|
PHP - Verify Date Exists
I am making a secure registration for my website and looking for a function that will verify with a user inputted date exists.
From my registration html form I am putting a month, day and year , each inputted separately into a single variable: Code: [Select] $bday = $year . "-" . $month . "-" . $day; My birthday input looks like: Code: [Select] <div class=\"Container FormBoxLeft\"> <b>Birthdate:</b> </div> <div class=\"Container FormBoxRight\"> <select name=\"month\"><option value=\"\">-Month-</option> <option value=\"01\">January</option> <option value=\"02\">February</option> <option value=\"03\">March</option> <option value=\"04\">April</option> <option value=\"05\">May</option> <option value=\"06\">June</option> <option value=\"07\">July</option> <option value=\"08\">August</option> <option value=\"09\">September</option> <option value=\"10\">October</option> <option value=\"11\">November</option> <option value=\"12\">December</option> </select> <select name=\"day\"> <option value=\"\"> -Day-</option>'; //Print 31 Days "; for ($x=1; $x<=31; $x++) { echo "<option value='".$x."'"; if(isset($_POST['submit']) && $day == $x) { echo " selected"; } echo ">".$x."</option>\n"; } echo "</select> <input name=\"year\" size=\"2\" maxlength=\"4\" type=\"text\"> So.. What I am asking is.. is there a secure way to check if the date the user inputted exists, or is there a better way to make the form more secure from that part. Upon finding the users birthdate I am also wanting to check if the user is a certain age. Similar TutorialsHi, suppose I want to write a PHP script that checks whether a valid email address exists or not. There are a number of GUI-based tools to verify this, but is there any command line tool to do the same so that I can use PHP to capture the output? Hi, I have created some code that picks a winning lottery ticket number based on the New York "Take 5" lottery. It uses the winning number (as an offically generated random number that i cannot cheat with) as a seed for the rand() function. This way it will always give the same result for that particular seed making it 100% transparent and that i cannot manipulate the results (without changing the code which will be published). The code is: Code: [Select] <?php if (isset($_POST['submit'])){ $seed = $_POST['take5numbers']; $ticketssold = $_POST['tickets']; srand ($seed*13579); $random_number = rand(1,$ticketssold); echo "Winning ticket is $random_number"; }else{ ?> <form name="form1" method="post" action="result.php"> "Take 5" numbers from low to high (including leading 0's) <input type="text" name="take5numbers" id="end" size="20" /><br> Total tickets sold for round <input type="text" name="tickets" id="end" size="20" /><br> <input type="submit" name="submit" id="submit" value="Get Winning Ticket Number!"> </form> <? } ?> Can someone please tell me if the code is generating fair and unbias results? I need to verify a submitted value with one I have in an array. Example... <input type="hidden" name="page" id="fb_page" value="<?php echo htmlentities(substr($_SERVER['SCRIPT_NAME'], 1)); ?>" /> $pages = array( '1' => 'One', '2' => 'Two', '3' => 'Three', '4' => 'Four' ); I need to say if the value == 'One' then echo 1. Keep mind that the array is in an external file. The post is in the footer and the echoed data is in another file. Essentially I am posting '1' to the database and then I want 'One' echoed out if it matches the value in the array. Hi all, I'm trying to add a section where it verifies that the email address is active in my register code. My code below is it checking the dnsrr, and if it is not real, I have it die and an error message appears. However, I am getting the error message all the time, whether I am sure the email is working or not. First I declared my email variable ($email), and then after the code below I of course insert the new data in to the database. I'm doing this over my localhost, so is that why it can't verify emails? Or am I setting this up wrong? Code: [Select] <?php $email = trim($_POST['email']); if (False !== strpos($email, '@')) die("Please type in an email address.<br><br><a href=register.php>Continue</a>"); if(!@checkdnsrr($mailDomain,'MX')) die("Not real email address. Please try again.<br><br> <a href=register.php>Continue</a>"); ?> Hello, I made an login script, it works but i want to be sure if its secure to use in everyday use, here is the script: <?php session_start(); require_once('include/config.inc.php'); require_once('include/functions.php'); function clean($str, $encode_ent = false) { $str = @trim($str); if ($encode_ent) { $str = htmlentities($str); } if (version_compare(phpversion(),'4.3.0') >= 0) { if (get_magic_quotes_gpc()) { $str = stripslashes($str); } if (@mysql_ping()) { $str = mysql_real_escape_string($str); } else { $str = addslashes($str); } } else { if (!get_magic_quotes_gpc()) { $str = addslashes($str); } } return $str; } if (isset($_POST['submit'])) { if ($_POST['code'] == $_SESSION['rand_code']) { //Sanitize the POST values $username = clean($_POST['username']); $password = clean($_POST['password']); $ip = clean($_SERVER['REMOTE_ADDR']); $query="SELECT * FROM user WHERE username='$username' AND password='".md5($_POST['password'])."'"; $result=mysql_query($query); //Check whether the query was successful or not if ($result) { if (mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $user = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $user['username']; session_write_close(); $query_login_ok = "INSERT INTO logs (`username`, `password`, `result`, `ip`) VALUES ('$username', '$password', 'SUCCESS', '$ip');"; $result_query_login_ok = mysql_query($query_login_ok) or die('MYSQL ERROR'); header("location: pmt.php"); exit(); } else { //Login failed $query_login_fail = "INSERT INTO logs (`username`, `password`, `result`, `ip`) VALUES ('$username', '$password', 'FAILED', '$ip');"; $result_query_login_fail = mysql_query($query_login_fail) or die('MYSQL ERROR'); header("location: index.php"); exit(); } } else { die("ERROR"); } } } ?> <form id="login" name="login" method="post" action=""> <table width="300" border="0" align="center" cellpadding="2" cellspacing="0"> <tr> <td width="112"><b>Username</b></td> <td width="188"><input name="username" type="text" class="textfield" id="username" value="admin" /></td> </tr> <tr> <td><b>Password</b></td> <td><input name="password" type="password" class="textfield" id="password" value="qazwsx" /></td> </tr> <img src="include/captcha.php"/> <tr> <td><b>Code</b></td> <td><input type="text" name="code" /></td> </tr> <tr> <td> </td> <td><input type="submit" name="submit" value="Login" /></td> </tr> </table> </form> function isValidEmail($email){ return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email); } How do I incorporate the code above into my code?? Code: [Select] <?php error_reporting(E_ALL ^ E_NOTICE); ?> <?php // make sure the form has actually been submitted . . . if( strtolower($_SERVER['REQUEST_METHOD']) === 'post' ) { // 1. Create a database connection $connection = mysql_connect("localhost", "root", "maven777"); if(!$connection){ die("Database connection failed: " .mysql_error()); } // 2. Select a database to use $db_select = mysql_select_db("homesloans", $connection); if(!$db_select){ die("Database selection failed: " .mysql_error()); } $radius = ($_POST['radius']); $type = ($_POST['type']); $price = ($_POST['price']); $bedrooms = ($_POST['bedrooms']); $bathrooms = ($_POST['bathrooms']); $parking = ($_POST['parking']); $city = ($_POST['city']); $details = ($_POST['details']); $firstname = ($_POST['firstname']); $lastname = ($_POST['lastname']); $email = ($_POST['email']); $phone = ($_POST['phone']); $query="INSERT INTO leads (leadid, city, radius, type, price, bedrooms, bathrooms, parking, details, firstname, lastname, email, phone) VALUES('NULL', '[$city]', '[$radius]', '[$type]', '[$price]', '[$bedrooms]', '[$bathrooms]', '[$parking]', '[$details]', '[$firstname]', '[$lastname]', '[$email]', '[$phone]')"; mysql_query($query) or die ('Error updating database'); echo "Database Successfully Updated."; // not necessarily. The only way to know for sure is to check that mysql_affected_rows() > 0 } ?> Hey, I'm using a script which allows you to click on a calendar to select the date to submit to the database. The date is submitted like this: 2014-02-08 Is there a really simple way to prevent rows showing if the date is in the past? Something like this: if($currentdate < 2014-02-08 || $currentdate == 2014-02-08) { } Thanks very much, Jack Hi community,i creating a simple website and description i analyzed my code about 3days...2hours a day. if i get the point in my head.then its say Website url is in use..but not..ok maybe i give the code below. so if you can explain whats wrong.thanks Code: [Select] <?php include_once ('connect.php'); $url= mysql_real_escape_string($_POST['url']); $desc=mysql_real_escape_string($_POST['desc']); if ($id == "krauti") { if (empty($_POST['url']) && empty($_POST['desc'])) { die('<br><center>Both Empty!.<center/><br/>'); } if (empty($_POST['url'])) { die('<br><center>URL Empty!.<center/>'); } if (empty($_POST['desc'])) { die('<br><center>desc empty fill it!.<center/>'); } $url = htmlspecialchars( stripslashes( strip_tags($_POST['url'] ) ) ); $aprasymas = htmlspecialchars( trim($_POST['desc'] ) ); $query = mysql_query("SELECT * FROM linkai WHERE url = '$url' AND 'desc' = '$desc'"); if( mysql_num_rows( $query ) == 1 ) { "INSERT INTO linkai ". "(id, url, desc) ". "VALUES('','$_POST[url]','$_POST[desc]')"; echo "Yes!."; } else if (mysql_num_rows($query) == 0 ){ echo "No!!"; } } ?> Can someone explain why this code: if (mysql_result($data,0,$SQLLargeName) = " "){ $LargeImage = "#"; } else { $LargeImage = mysql_result($data,0,$SQLLargeName); } Gives me this error? Fatal error: Can't use function return value in write context in /home/worldw44/public_html/SQL.php on line 38 And ways round it? Thanks. Hello. I'm new to pHp and I would like to know how to get my $date_posted to read as March 12, 2012, instead of 2012-12-03. Here is the code: Code: [Select] <?php $sql = " SELECT id, title, date_posted, summary FROM blog_posts ORDER BY date_posted ASC LIMIT 10 "; $result = mysql_query($sql); while($row = mysql_fetch_assoc($result)) { $id = $row['id']; $title = $row['title']; $date_posted = $row['date_posted']; $summary = $row['summary']; echo "<h3>$title</h3>\n"; echo "<p>$date_posted</p>\n"; echo "<p>$summary</p>\n"; echo "<p><a href=\"post.php?id=$id\" title=\"Read More\">Read More...</a></p>\n"; } ?> I have tried the date() function but it always updates with the current time & date so I'm a little confused on how I get this to work. I have tried a large number of "solutions" to this but everytime I use them I see 0000-00-00 in my date field instead of the date even though I echoed and can see that the date looks correct. Here's where I'm at: I have a drop down for the month (1-12) and date fields (1-31) as well as a text input field for the year. Using the POST array, I have combined them into the xxxx-xx-xx format that I am using in my field as a date field in mysql. <code> $date_value =$_POST['year'].'-'.$_POST['month'].'-'.$_POST['day']; echo $date_value; </code> This outputs 2012-5-7 in my test echo but 0000-00-00 in the database. I have tried unsuccessfully to use in a numberof suggested versions of: strtotime() mktime Any help would be extremely appreciated. I am aware that I need to validate this data and insure that it is a valid date. That I'm okay with. I would like some help on getting it into the database. Alright, I have a Datetime field in my database which I'm trying to store information in. Here is my code to get my Datetime, however it's returning to me the wrong date. It's returning: 1969-12-31 19:00:00 $mysqldate = date( 'Y-m-d H:i:s', $phpdate ); $phpdate = strtotime( $mysqldate ); echo $mysqldate; Is there something wrong with it?
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
function popUp(URL,URL2) {
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL,'" + id + "', 'toolbar=0,scrollbars=1,location=0,top=10,left=10,statusbar=0,menubar=0,resizable=0,width=408,height=400');");
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL2,'" + id + "', 'toolbar=0,scrollbars=1,location=0,top=10,left=450,statusbar=0,menubar=0,resizable=0,width=408,height=400');");
}
// End -->
</script>
I have a map which shows sales people by location and if more then one sales person exists then I would need 2 pop up windows.
This works great other than the fact that the areas with one sales person are getting a blank 2nd popup as a second salesperson does not exist.
Any help would be appreciated.
Thanks In Advance
Edited by phpbeginner, 27 June 2014 - 05:52 AM. Maybe I am over thinking this, but I would like to see if their is another value after the current value without moving the internal array pointer. What can I do? My error below returns (echos) that there is no data under the table sites to display. But, there is. Why is it doing this? class_l.php <?php class displaySites { function grabSites() { $query = mysql_query("SELECT title,description,votes,dates,comments,out,in FROM sites ORDER BY id DESC LIMIT 100"); if(mysql_num_rows($query) > 0) { while($fetch = mysql_fetch_assoc($query)) { echo " <div id='post-1' class='post'> <h2 class='title'><a href='#'>". $fetch['title'] ."</a></h2> <h3 class='date'>Submitted on ". $fetch['date'] ."</h3> <div class='entry'> <p>". nl2br(stripslashes($fetch['description'])) ."</p> </div> <p class='meta'><a href='#'>View</a></p> <div class='hr'> </div> </div> "; } } else { echo " <div id='post-1' class='post'> <h2 class='title'><a href='#'>Oh NOEZ!</a></h2> <h3 class='date'>". date("M-d-Y") ."</h3> <div class='entry'> <p>There are currently no sites to display!</p> </div> <p class='meta'>View</p> <div class='hr'> <hr /> </div> </div> "; } } } class register { function createAccount() { $username = mysql_real_escape_string($_POST['username']); $password = md5(sha1(sha1($_POST['password']))); $name = mysql_real_escape_string($_POST['title']); $description = mysql_real_escape_string($_POST['description']); if(isset($username) && isset($password) && isset($name) && isset($description)) { if(!$username || !$password || !$name || !$description) { echo '<table border="0"><form action="register.php" method="POST"> <tr><td>Username</td><td><input type="text" name="username" maxlength="20"></td></tr> <tr><td>Password</td><td><input type="text" name="password" maxlength="30"></td></tr> <tr><td>Site Name</td><td><input type="text" name="title" maxlength="25"></td></tr> <tr><td>Site Description</td><td><textarea cols="40" rows="18" name="description" maxlength="750"></textarea></td></tr> <tr><td>Finish!</td><td><input type="submit"></td></tr> </form></table>'; } else { $query = mysql_query("SELECT * FROM sites WHERE username = '$username' LIMIT 1"); if(mysql_num_rows($query) > 0) { echo "Sorry, an account with this username already exists."; } else { $date = date("M-d-Y"); $ip = $_SERVER['REMOTE_ADDR']; //create their account mysql_query("INSERT INTO sites VALUES (null, '$username', '$password', '$name', '$description', 0, 0, 0, '$date', '$ip', 0)"); echo "You have successfully registered your site on NovaTops! <a href='login.php'>Login</a>"; } } } else { echo "One or more of the variables are not set."; } } } class login { function verifyLogin() { $username = mysql_real_escape_string($_POST['username']); $password = md5(sha1(sha1($_POST['password']))); if(isset($username) && isset($password)) { if(!$username || !$password) { echo "<table><form action='login.php' method='POST'> <tr><td>Username</td><td><input type='text' name='username' maxlength='20'></td></tr> <tr><td>Password</td><td><input type='password' name='password' maxlength='30'></td></tr> <tr><td>Finished?</td><td><input type='submit'></td></tr> </form></table>"; } else { $query = mysql_query("SELECT * FROM sites WHERE username = '$username' AND password = '$password'LIMIT 1"); if(mysql_num_rows($query) > 0) { echo "Congratulations! You have successfully logged in! <a href='index.php'>Home</a>"; $_SESSION['user'] = $username; } else { echo "It seems you've typed in the wrong username and/or password. <a href='login.php'>Try Again</a>"; } } } else { echo "One or more of the variables aren't set."; } } } ?> index.php <?php include_once('includes/config.php'); include_once('class_l.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title><?php echo $title; ?></title> <meta name="keywords" content="" /> <meta name="description" content="" /> <link href="styles.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <div class="top_text"><h1><a href="#"><?php echo $site_name; ?></a></h1> <h2><a href="#"><?php echo $slogan; ?></a></h2></div> <div id="content"> <div id="blog"> <div id="post-1" class="post"> <h2 class="title"><a href="#">Welcome to NovaTops!</a></h2> <h3 class="date">Created on April 06, 2011</h3> <div class="entry"> <p>Hello there! If your viewing this message right now, your on the awesome site called NovaTops! NovaTops allows you to register your site in our database, and then the site's script automatically starts to rank your site. The higher your rank, the more likely your site's going to get a ton of views!</p> </div> <div class="hr"> <hr /> </div> </div> <!-- end #post-1 --> <?php $displaySites = new displaySites(); $displaySites->grabSites(); ?> </div> <!-- end #blog --> <?php include_once('includes/navigation.php'); ?> <!-- end #sidebar --> <div style="clear: both; height: 1px;"></div> </div> <!-- end #content --> <div id="footer"> <p>Copyright © 2011. Design by <a href="http://www.flashtemplatesdesign.com/" title="Free Flash Templates">Free Flash Templates</a></p> <p><a href="#">Privacy Policy</a> | <a href="#">Terms of Use</a> | <a href="http://validator.w3.org/check/referer" title="This page validates as XHTML 1.0 Transitional"><abbr title="eXtensible HyperText Markup Language">XHTML</abbr></a> | <a href="http://jigsaw.w3.org/css-validator/check/referer" title="This page validates as CSS"><abbr title="Cascading Style Sheets">CSS</abbr></a></p> </div> </div> <!-- end #wrapper --> </body> </html> I apologize in advance for any misuse of terminology. I find that I am rather ignorant in such things. I'm working on a WordPress theme. Specifically on the part that shows the "next: link-to-next-post" and "previous: link-to-prev-post" links. Here is the code that I have: Code: [Select] <?php $nextvar=next_post_link('%link'); $prevvar=previous_post_link('%link'); ?> <?php if (isset($nextvar)) { ?> <h3>Next</h3> <p><?php next_post_link('%link'); ?></p> <? } ?> <?php if (isset($prevvar)) { ?> <h3>Previous</h3> <p><?php previous_post_link('%link'); ?></p> <? } ?> The first part intends to check if the links exist. And this works fine. However, the only output I'm getting are the values of $nextvar and $prevvar. The headers are nonexistent. What's wrong? Any help is much appreciated, and I thank you in advance. Hi, I have a sign up form that generates a activation key and emails it to user and they cannot login until account has been activated etc. My problem is i am not sure how to in php generate a new activation key if the generated one has already been used. I know how to do the MySQL query to check if activation key already exists but not sure how to basically tell PHP that if the activation key already exists in DB then generate a new key until one is found that does not already exist. I gather i may need a loop but not sure. Could someone please help ? Like i say i know how to do the MySQL query just need some sample code to know how to do what i asked above. Thanks for anyhelp; Much Appreciated Hi all, I have the following mysql delete query that essentially deletes a row from two seperate tables "messages" and "messages2" where the id is equal to that in both of the tables. The problem I am getting (for obvious reasons) is that it will only delete from the table, if it indeed exists in both tables. Here is the query: Code: [Select] DELETE FROM messages,messages2 USING messages,messages2 WHERE messages.id = messages2.id AND messages.id = ?; How would I go about setting it so that the query always deletes from table "messages" and only deletes from "messages2" when a corresponding id exists? I think it would involve an IF EXISTS clause, but I am not sure on this, or indeed how to implement it. Thanks in advance guys Dan This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=328831.0 (continuing from topic title) So if I set a date of July 7 2011 into my script, hard coded in, I would like the current date to be checked against the hard coded date, and return true if the current date is within a week leading up to the hard coded date. How could I go about doing this easily? I've been researching dates in php but I can't seem to work out the best way to achieve what I'm after. Cheers Denno |
|||||||