Start_Time']; $End_time = $TimeTable['End_Time']; ?><br><? if($TimeNow >= $Start_time && $TimeNow <= $End_time){ echo "Current Class: "; echo $Subject; echo "<br><br>"; // a START time value $start = $TimeNow; // an END time value $end = $End_time; // what is the time difference between $end and $start? if( $diff=@get_time_difference($start, $end) ) { echo "Time left: " . sprintf( '%02d:%02d', $diff['hours'], $diff['minutes'] ); } else { echo "Hours: Error"; } } else{ echo "No class. :)"; } Start time and end time is displayed in the format like 14:26. For some reason this code doesn't work though, I don't get why. Hi i have a simple script that functions perfect and easy but i am looking for a way to secure it a little
is there any way for me to create a simple user checking system ?
i have a mysql db with both usernames and passwords
is there any way to get the username and password from a get comand in the url and check the db to see if they exist and if they do run the rest of my code and if not throw access denied ?
i know this is not 100% secure but i its how i want it to be done
could anyone help me with this ?
I am trying to check for an admin user to access the admin panel. I have been playing around try different things and this what I have ended up with in my database table I have a column called usergroup and i do the follow to check for admin user. Code: [Select] $checkAdmin = mysql_query("SELECT * FROM `users` WHERE email='$email' , usergroup = 'admin'"); $adminUser = mysql_num_rows($checkAdmin); if ($adminUser == 0) { echo count($adminUser); die ('You do not have permissions to access this area'); } I do the select statement through phpmyadmin and it comes back with one row. which is basically hat i want to check for. I do have a variable called $email which is getting a value from the email cookie. currently $adminUser Return a value of 10. All of the count() functions is for testing purposes only. This code logs the user in with the correct user_email, user_pwd, and active=1. A '0' is inserted into the active column of the users table during registration. I need help checking if active=0 then flash_warning('User account not activated'). login_user.php Code: [Select] <?php include(MODEL_PATH.'user.php'); switch ($route['view']){ case "login_user": if(login($params['user']['user_email'], $params['user']['user_pwd'])) { flash_notice('You are logged in!'); redirect_to(''); } else { flash_warning('Username or password is invalid!'); $route['view'] = 'login'; } break; }user.php Code: [Select] <?php session_start(); function login($username, $password) { db_connect_posts(); $query = sprintf("SELECT * FROM users WHERE user_email = '%s' AND user_pwd = '%s' AND active = '1'" , mysql_real_escape_string($username), md5($password) ); $result = mysql_query($query); $number_of_posts = mysql_num_rows($result); if($number_of_posts == 0) { return false; } $row = mysql_fetch_array($result); $_SESSION['user'] = $row; return true; } ?>Login form Code: [Select] <form action="<?php echo '/'.APP_ROOT.'/'; ?>sessions/login_user" method="post"> <fieldset> <legend>Login</legend> <div> <label>E-mail</label> <input name="user[user_email]" size="40" type="text" /> </div> <div> <label>Password</label> <input name="user[user_pwd]" size="40" type="password" /> </div> <input type="submit" value="Login" /> </fieldset> </form> This is something that has intrigued me, that has only recently surfaced when viewing the forum. Which of the following methods of authenticating that a user exists would be better/faster/ect? Example 1 - Fetching Row Data <?PHP $username = 'LoserVille'; $password = 'password'; $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'"); $myQuery = mysql_fetch_assoc($myQuery); if($myQuery) { /*### User Exists ###*/ } else { /*### User Does Not Exist ###*/ } ?> Example 2 - Fetching Number of Results <?PHP $username = 'LoserVille'; $password = 'password'; $myQuery = mysql_query("SELECT account_id FROM user_accounts WHERE username = '$username' AND password = '$password'"); $myQuery = mysql_num_rows($myQuery); if($myQuery >= 1) { /*### User Exists ###*/ } else { /*### User Does Not Exist ###*/ } ?> Just looking for some insight, not really a problem Regards, PaulRyan. I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload. If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file". When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say: if ($duplicate==0) instead of: if ($duplicate!=0) but it always shows the same error. Any ideas of what could be wrong with my code? my sql table looks like: Field Type Null id int(11) No userid int(11) No artist varchar(50) No title varchar(50) No file varchar(2083) No uploaded varchar(3) No Code: <?php session_start(); if (isset($_SESSION['username'])){ $username = $_SESSION['username']; $submit = $_POST['submit']; include_once('inc/connect.php'); $uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); $uploadrow = mysql_fetch_assoc($uploadsql); $userid = $uploadrow['id']; $folder = "sheets/fromusers/"; if (isset($submit)){ // Name of file $name = $_FILES["location"]["name"]; // Type of file (video/avi) or image/jpg, etc $type = $_FILES["location"]["type"]; //size of file $size = $_FILES["location"]["size"]; //stores file in a temporary location $temp = $_FILES["location"]["tmp_name"]; // if there is an error $error = $_FILES["location"]["error"]; $artist = strtolower($_POST['artist']); $title = strtolower($_POST['title']); // Check if fields are filled in if($artist&&$title){ if ($error > 0) { $sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>"; } else { // Determine the extension of the file // If file is This File.pdf // Then $ext is now equal to pdf $ext = strtolower(substr($name, strrpos($name, '.') + 1)); if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png") { if ($size <= 26214400) // If size <= 25 megabytes { $duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'"); $duplicate = mysql_num_rows($duplicatecheck); if ($duplicate!=0){ $sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>"; } else{ $sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')"); move_uploaded_file($temp, $folder.$name); $success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>"; } } else{ $sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>"; } } else { $sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>"; } } } else{ $sheeterror = "<div id='messageerror'>Fill In All Fields</div>"; } } } else{ $sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>"; } ?> <html> <head> <title>Add Sheet</title> <style> #container{ width: 350px; height: 150px; margin-left: auto; margin-right: auto; background-color: #cccccc; } #formhold{ width: 300px; text-align: right; margin-right: auto; } #messagesuccess{ background-color: #66CD00; width: 350px; margin-left: auto; margin-right: auto; } #messageerror{ background-color: #ff2211; width: 350px; margin-left: auto; margin-right: auto; } </style> </head> <body OnLoad="document.newsheet.artist.focus();"> <?php include_once('inc/nav.php'); ?> <center> <h1>Add Sheet</h1> <br /> <div id="container"> <br /> <div id="formhold"> <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data"> Artist: <input type="text" name="artist" size="30"><br /> Title: <input type="text" name="title" size="30"><br /> Sheet: <input type="file" name="location" size="17"><br /> </div> <center><input type="submit" name="submit" value="Submit"></center> </form> </div> <div id="bottomcont"> <?php echo $success, $sheeterror; ?> </div> </center> </body> </html> Hi, I'm trying to figure out the best way to determine if a user is currently downloading a file from my website. The way my site works, is the user waits 30 seconds and views an ad. After the timer is up the download becomes available. I heard that I could probably use a timestamp or something of the sort. I've read up on it but not sure how I could go about this. Hi Guys, This should be a simple one. I am looking for the best way to ensure that any illegal characters are removed from an input. I have a user registration form and login page. What I want to do is prevent against sql injection and therefore should be limiting the characters that can be entered. For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc... My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance?? Cheers Below I am checking a user level and if they are level one they see some of the form, and if level two they see additional options. What they have already filled out is to show in the text field. Before I was doing the user level check it worked fine. Even now if something is put in a field it saves in the DB but it will not show in the fields on the form. // Everyone sees <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldA']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['FieldB']; ?>"> </tr> // Check if level two and display if they are. <?php } if (checkUser()) { ?> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num1']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num2']; ?>"> </tr> <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num3']; ?>"> </tr> <?php } ?> // Additional things everyone sees even level one. <tr> <td><input name="" type="text" id="" value="<?php echo $row_settings['num4']; ?>"> </tr> <tr> So even <?php echo $row_settings['num4']; ?> will not show/work after the <?php } ?> Any thoughts? Thanks in advance everyone. This topic has been moved to Other. http://www.phpfreaks.com/forums/index.php?topic=318815.0 Hey guys! I'm pretty new to php and starting work on a project, the first part I'm working on is a html page with text fields like this: Quote URL: Dropdown box: Submit when the submit happens I want it to post to a php page, parse whatever is inside a set of <h2> tags and print it to to the php page, also the user selects four options from the dropdown box and I need to print the string contained in the selection to the next page as well, As I said I'm pretty new but here's what i threw together so far based on references I found, but it doesn't work correctly: parse.html: Code: [Select] <html> <body> <form action="parse.php" method="post"> URL: <input type="text" name="turl" /> <br> Option: <select name="selectskill"> <option value="1">Low</option> <option value="2">Mid</option> <option value="3">High</option> <option value="4">Known</option> </select> <br> <br> <input type="submit" /> </form> </body> </html> parse.php: Code: [Select] <html> <head></head> <body> <?php $lol = $_POST["turl"]; $str = file_get_contents($lol); $DOM = new DOMDocument; $DOM->loadHTML($str); // Grab text inside the heading 2 tags $items = $DOM->getElementsByTagName('h2'); echo "option: " . $lol; // Display the content inside the second set of H2 tags echo $items->item(1)->nodeValue . "<br/>"; ?> </body> </head> </html> Thanks for all the help in advance! I appreciate your help guys. I was able to do something to the code. Now it looks like this: <?php include "include/dbc.php"; include "include/header.inc"; ?> <script type="text/javascript"> <!--Hide Code // Function Statements //Function to confirm submit function confirmSubmit() { var submitform = window.confirm("Are you sure you want to submit the activities?"); if (submitform == true) return validateForm(); return false; } // End Hide--> </script> <style type="text/css"> .mydate{ color:#00F; text-decoration:underline; cursor:pointer; } </style> <script type="text/javascript"> function displayDate(d){ var date=new Date(); var D=date.getDate(); date.setDate(D+d); var YYYY=date.getFullYear(); var MM=date.getMonth()+1; MM<10?MM='0'+MM:null; var DD=date.getDate(); DD<10?DD='0'+DD:null; var span=document.getElementById('date'); span.innerHTML= 'Entries for '+MM+'/'+DD+'/'+YYYY; } onload=function(){displayDate(0)}; </script> <h1>Food Diary</h1> <div class="full"> <center><div><span class="mydate" onclick="displayDate(-1)"><img src="images/left_arrow.png" border="0">Yesterday</span> <span id="date" style="font-size:2em;"></span> <span class="mydate" onclick="displayDate(1)">Tomorrow<img src="images/right_arrow.png" border="0"></span></div><br /> <a href="#" onclick="displayDate(0);return false;">Today</a> </center> <div class="full"> <form name="exercise" id="exercise" method="GET" action=""> <center><table> <tr> <td><h3>Add an Activity</h3></td> </tr> <tr> <td><input name="NewSearchString" style="width: 100px" type="text"/> <input type="submit" value="Search" /> </td> </tr> <tr> <td> <select name="activity"> <option value="_">Activity Browse...</option> <option value="all">All Activities</option> <option value="biking">Biking</option> <option value="condition">Conditioning</option> <option value="dancing">Dancing</option> <option value="fish">Fishing & Hunting</option> <option value="Home">Home Activities</option> <option value="misc">Miscellaneous</option> <option value="music">Music Playing</option> <option value="occupation">Occupation</option> <option value="running">Running</option> <option value="sports">Sports</option> <option value="walking">Walking</option> <option value="water">Water Activities</option> <option value="winter">Winter Activities</option> </select> <input type="submit" value="Submit" /></td></tr></table></center></form> </td> </tr> </table> </center> <table width="100%"> <tr bgcolor="#66CC33"> <td><div>Activity</div></td> <td><div>Specific Activity</div></td> <td><div>Time (hh:mm)</div></td> <td><div>Distance</div></td> <td><div>Units</div></td> </tr> <tr bgcolor="#66CC33"> <td><div></div></td> <td><div></div></td> <td><div></div></td> <td><div class="Float"></div></td> <td class="cp_Distance"><div></div></td> </tr> <?php if(isset($_GET[activity])) { $category=$_GET[activity]; $result = mysql_query("SELECT * FROM exercise WHERE type='$category'"); ?> <form action="add_activity.php" method="POST"> <?php while($row = mysql_fetch_array($result)) { echo '<tr><td><div>'.$row[Type].'</div></td>'; echo '<td><div>'.$row[Name].'<input type="hidden" name="exerciseid" value="'.$row[Name].'"></div></td>'; echo '<td><div><input type="text" name="duration['.$row['Name'].']"></div></td>'; echo '<td><div><input type="text" name="distance['.$row['Name'].']"></div></td>'; echo '<td><div><select> <option value="mile" name="mile">mile</option> <option value="Km" name="Km">km</option> <option value="M" name="M">m</option> <option value="Yard" name="yard">yrd</option> <option value="Feet" name="feet">ft</option> </select></div></td></tr>'; } mysql_close(); ?> <tr><td colspan="6" align="center"><input type="submit" name="submit" value="Add Activities"></td></tr> </form> <?php } ?> <tr bgcolor="#66CC33"> <td><div></div></td> <td><div></div></td> <td><div></div></td> <td><div class="Float"></div></td> <td class="cp_Distance"><div></div></td> </tr></table> This somewhat works. The problem is that this code passes all the activities to the second page, where the output looks like this: Array ( [exerciseid] => Hunting, general [duration] => Array ( [Fishing from boat, sitting] => 20 [Fishing from river bank, standing] => [Fishing in stream, in waders] => [Fishing, general] => [Fishing, ice, sitting] => [Hunting, general] => ) [distance] => Array ( [Fishing from boat, sitting] => 25 [Fishing from river bank, standing] => [Fishing in stream, in waders] => [Fishing, general] => [Fishing, ice, sitting] => [Hunting, general] => ) [submit] => Add Activities ) Is there a way I can pass what the user input instead of passing everything (form validation maybe?) Hi, what is they best way to validate user input of strings? A couple of examples would be : 1> If i wanted to check for the existance on the coma ',' character in a string and replace it with a dash '-' character? 2> To check wether a user has entered a valid ip address in the form of x.x.x.x where x can range from 0-255? I think i may need ereg/preg to do this but i have no idea about how to layout the syntax. Thanks for looking. OK so i have a textfield and i have everything going to the database and then displaying on the page. Now is there a way to display code on the page but disable it from executing? There are some break tags in there so i would still like them to be executed on the page. |
|||||||