PHP - Need Help Slightly Altering This Pretty Simple Script...

I am getting Use of undefined constant id - assumed 'id' with this:


$query = "SELECT * FROM products WHERE id = ".mysql_real_escape_string($_POST[id])."";

That seems pretty bull shit to me. Is this a bug in PHP?

Following on from the excellent help in the thread at http://www.phpfreaks.com/forums/php-coding-help/using-a-generated-row-number-in-another-query I have another question regarding the League Standings that are generated there.

I want to have another version that limits the records to the last 5 games for each team. Just using 'LIMIT 5' would return the first five teams and all their records but I want it to retrieve all of the teams and each teams last five records (games). The easy way would be to restrict a the dates but as games get postponed and moved using WHERE with a specific date would not guarantee the same number of games for each team.

There is the possibility that this could be done via the query but I have not come across anything in some quite extensive searching (although, once again, I do not know if I am using the right search terms!) so I assume PHP would, once again be the saviour!

Thanks in advance for any suggestions.
Steve

you can see it at the link below on my site. The generated thumbnails look terrible but I don't know why.  Any help greatly appreciated. thank you . (code below of upload script and viewgallery script)

http://ealike.com/gallery/viewgallery.php?cid=1


upload script

Code: [Select]
<?php
include("config.inc.php");

// initialization
$result_final = "";
$counter = 0;

// List of our known photo types
$known_photo_types = array( 
'image/pjpeg' => 'jpg',
'image/jpeg' => 'jpg',
'image/gif' => 'gif',
'image/bmp' => 'bmp',
'image/x-png' => 'png'
);

// GD Function List
$gd_function_suffix = array( 
'image/pjpeg' => 'JPEG',
'image/jpeg' => 'JPEG',
'image/gif' => 'GIF',
'image/bmp' => 'WBMP',
'image/x-png' => 'PNG'
);

// Fetch the photo array sent by preupload.php
$photos_uploaded = $_FILES['photo_filename'];

// Fetch the photo caption array
$photo_caption = $_POST['photo_caption'];

while( $counter <= count($photos_uploaded) )
{
if($photos_uploaded['size'][$counter] > 0)
{
if(!array_key_exists($photos_uploaded['type'][$counter], $known_photo_types))
{
$result_final .= "File ".($counter+1)." is not a photo<br />";
}
else
{
mysql_query( "INSERT INTO gallery_photos(`photo_filename`, `photo_caption`, `photo_category`) VALUES('0', '".addslashes($photo_caption[$counter])."', '".addslashes($_POST['category'])."')" );
$new_id = mysql_insert_id();
$filetype = $photos_uploaded['type'][$counter];
$extention = $known_photo_types[$filetype];
$filename = $new_id.".".$extention;

mysql_query( "UPDATE gallery_photos SET photo_filename='".addslashes($filename)."' WHERE photo_id='".addslashes($new_id)."'" );

// Store the orignal file
copy($photos_uploaded['tmp_name'][$counter], $images_dir."/".$filename);

// Let's get the Thumbnail size
$size = GetImageSize( $images_dir."/".$filename );
if($size[0] > $size[1])
{
$thumbnail_width = 100;
$thumbnail_height = (int)(100 * $size[1] / $size[0]);
}
else
{
$thumbnail_width = (int)(100 * $size[0] / $size[1]);
$thumbnail_height = 100;
}

// Build Thumbnail with GD 1.x.x, you can use the other described methods too
$function_suffix = $gd_function_suffix[$filetype];
$function_to_read = "ImageCreateFrom".$function_suffix;
$function_to_write = "Image".$function_suffix;

// Read the source file
$source_handle = $function_to_read ( $images_dir."/".$filename ); 

if($source_handle)
{
// Let's create an blank image for the thumbnail
      $destination_handle = ImageCreate ( $thumbnail_width, $thumbnail_height );

// Now we resize it
       ImageCopyResized( $destination_handle, $source_handle, 0, 0, 0, 0, $thumbnail_width, $thumbnail_height, $size[0], $size[1] );
}

// Let's save the thumbnail
$function_to_write( $destination_handle, $images_dir."/tb_".$filename );
ImageDestroy($destination_handle );
//

$result_final .= "<img src='".$images_dir. "/tb_".$filename."' /> File ".($counter+1)." Added<br />";
}
}
$counter++;
}

// Print Result
echo <<<__HTML_END

<html>
<head>
<title>Photos uploaded</title>
</head>
<body>
$result_final
</body>
</html>

__HTML_END;
?>

DISPLAY THUMBNAILS AND IMAGES SCRIPT

Code: [Select]
<?php
include("config.inc.php");

// initialization
$result_array = array();
$counter = 0;

$cid = (int)($_GET['cid']);
$pid = (int)($_GET['pid']);

// Category Listing

if( empty($cid) && empty($pid) )
{
$number_of_categories_in_row = 4;

$result = mysql_query( "SELECT c.category_id,c.category_name,COUNT(photo_id)
FROM gallery_category as c
LEFT JOIN gallery_photos as p ON p.photo_category = c.category_id
GROUP BY c.category_id" );
while( $row = mysql_fetch_array( $result ) )
{
$result_array[] = "<a href='viewgallery.php?cid=".$row[0]."'>".$row[1]."</a> "."(".$row[2].")";
}
mysql_free_result( $result );

$result_final = "<tr>\n";

foreach($result_array as $category_link)
{
if($counter == $number_of_categories_in_row)
{
$counter = 1;
$result_final .= "\n</tr>\n<tr>\n";
}
else
$counter++;

$result_final .= "\t<td>".$category_link."</td>\n";
}

if($counter)
{
if($number_of_categories_in_row-$counter)
$result_final .= "\t<td colspan='".($number_of_categories_in_row-$counter)."'>&nbsp;</td>\n";

$result_final .= "</tr>";
}
}


// Thumbnail Listing

else if( $cid && empty( $pid ) )
{
$number_of_thumbs_in_row = 5;

$result = mysql_query( "SELECT photo_id,photo_caption,photo_filename FROM gallery_photos WHERE photo_category='".addslashes($cid)."'" );
$nr = mysql_num_rows( $result );

if( empty( $nr ) )
{
$result_final = "\t<tr><td>No Category found</td></tr>\n";
}
else
{
while( $row = mysql_fetch_array( $result ) )
{
$result_array[] = "<a href='viewgallery.php?cid=$cid&pid=".$row[0]."'><img src='".$images_dir."/tb_".$row[2]."' border='0' alt='".$row[1]."' /></a>";
}
mysql_free_result( $result );

$result_final = "<tr>\n";

foreach($result_array as $thumbnail_link)
{
if($counter == $number_of_thumbs_in_row)
{
$counter = 1;
$result_final .= "\n</tr>\n<tr>\n";
}
else
$counter++;

$result_final .= "\t<td>".$thumbnail_link."</td>\n";
}

if($counter)
{
if($number_of_photos_in_row-$counter)
$result_final .= "\t<td colspan='".($number_of_photos_in_row-$counter)."'>&nbsp;</td>\n";

$result_final .= "</tr>";
}
}
}

// Full Size View of Photo
else if( $pid )
{
$result = mysql_query( "SELECT photo_caption,photo_filename FROM gallery_photos WHERE photo_id='".addslashes($pid)."'" );
list($photo_caption, $photo_filename) = mysql_fetch_array( $result );
$nr = mysql_num_rows( $result );
mysql_free_result( $result );

if( empty( $nr ) )
{
$result_final = "\t<tr><td>No Photo found</td></tr>\n";
}
else
{
$result = mysql_query( "SELECT category_name FROM gallery_category WHERE category_id='".addslashes($cid)."'" );
list($category_name) = mysql_fetch_array( $result );
mysql_free_result( $result );

$result_final .= "<tr>\n\t<td>
<a href='viewgallery.php'>Categories</a> &gt; 
<a href='viewgallery.php?cid=$cid'>$category_name</a></td>\n</tr>\n";

$result_final .= "<tr>\n\t<td align='center'>
<br />
<img src='".$images_dir."/".$photo_filename."' border='0' alt='".$photo_caption."' />
<br />
$photo_caption
</td>
</tr>";
}
}

// Final Output
echo <<<__HTML_END

<html>
<head>
<title>Gallery View</title>
</head>
<body>
<table width='100%' border='0' align='center' style='width: 100%;'>
$result_final
</table>
</body>
</html>

__HTML_END;
?>

I'm in the process of building a network for investors and entrepreneurs. When a user logs in, they are directed to profile.php where they can have access to their profile information. If you go into the address bar and type in network.jasonbiondo.com/jasonbiondo you will not be able to view my profile, but if you type in http://network.jasonbiondo.com/profile. ... asonbiondo , you will be able to see my profile. I want to make it cleaner so that you can access profiles by going directly to network.jasonbiondo.com/jasonbiondo . I think my .htaccess file is causing the problem.

I have listed my code below.

.htaccess

Code: [Select]
  Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{SCRIPT_FILENAME} !-d
    RewriteCond %{SCRIPT_FILENAME} !-f
    RewriteRule ^(.*)$ ./profile.php?u=$1 [NC]

I would like to take the following xml file, and convert it to a nice array. Is there any functions to do this or any suggestions how to do this?

xml file:
Code: [Select]
<?xml version="1.0" encoding="UTF-8"?>
<users>
<instructions>
<phpfile>users.php</phpfile>
</instructions>
<users action="multiple">
<user>
<name>root</name>
<password>5f4dcc3b5aa765d61d8327deb882cf99</password>
<permissions>
<access>CREATE_USR</access>
</permissions>
</user>
<users>
</users>
Desired array:
Code: [Select]
Array (
[instructions] => Array (
[phpfile] => users.php
)
[users] => Array (
[0] => Array (
[name] => root
[password] => 5f4dcc3b5aa765d61d8327deb882cf99
[permissions] => Array(
[access] => CREATE_USR
)
)
)
)

hey now I have to put the pieces together. 

I have a table with lots of records. My table has the following field, with records containing either NULL or '1' that I need to modify.

Hi,

I have a file which contains settings for a user. Similar to wordpress except simpler like setting a default email for error messages or something. The idea is that it's used as an installation script for web-ware where someone fills in a form with their database details, my script will hard-code them into the settings file and then delete itself. I'll admit I did get the idea from wordpress.

Only the way it's coded currently requires a certain combination of characters at the end and seems really messy. The script looks like this (and does work):
    $endpos = strpos ( $contents, '"; //replace with name//', $startpos);

The settings file looks like this:
    $hard_name = "Smith"; //replace with name//

As you can see I use the comment in the settings file, which follows what I'm actually changing, to find the end of the variable. I am sure there must be a better way of doing things but don't know what. It just seems really inefficient because if the comment is removed the script breaks.

Any info and tips would be much appreciated.

IceKat

so I'm trying to change some specific columns in a row in a table of a MySQL database by calling the Doctrine_Query when an option is selected inside an admin panel of my website.

Here are the details:

Table name: chatUsers
I need to find all rows with the person who has a username of: $chatUsers->username (The column inside chatUsers is called username) Once all those rows are found, change the value of all the row's column "type" to "user" Is this even possible?

So far I have:
[/list] Code: [Select]
<?php
function userChatReset(){
     $query = Doctrine_Query::create()->update('db_chatUsers')->set('type', 'user')->where('username = '.$chatUsers->username);

          //execute query
$rows = $query->execute();
echo $rows.' rows updated';
}
?>

...And I'm not sure where to go from there, or if that's even correct. Sorry in advance, I'm not very good with PHP yet.

http://i.imgur.com/6olCy.png
The picture (in the imgur link) pretty much describes what I'm trying to do. As it stands, it would take too long to simply do everything manually with html and css (both of which I'm pretty good at I think), moving all img src and dates from one div tag to another whenever I wanna add something. So yeah, what's the most efficient way to simply submit a picture, and all my other pictures will move?

I know some of you guys will say to just learn php, but quite frankly, I don't have the time... and all the php books are ~1000pgs long which seems really daunting. I know, my problem's pretty basic and it'll probably be covered in the first 100pages or so, but still, like I said I don't have that much time for the moment.

When I do, however, can you guys recommend me the quickest guide/video series/book to learn practical php? Not the most comprehensive, as the stuff I'm going to be doing's not that complex.

One last thing, I've been hearing about CakePHP; what is it? I read that it's an "open source web application framework", but I still have little clue. I'm currently using dreamweaver for all my web stuff (no I do not use the WYSIWYG feature, I just grown accustom to using it). Should I "learn cakephp"?


Please answer any one of those questions (particularly the first one). Many thanks and I'll be sure to reply!

<?php
if (!isset($_GET['register'])) {
echo "register stuff here"; 
}
elseif (!isset($_GET['login'])) {
echo "login stuff here";
}
elseif (!isset($_GET['forgotpassword'])) {
echo "password recovery stuff here"; 
}
else {
echo "default page stuff here"; 
}
?>

you get what i'm going for, but it kinda messes up this way with different contents on different places? help

Hi, I am extracting data from a mysql db to then edit and update back into the db and use below to list items first -

Code: [Select]
<?php

// Connect to server and select database.
mysql_connect('localhost', 'xxxxxxxxx', 'xxxxxxxxxxxxx') or die("Error: ".mysql_error());
mysql_select_db("xxxxxxxxx");

$sql="SELECT * FROM properties";
$result=mysql_query($sql);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td>
<table width="400" border="1" cellspacing="0" cellpadding="3">
<tr>
<td colspan="4"><strong>List data from mysql </strong> </td>
</tr>

<tr>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
<td align="center"><strong>Update</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td><? echo $rows['Property_Rating']; ?></td>



<td align="center"><a href="update.php?id=<? echo $rows['ID']; ?>">update</a></td>
</tr>
<?php
}
?>
</table>
</td>
</tr>
</table>
<?php
mysql_close();
?>

I then go next page where I show data and allow editing -
<?php

// Connect to server and select database.
mysql_connect('localhost', 'xxxxxxxxx', 'xxxxxxxxxxxxx') or die("Error: ".mysql_error());
mysql_select_db("xxxxxxxxx");

// get value of id that sent from address bar
$id=$_GET['id'];


// Retrieve data from database
$sql="SELECT * FROM properties WHERE id='$id'";
$result=mysql_query($sql);

$rows=mysql_fetch_array($result);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<form name="form1" method="post" action="update_ac.php">
<td>
<table width="100%" border="0" cellspacing="1" cellpadding="0">
<tr>
<td>&nbsp;</td>
<td colspan="3"><strong>Update data in mysql</strong> </td>
</tr>
<tr>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
<td align="center">&nbsp;</td>
</tr>
<tr>
<td align="center">&nbsp;</td>
<td align="center"><strong>Property_Name</strong></td>
<td align="center"><strong>roperty_Rating</strong></td>
<td align="center"><strong>Property_Address</strong></td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="center"><input name="Property_Rating" type="text" id="Property_Rating" value="<? echo $rows['Property_Rating']; ?>"></td>

</tr>
<tr>
<td>&nbsp;</td>
<td><input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>"></td>
<td align="center"><input type="submit" name="Submit" value="Submit"></td>
<td>&nbsp;</td>
</tr>
</table>
</td>
</form>
</tr>
</table>

<?

// close connection
mysql_close();

?>

And then the update page -

<?php

// Connect to server and select database.
mysql_connect('localhost', 'xxxxxxxxx', 'xxxxxxxxxxxxx') or die("Error: ".mysql_error());
mysql_select_db("xxxxxxxxx");

// update data in mysql database
$sql="UPDATE properties SET Property_Name='$Property_Name' WHERE id='$id'";
$result=mysql_query($sql);

// if successfully updated.
if($result){
echo "Successful";

}

else {
echo "ERROR";
}

?>
Everything seems ok but when I edit the data and submit I get the success message but data not changed in db.

Any ideas?

Thanks.

MOD EDIT: code tags added.

As a freelancer working alone, I've got to wear all the hats, doing all the front end and back end design and development. So perhaps I'm never really specializing in any one thing, and I tend to miss some good stuff, like MySQL GROUP BY. Doing counts of things using GROUP BY is very handy. I saw somebody doing that in a thread, and adapted it to two things that I was working on in the last week. Sweet!   What other fun MySQL stuff am I missing out on?

I found the code below which checks to make sure something the user entered into a text field is an actual URL.  I am looking to confirm that something a user enters is an actual link to an IMAGE, so does anyone know how I could adjust this code below to do that?

Basically, this code below would accept http://monkeys.com AND http://monkeys.com/images/monkey.jpg.

I want to alter the code so that http://monkeys.com would NOT be accepted since it's not an image.  Essentially, I want to make sure whatever the user enters ends with .jpg, .gif or .png.

Anyone know how to do this?

Code: [Select]
url": {
                    "regex": /^(https?|ftp):\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?(((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?)(:\d*)?)(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)?(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/,
                    "alertText": "* Invalid URL"
                }

$username = $loggedInUser->username; // This is the logged in username
$time = time();
$makedir = $username.'_'.$time;

$var = getcwd();
$var = str_replace('\users', '\imageuploads', $var);
$dirlocation = $var."\\".test_directory($username, $mysqli);   function test_directory ($username, $mysqli) {
     $stmt = $mysqli->prepare("SELECT Temp_Directory FROM uc_users WHERE user_name LIKE ?");
    $stmt->bind_param("s", $username);
    $stmt->execute();
    $stmt->bind_result($Tempdir);
    while ($stmt->fetch()){
    return $Tempdir;
        }
    } if((!empty(test_directory($username, $mysqli))) && is_dir($dirlocation)){
//echo "this is it";
$thedirectory = $dirlocation;
}

if(empty(test_directory($username, $mysqli))){
//echo "it's not a directory";
$newdir = $var."\\".$makedir;
$query = mysqli_query($mysqli, "UPDATE uc_users SET Temp_Directory='$makedir' WHERE user_name='$username'");
if(!$query){
//echo mysqli_error($mysqli);
}
mkdir($newdir);
//security
chmod($newdir, 0644);
$thedirectory = $newdir;
}

if(!is_dir($dirlocation) && (!empty(test_directory($username, $mysqli)))){
//echo "third one";
mkdir($dirlocation);
chmod($dirlocation, 0644);
$thedirectory = $dirlocation;
}         Ok, so what I'm doing here is testing to see whether a a record exists of the user having a folder in the MySQL database. Then, if it does, make sure that a folder exists at that location. If there is no folder, we create one for the user. If there is already a folder, we leave it alone.   This is for image uploads, and $thedirectory, is where we upload images later on in the script.   Hope that makes sense.   The code seems to work. But how can I improve it and make it more robust? Or should I just leave it alone? Should I return FALSE from the function for better reliability over empty()?