PHP - Moved: Going Insane!

Hi guys,

I am going nuts with this!

It HAS to be something dead simple but I can't seem to see what is staring me in the face.

Basically I have made a registration form and when complete you are emailed a link to click on.
When you click on the link you go to a new page. The page takes the email address and the verification code from the URL via _GET. The database is then queried for a match of the email address AND the verification code, if there is a relevant record then success is displayed otherwise unsuccessful is displayed.

Code:
Code: [Select]
$email = strip_tags(htmlentities($_GET['email']));
$code = strip_tags(htmlentities($_GET['code']));

// confirm the variables hold the correct data
echo "email: $email and code: $code";

$query = "SELECT * from userdb WHERE email='$email' AND code ='$code'";

if (mysql_query($query))
{
echo "success";
}
else
{
echo "unsuccessful";
}


My problem is this query is always returning 'success'... even when the code and/or email does not match what is in my database?

What am i missing?

Thanks

first i have a standard html page. Just a form that submits data to upload.php

http://pixel.imgboard.co.uk

here is upload.php - note i know i have some weird echo's but ive been trying for 2 hours to get upload.php to display something... but nothing happens.. i cant even get it to output html. It just goes to upload.php and has a blank page. When i view source there is nothing there. Its literally a blank page. I can't work it out.  someone please help. I'm going to crack up.


<?php
ini_set("display_errors", "1");
error_reporting(E_ALL);
session_start();
include 'http://www.imgboard.co.uk/includes/functions.php';



$start =  "
<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">  
<html>
<head>
<link rel=\"stylesheet\" type=\"text/css\" href=\"http://www.imgboard.co.uk/style/pixel.css\" />
<title> Pixel - Image Hosting Beta</title>

</head>

<body>
    <div id =\"wrapper\">
    <div class = 'titlebar'>
    <div class = 'titlebarlinkbox'>
    <a href = 'http://www.imgboard.co.uk'>Forum</a>
    <a href = 'http://www.imgboard.co.uk/Wiki.php'>Wikis</a>
    <a href = 'http://www.imgboard.co.uk/bulletins/0'>Bulletins</a>
    <a href = 'http://www.imgboard.co.uk/faq/0'>Faq's</a>
    </div>
    </div>
    <div class = \"logo\"></div>


";


$end =  "
<div class = 'footerLinks'>
     
     Pixel @ 2010 - 2015 ! <br />
    <a href = 'http://www.imgboard.co.uk'>Forum</a> | 
    <a href = 'http://www.imgboard.co.uk/Wiki.php'>Wikis</a> | 
    <a href = 'http://www.imgboard.co.uk/bulletins/0'>Bulletins</a> | 
    <a href = 'http://www.imgboard.co.uk/faq/0'>Faq's</a> | 
    <a href = 'http://www.imgboard.co.uk/pixel/report.php'>Report Image</a>

</div>
<div class = 'TnC'>Pixel is a Trademark of imgboard.co.uk. Please ensure all content uploaded is decent. No Taboo, cp, gore allowed. Porn / memes / misc themes all welcome. Any offensive content will be removed and deleted. Any misuse of the service and result in banning and in seviere cases prosecution.</div>

    </div>
</body>
</html>


";



if(isset($_GET['uploadfile'])){

echo $start;
echo $end;


$validExtensions = array("png", "gif", "jpeg", "jpg", "bmp");
                                       $ext = end(explode(".",$_FILES["image"]["name"]));
                                       $ext2= strtolower($ext);


if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/bmp")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 10000000))
&& in_array($ext2,$validExtensions))
   {
      

//create a unique name. 
$newname = date(dmYhis);
$newname .= rand(1111,9999);
//preg replace non alpha numeric characters

$fname = $_FILES['file']['name'];
$newname = $newname . "." .$ext2;

$location = "http://www.imgboard.co.uk/images/".$newname;
      
//copy the file. 

if(move_uploaded_file($_FILES['file']['tmp_name'],$location)){

//file uploaded create display Page. 
$t = $_POST['tags'];
add_uploaded_image($location,$t);
file_upload_display_page($location);

}

else{

die("Error Occured Moving File");
}
 




 }
 
 else{
 
 die("wrong mime type");
 
 }






}



function add_uploaded_image($link, $tags){

$c = protect($_COOKIE['supercookie']);
$ip = $_SERVER['REMOTE_ADDR'];
$t = protect($tags);

mysql_query("INSERT INTO pixel (filename,tags,date,ip,cookie) VALUES ('$link','$t',NOW(),'$ip','$c')") or die(mysql_error());

}



function file_upload_display_page($location){

echo "

   
    <table class = 'uploadTable' cellspacing = '0'>
    
    
    
    
    <tr>
    <td class = \"label\">
    Image Uploaded: </td><td><img src = '$location' HEIGHT = '150'/>
    </td>
    </tr>
    
    <tr>
    <td class = \"label\">
    Direct Link: </td><td><input type = 'text' name = 'file' id = 'file'  value = '$location'/>
    </td>
    </tr>
    <tr>
    <td class = \"label\">
    Html Code </td><td><input type = 'text' name = 'tags'  value = \"<img src = '$location' ALT = 'Hosted On http://Pixel.imgboard.co.uk'/>\"/>
    </td>
    </tr>
    <tr>
    <td>
     <td class = \"label\">
    BB Code: </td><td><input type = 'text' name = 'file' id = 'file'  value = '[img]http://$location[/img]'/>
    </td>
    </td>
    </tr>
      
    
    </table>
    
    
    


";






}

I want to have a form with a drop down menu that decides who gets the email.  But I ALSO want the email to go to me.  Can anyone tell me the simplest way to go about this?

This is my form page:

Code: [Select]
<form method="post" action="sendorderform.php">
  Email: <input name="email" type="text" /><br />
  Message:<br />
  <textarea name="message" rows="15" cols="40">
  </textarea><br />
 
  <select name='emailto' id='emailto'>
    <option value='me@yahoo.com'>man1@website.com</option>
    <option value='man2@website.com'>man2@website.com</option>
    <option value='man3@website.com'>man3@website.com</option>
    <option value='man4@website.com'>man4@website.com</option>
</select><br>
 
  <input type="submit" />
</form>
This is my php page:

Code: [Select]
<?php
  $email = $_REQUEST['email'] ;
  $message = $_REQUEST['message'] ;
  $email_to = $_POST['emailto'] ;
 

  mail( $email_to, "Feedback Form Results",
    $message, "From: $email" );
 
?>
I actually got this to send per the drop down.  But, where do I put MY (fixed) email address to make it send TWO emails?   Thanks for any help!!!  I'm very new at this stuff.

I'm writing a very simple clean login session as a demonstration to friends. I've been over this code a lot of times and can't fault it, but obviously I am wrong.. or maybe xampp is just having one of those days.

Undefined Index: username on line 30, login.php

all files involved are attached. Thanks in advance.

Code: [Select]
<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{
$connect = mysql_connect("localhost","root","") or die("couldn't connect");
mysql_select_db("login") or die("couldn't find db");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{
//login code
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}

//check is pass & user match
if ($username==$dbusername&&$password==$dbpassword)
{
echo "you're in click here to enter the <a href='member.php'>member page</a> haha";
$_SESSION['username']==$dbusername;

}
else
echo "incorrect password";
}
else
die("that user doesn't exist");

}
else
die("failed to connect")

?>

I don't know who did this or why this was implemented, but it was the worst decision PHP made as it causes nothing but problems. Not having to define variables was one of the reasons I liked PHP.  This is just my opinion so no roasts.

Question is, what is the proper way to do this so I don't get this message 'cause I am hit and miss, even when I think I have them defined this stupid message pops up. This is the 3rd line on the on script that is causing me grief at the moment:

$submit = $populate = $record = $row[] = $hid = $uid = $asset_tag = $type = $manufacturer = $model = $serial_number = $status = $location = $firstname = $lastname = $go = "";

Not sure why I need to have $row[] as it is the result of a SELECT and values are being given to it. Also not sure why I need it for $submit or $_POST as they already have values when they are passed to this page, so how can they be undefined when they have values.

Just not getting it. Any help with this would really be appreciated.

Thanks