|
PHP - Hi Linking An Image With A Session Id
Hi, I would like some guidance. I have discussed with a few people and they have told me its best to store an image only in either one of these Mysql BLOB or in a folder on the website. I understand how to link the image, stored in a blob with the users SESSION but I dont understand how will I link the image stored on a folder with the user who is logged in at that time. Basically in more clear words what I am after is if the user logged in uploads an avatar and I store the avatar on a folder how will I tell php that this is the avatar for the user logged in. Another question is there a way I can create a folder with PHP for each individual user registered on my website example with their ID?
Similar TutorialsHi guys, I need your help with my php script. On my script, I'm currently working with image where I can hot-link them from another website while it is on protected. when you click right-mouse button on firefox, you could see something like "view page source" which is disabled. when you click on "save page as", you can save the image as "image.php". when you open them, you would not be able to read due to the image but you can find the real image link in image.php where i want to protect them. here's the currently code: Code: [Select] <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myusername'); define('DB_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydbname'); $id = (int)$_GET['id']; $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var) { return mysql_real_escape_string(strip_tags($var)); } $qrytable1="SELECT images FROM image_list WHERE id=$id"; $result1=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error()); while ($row = mysql_fetch_array($result1)) { $image = $row['images']; $details = getimagesize($image); header ('Content-Type: ' . image_type_to_mime_type($details[2])); echo readfile($image), "<p id='images'>", $row['images'] . "</p>"; } ?> I guess that there must be a way to protected the url in the php script where i can hide them. It should be easy to modify but I am not sure what line I need to adjust to make it protected. Can you please help me in what line I need to modify in order to protected the hot-linking in my php? Right i want to have friends displayed on peoples profiles but i can only ave there name and not the avater displayed here is the code ive got which doesnt work <? $picture = mysql_query("SELECT * FROM users WHERE username = '$dip->person'"); $pc = mysql_fetch_object($picture); $query_friends=mysql_query("SELECT * FROM friends WHERE username='$viewuser' AND type='Friend'"); $rows=mysql_num_rows($query_friends); if ($rows == "0"){ echo "<center>No friends</center>"; } $friend = 0; while($dip=mysql_fetch_object($query_friends)){ echo " <img src='$pc->image' width='50' height='50' border='1'><br><a href='profile.php?viewuser=$dip->person'>$dip->person</a>,"; $friend++; echo ($friend % 3 == 0)? "<br>" : ""; } ?> The friends are from the friends database and the avater is from the users database how can i link them so the name and the avater show ive tried this but only the names are displayed and the avaters dont show Hi guys, I have followed a tutorial and made a members only area using sessions. The user can upload an image and which gets renamed as their username. I was hoping to display all the users images that are logged in. I know how to do it with a single image by just setting the img src as the session username but I don't know how I would display multiple images if more than one person were logged in. Is it even possible? in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. I found this code which makes a BMI Calculator (Form) for me however when I click on submit it takes the user back to the index page ie. domain.com/index.php. How do I change it to go to, say, domain.com/calculator.php ? The code is below: <? /** * @package Module Body Mass Index Calculator for Joomla! 1.5 * @version $Id: mod_bodymassindexcalculator.php 599 2010-03-20 23:26:33Z you $ **/ defined( '_JEXEC' ) or die( 'Restricted access' ); $heightcm=$_POST["heightcm"]; $weightkg=$_POST["weightkg"]; if ($heightcm!="" && $weightkg!="") { $heightm = $heightcm / 100; $bmi=round($weightkg / ($heightm*$heightm),1); echo "Heigth, m: ".$heightm."<br />"; echo "Weigth, kg: ".$weightkg."<br />"; echo "Body Mass Index (BMI): ".$bmi."<br />"; echo "<strong>"; if ($bmi<16.5) {echo "Severely Underweight</strong><br />";} if ($bmi>=16.5 && $bmi<=18.4) {echo "Underweight</strong><br />";} if ($bmi>=18.5 && $bmi<=24.9) {echo "Normal</strong><br />";} if ($bmi>=25 && $bmi<=29.9) {echo "Overweight</strong><br />";} if ($bmi>=30 && $bmi<=34.9) {echo "Obese Class I</strong><br />";} if ($bmi>=35 && $bmi<=39.9) {echo "Obese Class II</strong><br />";} if ($bmi>=40) {echo "Obese Class III</strong><br />";} echo "<br />"; } $domain = $_SERVER['HTTP_HOST']; $path = $_SERVER['SCRIPT_NAME']; $queryString = $_SERVER['QUERY_STRING']; $url = "http://" . $domain . $path; $url3 = "http://" . $domain . $_SERVER['REQUEST_URI']; $mystring1="?"; $s1=strpos($url3,$mystring1); if($s1==0) {$url2=$url3;} if($s1!=0) {$url2=substr($url3,0,$s1);} $path = $url2; //1 foot = 0.3048 meters //1 inch = 2.54 centimeters //1 pound = 0.45359237 kilograms $n1=230; echo "<table style=\"width: 100%\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\"><tr><td valign=\"top\">"; //echo "<h3>BMI Calculator</h3>"; echo "<form action=\"".$path."\" method=\"post\" >"; echo "<strong>Height</strong><br />"; echo "<select name=\"heightcm\" >"; for ($i=30; $i<=$n1; $i++){ echo "<option value=\"$i\">".$i." cm / ".floor($i / 30.48)." ft ".round(($i-(floor($i / 30.48)*30.48)) / 2.54, 1)." in </option>";} echo "</select>"; echo "<br />"; echo "<strong>Weight</strong><br />"; echo "<select name=\"weightkg\" >"; for ($i=30; $i<=$n1; $i++){ echo "<option value=\"$i\">".$i." kg / ".round($i / 0.45359237,2)." pounds </option>";} echo "</select>"; echo "<br />"; //echo "<input name=\"searchterm\" type=text size=\"27\" class=\"ns1\">"; echo "<br />"; echo "<input type=\"submit\" value=\"Calculate\" name=\"B1\">"; echo "</form><br />"; //DON'T REMOVE THIS LINK - DO NOT VIOLATE GNU/GPL LICENSE!!! echo "<a href=\"http://nutritioncaloriecounter.com\">Nutrition Calorie Counter</a>"; //DON'T REMOVE THIS LINK - DO NOT VIOLATE GNU/GPL LICENSE!!! echo "</td></tr></table>"; ?> I have this code : <img class= "image_frame1" src="images/groupproductimages/<?php echo $offer['cimage'];?>" /> It pulls pics I need the pics to link to urls using this code <a href="index.php?option=com_grouppurchase&view=todaysdeal&id=<?php echo $offer['cid'];?>"> I know I am missing something stupid In a relational database, you "link" tables together. For example, Customer (parent) ---> Product (child) How do you do that with Objects? I have a "User" class and an "AddressBook" class. A User can have zero or more Addresses (in their AddressBook). If I create a User object and an AddressBook object, I need a way to link them up similar to how they are linked up in the database. Make sense?! TomTees Hi All, I googled this and there is endless results. I went through a lot of them but couldn't get this working properly. How do I link from within my web site root to files outside the root? It works for me using relative links i.e. ../../phpfiles/includes but that is going to get messy and I can't get a way of doing absolute links to work. If someone could lay that out so a newbie can get it clearly I would really appreciate it! Also - I understand why I should put all of my php files outside the web root but is this a guaranteed way to secure these files other than someone hacking my ftp access? I've looked at a few site hierarchy examples - Am I right that the only pages within the web site root should be template pages with calls to required files (outside the root), session checks, and content includes and all other includes that have php executable code should be outside the root? I really appreciate the advice and insight. Thank you! Hi I got three tables (employers , company , and Jobs) Employer table holds info about employer. Company hold info about the company and jobs table holds info about jobs. I was just wandering what would be a good way to link these tables in the database ? Here is the coding for each table. Employer Table Code: [Select] CREATE TABLE IF NOT EXISTS `employers` ( `id` int(11) NOT NULL, `username` varchar(50) NOT NULL, `password` varchar(50) NOT NULL, `email` varchar(50) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; Jobs Table Code: [Select] CREATE TABLE IF NOT EXISTS `Jobs` ( `id` int(11) NOT NULL, `JobTitle` varchar(200) default NULL, `Company` varchar(200) default NULL, `Salary` varchar(30) default NULL, `Description` varchar(2000) default NULL, `CompanyURL` varchar(200) default NULL, `PhoneNumber` varchar(30) default NULL, `Requirements` varchar(2000) default NULL, `JobCategory` varchar(100) default NULL, `JobType` varchar(100) default NULL, `Apply_To` varchar(1000) NOT NULL, `Email` varchar(200) NOT NULL, `modified_at` datetime NOT NULL, `PostedOnDate` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, `Address` varchar(250) NOT NULL, `State` varchar(200) NOT NULL, `City` varchar(200) NOT NULL, `Country` varchar(100) NOT NULL, `Zipcode` varchar(100) NOT NULL, `JobID` varchar(100) NOT NULL, `WorkExperience` varchar(2000) NOT NULL, `EducationRequirement` varchar(2000) NOT NULL, `WebsitePostedFrom` varchar(200) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; Company Table Code: [Select] CREATE TABLE IF NOT EXISTS `Company` ( `id` int(11) unsigned NOT NULL auto_increment, `CompanyName` varchar(100) NOT NULL, `Address` varchar(100) NOT NULL, `Logo` varchar(100) NOT NULL, `PhoneNumber` varchar(25) NOT NULL, `ContactPerson` varchar(25) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ; This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=321572.0 I have been trying to figure out how this is done? One php file and all that changes is the name of the brand and the logo. This has to be clickable from a menu and also if a user changes the brand name it changes to the appropriate name and logo. Any ideas as to how this is done? If you can guide me in the right direction or give me an example of how this is done would be greatly appreciated. Thanks. http://www.drivermanager.com/en/download-confirmation.php?brand=compaq&logo= <?php $con = database_connect(); $sql = "SELECT * FROM anime1, episode1 WHERE animeid='$animeid'"; $result = mysql_query($sql); while ($row = mysql_fetch_assoc($result)) { $title = $row['title']; $ep = $row['ep']; } ?> keep giving me back error Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\wamp\www\studying\take 2\addin12.php on line 45 is there a way in php to link from the root dir ? like in html you just use the '/' at the start for the link " <a herf="/link.php" ></a> " but i noticed this does not work when using php like include or require. so is there anywey to tell a link to start from root dir? without using the ../../link.php Hi: I have a login file where a user goes to a db based on the dbtype selected. Now $dbtype1 links to a db on Server 1 ( that is the server on which this script is running and $dbtype2 links to a db on Server 2 I created a connection-link file connectlink.php as under but while $dbtype1 works without a problem , $dbtype2 gives me an error 'no access to db' and user dbun1@localhost not found on db1.db . What am I missing in the connectlink.php file please ? Thanks login.php =========== <? ...... if($_POST['submit']){ $dbtype = $_POST['dbtype']; if ($dbtype == 'type1') { $section = 'type1'; require("../x/type1/type1.php"); } if ($dbtype == 'type2') { $section = 'type2'; require("../x/type2/connectlink.php"); //the dir 'x' is a common name on both the servers'' } //then it processes $userfile and give this Click <a href="'.$section.'/'.$userFile.'?Userid='.$userid.'"> here ?> connectlink.php ============== <? //this file contains db info, log and checks if user is authorised to access the db - ist check. error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); $dbusername2='a'; $dbpassword2='b'; $dbname2='c'; $servername = 'ip address of server or localhost ?'; $link2=mysql_connect ("$servername","$dbusername2","$dbpassword2", true); if(!$link2){ die("Could not connect to MySQL");} mysql_select_db("$dbname2",$link2) or die ("could not open db".mysql_error()); $dbusername1='d'; $dbpassword1='e'; $dbname1='f'; $servername = 'localhost'; $link1=mysql_connect ("$servername","$dbusername1","$dbpassword1", true); if(!$link1){ die("Could not connect to MySQL");} mysql_select_db("$dbname1",$link1) or die ("could not open db".mysql_error()); $sql = "SELECT * FROM Users WHERE Userid='$userid'",$link2; $result = mysql_query($sql); if ($myrow = mysql_fetch_array($result)){ $login_success = 'Yes'; $status = "On"; .... $sql2= "insert into Log (....) values(.....)",$link2;; $result2 = mysql_query($sql2) or die ('no access to database: ' . mysql_error()); // echo mysql_error(); } } else { $failureMessage = '<p class="data"><center><font face="Verdana" size="2" color="red">Login Failure. You are not authorised to access this database .<br /></font></center></p>'; print $failureMessage; $logoutMessage = 'Click <a href="../NEWDBS/mainlogout.php"> here </a>to logout </p>'; print $logoutMessage; exit; } ?> |
|||||||