|
PHP - Simple Grab Ip Address And Put It Into Database Help
shouldnt this add a ip address into my data base on row "login_ip"?
does putting that = sign between the two saying for it to add it? I appreciate if anyone can help me with this Code: [Select] if(empty($row['login_ip'])){ $row['login_ip'] = $_SERVER['REMOTE_ADDR'];} Similar TutorialsI have the following code ($c2 is my connection variable): Code: [Select] $host = $_GET['host']; $loginQuery = mysql_query("SELECT * FROM sessions WHERE hostname LIKE '". $host ."' ORDER BY id DESC", $c2) or print(mysql_error()); In the URL, someone were to put host=127.0.0.1', they would have an error message spit out to them (something along the lines of: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''127.0.0.1'' ORDER BY id DESC' at line 1), indicating a SQL Injection exploit. How would I go about fixing this, and also preventing SQL Injection? Thanks a bunch, Mark I've been doing some research and I was wondering what the best way is to store IP addresses in a MySQL database, and what would be the field type and length? I've seen that you can use the inet_aton() function but supposedly this doesn't support IPv4. So is there a workaround using these functions? Alternatively, if I was to just store the IP address as it is, what type of field and length would I be looking at? I've read somewhere that 45 is the max? Hi folks, I just found this group and joined up! I have encountered a problem that I am not sure how to resolve, and I hope someone can assist. I run this query against my MySQL database: mysql_select_db($database_commdb, $commdb); $query_rsEmailAddress = "SELECT admin_email FROM tbl_admins WHERE admin_id = 1"; $rsEmailAddress = mysql_query($query_rsEmailAddress, $commdb) or die(mysql_error()); $row_rsEmailAddress = mysql_fetch_assoc($rsEmailAddress); $totalRows_rsEmailAddress = mysql_num_rows($rsEmailAddress); ...and want to use the result to populate the "mail to" field for my response form. (I'm doing this to avoid having my email address posted in a page to be skimmed.) I presently use this: $to = rsEmailAddress['admin_email']; I do some empty fields checking before submitting the form. However, when I click on submit, my form, tells me I have empty fields and will not process when there are NO empty fields. HOWEVER, if I hard-code my email address in the variable "$to" all is well, the form processes correctly, I get the email, etc... So I suspect the problem lies somewhere in the way I have constructed the $to variable. I have scratched my head till I am going bald(er) and my scalp is bleeding!!! HELP!! Please!! So this is the code prior to trying to add a hyperlink echo "<p>Name: " . $item["first_name"] . " " . $item["last_name"] . "<br> Email: " . $item ["email"] . "</p>"; I thought that putting the <a href around the $item['email'] would make the email address a hyperlink but it does not ... it skips the email addresses completely and hyperlinks the names because all fields are $item. echo "<p>Name: " . $item["first_name"] . " " . $item["last_name"] . "<br> Email: " . "<a href=\"mailto: {$item ["email"]} \">" . "</p>"; Thank you for any assistance. I am having trouble figuring out the right keywords to search for this, but what would I need to research if I want a user to send an email to a specific address (i.e. support@domain.com) and to have it create a new MySQL database entry, sort of like a help desk would generate? This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=359217.0 I have an HTML form that I have a "select" drop-down menu that is selecting the name of the person you should send to. The names are being pulled from the Database, and here is what that code for the drop-down in the form looks like: <?php echo '<select name= "First_Name" , "Last_Name">'; while( $array = mysql_fetch_assoc($result) ) { $text_for_select = $array["First_Name"] . " " . $array["Last_Name"]. " " . $array["District"]; $value_for_select = $array["First_Name"] . " " . $array["Last_Name"] . "_" . $array["id"]; echo "<option></option>\n"; echo "<option value=\"$value_for_select\">$text_for_select</option>\n"; } echo '</select>';?> This works perfectly. However, what I want it to do is send the form to the email address of the person that is selected in the drop-down. The email address' are already entered in each record of the database in a field called "Email". I am using the $value_for_select variable to pull the id of the record, but I am unsure how to then tell the form to send to the email address of that record? Anybody know a way that this can be done? Here is the code of the for that should be sent: <?php if($_POST){ $to = $email; $subject = "WHAT SHOULD THIS BE"; $message = "Date: $date\n\r". "Dear $First_Name, $Last_Name,\n\r". "Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah.Blah Blah BLah..\n\r". "Sincerely,\n". "$name \n". "$street \n". "$city, $zip \n". "$email \\n". $headers = "From: $email"; mail($to, $subject, $message, $headers); // SUCCESS! echo '<p class="notice">'. 'Thank you for your submission. '. '</p>'; // clear out the variables for good-housekeeping unset($date,$legislator,$bill,$name,$street,$city,$zip,$email); $_POST = array(); } ?> Please help! I have a form with PHP validation and also a mysqli query checking for duplicates in the database for mailing address and email address in mysql.
It works fine but the customers are adding spaces in the mailing address for example 111 mailing address A V E, 1 1 1 ma iling address A V E etc. and my sql query doesn't see that as an address that's a duplicate.
Their alslo adding email address like my@emailaddress.com and m.y@emailaddress.com, m.y.2@emailaddress.com etc to bypass that comparision also.
Is there anyway to stop this from happening?
Hi guys, I want to create a simple database and use PHP to output the database to certain positions on a HTML page. I am basically trying to recreate this: http://bit.ly/dX4byI I want to have a form where the event info is selected from drop down box such as: Venue and Date then the the rest of the form data (event name, artists, opening times) will go into the right box depending on this. Does anyone have any pointers? Am I even going about this the right way?! I have 2 tables and am trying to conduct an SQL query. I simply need to know how to use a JOIN when two fields in each table are needed to match the records up. I would rather not create another field in each table. I have put my query below which would work other than for what is obviously not possible ("ON xyz=xyz && abc=abc" etc.) Table 1 "Employees" employeeDept / deptEmployeeRef / name / wage A / 2 / Dave Smith / 2000 B / 2 / Robert Brown / 2500 Table 2 "Deductions" monthNo / employeeDept / deptEmployeeRef / deduction 32 / B / 2 / 300 32 / C / 2 / 300 32 / A / 3 / 300 33 / B / 2 / 500 Each department has employees starting from number 1 so two fields are needed in each table to match the records up. SELECT t1.name, (t1.wage - t2.deduction) FROM $tableName1 AS t1 LEFT JOIN $tableName2 AS t2 ON t1.employeeDept=t2.employeeDept && t1.deptEmployeeRef=t2.deptEmployeeRef WHERE t2.monthNo = '32' So this should return: Dave Smith 2000 Robert Brown 2200 i have enters some data using form which submit data in sql table1 like this, Fields name in table -->> id First name Lastname Date data saved -->> 1 user 1 2011-05-10 2 user 2 2011-05-11 3 user 3 2011-05-12 now i dont want to duplicate date in database let say while inserting data using form, Firstname : ____________ Lasename : ____________ Date : ____________ (i dont want this date to b save if the date alredy exist in database, it should prompt user "Date already exist and to edit click here (this will be the link to that date which is already exist so that we can edit) " ) SAVE i user files , form.php , insert.php(so insert values in database) , so tell me what function should i use to solve my problem.... Hey, I'm trying to work out how I can have a simple script that will work like this: Page 1 - Heading, Paragraph, Image read from database. Page 2 - Has text boxes allowing you to change heading, paragraph and image (url) with each edit using a different text box. (Admin panel) The database connection would be in a separate file. So far I've got the database connection sorted. Code: [Select] <?php //Database Information $dbtype = "mysql"; $db_host = "localhost"; $db_user = ""; $db_pass = ""; $db_name = ""; $db_port = ""; $db_table_prefix = "userCake_"; ?> At the top of each of the other pages this is what I've got. Code: [Select] <?php require_once("models/config.php"); ?> Let's say I give each bit stored in the database a page ID and an object ID. If the page selected is index.php how can we give it a page ID of 1 and give then include all the separate 'objects' throughout the page? Hopefully this makes sense? Cheers, Jack I am trying to do something that a hell of a lot of people must need to do every day, yet despite this I can not find a single example online, or in books, which makes absolutely no sense! Anyway, hopefully it will be blindingly obvious to someone what I'm doing wrong, I really hope so as I can't figure it out... I have a mysl table as follows: tblvenue venue_id PRIMARY KEY (int) venue_name (varchar 50) station_id (int) I have a php/html page as follows: <html> <head> <title>Update & Delete Venues</title> </head> <body marginheight="0" topmargin="0" marginwidth="0" leftmargin="0" style="margin:0;padding:0" bgcolor="#B0E0E6"> <h1></h1> <form action="venue4.php" method="post"> <table border="1" style="border:solid black" cellpadding="0" cellspacing="0" width="100%"> <tr> <td align="center" width="33%">Action</td> <td align="center" width="33%">Venue Name</td> <td align="center" width="33%">Station Name</td> </tr> <?php $station_name=$_POST['station_name']; @ $db = new mysqli('XXX', 'XXX', 'XXX', 'XXX'); $query = "call sp_venue()"; $result = $db->query($query); $num_results = $result->num_rows; function db_result_to_array($result){ //--------------------------------------------------------------------- $res_array = array(); for ($count=0; $row = $result->fetch_assoc(); $count++) { $res_array[$count]=$row; } return $res_array; } //--------------------------------------------------------------------- function get_dataset($server, $user, $password, $database, $query7) { //--------------------------------------------------------------------- $db1 = new mysqli($server, $user, $password, $database); $query1 = $query7; $result1 = $db1->query($query1); $num_results = $result1->num_rows; $result8 = db_result_to_array($result1); return $result8;} //--------------------------------------------------------------------- echo "<tr>"; echo "<td>"; echo "<table width='100%'><td width='33%' align='center'><input type='submit' id='btnupdate' name='btnupdate' value='Update & Delete' ></td>"; echo "<td width='33%' align='center'><input type='submit' name='btncancel'id='btncancel' value='Cancel Updates' ></td>"; echo "<td width='33%' align='center'><input type='submit' value='Add New Venue' name='btnadd'></td></table>"; echo "</td>"; echo "<td><input type='text' name='tbvenue_name'/></td>"; echo "<td>"; ?> <select name="stat_id"> <?php $stat_array=get_dataset('XXX', 'XXX', 'XXX', 'XXX',"call sp_station"); foreach ($stat_array as $thisstat){ echo "<option value=\"".$thisstat['station_id']."\""; echo ">".$thisstat['station_name']."</option>"; } ?> </select> <?php echo "</td>"; echo "</tr>"; echo "<tr>"; while($row = $result->fetch_assoc()) { echo "<td width='33%'>Delete:<input type='Checkbox' id='cbdelete[]' name='cbdelete[]' value='".$row['venue_id']; echo "'>Update:<input type='Checkbox' id='value' name='cbupdate[]' value='".$row['venue_id']."'><input type='hidden' name='venue_id[]' value='".$row['venue_id']."'></td>"; echo "<td width='33%'><input type='Textbox' width='100%' name='venue_names' value='" .$row['venue_name']. "'></td>"; echo "<td width='33%'>" ; echo "<select name='station_id[]' width='100%'>"; $stat_array=get_dataset('localhost', 'root', 'snooker1', 'pool',"call sp_station"); foreach ($stat_array as $thiscat) { echo '<option value="' . $thiscat['station_id'] . '"'; if ($row['station_id'] == $thiscat['station_id']) {echo ' selected';} echo '>' . $thiscat['station_name'] . '</option>'; } echo "</td>"; echo "</tr>"; } echo "</table>"; ?> </form> </body> </html> This displays correctly and when checking the appropriate checkbox and clicking the script venue4.php is run: <?php //Connects to the database $db = new mysqli('XXX', 'XXX', 'XXX', 'XXX'); //Checks to see if the update button has been clicked if (isset($_POST['btnupdate'])) { //Assigns checkbox array to variable $aDel = $_POST['cbdelete']; $aVal = $_POST['cbupdate']; //Loops through rows to delete selected records foreach($_POST['cbdelete'] as $delete11) { //Deletes record $query = "delete from tblvenue where venue_id =".$delete11; $result = $db->query($query); $num_results = $result->num_rows; } //Loops through rows to delete selected records foreach($_POST['cbupdate'] as $update11) { //Gets variable //$Venue = $_POST['venue_names']; //Updates record $query = "update tblvenue set venue_name=".$venue." where venue_id =".$update11; $result = $db->query($query); $num_results = $result->num_rows; } //Checks to see if Add button was clicked } elseif (isset($_POST['btnadd'])) { //Looks for Venue Name & Station Name $tbvenue_name=$_POST['tbvenue_name']; $tbstat_id=$_POST['stat_id']; //Formats variables if(!get_magic_quotes_gpc()) { $tbvenue_name = addslashes($tbvenue_name); $tbstat_id = addslashes($tbstat_id); } //Inserts new record $query = "call sp_insert_venue('".$tbvenue_name."',".$tbstat_id.")"; $result = $db->query($query); } elseif (isset($_POST['btnedit'])) { switch($page) { default: include("venue2.php"); break; } } else { //If cancel button is clicked, goes straight to switch code below } //Closes database connection $db->close(); //Goes back to Venue page switch($page) { default: include("venue.php"); break; } echo var_dump($aval); print_r($aVal); //$test = $_POST['cbupdate']; ?> Deleting records works fine. Inserting records works fine. If I hard code the data (ie. set venue_name = 'blah blah blah') for updates, I can get the relevant row id from cbupdate and update the row in question. However I can not get the data from venue2.php (typed into a textbox on the row in question) and submit this to the database to be updated. This scenario must come up for zillions of developers, but so far no-one has been able to help. Please can anyone assist... This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=314391.0 I cant figure out why im having this problem. i stuck this at the top of my page on its own and it wont update the row to read Code: [Select] <?php mysql_query("UPDATE pm SET read= 'read' WHERE pm_id = '".mysql_real_escape_string($_GET['pm_id'])."'"); ?> I echo $_GET['pm_id']; and that turn out correct and the number matches the pm_id on the row. everything is lowercase I typed read manually into the column and echo that and it showed read also I have this same exact line of code on another script that works fine. does someone see something im over looking? this is driving me crazy http://localhost/stargate/users/view.php?pm_id=1376672&inbox=2 Code: [Select] <?php require("menu.php"); ?> <html> <body> <?php mysql_query("UPDATE pm SET read= 'read' WHERE pm_id = '".mysql_real_escape_string($_GET['pm_id'])."'"); ?> </body> </html> First time poster, and very amateur php coder. I am trying to delete items that in a list using ajax. I can't figure out what I am doing wrong. Any help would be greatly appreciated!
Here is a snippet of my javascript...
$('.delete-item').click(function() {
var itemID = $(this).data('itemID');
var clear = 1;
$.ajax({
url: 'includes/delete-item.php',
method: 'POST',
data: {
itemid:itemID,
clear:1
},
success: function(data) {
$('.content').load('includes/lists.php')
}
})
})
and here is the relevant php... $item = $_POST['itemid']; $clear = $_POST['clear']; $clearSQL = "DELETE FROM `List_Items` WHERE `item_ID` = $item"; $cleared = mysqli_query($connect, $clearSQL); ugh... I'm a total PHP nub and I'm having trouble with: Code: [Select] $search_by = $_POST['search_by']; $search = $_post['search']; $dbc = mysqli_connect('xx', 'artofwarsomerset', 'xx', 'artofwarsomerset') or die ('Error connecting to MySQL server'); $query = "SELECT * FROM players WHERE '$search_by' = '$search' "; $result = mysqli_query($dbc,$query) or die("Error: ".mysqli_error($dbc)); echo "<table><tr><td>Player</td><td>city</td><td>alliance</td><td>x</td><td>y</td><td>other</td><td>porters</td><td>conscripts</td><td>Spies</td><td>HBD</td><td>Minos</td><td>LBM</td><td>SSD</td><td>BD</td><td>AT</td><td>Giants</td><td>Mirrors</td><td>Fangs</td><td>ogres</td><td>banshee</td></tr>" ; while ($row = mysqli_fetch_array ($result)) { echo '<tr><td> $row['player'] </td>'; echo '<td> . $row['city']</td>'; echo '<td> . $row['alliance']</td>'; echo '<td> . $row['x']</td>'; echo '<td> . $row['y']</td>'; echo '<td> . $row['other']</td>'; echo '<td> . $row['porter']</td>'; echo '<td> . $row['cons']</td>'; echo '<td> . $row['spy']</td>'; echo '<td> . $row['hbd']</td>'; echo '<td> . $row['mino']</td>'; echo '<td> . $row['lbm']</td>'; echo '<td> . $row['ssd']</td>'; echo '<td> . $row['bd']</td>'; echo '<td> . $row['at']</td>'; echo '<td> . $row['giant']</td>'; echo '<td> . $row['fm']</td>'; echo '<td> . $row['ft']</td>'; echo '<td> . $row['ogre']</td>'; echo '<td> . $row['banshee']</td></tr></table>'; } ?> Error shows up on line 35 but I'm not sure what I've done... Also, the xx's on my dbc statement were on purpose. Current error is: Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/content/64/4940664/html/artofwar/browse.php on line 35, I can't figure out where the hell it wants a ;... Hi All, I am using the PHP Simple HTML DOM parser to connect to a financials website, parse out a companies financial information (Income statement in this case) and then insert the scrapped data into a mysql database that I can then later use to run automated calculations. Here is the code I have so far: Code: [Select] <?php include_once 'simple_html_dom.php'; //Connect to financial Website and Create DOM from URL $income_statement = file_get_html('http://www.WEBSITE.com/finance?etc..etc...etc...etc...'); //PULL FINANCIAL DATA foreach($income_statement->find('td[class]' ) as $lines=>$data) { echo $data->plaintext . "<br/>"; } // clean up memory $html->clear(); unset($html); ?> So far I am able to get output that looks like this: Code: [Select] Revenue 336.57 331.52 324.32 319.29 320.40 Other Revenue, Total - - - - - Total Revenue 336.57 331.52 324.32 319.29 320.40 etc............................. But being a newb I do not understand how I can break each $ value and each - into their own variables and then insert them to their corresponding mysql table fields. During the database insert I would like to ignore field headings from insertion (i.e Revenue, Total Revenue, etc.... Any help would be absolutely amazing, as I have been reading, scripting and searching for information like crazy, but just can't seem to figure it out. I am just new to relational algebra probably a pre-step before learning SQL queries. Can you help me make the expressions of relational algebra expression for each of the following queries. This is the table contained inside a bus driver database.
driver ( driver_id, driver_name, age, rating ); bus ( bus_id, bus_name, color); reserves ( driver_id, bus_id, date);a. Find the names of drivers who have reserved at least three busses. b. Find the names of drivers who have reserved all busses. c. Find the names of drivers who have reserved all busses called Shuttle. d. Find the IDs of drivers whose rating is better than some driver called Paul. I would be grateful if somebody can help me here. Ok, so basically I have every column in the link below to work right and have the data for each column displayed....except for "Person" column. http://trigamer.com/forums/newest.php?fid=1 If you check there, you can see the posts, but not the poster. I'm thinking the 7th line from the bottom is the issue? Below is the PHP code for that section: Code: [Select] <!-- list threads--> <?php if($threads) {?> <tbody> <?php while($thread = mysql_fetch_array($threads) ){ #get last user to post $last_user = fetch("SELECT user FROM posts WHERE tid = ".$thread["tid"]." ORDER BY dateline DESC LIMIT 1"); if(!$last_user) $last_user = array(); ?> <tr bgcolor="#202025"> <td class="threadIcon"><img src="/images/posticon.png" /></td> <td class="threadTitle"><a href="replythread.php?tid=<?php echo $thread["tid"];?>"><?php echo $thread["title"];?></a></td> <td class="threadReplies"><font color=white><?php echo $thread["replies"];?></font></td> <td><font color=white><?php echo $last_user[0];?></font></td> <td><font color=white><?php echo date("m-d-Y",$thread["dateline"]);?></font></td> </tr> <?php } ?> </tbody> <?php }?> <!-- //end list threads--> |
|||||||