|
PHP - Double Delete Verification
How do I apply double delete verification?
Right now I have... Code: [Select] if (isset($_POST['delete'])) { if(is_array($_POST['delete'])) { $keys = array_keys($_POST['delete']); $id = $keys[0]; $sql = "DELETE FROM `blog_posts` WHERE `post_id` = '$id'"; header("Location: " . $_SERVER['php_self'] . "?" . $_SERVER['query_string'] ); } } if(isset($sql) && !empty($sql)) { mysql_query($sql) or die(mysql_error()); } which deletes the query great, but I want some box to pop up saying, are you sure you want to delete this post? I'm not sure how to create this verification. Similar TutorialsHi all. Here is my scripts which allow user to check multiple rows of data and delete it , but it require select data and click for twice to delete the rows , what should be the error? Code: [Select] <form name="frmSearch" method="post" action="insert-add.php"> <table width="600" border="1"> <tr> <th width="50"> <div align="center">#</div></th> <th width="91"> <div align="center">ID </div></th> <th width="198"> <div align="center">First Name </div></th> <th width="198"> <div align="center">Last Name </div></th> <th width="250"> <div align="center">Mobile Company </div></th> <th width="100"> <div align="center">Cell </div></th> <th width="100"> <div align="center">Workphone </div></th> <th width="100"> <div align="center">Group </div></th> </tr> </form> <? echo "<form name='form1' method='post' action=''>"; while($objResult = mysql_fetch_array($objQuery)) { echo "<tr>"; echo "<td align='center'><input name=\"checkbox[]\" type=\"checkbox\" id=\"checkbox[]\" value=\"$objResult[addedrec_ID]\"></td>"; echo "<td>$objResult[addedrec_ID] </td>"; echo "<td>$objResult[FirstName]</td>"; echo "<td>$objResult[LastName] </td>"; echo "<td>$objResult[MobileCompany] </td>"; echo "<td>$objResult[Cell] </td>"; echo "<td>$objResult[WorkPhone] </td>"; echo "<td>$objResult[Custgroup] </td>"; echo "</tr>"; } echo "<td colspan='7' align='center'><input name=\"delete\" type=\"submit\" id=\"delete\" value=\"Delete\">"; if (isset($_POST['delete']) && isset($_POST['checkbox'])) // from button name="delete" { $checkbox = ($_POST['checkbox']); //from name="checkbox[]" $countCheck = count($_POST['checkbox']); for($d=0;$d<$countCheck;$d++) { $del_id = $checkbox[$d]; $sql = "DELETE from UserAddedRecord where addedrec_ID = $del_id"; $result2=mysql_query($sql) or trigger_error(mysql_error());;; } if($result2) { $fgmembersite->GetSelfScript(); } else { echo "Error: ".mysql_error(); } } echo "</form>"; Thanks for every reply. <body> <?php
include 'sql.php';
$query = "SELECT * FROM validation";
$result = mysqli_query($con , $query);
$rows = mysqli_fetch_assoc($result) ;
$totals = mysqli_num_rows($result) ;
?>
<div id="css">
<form >
<table width="80%" border="0" cellpadding="2" cellspacing="2" >
<caption><h2>Personal Details of Customers</h2></caption>
<tr class="white">
<td bgcolor="#330033"> </td>
<td bgcolor="#330033"> Id Number </td>
<td bgcolor="#330033"> Full Name </td>
<td bgcolor="#330033"> Email Address </td>
<td bgcolor="#330033"> Website </td>
<td bgcolor="#330033"> Comment </td>
<td bgcolor="#330033"> Time </td>
</tr>
<?php while($rows=mysqli_fetch_assoc($result)
{
<tr>
<input type="raido" name="ID" value="<?php echo $rows['ID']; ?>" />
<td bgcolor="#FFFFCC"><?php echo $rows['ID'];?></td>
<td bgcolor="#FFFFCC"><?php echo $rows['Name'];?> </td>
<td bgcolor="#FFFFCC"><?php echo $rows['Email'];?></td>
<td bgcolor="#FFFFCC"><?php echo $rows['Website'];?></td>
<td bgcolor="#FFFFCC"><?php echo $rows['Comment'];?></td>
<td bgcolor="#FFFFCC"><?php echo $rows['Time'];?></td>
<td> </td>
<td> <a href="delete.php? ID= "$rows[ID]" /"> <input type="submit" name="del" value="Delete" /> </a> <input type="button" name= "edit" value="Edit" /> </td>
</tr>
}
?></table> </form> </div> </body> Hi,
I wish to find out is there any possible that I can delete some data inside my php website but inside my sql database, the record will still at there?
Thank you.
I'm trying to set it so that it will delete an entire populated directory based upon a value in the database then after finishing that to go back and delete that row in the database. my current code is Code: [Select] <?php $page_title = "Central Valley LLC | Photo Addition" ?> <?php include("header.php"); ?> <?php include("nav.html"); ?> <div id="content"> <form action="delprod.php" method="post" enctype="multipart/form-data"> <label for="which">Choose A Product To Remove:</label> <?php $con = mysql_connect("localhost","phoenixi_cv","centraladmin"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("phoenixi_cvproducts", $con); $result = mysql_query("SELECT * FROM Products"); echo "<select name=\"which\">"; while($row = mysql_fetch_array($result)) { echo "<option "; echo "value=\"" . $row['id'] . "\">"; echo $row['Name'] . "</option>"; } echo "</select>"; mysql_close($con); ?> <br /> <input type="submit" name="submit" value="Submit" /> </form> </div><!--#content--> <?php include("footer.html") ?> and the delete script Code: [Select] <?php $con = mysql_connect("localhost","phoenixi_cv","centraladmin"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("phoenixi_cvproducts", $con); $result = mysql_query("SELECT id FROM Products WHERE id=$_POST['which']"); $row = mysql_fetch_array($result) chdir('assets'); chdir('images'); $mydir = $row . '/'; $d = dir($mydir); while($entry = $d->read()) { if($entry!="." && $entry!="..") { unlink($_POST['which'] . '/' . $entry); } } rmdir($mydir); $result = mysql_query("DELETE * FROM Producs WHERE id=$_POST['which']"); ?> Thank you in advance for all your help. any easier ways of approaching this will be welcome as well Okay, so I'm pretty new to jQuery but I am pretty experienced with PHP. I am about to begin coding a script written mostly in jQuery. It will use AJAX to verify that an article tag a user provides exists in a database. When a user goes to write an article on my website, my form will ask them to add keyword tags which will be used in searches. Basically only admins will be allowed to create new tags, so this is why I check the tags first. And also to prevent duplicates and similar tag entries in the database.
The form will have a single input that the user will use to search for a tag. Once the user hits the enter key, it will search the database for tags that already exist. Once the ajax is complete, a list of related tags will pop up and the user will be able to select their desired tag by either clicking the tag link in the list or by pressing enter.
This is a very crude demonstration of what my idea is.
Hi guys. I'm using php to randomly generate a simple math verification question. But, I'm having a hard time validating the input. Can someone please tell me what I'm doing wrong? Thank you } else if(trim($verify) != $_SESSION['UserData']['Math'][0]+$_SESSION['UserData']['Math'][1]){ $error = '<div class="error_message">Attention! The verification number you entered is incorrect.</div>'; } <?php echo "<span class='label'><span class='required'>*</span>What is ".$_SESSION['UserData']['Math'][0]." + ".$_SESSION['UserData']['Math'][1]."?</span> "; ?> <input name="verify" type="text" id="verify" size="3" value="<?=$verify;?>" /><br /><br /> I am about to build a site for a liqueur brand and have to create a simple screen that asks if the user is of the right age. This does not have to be linked to a credit card, just a simple yes or no screen. I am thinking this would probably be done via a cookie, but I am not sure. Somehow it would have to work where it gets checked each time anyone goes to the site, regardless of the entry point. So for example it would get checked on mydomain.com, but also on mydomain.com/about, or mydomain.com/somethingelse. The yes or no screen would of course only show the first time the user came to site. Via what technology would I do this? Cookie? Can cookies have an expiration date? I would love some comments or direction on how this is done best. Thanks a lot! Hi - I'm fairly new to php and am working a lot off of old page created before me and modifying them. I have to do an age verification page for an alcoholic beverage client (has to be 21+) and I'm having problems with the script actually redirecting correctly based on the birthdate entered. I have a html page with a form that calls this php file. Here is the php script I'm trying to get working: <?php $age = $_POST['year']; if($age > 1990) { header('Location: http://www.underagelink.com'); exit; } else { header('Location: http://legalagelink.com'); exit; } ?> Thanks! How to remove the verification code here,i mean the captcha... <?php session_start(); if ($_POST['Submit'] == 'Send') { if (strcmp(md5($_POST['user_code']),$_SESSION['ckey'])) { header("Location: sendmail.php?msg=ERROR: Invalid Verification Code"); exit(); } $to = $_POST['toemail']; $subject = $_POST['subject']; $message = $_POST['message']; $fromemail = $_POST['fromemail']; $fromname = $_POST['fromname']; $lt= '<'; $gt= '>'; $sp= ' '; $from= 'From:'; $headers = $from.$fromname.$sp.$lt.$fromemail.$gt; mail($to,$subject,$message,$headers); header("Location: sendmail.php?msg= Mail Sent!"); exit(); } ?> <html> <head> <title>Email </title> </head> <body bgcolor="#ffffcc"> <h2 align="center"> </h2> <h3 align="center"> Please do not misuse this script. </h3><br> <p style="margin-left:15px"> <form action="sendmail.php" method="POST"> <b>From Name:</b><br> <input type="text" name="fromname" size="50"><br> <br><b>From Email:</b><br> <input type="text" name="fromemail" size="50"><br> <br><b>To Email:</b><br> <input type="text" name="toemail" size="50"><br> <br><b>Subject:</b><br> <input type="text" name="subject" size="74"><br> <br><b>Your Message:</b><br> <textarea name="message" rows="5" cols="50"> </textarea><br> <br><b>Verification Code:</b><br> <input name="user_code" type="text" size="25"> <img src="pngimg.php" align="middle"><br><br> <input type="submit" name="Submit" value="Send"> <input type="reset" value="Reset"> </form> </p> <?php if (isset($_GET['msg'])) { echo "<font color=\"red\"><h3 align=\"center\"> $_GET[msg] </h3></font>"; } ?> </body> </html> Basically I am writing my own voting system but I have a few problems and I would like to address them all in one post rather than three. First: The first thing I need help with is using CURL to check if a user actually voted at the remote top list website. Two: I need maybe a source script of a 10 digit hash generator that will display the hash generated and will insert it into the database This is currently what my hash generator looks like but I need someone to help me change it so that it will echo the actual hash generated and inserts it into the database, <?php function gen_md5_password($len = 6) { return substr(md5(rand().rand()), 0, $len); } ?> Three: I need some sort of way to tell the database that if they hash is not used within 24 hours, it will just dump or delete. I know there has to be a better way to do this. My usernames and passwords are stored in a text file. This is what I'm doing now, and all it does is return the error statement. This is the php from after the log in page. <?php $user = $_POST["username"]; $password = $_POST["password"]; $un = "no"; $pw = "no"; $fh = fopen("users.txt","r"); while (!feof($fh)) { $line = fgets($fh); $data = explode("$",$line); if ($data["0"] == $user){ $un = "yes"; } if ($data["1"] == $password){ $pw = "yes"; } } if (($un === "yes") && ($pw === "yes")){ echo "<h4> Hello <em>$user</em>!\n<br />"; }else { echo "<h3>Your username and/or password is incorrect.</h3>\n<br />"; echo "<a href='login.html'>Return to the login page.</a>\n<br />"; } fclose($fh); ?> I have the following code: <?php include "connect.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> <script type="text/javascript" src="js/jquery.min.js"></script> <script type="text/javascript" src="js/jquery.ketchup.js"></script> <script type="text/javascript" src="js/jquery.ketchup.messages.js"></script> <script type="text/javascript" src="js/jquery.ketchup.validations.basic.js"></script> <script language="javascript" type="text/javascript" src="niceforms.js"></script> <link rel="stylesheet" type="text/css" media="all" href="niceforms-default.css" /> <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ketchup.css" /> </head> <body> <div id="container"> <?php if(!empty($_SESSION['connection_status']) && !empty($_SESSION['username'])) { ?> <form action="logout.php" class="niceform"> <fieldset> <legend>Member Area</legend> <div id= "container"> <p>Thanks for logging in <b><?=$_SESSION['username']?></b> !</p> <p><input type="submit" name="submit" id="submit" value="Logout" /></p> </div> </fieldset> </form> <?php } elseif(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $validation = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'"); if(mysql_num_rows($validation) == 1) { $row = mysql_fetch_array($validation); $email = $row ['email']; $_SESSION['username'] = $username; $_SESSION['email'] = $email; $_SESSION['connection_status'] = 1; echo "<h1>Success</h1>"; echo "<p>Members area is loading.</p>"; echo "<meta http-equiv='refresh' content='=4;index.php' />"; } else { echo "<h1>Error</h1>"; echo "<p> There was an error, please try again <a href=\"index.php\">here </a> .</p>"; } } else { ?> <form method="post" action="index.php" name="loginform" id="loginform" class="niceform"> <fieldset> <legend>Member Login</legend> <p>Thanks for visiting. Please login below or click <a href="register.php">here</a> to register.</p> <dl> <dt><label for="username">Username:</label><br /></dt> <dd><input type="text" name="username" id="username" class= "validate(rangelength(4,30))"/></dd> </dl> <dl> <dt><label for="password">Password:</label><br /></dt> <dd><input type="password" name="password" id="password" class= "validate(rangelength(4,30))" /></dd> </dl> <p><a href="forgot_password.php">Forgot password?</a></p> </fieldset> <fieldset class="action"> <input type="submit" name="submit" id="submit" value="Sign In" /> </fieldset> </form> <?php } ?> </div> <script type = "text/javascript"> $(document).ready(function() { $('#loginform').ketchup(); }); </script> </boby> </html> When I try to login with true username/password, I always get: There was an error, please try again here . Ok So the main purpose of this is: 1). User has to grab a OTP from the generator (work's) 2) the OTC updates in the database field (work's) via the person's user_email 3). it sends an email containing the OTP what it is not doing is, when they go and login, it just keeps saying invalid login credentials. I'm pasting my code below to see if anyone can help me out here. this is still a work in progress. do_login.php (not working here) Keep's saying invalid password. <?php if(empty($_POST)) exit; include 'config.php'; // declare post fields $post_user_email = trim($_POST['user_email']); $post_password = trim($_POST['authcode']); $post_autologin = $_POST['autologin']; if(($post_user_email == $config_email) && ($post_password == $config_password)) { $_SESSION['Site-Key'] = $config_email; // Autologin Requested? if($post_autologin == 1) { $password_hash = md5($config_password); // will result in a 32 characters hash setcookie ($cookie_name, 'usr='.$config_email.'&hash='.$password_hash, time() + $cookie_time); } exit('OK'); } else { echo '<div id="error_notification">The submitted login info is incorrect.</div>'; } ?> Index.php <?php require_once 'config.php'; if(isset($_SESSION['google-ads123123'])) { header("Location: http://forum.site1.com"); exit; } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <TITLE>Access Required</TITLE> <script type="text/javascript" src="js/mootools-1.2.1-core-yc.js"></script> <script type="text/javascript" src="js/process.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> </HEAD> <BODY> <center> <div id="status"> <fieldset><legend align="center">Authentication</legend> <div id="login_response"><!-- spanner --></div> <form id="login" name="login" method="post" action="do_login.php"> <table align="center" width="200" border="0"> <tr> <td width="80">Email</td><td><input id="user_email" type="text" name="user_email"></td> </tr> <tr> <td>AuthCode:</td> <td><input type="password" name="authcode"></td> </tr> <tr> <td> </td> <td><input type="checkbox" name="autologin" value="1">Remember Me</td> </tr> <tr> <td> </td> <td><input id="submit" type="submit" name="submit" value="Login"> <br /> <a href="getcode.php"> Get Auth Code </a> <div id="ajax_loading"><img align="absmiddle" src="images/spinner.gif"> Processing...</div></td> </tr> </table> </form> </fieldset> </div> </center> </BODY> </HTML> getcode.php (generates a MD5 and adds into db) <?php $db_host = '123'; $db_username = '123'; $db_password = '123'; $db_name = '123'; @mysql_connect($db_host, $db_username, $db_password) or die(mysql_error()); @mysql_select_db($db_name) or die(mysql_error()); // This is displayed if all the fields are not filled in $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; // Convert to simple variables $email_address = $_POST['user_email']; if (!isset($_POST['user_email'])) { ?> <h2>Generate your Auth Code</h2> <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p class="style3"><label for="user_email">Email:</label> <input type="text" title="Please enter your email address" name="user_email" size="30"/></p> <p class="style3"><label title="Generate Auth Code"> </label> <input type="submit" value="Submit" class="submit-button"/></p> </form> <?php } elseif (empty($email_address)) { echo $empty_fields_message; } else { $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email_address,"@") OR !stristr($email_address,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT username FROM users WHERE user_email = '$email_address'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->user_email;// email is stored to a variable if ($recs == 0) { echo "<center><font face='Verdana' size='2' color=red><b>No Auth Code</b><br> Sorry Your address is not in our database ."; exit;} function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $db2_password = md5($random_password); $sql = mysql_query("UPDATE users SET authcode='$db2_password' WHERE user_email='$email_address'"); $subject = "Auth Code Verification"; $message = " Here is your Auth Code, Auth Code: $random_password Auth Code: $db2_password This is an automated response, please do not reply!"; mail($email_address, $subject, $message, "From: Auth Server<theslcguy@safe-mail.net.com>"); echo "Your Auth Code has been sent! <br /> Please check your email! <br /> Also Allow up to 5 minutes to recieve your Code...<br />"; echo "<br><br>Click <a href='http://auth.site1.com'>here</a> to login"; } else { echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } ?> Config.php <?php session_start(); // Start Session header('Cache-control: private'); // IE 6 FIX // always modified header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT'); // HTTP/1.1 header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); // HTTP/1.0 header('Pragma: no-cache'); // ---------- LOGIN INFO ---------- // $config_email = $POST["user_email"]; $config_authcode = $POST["authcode"]; $cookie_name = 'google-ads123123'; $cookie_time = (3600 * 24 * 30); // 30 days if(!$_SESSION['google-ads123123']) { include_once 'autologin.php'; } ?> I'm in the habit of verifying input client side. For example, there is a field to enter a number, and I ensure that it is within a particular range using Javascript. My backend PHP code does not do such checking... Is this bad? Should I be doing checking using my backend code and send a response back to the client to display a message? Admittedly, I avoid it, since it's a little extra work -- well more extra than just javascripts, IF-THEN-ALERT type statement. So, If I want to store something like: Code: [Select] Hello<br /> <b>This is a sentence </b> I would need to use htmlentities() So I could output the HTML after it's stored in the database safely? How would I go about settings up a verification system with scripts that I write, so that I could sell scripts but if they were to get leaked or something I could kill the script, is there a way to set up a IP verification system when a script is run through CLI so it only runs if someones IP matches the one in the script? I am sending a email verification that a person registers on my site. I have two problems. Here is the email script: Code: [Select] $message = "Thank you for registering."; mail($email, 'Registration Confirmation', $message, 'From: noreply@website.com'); Problem 1: I have tried this on two different identical pages, index.php and register.php. It only works in the index page. Problem 2: When it does work on the index page, the From header does not show what is in the mail() function, it shows that it is from my host. What's up with that? Given the choice, I need to get problem 2 solved way more than problem 1. Thank you. I'm trying to create a series of web pages that will lead to a FINAL SALE page. At that point, I require TWO things to happen. First, the customer must pay the displayed total. Second, some kind of automated receipt needs to be generated so that a script can allow the customer to progress further. An applicable example would be a customer navigating through web pages of paintings by different artists and then choosing to see Alfred's latest unreleased paintings for a $2 fee. After paying the $2, the next web page would validate receipt of the payment, and now allow the customer to access Alfred's gallery. Is there a template for this sort of thing? Obviously, an online payment would require a credit card. Any recommendations for service providers would be appreciated. I have contacted Pay Pal, but they seem trained to encourage Ebay type sales and insist that the email I receive as confirmation would be sufficient. However, that would require me to check my email and manually grant access to galleries without ever sleeping. LOL. I'm sure there is a more viable solution, but need some advice and guidance from those that have already traversed this obstacle. i have a code that generates a random code and displays it as an image. But the problem the image can be displayed only if it is called before any other output. How do i run it so that it can be displayed after any output.. Code: [Select] <? //Security Word for the form $codelenght = 10; while($newcode_length < $codelenght) { $x=1; $y=3; $part = rand($x,$y); if($part==1){$a=48;$b=57;} // Numbers if($part==2){$a=65;$b=90;} // UpperCase if($part==3){$a=97;$b=122;} // LowerCase $code_part=chr(rand($a,$b)); $newcode_length = $newcode_length + 1; $newcode = $newcode.$code_part; } header('Content-Type: image/png'); $im = imagecreatetruecolor(200, 40); $white = imagecolorallocate($im, 255, 255, 255); $grey = imagecolorallocate($im, 128, 128, 128); $blue = imagecolorallocate($im, 0, 0, 238); $black = imagecolorallocate($im, 0, 0, 0); imagefilledrectangle($im, 1, 1, 200, 40, $white); $font = '/home/vhosts/master_files/advertising/fonts/arialbd.ttf'; imagettftext($im, 12, 0, 10, 18, $blue, $font, $newcode); imagepng($im); imagedestroy($im); ?> Hello, I didn't want to learn php; wish I could find a wysiwyg program to do basic coding ... so you know that I'm a noob. I have a php file that I've been working on. Most of the code was written by other people. I'm trying to add a checkbox that requires the user to agree to the terms of membership. The form works (for all other form entries) and it updates the database with "yes" in the field "agree" for the checkbox. What it doesn't do is verify that the checkbox is marked and prevent the user from continuing. At this time, the form updates regardles of the checkbox being marked or not. I have run out of hunches and need some expert eyes, please? |
|||||||