|
PHP - Moved: Help Me Understand What's Happening Here?
This topic has been moved to Third Party PHP Scripts.
http://www.phpfreaks.com/forums/index.php?topic=352984.0 Similar TutorialsThis topic has been moved to PHP Regex. http://www.phpfreaks.com/forums/index.php?topic=323161.0 This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=345250.0 Over the last few weeks I have had people trying to access the following urls and some similar index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b by BOT for JCE /includes/exit.php?ID=999999.9 /*!30000union all select 0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x31303235343830303536,0x3130323 /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b what are these urls trying to do and should I be worried? James Edited by requinix, 24 May 2014 - 03:56 AM. unlinking Hi all I have several arrays set, and I can guarantee I have values in these as I have tested them by echoing out each value. However, when I pass it through a user defined function to produce a percentage for each value of the total arry, I get a null return. I don't even get any errors. Any ideas? // Produce the % array of each array for use in 2nd report $percent_morale1=percentCalc($morale_count1[1],$morale_count1[2],$morale_count1[3],$morale_count1[4],$morale_count1[5],$total_morale1); $percent_morale2=percentCalc($morale_count2[1],$morale_count2[2],$morale_count2[3],$morale_count2[4],$morale_count2[5],$total_morale2); $percent_morale3=percentCalc($morale_count3[1],$morale_count3[2],$morale_count3[3],$morale_count3[4],$morale_count3[5],$total_morale3); $percent_morale4=percentCalc($morale_count4[1],$morale_count4[2],$morale_count4[3],$morale_count4[4],$morale_count4[5],$total_morale4); $percent_morale5=percentCalc($morale_count5[1],$morale_count5[2],$morale_count5[3],$morale_count5[4],$morale_count5[5],$total_morale5); $percent_morale6=percentCalc($morale_count6[1],$morale_count6[2],$morale_count6[3],$morale_count6[4],$morale_count6[5],$total_morale6); <?php function percentCalc($value1,$value2,$value3,$value4,$value5,$total) { $array=array($value1,$value2,$value3,$value4,$value5); while (list($key,$arraycontent)= each($array)) { $c_percent=(($arraycontent/$total)*100); $final_array[]=$c_percent; } return $final_array; } ?> <?php echo"<td class=\"percent1\" > "; printf("%01.0f",$percent_morale1[1]); echo "%</td>"; echo"<td class=\"percent2\" > "; printf("%01.0f",$percent_morale1[2]); echo "%</td>"; echo"<td class=\"percent3\" > "; printf("%01.0f",$percent_morale1[3]); echo "%</td>"; echo"<td class=\"percent4\" > "; printf("%01.0f",$percent_morale1[4]); echo "%</td>"; echo"<td class=\"percent5\" > "; printf("%01.0f",$percent_morale1[5]); echo "%</td>"; ?> Hi, I am having trouble with some GIF, PNG images the error I am receiving these errors imagecreatefromgif() [function.imagecreatefromgif]: '/tmp/phpNAhLPI' is not a valid GIF and a similar one for PNG Is there a solution to this? and How can I hide these errors? So they never display to the user and Instead I echo a user friendly error. Please note again this is happening with some GIF and PNGs not all of them. Appreciate any help and thanks in advance! Hello, ive got the right output from the code below, only my mysql query doesnt seem to be working as it should. Im not too great with mysql so please any help or suggestions would be great. I have tried the code but when I check my database nothing has been inserted. !?! Code: [Select] <?php include('db.php'); include('func.php'); ?><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Chained Select Boxes using PHP, MySQL and jQuery</title> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js"></script> <script type="text/javascript"> $(document).ready(function() { $('#wait_1').hide(); $('#drop_1').change(function(){ $('#wait_1').show(); $('#result_1').hide(); $.get("func.php", { func: "drop_1", drop_var: $('#drop_1').val() }, function(response){ $('#result_1').fadeOut(); setTimeout("finishAjax('result_1', '"+escape(response)+"')", 400); }); return false; }); }); function finishAjax(id, response) { $('#wait_1').hide(); $('#'+id).html(unescape(response)); $('#'+id).fadeIn(); } </script> </head> <body> <p> <form action="" method="post"> Name: <input type="text" name="Name" /><br /> Phone: <input type="text" name="Phone" /><br /> Email: <input type="text" name="Email" /><br /> Postcode: <input type="text" name="Postcode" /><br /> Web Address: <input type="text" name="Website" /><br /><br /> <select name="drop_1" id="drop_1"> <option value="" selected="selected" disabled="disabled">Select a Category</option> <?php getTierOne(); ?> </select> <span id="wait_1" style="display: none;"> <img alt="Please Wait" src="ajax-loader.gif"/> </span> <span id="result_1" style="display: none;"></span> <br /> </form> </p> <p> <?php if(isset($_POST['submit'])){ $drop = $_POST['drop_1']; $tier_two = $_POST['Subtype']; echo "You selected "; echo $drop." & ".$tier_two; } $Name = $_POST["Name"]; $Phone = $_POST["Phone"]; $Email = $_POST["Email"]; $Postcode = $_POST["Postcode"]; $Website = $_POST["Website"]; echo "<br>"; echo $Name; echo "<br>"; echo $Website; mysql_query ("INSERT INTO business (Name, Type, Subtype, Phone, Email, Postcode, Web Address) VALUES ('$Name', '$drop', '$tier_two' , '$Phone', '$Email', '$Postcode', '$Website')"); ?> Im not sure it makes a difference but, I am adding data into each column of my database with the exception of the 1st column named 'ID' which is set to auto_increment. I keep trying to install every wordpress, or php web server software I can find, the lastest being WAMP. Nothing ever works. I feel like a complete retard here being that I can't even set up a stupid program, to be ABLE to program myself. Everything I install gives me a 404 not found error when I try to load the admin index page to a browser. I honestly have no friggn clue what is going on, I know syntax pretty decently for a lot of these languages, but as far as setting them up, I might as well just shoot myself. I know they can't make it any easier with these step by step tutorials, but it just doesn't seem to work on my comp.
ok so I'll login to my account then once I'm logged in I visit a page with a: while(mysql_fetch_array($v)){ in it and it logs me in as someone else. if I remove the while it wont but I need to while. what do I do and whys it doing this? Login: <?php $title="Login"; $metakeywords="login, email"; $metadescription="Login to $sitename"; include("header.php"); if(!$_POST['submit']) { ?> <html> <div class="header">Login</div> <div class="content"> <form method="post" action="index.php?action=login"> Email:<br /> <input id="email" type="text" name="email" maxlength="16"> <br /> Password:<br /> <input type="password" name="password" maxlength="16"> <br /> <input type="submit" name="submit" value="Login"> </form> <a href="index.php?action=signup">Register Here</a> </div> </html> <?php } else { $user = protect($_POST['email']); $pass = protect($_POST['password']); if($user && $pass) { $pass = md5($pass); //compare the encrypted password $sql="SELECT id,email,password,activation_key FROM `users` WHERE `email`='$user' AND `password`='$pass'"; $query=mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($query) > 0) { $row = mysql_fetch_assoc($query); if($row['activation_key'] == 0){ $_SESSION['id'] = $row['id']; $_SESSION['email'] = $row['email']; $_SESSION['password'] = $row['password']; echo '<meta http-equiv="REFRESH" content="0;url=index.php">'; }else{ echo "<div class='error'>You need to activate your account first!</div>"; } } else { echo "<div class='error'>Email and password combination is incorrect!</div>"; } } else { echo "<div class='error'>You need to gimme a email AND password!</div>"; } } include("footer.php"); ?> code that logs me into another account: $sql2 = "select * FROM cheats WHERE game_id='$datas[id]'"; $rec2 = mysql_query($sql2) or die(mysql_error()); while($datas2=mysql_fetch_array($rec2)){ echo "<div class='header'>$datas2[title]</div>"; echo "<div class='content'>$datas2[cheat]</div><br>"; } EDIT: Solved. I was calling duplicate variables from an include. Changing the name in this code to something (could be anything really) different fixed the issue. Thanks!! I am currently working on some PHP which grabs variables from the link so I can keep track of which user has been clicked on. Everything seemed to be working just fine until I got to a particular part of the code. Let me know if this makes any sense AT ALL!!! As usual my code can be found below. Thanks!! Code: [Select] <?php session_start(); // Put stored session variables into local php variable $staff_id = $_SESSION['sid']; $staff_username = $_SESSION['username']; $staff_fname = $_SESSION['staff_first_name']; $cust_edit_access = $_SESSION['cust_edit_access']; include_once "scripts/connect_to_mysql.php"; $customer_id = $_GET['cid']; $customer_id = mysql_real_escape_string($customer_id ); $customer_id = eregi_replace("`", "", $customer_id); $customer_project_id = $_GET['pid']; $customer_project_id = mysql_real_escape_string($customer_project_id ); $customer_project_id = eregi_replace("`", "", $customer_project_id ); include "left_nav_customers.php"; include "left_nav_tools.php"; include "pgbdy_header_left.php"; include "project_display.php"; $sql = mysql_query("SELECT * FROM company_info WHERE proj_id='$customer_project_id'"); while ($row = mysql_fetch_array($sql)) { $company_name = $row["company_name"]; $customer_address = $row["address"]; $customer_city = $row["city"]; $customer_state = $row["state"]; $customer_zip = $row["zip"]; $customer_email = $row["email"]; $customer_phone = $row["phone"]; $customer_fax = $row["fax"]; $cust_pre_meth_contact = $row["pref_meth_contact"]; $cust_entry_date = $row["entry_date"]; } $temp_project_id = ''; $start_date = date("F j, Y, g:i:s a"); $start_month = date('n'); if ($_POST['create_new_customer_project']) { $sql2 = mysql_query("INSERT INTO projects (cust_id, staff_id, start_date) VALUES('$customer_id','$staff_id','$start_date')") or die (mysql_error()); // Get the inserted ID here to use in the activation email $new_project_id = mysql_insert_id(); // Create directory(folder) to hold each user files(pics, MP3s, etc.) $temp_project_id = "$start_month-00$customer_id-0$new_project_id"; mkdir("customer_files/cust$customer_id/$temp_project_id", 0755); $sql3 = mysql_query("UPDATE projects SET proj_id='$temp_project_id' WHERE id='$new_project_id'"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link rel="stylesheet" type="text/css" href="style.css"/> <!----------- ALL JAVASCRIPT ------------------------ ==================================================--> <script src="js/jquery-1.5.js" type="text/javascript"></script> <script language="javascript" type="text/javascript"> function toggleSlideBox(x) { if ($('#'+x).is(":hidden")) { $(".hiddenDiv").slideUp(200); $('#'+x).slideDown(300); } else { $('#'+x).slideUp(300); } } </script> <!--===========COMPANY INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- function edit_company_info() { window.open( "edit_company_info.php?sid=<?php echo "$staff_id"; ?>&cid=<?php echo "$customer_id"; ?>&pid=<?php echo "$customer_project_id"; ?>", "myWindow", "status = 1, toolbar = no, scrollbars = no, location = no, resizable = no, height = 580, width = 600, resizable = 0" ) } //--> </script> <!--===========COMPANY INFO POPUP==============-- ==============================================--> <!--===========GENERAL INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- function edit_general_info() { window.open( "http://www.google.com/", "myWindow", "status = 1, toolbar = no, scrollbars = no, location = no, resizable = no, height = 600, width = 600, resizable = 0" ) } //--> </script> <!--===========GENERAL INFO POPUP==============-- ==============================================--> <!--===========BILLING INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- function edit_billing_info() { window.open( "http://www.google.com/", "myWindow", "status = 1, toolbar = no, scrollbars = no, location = no, resizable = no, height = 600, width = 600, resizable = 0" ) } //--> </script> <!--===========BILLING INFO POPUP==============-- ==============================================--> <!--===========FACILITY INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- function edit_facility_info() { window.open( "http://www.google.com/", "myWindow", "status = 1, toolbar = no, scrollbars = no, location = no, resizable = no, height = 600, width = 600, resizable = 0" ) } //--> </script> <!--===========FACILITY INFO POPUP==============-- ==============================================--> <!--===========PRODUCT NEEDS INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- function edit_product_needs_info() { window.open( "http://www.google.com/", "myWindow", "status = 1, toolbar = no, scrollbars = no, location = no, resizable = no, height = 600, width = 600, resizable = 0" ) } //--> </script> <!--===========PRODUCT NEEDS INFO POPUP==============-- ==============================================--> <script type="text/javascript"> <!-- var sURL = unescape(window.location.pathname); function refresh() { window.location.href = sURL; } //--> </script> <!----------- ALL JAVASCRIPT ------------------------ ==================================================--> </head> <body> <div id="pg_container"> <!--HEADER SECTION--> <div id="header"> <div id="header_logo"></div> <div id="header_right"> Welcome <a href="template.php?id=<?php echo "$staff_id"; ?>"><?php echo $staff_fname; ?></a> | <a href="logout.php">Logout</a> </div> </div> <!--HEADER SECTION--> <!--PAGE CONTAINER--> <div id="pgbdy_container"> <div id="left_nav"> <div id="leftnav_header"></div> <div id="leftnav_bdy"> <div id="leftnav_content"> <div id="leftnav_customers"> <p> Select a Customer:<br /><br /> <?php echo "$list_customers"; ?> </p> </div> <hr /> <?php if($cust_edit_access == "1") { ?> <div id="leftnav_tools"> <p> <?php echo "$leftnav_links"; ?> </p> </div> <?php } else { ?> <div id="leftnav_tools"> <p> Edit Customers<br /><br /> You do not have access to edit customers. </p> </div> <?php } ?> </div> </div> </div> <div id="pgbdy"> <div id="bdy_header"></div> <div id="bdy_content_area"> <div id="bdy_content"> <div id="bdy_content_header"> <div id="bdy_content_selected_customer"> <p><?php echo "$contact_info_display"; ?></p> </div> <div id="bdy_content_current_projects"> <form action="customer_profile.php?sid=<?php echo "$staff_id"; ?>&cid=<?php echo "$customer_id"; ?>" method="post" enctype="multipart/form-data"> <p> Customer Projects <input name="create_new_customer_project" type="submit" class="create_new_customer_project_btn" value="" /><br /><br /> <?php echo "$list_customer_projects"; ?> </p> </form> </div> </div> <hr /> <div id="bdy_content_container"> <div id="company_information_section"> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('company_infoBox');">Company Information</a> <div class="hiddenDiv" id="company_infoBox" style="border:#FFF 2px solid; width:553px;"> <p>Please click the button below to edit the customer's company information.<br /> <input name="edit_company_info" onclick="edit_company_info()" type="button" value="Edit Company Information"/><br /><br /> //i placed this here just to make sure the issue was on this page. <?php echo "$customer_project_id"; ?> <b>Company Name: </b><?php echo "$company_name"; ?><br /> <b>Contact Name: </b><?php echo "$customer_fname"; ?> <?php echo "$customer_lname"; ?><br /> <b>Address: </b><?php echo "$customer_address"; ?><br /> <b>City, State, Zip: </b><?php echo "$customer_city"; ?>, <?php echo "$customer_state"; ?> <?php echo "$customer_zip"; ?><br /> <b>Email: </b><?php echo "$customer_email"; ?><br /> <b>Phone: </b><?php echo "$customer_phone"; ?><br /> <b>Fax: </b><?php echo "$customer_fax"; ?><br /> <b>Preferred Method of Contact: </b><?php echo "$cust_pre_meth_contact"; ?> </p> </div> </div> <div id="general_information_section"> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('general_infoBox');">General Information</a> <div class="hiddenDiv" id="general_infoBox" style="border:#FFF 2px solid; width:553px;"> <p>Please click the button below to edit the customer's general information.<br /> <input name="edit_general_info" onclick="edit_general_info()" type="button" value="Edit General Information"/> </p> </div> </div> <div id="billing_information_section"> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('billing_infoBox');">Billing Information</a> <div class="hiddenDiv" id="billing_infoBox" style="border:#FFF 2px solid; width:553px;"> <p>Please click the button below to edit the customer's billing information.<br /> <input name="edit_billing_info" onclick="edit_billing_info()" type="button" value="Edit Billing Information"/> </p> </div> </div> <div id="facility_information_section"> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('facility_infoBox');">Facility Information</a> <div class="hiddenDiv" id="facility_infoBox" style="border:#FFF 2px solid; width:553px;"> <p>Please click the button below to edit the customer's facility information.<br /> <input name="edit_facility_info" onclick="edit_facility_info()" type="button" value="Edit Facility Information"/> </p> </div> </div> <div id="product_needs_information_section"> <a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('product_needs_infoBox');">Product Needs Information</a> <div class="hiddenDiv" id="product_needs_infoBox" style="border:#FFF 2px solid; width:553px;"> <p>Please click the button below to edit the customer's product needs information.<br /> <input name="edit_product_needs_info" onclick="edit_product_needs_info()" type="button" value="Edit Product Needs Information"/> </p> </div> </div> </div> </div> </div> </div> <div id="right_nav"> <div id="rightnav_header"></div> <div id="rightnav_bdy"> <div id="rightnav_bdy_content"> <div id="rightnav_proj_status"> <p> All Current Associated Project Statuses </p> </div> <hr /> <div id="rightnav_alerts"> <p> Any associated alerts sent so far </p> </div> </div> </div> </div> </div> <!--PAGE CONTAINER--> <div id="footer"></div> </div> </body> </html> The issue is that each of these ID echo statements (cid being customer id, sid being staff id, and pid being project id) echoes something. CID echoes correctly, SID does as well. For some reason, PID only echoes the last project ID that was entered for that particular user. So for example, if I add a project to a user and im staff it would be like this: Staff ID = my Staff ID = 1 Customer ID = customer I am currently working on = 11 (in this case...just a random number for example sake) Project ID = the current month number (no zeroes)-00(current customer id being worked on)-0(current project ID from table) = 3-0011-042 If our example is saying that the latest addition is 3-0011-042, and I click on project 3-0011-038, for some reason (EVEN THOUGH MY WEB LINK HAS THE CORRECT PID which is 3-0011-038) it only echoes the last PID entered in the table. Its almost like its completely ignoring what I have in my address bar and looks directly at my tables latest entry....this has really screwed with my brainnnn!!! I can't seem to figure it out for the life of me. I don't even know how I could run a $_GET function and not get what I am asking for.....crazy. Please help guys!!!! When signed in as a user, the username shows up on the top right page. Then, if I click a particular product of another user it changes the session variable to that of the other user. Why would this happen? It's really odd. Im having this error and have the not even the slightest clue on how to solve it... Code: [Select] Notice: Undefined offset: 2 in C:\wamp\www\updat5.php on line 146 <?php $picture = array(); while($row = mysql_fetch_assoc($result)) { $id = $row['id']; $picture = array(); switch ($row['icon']) { case 1: $picture[$id] = '<img src="img/apple.gif" title="apple" alt="apple" />'; echo $picture[$id]; break; case 2: $picture[$id] = '<img src="img/banana.gif" title="banana" alt="banana" />'; echo $picture[$id]; break; case 3: $picture[$id] = '<img src="img/orange.gif" title="orange" alt="orange" />'; echo $picture[$id]; break; default: $picture[$id] = ''; echo $row['icon'] . " is something other than 1 2 or 3"; break; } } ?> <hr> <?php echo $picture[2]; ?> And line 146 is: echo $picture[2]; My next post will be the full code if needed incase the error I have currently cant be fixed with the current snippet/block i posted. Can anyone tell me why this is not INSERTing? My array data is coming out just fine.. I've tried everything I can think of and cannot get anything to insert.. Ahhhh! <?php $query = "SELECT RegionID, City FROM geo_cities WHERE RegionID='135'"; $results = mysqli_query($cxn, $query); $row_cnt = mysqli_num_rows($results); echo $row_cnt . " Total Records in Query.<br /><br />"; if (mysqli_num_rows($results)) { while ($row = mysqli_fetch_array($results)) { $insert_city_query = "INSERT INTO all_illinois SET state_id=$row[RegionID], city_name=$row[City] WHERE id = null" or mysqli_error(); $insert = mysqli_query($cxn, $insert_city_query); if (!$insert) { echo "INSERT is NOT working!"; exit(); } echo $row['City'] . "<br />"; echo "<pre>"; echo print_r($row); echo "</pre>"; } //while ($rows = mysqli_fetch_array($results)) } //if (mysqli_num_rows($results)) else { echo "No results to get!"; } ?> Here is my all_illinois INSERT table structu CREATE TABLE IF NOT EXISTS `all_illinois` ( `state_id` varchar(255) NOT NULL, `city_name` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Here is my source table geo_cities structu CREATE TABLE IF NOT EXISTS `1` ( `CityId` varchar(255) NOT NULL, `CountryID` varchar(255) NOT NULL, `RegionID` varchar(255) NOT NULL, `City` varchar(255) NOT NULL, `Latitude` varchar(255) NOT NULL, `Longitude` varchar(255) NOT NULL, `TimeZone` varchar(255) NOT NULL, `DmaId` varchar(255) NOT NULL, `Code` varchar(255) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; Ok, if you've helped with any of my questions before (thanks again to those who have) you know that I'm fairly new to php and still learning. This brings me to another question... I have read the post on header errors and I understand that in order to prevent these errors or warnings I need to process a form BEFORE OUTPUTTING ANYTHING TO THE BROWSER. The thing is, I'm having a problem understanding how I can do this with the code that I have written. Can someone please look at my code and explain what is causing the header warning that I'm getting and help me to understand how to fix it? Here's my code (warning message is following the code): Code: [Select] <?php session_start(); // Starts the session. ?> <html> <head> <title>Welcome to CaresAbout.us!</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <SCRIPT TYPE="text/javascript"> <!-- THIS IS LINE 11 --> <!-- function popup(mylink, windowname) { if (! window.focus)return true; var href; if (typeof(mylink) == 'string') href=mylink; else href=mylink.href; window.open(href, windowname, 'width=400,height=200,scrollbars=yes'); return false; } //--> </SCRIPT> <style type="text/css"> <!-- html { overflow: -moz-scrollbars-vertical; } html { overflow-x: auto; } body { background-color: #000000; background-image: url(bg.png); background-position: 50% 50%; background-repeat: repeat-y } body,td,th { font-family: Arial, Helvetica, sans-serif; font-size: 14px; } a:link { text-decoration: none; } a:visited { text-decoration: none; } a:hover { text-decoration: none; } a:active { text-decoration: none; } .bluelink {color: #0000CC} .blacklink {color: #000000} --> </style> </head> <body> <div align="center"> <noscript><font size="+2" color="#000000"><strong>Some features of this site will not operate without Javascript enabled!<br>Please <a href="http://www.heart.org/HEARTORG/form/enablescript.html" class="bluelink">enable Javascript</a> in your browser to have full access.</strong></font></noscript> <table width="1000" height="175" border="0" cellpadding="0" cellspacing="0" style="background: transparent url('headbg.png') top center no-repeat;"> <tr> <td height="125" width="160"> </td> <td height="125"> </td> <td height="125"> </td> <td height="125" width="160"> </td> </tr> <tr> <td height="50" width="160"> </td> <?php include("conf.inc.php"); // Includes the db and form info. if ($_SESSION['logged'] == 1) { // User is already logged in. $_SESSION['email'] = $email; header("Location: main.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST['submit'])) { // If the form HAS NOT been submitted. echo "<td width=\"320\" height=\"50\" align=\"left\" valign=\"middle\"> </td>"; echo "<td width=\"360\" height=\"50\" align=\"left\" valign=\"middle\">"; echo "<form name=\"form\" action=\"index.php\" method=\"POST\" style=\"margin-bottom:0;\">"; echo "<a href=\"signup.php\" class=\"bluelink\">Sign Me Up!</a> "; echo "<a href=\"pwordhelp.php\" class=\"bluelink\" onMouseOver=\"window.name = 'main'\" onClick=\"return popup(this, 'notes')\">Forgot Password</a><br>"; echo "<input type=\"text\" name=\"email\" size=\"17\" value=\"Email...\" style=\"color: #999999\" onfocus=\"if (this.value == 'Email...') {this.value=''; this.style.color='#000000'}\"> "; echo "<input type=\"password\" name=\"pword\" size=\"17\" value=\"Password...\" style=\"color: #999999\" onfocus=\"if (this.value == 'Password...') {this.value=''; this.style.color='#000000';}\"> "; echo "<input type=\"submit\" name=\"submit\" value=\"Submit\">"; echo "</form>"; } else { // If the form HAS been submitted $email = form($_POST['email']); $pword = md5($_POST['pword']); // Encrypts the password. $q = mysql_query("SELECT * FROM `signin` WHERE email = '$email' AND pword = '$pword'") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if (!$r) { // There is nothing in the db. The username/password do not match up. echo "<td width=\"108\" height=\"50\" align=\"left\" valign=\"middle\"> </td>"; echo "<td width=\"572\" height=\"50\" align=\"left\" valign=\"middle\">"; echo "<form name=\"form\" action=\"index.php\" method=\"POST\" style=\"margin-bottom:0;\">"; echo " <a href=\"signup.php\" class=\"bluelink\">Sign Me Up!</a> "; echo "<a href=\"pwordhelp.php\" class=\"bluelink\" onClick=\"return popup(this, 'notes')\">Forgot Password</a><br>"; echo "<font color=\"#FF0000\"><strong>Incorrect Email or Password.</strong></font> "; echo "<input type=\"text\" name=\"email\" size=\"17\" value=\"Email...\" style=\"color: #999999\" onfocus=\"if (this.value == 'Email...') {this.value=''; this.style.color='#000000'}\"> "; echo "<input type=\"password\" name=\"pword\" size=\"17\" value=\"Password...\" style=\"color: #999999\" onfocus=\"if (this.value == 'Password...') {this.value=''; this.style.color='#000000';}\"> "; echo "<input type=\"submit\" name=\"submit\" value=\"Submit\">"; echo "</form>"; } else { // If the username/password is valid $_SESSION['logged'] = 1; // Sets the session. $_SESSION['email'] = $email; header("Location: main.php"); // THIS IS LINE 118 exit(); // Stops the rest of the script. } } } ?> </td> <td height="50" width="160"> </td> </tr> </table> </div> <?php echo "<div align=\"center\">"; echo "<table width=\"1000\" height=\"395\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"; echo "<tr>"; echo "<td width=\"160\" align=\"center\" valign=\"top\">"; // Begin Column 1. include("left.inc.php"); // End Column 1. echo "</td>"; echo "<td width=\"680\" align=\"center\" valign=\"top\" style=\"background: #FFFFFF url('bottombg.png') bottom center no-repeat;\">"; // Begin Column 2. echo "<table width=\"650\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"; echo "<tr>"; echo" <td align=\"left\" valign=\"top\">"; echo "<p><img src=\"nothing.gif\" height=\"5\"><br><img src=\"silouhette.png\" height=\"215\" width=\"325\" align=\"right\"><img src=\"nothing.gif\" height=\"215\" width=\"10\" align=\"right\"><div align=\"justify\"><font size=\"+2\"> <br>Welcome students! Now you can contact the teachers and staff members of your school easily, safely, and TOTALLY ANONYMOUSLY! Just follow these directions:</font></div></p>"; echo "<p><font size=\"+1\">1. If you haven't already, <a href=\"signup.php\" class=\"bluelink\">sign up</a> for an account. We will never ask for your name,<br> all you need is an email address (get one free at <a href=\"http://www.google.com/mail\" class=\"bluelink\" target=\"_blank\">Google.com</a>).<br><img src=\"nothing.gif\" height=\"5\"><br></font>"; echo "** It is very important that your email address is correct because a notification will be sent to your email<br> when you receive a message from a staff member, otherwise you will NEVER be contacted by email.<br><img src=\"nothing.gif\" height=\"10\"><br>"; echo "<font size=\"+1\">2. Sign in to your account using your email address and password that you chose<br> when you signed up.<br><img src=\"nothing.gif\" height=\"10\"><br>"; echo "3. Once you are signed in, you will be able to send anonymous messages to staff<br> members, reply to staff members' messages, and play some cool games too!</p>"; echo "<p><div align=\"center\"><font size=\"+3\">Thank you for using CaresAbout.us!</font></p>"; echo "</td>"; echo "</tr>"; echo "</table>"; // End Column 2. echo "</td>"; echo "<td width=\"160\" align=\"center\" valign=\"top\">"; // Begin Column 3. include ("right.inc.php"); // End Column 3. echo "</td>"; echo "</tr>"; echo "</table>"; echo "</div>"; include("foot.inc.php"); ?> </body> </html> Here's the warning message that I'm getting: Warning: Cannot modify header information - headers already sent by (output started at /home/content/29/6879529/html/calhoun/index.php:11) in /home/content/29/6879529/html/calhoun/index.php on line 118 So I am trying to run my execute function from my database class from my email class. I have SMTP system to handle emails on the website. I am working on a function in the email class called addAccount. It is suppose to add a row in the database under the SMTP table. When I run the function, I get no parsing errors, so I add the or die to my query from the execute function, still nothing at all. So here is some code: -The addAccount function from Email.php: function addAccount($name, $email, $username, $password, $protocol, $port, $server){ //Error checking & cleaning vars. will be done in the application, not the backend. if(!empty($name) && !empty($email) && !empty($username) && !empty($password) && !empty($proctocol) && !empty($port) && !empty($server)){ $name = ucwords(strtolower($name)); $email = strtolower($email); $this->db->execute("INSERT INTO ".TBL_SMTP." (name, email, username, password, protocol, port, server) VALUES ('$name', $email', '$username', '$password' '$protocol', '$port', '$server')", true); return true; }else return false; } -The entire email class from Email.php <?php require_once("pear/Mail.php"); class Email{ var $from_name, $from_email, $to_name, $to_email, $subject, $body, $host, $port, $username, $password; private $db = NULL; function __construct(Database $db){ $this->db = $db; } function dbEmail($id, $name, $email, $subject, $body){ $q = $this->db->select(TBL_SMTP, "*", "id='".$id."'"); if($q->numRows() > 0){ $f = $q->fetchRow(); $this->from_name = $f['name']; $this->from_email = $f['email']; $this->username = $f['username']; $this->password = $f['password']; $this->host = $f['protocol']."://".$f['server']; $this->port = $f['port']; $this->to_name = $name; $this->to_email = $email; $this->subject = $subject; $this->body = $body; return sendEmail(); }else return false; } function sendEmail(){ $from = $this->from_name." <".$this->from_email.">"; $to = $this->to_name." <".$this->to_email.">"; $headers = array ('From' => $this->from, 'To' => $this->to, 'Subject' => $this->subject); $smtp = Mail::factory('smtp', array ( 'host' => $this->host, 'port' => $this->port, 'auth' => true, 'username' => $this->username, 'password' => $this->password)); $mail = $smtp->send($to, $headers, $this->body); if(PEAR::isError($mail)){ //echo($mail->getMessage()); //For debugging purposes only return false; }else return true; } function addAccount($name, $email, $username, $password, $protocol, $port, $server){ //Error checking & cleaning vars. will be done in the application, not the backend. if(!empty($name) && !empty($email) && !empty($username) && !empty($password) && !empty($proctocol) && !empty($port) && !empty($server)){ $name = ucwords(strtolower($name)); $email = strtolower($email); $this->db->execute("INSERT INTO ".TBL_SMTP." (name, email, username, password, protocol, port, server) VALUES ('$name', $email', '$username', '$password' '$protocol', '$port', '$server')", true); return true; }else return false; } } $email = new Email($db); ?> The entire database class from Database.php <?php class Database{ var $mysqli, $result, $q, $affectedRows; function __construct($host, $user, $pass, $db){ $this->mysqli = new MySQLi($host, $user, $pass, $db); } function execute($query, $error = false, $mode = MYSQLI_STORE_RESULT){ $this->q = $query; if(!$error) $result = $this->mysqli->query($query, $mode); else $result = $this->mysqli->query($query, $mode) or die($this->mysqli->error); if(is_object($result) && $result instanceof MySQLi_Result){//if result is a object and is part of the mysqli class? $this->result = $result; $this->affectedRows = $this->result->num_rows; }else $this->affectedRows = $this->mysqli->affected_rows; return $this; } function fetchRow($mode = MYSQLI_ASSOC){ return $this->result->fetch_assoc($mode); } function fetchAll($mode = MYSQLI_ASSOC){ $row = $this->result->fetch_all($mode); return !empty($row) ? $row : array();//if not empty return row, else return an array? } function numRows(){ return $this->affectedRows; } function delete($table, $where){ return $this->execute("DELETE FROM ".$table." WHERE ".$where); } function deleteAll($table){ return $this->execute("TRUNCATE ".$table); } function update($table, $set, $where){ return $this->execute("UPDATE ".$table." SET ".$set." WHERE ".$where); } function select($table, $select = "*", $where = NULL){ if(is_null($where)) $where = ""; return $this->execute("SELECT ".$select." FROM ".$table." ".$where); } } $db = new Database(DB_HOST, DB_USER, DB_PASS, DB_DB); ?> Chances are it is my email class since it was 100% written by me. The database class I had some help from a member here. What do you experts think? function garland_separate_terms($node_taxonomy) { if ($node_taxonomy) { //separating terms by vocabularies foreach ($node_taxonomy AS $term) { $links[$term->vid]['taxonomy_term_'. $term->tid] = array( 'title' => $term->name, 'href' => taxonomy_term_path($term), 'attributes' => array( 'rel' => 'tag', 'title' => strip_tags($term->description) ), ); } //theming terms out foreach ($links AS $key => $vid) { $terms[$key] = theme_links($vid); } } return $terms; } this is a function from someone, i couldn't know it very well,sincerely expect someone can explain it to me .thank you. first, the function put an array $node_taxonomy as the parameter. why he didn't declare this ($node_taxonomy = array() then in the foreach loop's statement, why there is no echo to output somethig.but the fact is giving a two-dimension array to $links[$term->vid]['taxonomy_term_'. $term->tid]. I'm having a little difficulty understanding this. I have my PHP script working fine on my webpage now, that querys mysql and echoes the result , but my goal is not to navigate to the page but to just get a return from it via call from my application (http post maybe?) So my hope is that someone can explain this in terms I can understand. I need to pass variables to the php code so it only checks a given row in a table. Example. SELECT code FROM mytable WHERE user = $variable // this needs to be passed to the code, but not via a form on the page. Most grateful for any explanaitions. Hi All, I'm trying to understand the following code. I tried to display the field 'eligible' (an added field to a mysql table) for user input, but I keep getting an Invalid Type error at getFieldHTML('eligible'). Other fields are displayed correctly using the same syntax. Is getFieldHtml a class, etc? I'm sort of new to php..but I'm a quick learner...Thanks for any help! Chris <div class="form-container"> <?php echo $form->getFormOpenHTML(); ?> <fieldset class="hidden"> <ol> <li>Are you eligible?<?php echo $form->getFieldHTML('eligible'); ?></li> Hi: I was reading a tutorial about making password protected pages and how to make the more secure by using MD5 to encrypt (I think) the password. But. I'm not sure if I don't understand the concept of what it does, or maybe 'm using it wrong. This is the code I am using: Database Table: Code: [Select] CREATE TABLE `myAdmins` ( `id` int(4) NOT NULL auto_increment, `myUserName` varchar(65) NOT NULL default '', `myPassword` varchar(65) NOT NULL default '', PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; INSERT INTO myAdmins VALUES("1","abc", "123"); I was told in the tutorial to develop something like this (I think I'm doing it wrong): Code: [Select] CREATE TABLE `myAdmins` ( `id` int(4) NOT NULL auto_increment, `myUserName` varchar(65) NOT NULL default '', `myPassword` varchar(65) NOT NULL default '', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; INSERT INTO `myAdmins` VALUES(1, 'abc', md5('123')); My Login.php page: Code: [Select] <?php include('../include/myConn.php'); session_start(); session_destroy(); $message=""; $Login=$_POST['Login']; if($Login){ $myUserName=$_POST['myUserName']; //$md5_myPassword=md5($_POST['myPassword']); // Encrypt password with md5() function. $myPassword=$_POST['myPassword']; //$result=mysql_query("select * from myAdmins where myUserName='$myUserName' and myPassword='$md5_myPassword'"); $result=mysql_query("select * from myAdmins where myUserName='$myUserName' and myPassword='$myPassword'"); if(mysql_num_rows($result)!='0'){ session_register("myUserName"); header("location:a_Home.php"); exit; }else{ $message="<div class=\"myAdminLoginError\">Incorrect Username or Password</div>"; } } ?> <html> ... </head> <form id="form1" name="form1" method="post" action="<? echo $PHP_SELF; ?>"> <? echo $message; ?> User Name: <input name="myUserName" type="text" id="myUserName" size="40" /> <br /><br /> Password: <input name="myPassword" type="password" id="myPassword" size="40" /> <input name="Login" type="submit" id="Login" value="Login" /> </form> ... </html> Protected Page: Code: [Select] <? session_start(); if(!session_is_registered("myUserName")){ header("location:Login.php"); }?> <html> ... ... </html> I know I need to uncomment the 2 lines of code in Login.php and remove the 2 that I'm currently using, and use the Database Table that has the MD5 code, but whenever I do it will not let me login. The Login.php page (with the Database Table without the MD5 code) works fine. I just wanted to know if this is the right way to use MD5 to make logins even more secure, of if I am totally off on understanding it. Any help or code tweaks would be appreciated. Thanks! $a === $b if $a is equal to $b, and of the same type when would you ever need to use this operator? I mean if its not == then its going to be false so why even test if its the same type. and if it is == then in theory it has to be the same type so why test it? Am i completely over looking something? |
|||||||