|
PHP - Special Restriction Of Some Sort?
How do I make it so if I get the question right, I have access to view the next page?
For example, if I get this question right in index-1.php correct, it would take me to index-2.php (like in the script below), but if you don't get the question correct in index-1.php, you cannot have access/view index-2.php. Why I need this? Well, if you change the URL http://--------/index-1.php to http://--------/index-2.php, you can easily go from index-1.php to index-2.php without having to answer the question correctly. index-1.php: <?php if(isset($_POST['submit'])){ $number = $_POST['number']; if ($number == "elephant"){ header("Location: http://localhost/index-2.php"); exit();} } ?> <html> <head> <title>PHP Test</title> </head> <b>LEVEL 1</b> <body> <p> <font face="Courier New">c291cmNl</font> </p> <br/></body> </html> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> Answer: <!-- "elephant" --> <input type="text" name="number" /><br /> </select> <input name="submit" type="submit"> </form> Thanks Similar TutorialsHi All i am wanting a column list like this http://extensions.joomla.org/extensions basically the database is set up as (id, category, parent) I want the parent to group the category section and list like the the joomla example in three columns search various threads throughout the internet but none seem to cover this entirely can any one please help????? Hi, I want to restrict my registered user to see video only once per day... Can anyone guide me how can i do this with php??? Thanks hi once again, i got a form that uploads an image, checks formats and all that.. i need to add the filesize restriction. something like this: define ("max_size","20"); //<- 20kb size $size=filesize($_FILES['image']['tmp_name']) if ($size > max_size*1024){ echo "too big filesize"; } else { //...... } how do i put that code, into this code? : <?php $allowedfiletypes = array("jpeg","jpg","gif","png"); $uploadfolder = "uploads/" ; $thumbnailheight = 100; //in pixels $thumbnailfolder = $uploadfolder."thumbs/" ; $action = $_POST['action']; if ($action == "upload") { //echo "<p>Uploading image... " ; if(empty($_FILES['uploadimage']['name'])){ echo '<script type="text/javascript"> {alert("Pasirinkite faila");} </script>'; } else { $uploadfilename = $_FILES['uploadimage']['name']; $fileext = strtolower(substr($uploadfilename,strrpos($uploadfilename,".")+1)); if (!in_array($fileext,$allowedfiletypes)) { echo '<script type="text/javascript"> {alert("Blogas failo tipas");} </script>'; } else { $fulluploadfilename = $uploadfolder.$uploadfilename ; if (move_uploaded_file($_FILES['uploadimage']['tmp_name'], $fulluploadfilename)) { echo '<script type="text/javascript"> {alert("Failas irasytas");} </script>'; $im = imagecreatefromjpeg($fulluploadfilename); if (!$im) { echo '<script type="text/javascript"> {alert("Nepavyko sugeneruoti thumbnail");} </script>'; } else { $imw = imagesx($im); // uploaded image width $imh = imagesy($im); // uploaded image height $nh = $thumbnailheight; // thumbnail height $nw = round(($nh / $imh) * $imw); //thumnail width $newim = imagecreatetruecolor ($nw, $nh); imagecopyresampled ($newim,$im, 0, 0, 0, 0, $nw, $nh, $imw, $imh) ; $thumbfilename = $thumbnailfolder.$uploadfilename ; imagejpeg($newim, $thumbfilename) or die('<script type="text/javascript"> {alert("Nepavyko issaugoti thumbnail");} </script>'); } } else { echo '<script type="text/javascript"> {alert("Nepavyko issaugoti failo");} </script>'; } } } function watermark($original_image,$original_watermark,$destination="") { $image=imagecreatefromjpeg($original_image); list($imagewidth,$imageheight)=getimagesize($original_image); $watermark = imagecreatefrompng($original_watermark); list($watermarkwidth,$watermarkheight)=getimagesize($original_watermark); if($watermarkwidth>$imagewidth || $watermarkheight>$imageheight) { $water_resize_factor = $imagewidth / $watermarkwidth; $new_watermarkwidth = $watermarkwidth * $water_resize_factor; $new_watermarkheight = $watermarkheight * $water_resize_factor; $new_watermark = imagecreatetruecolor($new_watermarkwidth , $new_watermarkheight); imagealphablending($new_watermark , false); imagecopyresampled($new_watermark , $watermark, 0, 0, 0, 0, $new_watermarkwidth, $new_watermarkheight, $watermarkwidth, $watermarkheight); $watermarkwidth = $new_watermarkwidth; $watermarkheight = $new_watermarkheight; $watermark = $new_watermark; } $startwidth = ($imagewidth - $watermarkwidth) / 2; $startheight = ($imageheight - $watermarkheight) / 2; imagecopy($image, $watermark, $startwidth, $startheight, 0, 0, $watermarkwidth, $watermarkheight); if(!empty($destination)) imagejpeg($image,$destination); else imagejpeg($image); } $original_directory = "uploads/thumbs/"; $watermarked_images = "uploads/thumbs/watermarkedthumbs/"; if ($handle = opendir($original_directory)) { while (false !== ($file = readdir($handle))) { /* exif_imagetype checks if our file is a .jpg file. See manual for more info */ if(!is_file($original_directory.$file)) continue; if(exif_imagetype($original_directory.$file)==2) { watermark($original_directory.$file,"watermark.png",$watermarked_images.$file); } } closedir($handle); } } ?> <form name="newad" method="post" enctype="multipart/form-data" action=""> <label for="file" id="label">Pasirinkti failą: </label> <input type="hidden" name="action" value="upload" /> <input type="file" name="uploadimage" id="file"> <input name="Submit" type="submit" value="įkelti" id="submit"> </form> i tried smth like this, but it shows some error ("Warning: filesize() [function.filesize]: stat failed for 1.jpg in") <?php /* $allowedfiletypes = array("jpeg","jpg","gif","png"); $uploadfolder = "uploads/" ; $thumbnailheight = 100; //in pixels $thumbnailfolder = $uploadfolder."thumbs/" ; */ define ("max_size","20"); $size=filesize($_FILES['uploadimage']['name']); /* $action = $_POST['action']; if ($action == "upload") { //echo "<p>Uploading image... " ; if(empty($_FILES['uploadimage']['name'])){ echo '<script type="text/javascript"> {alert("Pasirinkite faila");} </script>'; } else { $uploadfilename = $_FILES['uploadimage']['name']; $fileext = strtolower(substr($uploadfilename,strrpos($uploadfilename,".")+1)); if (!in_array($fileext,$allowedfiletypes)) { echo '<script type="text/javascript"> {alert("Blogas failo tipas");} </script>'; } else { $fulluploadfilename = $uploadfolder.$uploadfilename ; */ if ($size > max_size*1024){ echo '<script type="text/javascript"> {alert("Per didelis failas");} </script>'; } else { /* if (move_uploaded_file($_FILES['uploadimage']['tmp_name'], $fulluploadfilename)) { echo '<script type="text/javascript"> {alert("Failas irasytas");} </script>'; $im = imagecreatefromjpeg($fulluploadfilename); if (!$im) { echo '<script type="text/javascript"> {alert("Nepavyko sugeneruoti thumbnail");} </script>'; } else { $imw = imagesx($im); // uploaded image width $imh = imagesy($im); // uploaded image height $nh = $thumbnailheight; // thumbnail height $nw = round(($nh / $imh) * $imw); //thumnail width $newim = imagecreatetruecolor ($nw, $nh); imagecopyresampled ($newim,$im, 0, 0, 0, 0, $nw, $nh, $imw, $imh) ; $thumbfilename = $thumbnailfolder.$uploadfilename ; imagejpeg($newim, $thumbfilename) or die('<script type="text/javascript"> {alert("Nepavyko issaugoti thumbnail");} </script>'); } } else { echo '<script type="text/javascript"> {alert("Nepavyko issaugoti failo");} </script>'; } } } } function watermark($original_image,$original_watermark,$destination="") { $image=imagecreatefromjpeg($original_image); list($imagewidth,$imageheight)=getimagesize($original_image); $watermark = imagecreatefrompng($original_watermark); list($watermarkwidth,$watermarkheight)=getimagesize($original_watermark); if($watermarkwidth>$imagewidth || $watermarkheight>$imageheight) { $water_resize_factor = $imagewidth / $watermarkwidth; $new_watermarkwidth = $watermarkwidth * $water_resize_factor; $new_watermarkheight = $watermarkheight * $water_resize_factor; $new_watermark = imagecreatetruecolor($new_watermarkwidth , $new_watermarkheight); imagealphablending($new_watermark , false); imagecopyresampled($new_watermark , $watermark, 0, 0, 0, 0, $new_watermarkwidth, $new_watermarkheight, $watermarkwidth, $watermarkheight); $watermarkwidth = $new_watermarkwidth; $watermarkheight = $new_watermarkheight; $watermark = $new_watermark; } $startwidth = ($imagewidth - $watermarkwidth) / 2; $startheight = ($imageheight - $watermarkheight) / 2; imagecopy($image, $watermark, $startwidth, $startheight, 0, 0, $watermarkwidth, $watermarkheight); if(!empty($destination)) imagejpeg($image,$destination); else imagejpeg($image); } $original_directory = "uploads/thumbs/"; $watermarked_images = "uploads/thumbs/watermarkedthumbs/"; if ($handle = opendir($original_directory)) { while (false !== ($file = readdir($handle))) { /* exif_imagetype checks if our file is a .jpg file. See manual for more info */ /* if(!is_file($original_directory.$file)) continue; if(exif_imagetype($original_directory.$file)==2) { watermark($original_directory.$file,"watermark.png",$watermarked_images.$file); } } closedir($handle); } } */ ?> any ideas? thanks Hello everybody , This is my first topic here and I hope I will find the solution for my problem. I want to restrict access to file (for exemple: http://www.mysite.com/files/file0000.zip) to a just a specific IP that will be read from the database. And also store all other IPs trying to access this file. Can this be done, maybe through some php and htaccess? Thank you for any help or any other ideas. i want to share my problem in my website For the better understandng of my website, I want to tell all the details. 1. I have a database and i has a 2 tables 1 for the tbllogin which consist of Username and Department, and the second table is caltbl which i use for the calendar events. 2.When my website run the first webpage is the login form. If the Username and Department is correct she can browse the other webpages, like the calendar event. 3. In the calendar event you can see the calendar and when you click the date theirs a link "new event" appear and if theirs no existing event theres a text saying "No Events", when you click the link you can add events. I want that theirs a specific person that can only add events for the restriction of adding events. I want to happen that if the user is xxx and her department is yyy the link shoud appear and she can add events. i want that only to her the link should be appear.. here is my code: <?php $host = "localhost"; $username = ""; $password = ""; $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database'); $dbName = 'dspi'; mysql_select_db($dbName); ?> <script> function goLastMonth(month, year){ // If the month is January, decrement the year if(month == 1){ --year; month = 13; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year; } //next function function goNextMonth(month, year){ // If the month is December, increment the year if(month == 12){ ++year; month = 0; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year; } function remChars(txtControl, txtCount, intMaxLength) { if(txtControl.value.length > intMaxLength) txtControl.value = txtControl.value.substring(0, (intMaxLength-1)); else txtCount.value = intMaxLength - txtControl.value.length; } function checkFilled() { var filled = 0 var x = document.form1.calName.value; //x = x.replace(/^\s+/,""); // strip leading spaces if (x.length > 0) {filled ++} var y = document.form1.calDesc.value; //y = y.replace(/^s+/,""); // strip leading spaces if (y.length > 0) {filled ++} if (filled == 2) { document.getElementById("Submit").disabled = false; } else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased } </script> <html> <body> <?php //$todaysDate = date("n/j/Y"); //echo $todaysDate; // Get values from query string $day = (isset($_GET["day"])) ? $_GET['day'] : ""; $month = (isset($_GET["month"])) ? $_GET['month'] : ""; $year = (isset($_GET["year"])) ? $_GET['year'] : ""; //comparaters for today's date //$todaysDate = date("n/j/Y"); //$sel = (isset($_GET["sel"])) ? $_GET['sel'] : ""; //$what = (isset($_GET["what"])) ? $_GET['what'] : ""; //$day = (!isset($day)) ? $day = date("j") : $day = ""; if(empty($day)){ $day = date("j"); } if(empty($month)){ $month = date("n"); } if(empty($year)){ $year = date("Y"); } //set up vars for calendar etc $currentTimeStamp = strtotime("$year-$month-$day"); $monthName = date("F", $currentTimeStamp); $numDays = date("t", $currentTimeStamp); $counter = 0; //$numEventsThisMonth = 0; //$hasEvent = false; //$todaysEvents = ""; //run a selec statement to hi-light the days function hiLightEvt($eMonth,$eDay,$eYear){ //$tDayName = date("l"); $todaysDate = date("n/j/Y"); $dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; if($todaysDate == $dateToCompare){ //$aClass = '<span>' . $tDayName . '</span>'; $aClass='class="today"'; }else{ //$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; //echo $todaysDate; //return; $sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'"; //echo $sql; //return; $result = mysql_query($sql); while($row= mysql_fetch_array($result)){ if($row['eCount'] >=1){ $aClass = 'class="event"'; }elseif($row['eCount'] ==0){ $aClass ='class="normal"'; } } } return $aClass; } ?> <div id="Calendar_Event"> <table width="350" cellpadding="0" cellspacing="0"> <tr> <td width="50" colspan="1"> <input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);"> </td> <td width="250" colspan="5"> <span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br> </td> <td width="50" colspan="1" align="right"> <input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);"> </td> </tr> <tr> <th>M</td> <th>T</td> <th>W</td> <th>T</td> <th>F</td> <th>S</td> <th>S</td> </tr> <tr> <?php for($i = 1; $i < $numDays+1; $i++, $counter++){ $dateToCompare = $month . '/' . $i . '/' . $year; $timeStamp = strtotime("$year-$month-$i"); //echo $timeStamp . '<br/>'; if($i == 1){ // Workout when the first day of the month is $firstDay = date("N", $timeStamp); for($j = 1; $j < $firstDay; $j++, $counter++){ echo "<td> </td>"; } } if($counter % 7 == 0 ){ ?> </tr><tr> <?php } ?> <!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> <?php } ?> </table> </div> <div id="New_Event"> <?php if(isset($_GET['v'])){ if(isset($_POST['Submit'])){ $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())"; mysql_query($sql); } $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'"; //echo $sql; //return; $result = mysql_query($sql); $numRows = mysql_num_rows($result); $check=mysql_query("SELECT * FROM tbllogin WHERE Username='rhoda.barrera@dunlop.ph' AND Department='MIS'"); if (mysql_num_rows($check)>0){ ?> <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a><?php }else{ echo 'You cannot Add New Event'; }?> </div> <div id="Cal_Event"> <?php if(isset($_GET['f'])){ include 'calForm.php'; } if($numRows == 0 ){ echo ''; }else{ //echo '<ul>'; echo '<h3>Event Listed</h3>'; while($row = mysql_fetch_array($result)){ ?> <h5><?=$row['calName'];?></h5> <?=$row['calDesc'];?><br/> Listed On: <?=$row['calStamp'];?> <?php } } } ?> </div> </body> </html> I have a sign up form to send the activation code to the new user via email.My question is how to restrict the user who is not a member using activation form page in PHP unless their use a sign up form first?
here is my sign up form and activation form:
sign up form
<style type="text/css"> <!-- .style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12; } .style5 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 16px; font-weight: bold; } .style7 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; } --> </style> <form name="form1" method="post" action="email-activation-script.php"> <div align="center"> <p class="style5"> Form Registration </p> <table width="35%" border="0"> <tr> <td class="style7">Username</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="username" type="text" id="username"> </label> </span></td> </tr> <tr> <td class="style7"> Email </td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="email" type="text" id="email"> </label> </span></td> </tr> <tr> <td class="style7">Password</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="password" type="password" id="password"> </label> </span></td> </tr> <tr> <td class="style7"> </td> <td class="style7"> </td> <td class="style1"><span class="style7"> <label> <input type="submit" name="Submit" value="Register"> <input type="reset" name="Submit2" value="Cancel"> </label> </span></td> </tr> </table> </div> </form> activation form: <form name="form1" method="post" action="check-activation-script.php"> <div align="center"> <table width="35%" border="0"> <tr> <td>Username</td> <td>:</td> <td><label> <input name="username" type="text" id="username"> </label></td> </tr> <tr> <td>Activation Code </td> <td><label>:</label></td> <td><input name="activation_code" type="text" id="activation_code"></td> </tr> <tr> <td> </td> <td> </td> <td><label> <input type="submit" name="Submit" value="Submit"> <input type="reset" name="Submit2" value="Cancel"> </label></td> </tr> </table> </div> </form> Hi all My code give this: <b>Warning</b>: file_exists(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/home/clients/........ I get the tmp folder and check for its existanse and whether it is writeable
$t=sys_get_temp_dir(); Both gives no which is fine, I can process that. I do it to avoid the output above, but I still get that. How should I check for allowed paths? This runs on several systems where I cannot access php.ini or other system stuff.
Ok I am designing a php upload that will take a image file from a form and change the name of the file to the productnumber also recieved from the form. I had it working the otherday now it says Warning: copy() [function.copy]: open_basedir restriction in effect File() is not within the allowed path(s): (/home:/tmp:/usr) addpro.php on line 51. my files are attached.... note that $pnum is the product number gotten from my form and image is the image being uploaded gotten from the form also. The thing is it worked the other day but now it don't is it a change to the server ( I dont run the server) or did I mess up my code since then? I really need a code that will do this two time over once for a small image being put into a folder called small and once for a folder called large both images being uploaded and being changed to $pnum.ext so they will both be displayed when being called out by the product number. but I can work on that after I get this one working. line 51 is $copied = copy($_FILES['image']['tmp_name'], $newname); Hi guys, I am writing a "login" script that will be on my main page(I have it inside of <head></head> tags). I want it to take a user name and password, store it in a variable that is persistant with all pages on my website. Is that possible? How can I make a variable that will carry over to a page that doesn't have the original code? E,g, $Login = "alogin"; then when my client goes to a different page $Login still == "alogin"? I hope this is understandable. I am not writing a very advanced script, I just want the input form to store the users login name/password so he or she may access a section of the site that has more options available if they're logged in.
Hi Hi experts. I am received a GET variable into a page which is a id with a value as uuid:3242_2323_4444_9909_433/child_repeat[1]. Which is being used in my mysql query. So my query will be SELECT * from table_1 WHERE id = $id. However php is treating this string differently, my query fails, it says that it has a error near :3242_2323_4444_9909_433/child_repeat[1]. So it seems that its interpreting the colon as something else and removing the text before the colon. Hi people! I have a form with a select list where options are populated from a table in my db.. the string format is like this -> car - branch (ex. toyota - japan so on..) when viewing the options it displays correctly with the "-" but when i tried submitting the form which will be inserted into the db the "- branch" gets cut off.. i think i need to encode it but i don't know how to do it.. thanks for any reply! Hi everyone, I hope someone can give me an answer to problem that has eluded me for about 2 weeks. I just can not find the answer. My problem is that I have a database that I want to return the average of a column BUT the average number that gets calculated can not include the oldest two records that were entered in that particular column. In other words, if I have ten entries in a column only the latest 8 entries will be used to calculate the returned average. Here is the basic query I am using: Code: [Select] $result = mysql_query("SELECT *, avg(miles) AS av_miles FROM mpg WHERE vehicle_id='$id' "); Thank you for help in advance. Hi all I need to retrieve a remote file and store it on my server. There are several methods to do this, but all of them fail when the URL contains special characters such as spaces. Consider the following URL: 'http://www.somedomain.com/Images/Products/MyProduct (Large).jpg' Assuming the allow_url_fopen directive is set to "on" in the php.ini, one can normally call: $url = ... $handle = fopen($url); to access the file. However, the space in the filename causes a Bad HTTP Request (Response 400). Using urlencode to encode the url doesn't solve the problem either, as all forward slashes and the colon after the protocol get escaped, and fopen doesn't recognize it as a URL. Besides manually replacing all the characters in the URL that are not colons or forward slashes (and are considered 'special'), can anyone give me any other solutions to make this work? Thanks Hello everyone! I'm working on a PHP employee database that uses the local network's active directory to allow users to log in. Basically, I'm using the ldap_bind command to authenticate and figure out what user is logging in. The main snippet of code is: Code: [Select] $username = $_POST['username']; $password = $_POST['password']; $convertedPassword = utf8_encode($password); if (ldap_bind($ds,"health1\\" . $username,$convertedPassword)){do stuff} This works fine for normal username/passwords, but has been getting hung up on special characters. I added the utf8_encode command, which allowed password with carrot (^) characters, but it still won't allow backslashes ( \ ). I get Code: [Select] Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Invalid credentials in /var/www/emp/index.php on line 22 every time with a password such as "Blabla12\" The utf8_encode command seems to be escaping the \, which I think is what I want. Has anybody else had any luck with this? -Sam Hello everyone, how i can insert to the db string that include "$_GET['id']", and i need this as is. in the table i need to see the string $_GET['id'] and not the value. any ideas ? |
|||||||