|
PHP - Storing Config Data In File Or Database?
To me it is logical to store config data such as site name, meta, etc in a php file rather than storing ina table in mysql database. This will reduce the number of calls to the mysql database, as these are key parameters and needed in every page.
But, a well-developed CMS like Wordpress uses a mysql table to store such basic data. What is your idea? Ain't it better to reduce mysql loads? Similar TutorialsHey guys I have a simple question, I have a Config.php file that connects to mysql database on my server... Something like this (modified data, of course): <?php // database information $dbhost = 'localhost'; $dbuser = 'root'; $dbpass = '******'; $dbname = 'databasename'; ?> Can a hacker access those variables? How can I protect this? Ideas, suggestions? Thanks in advance! This is more of a database architect question.
I am building a CMS for website development. I am ready to use it for the first time on one of my clients. Now, my issue is is how to set up some or one of my table(s) for some areas that my client wants to be able to change in the admin section.
In their website on the front page, I put together this nice block slider. Its 6 blocks with text, a background image and nice effects. At first it was always going to be static, which was no issue at all, but later they came to me and asked if they could be able to change words in the boxes themselves in the admin section..
Of course this can be easily done by creating a table that is associated with this home page block thing and each row in the table will correspond to one of the blocks on the home page.
But I believe there might be an easier way to store this type of data without having to create another table for every feature the client wants to edit, for example they also want to be able to edit a slider on another page.
The WordPress database then came into my mind and how they store most of their data as JSON. So I was then thinking of creating a table named 'modules' for examples with three columns (id, title, data). Then inside the data column store the editable fields as a JSON string object.
For example a row could like like :
1, "Front Page Box Slider", {"slider-home" : [ {"data" : "value", "img_1", "value1"}, {"data" : "value", "img_2", "value2"} ]}
I've been doing a bit of research on this and people have just been saying, never do this if you do want your data to be searched through, which I don't.
Can anyone tell me why or why not I should do this, or maybe a better solution to my problem?
Thank you
Edited by carlosmoreeira, 17 September 2014 - 07:37 PM. hi everyone, i just signed up on this forum. I have issue, my clients wants to save time by copying data into a textarea and then letting the script process it and store it in database. the problem is never done that. the data is made up for eg. Title Mr Name Radio86 Address Chiltren House etc.... how do i split this data up and store it in database, btw ive just started programming in php in other words newbie Please help me, thanks in advance Hello,
I have a table with these columns (database)
table.JPG 34.95KB
0 downloads
and i have a static form through which user define the installments. Static 24 input boxes are there like this
<form name="installment" method="post" action="" enctype="multipart/form-data" onsubmit="return validate()">
<table id="dt_hScroll" class="table table-striped">
<thead>
<tr>
<th>SL No.</th>
<th>Amount</th>
<th>Due Date</th>
</tr>
<tr>
<td> 1. </td>
<td>
<input type="text" name="installment1" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date1" class="tcal span4" value="<?php //echo date("Y-m-d"); ?>" />
</td>
</tr>
<tr>
<td> 2. </td>
<td>
<input type="text" name="installment2" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date2" class="tcal span4" />
</td>
</tr>
<tr>
<td> 3. </td>
<td>
<input type="text" name="installment3" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date3" class="tcal span4" />
</td></tr>
<tr>
<td> 4. </td>
<td>
<input type="text" name="installment4" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date4" class="tcal span4" />
</td></tr>
<tr>
<td> 5. </td>
<td>
<input type="text" name="installment5" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date5" class="tcal span4" />
</td></tr>
<tr>
<td> 6. </td>
<td>
<input type="text" name="installment6" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date6" class="tcal span4" />
</td></tr>
<tr>
<td> 7. </td>
<td>
<input type="text" name="installment7" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date7" class="tcal span4" />
</td></tr>
<tr>
<td> 8. </td>
<td>
<input type="text" name="installment8" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date8" class="tcal span4" />
</td></tr>
<tr>
<td> 9. </td>
<td>
<input type="text" name="installment9" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date9" class="tcal span4" />
</td></tr>
<tr>
<td> 10. </td>
<td>
<input type="text" name="installment10" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date10" class="tcal span4" />
</td></tr>
<tr>
<td> 11. </td>
<td>
<input type="text" name="installment11" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date11" class="tcal span4" />
</td></tr>
<tr>
<td> 12. </td>
<td>
<input type="text" name="installment12" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date12" class="tcal span4" />
</td></tr>
<tr>
<td> 13. </td>
<td>
<input type="text" name="installment13" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date13" class="tcal span4" />
</td></tr>
<tr>
<td> 14. </td>
<td>
<input type="text" name="installment14" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date14" class="tcal span4" />
</td></tr>
<tr>
<td> 15. </td>
<td>
<input type="text" name="installment15" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date15" class="tcal span4" />
</td></tr>
<tr>
<td> 16. </td>
<td>
<input type="text" name="installment16" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date16" class="tcal span4" />
</td></tr>
<tr>
<td> 17. </td>
<td>
<input type="text" name="installment17" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date17" class="tcal span4" />
</td></tr>
<tr>
<td> 18. </td>
<td>
<input type="text" name="installment18" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date18" class="tcal span4" />
</td></tr>
<tr>
<td> 19. </td>
<td>
<input type="text" name="installment19" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date19" class="tcal span4" />
</td></tr>
<tr>
<td> 20. </td>
<td>
<input type="text" name="installment20" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date20" class="tcal span4" />
</td></tr>
<tr>
<td> 21. </td>
<td>
<input type="text" name="installment21" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date21" class="tcal span4" />
</td></tr>
<tr>
<td> 22. </td>
<td>
<input type="text" name="installment22" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date22" class="tcal span4" />
</td></tr>
<tr>
<td>23. </td>
<td>
<input type="text" name="installment23" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date23" class="tcal span4" />
</td></tr>
<tr>
<td> 24. </td>
<td>
<input type="text" name="installment24" id="installment" class="span4" value="0" />
</td>
<td>
<input type="text" name="due_date24" class="tcal span4" />
</td></tr>
<tr><td></td><td>
<input type="submit" name="save" id="save" value="Save" class="btn btn-info span3" />
<input type="hidden" readonly="readonly" name="roll_no" value="<?php echo $roll_no; ?>" class="span5" />
</td><td></td></tr>
</thead>
</table>
</form>
Here i am not getting how to store it in that table. Actually all the 24 inputs are not mandatory. If user fills only 2 then also it should store it in the database table.
I tried to do like this
if(isset($_POST['save']))
{
$roll_no = $_POST['roll_no'];
$ins_amt1 = $_POST['installment1'];
$due_date1 = $_POST['due_date1'];
$ins_amt2 = $_POST['installment2'];
$due_date2 = $_POST['due_date2'];
$ins_amt3 = $_POST['installment3'];
$due_date3 = $_POST['due_date3'];
$ins_amt4 = $_POST['installment4'];
$due_date4 = $_POST['due_date4'];
$ins_amt5 = $_POST['installment5'];
$due_date5 = $_POST['due_date5'];
$ins_amt6 = $_POST['installment6'];
$due_date6 = $_POST['due_date6'];
$ins_amt7 = $_POST['installment7'];
$due_date7 = $_POST['due_date7'];
$ins_amt8 = $_POST['installment8'];
$due_date8 = $_POST['due_date8'];
$ins_amt9 = $_POST['installment9'];
$due_date9 = $_POST['due_date9'];
$ins_amt10 = $_POST['installment10'];
$due_date10 = $_POST['due_date10'];
$ins_amt11 = $_POST['installment11'];
$due_date11 = $_POST['due_date11'];
$ins_amt12 = $_POST['installment12'];
$due_date12 = $_POST['due_date12'];
$ins_amt13 = $_POST['installment13'];
$due_date13 = $_POST['due_date13'];
$ins_amt14 = $_POST['installment14'];
$due_date14 = $_POST['due_date14'];
$ins_amt15 = $_POST['installment15'];
$due_date15 = $_POST['due_date15'];
$ins_amt16 = $_POST['installment16'];
$due_date16 = $_POST['due_date16'];
$ins_amt17 = $_POST['installment17'];
$due_date17 = $_POST['due_date17'];
$ins_amt18 = $_POST['installment18'];
$due_date18 = $_POST['due_date18'];
$ins_amt19 = $_POST['installment19'];
$due_date19 = $_POST['due_date19'];
$ins_amt20 = $_POST['installment20'];
$due_date20 = $_POST['due_date20'];
$ins_amt21 = $_POST['installment21'];
$due_date21 = $_POST['due_date21'];
$ins_amt22 = $_POST['installment22'];
$due_date22 = $_POST['due_date22'];
$ins_amt23 = $_POST['installment23'];
$due_date23 = $_POST['due_date23'];
$ins_amt24 = $_POST['installment24'];
$due_date24 = $_POST['due_date24'];
$items = array();
$installment[] =array($ins_amt1, $ins_amt2, $ins_amt3, $ins_amt4, $ins_amt5, $ins_amt6, $ins_amt7, $ins_amt8, $ins_amt9, $ins_amt10, $ins_amt11, $ins_amt12, $ins_amt13, $ins_amt14, $ins_amt15, $ins_amt16, $ins_amt17, $ins_amt18, $ins_amt19, $ins_amt20, $ins_amt21, $ins_amt22, $ins_amt23, $ins_amt24);
//$in_values= serialize($installment);
$due_date[] = array($due_date1, $due_date2, $due_date3, $due_date4, $due_date5, $due_date6, $due_date7, $due_date8, $due_date9, $due_date10, $due_date11, $due_date12, $due_date13, $due_date14, $due_date15, $due_date16, $due_date17, $due_date18, $due_date19, $due_date20, $due_date21, $due_date22, $due_date23, $due_date24);
//$in_dates= serialize($due_date);
//$s1 = "insert into installment(id, fee_id, student_id, amount, due_date, paid_date, status, rec_no) values ('', ".$fee_id.", '".$roll_no."', ".$in_values.", '".$in_dates."', '', 'unpaid', ''";
foreach($installment as $row_key => $value)
{
$item = $value;
$uom = $due_date[$row_key];
$items[] = sprintf("(%d, %d, '%s', %d, '%s', '%s', '%s', '%s')", '',
$fee_id,
mysql_real_escape_string($roll_no),
intval($item),
$uom,
'',
'',
''
);
}
$msql = 'INSERT INTO installment (id, fee_id, student_id, amount, due_date, paid_date, status, rec_no) VALUES '.implode(', ', $items);
But it is taking only one data. Can somebody please suggest. The data has to be saved like this
saveddata.JPG 70.92KB
0 downloads
Somebody please help. Thank you
hi, I have created a login page this is my code <?php if (!isset($_SESSION)) { session_start(); } $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="Marketing"; // Database name $tbl_name="Marketinglogin"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM Marketinglogin WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); if ($myusername == "sandeep") { header("location:Marketingadmin.php"); } else { header("location:Marketingemployeeform.php"); } } else { echo "wrong password"; } ?> Marketingemployee form has some fields..here when we click submit button all the fields as well as the loginusername has to be stored in the database <?php if (!isset($_SESSION)) { session_start(); } $con = mysql_connect("localhost","root", ""); if (!$con) {die('Could not connect to DB: ' . mysql_error() );} mysql_select_db ("Marketing", $con); $date = $_POST['year'].$_POST['month'].$_POST['dt'] ; $_SESSION['myusername']=$_POST['myusername']; $myusername=$_SESSION['myusername']; $sql="INSERT INTO Marketingemployeetable (Employeeid, Date,Sector,Place,Contactpersonname,Contactaddress,Mobileno)VALUES ( '$myusername','$date','$_POST[project]','$_POST[place]','$_POST[Contactpersonname]','$_POST[Contactaddress]','$_POST[Mobileno]')"; if (!mysql_query($sql,$con)) {die ('Error: ' . mysql_error());} echo "Record added"; mysql_close($con)?> please help me out here Okay, I'll make this short and sweet, and all side comments are irrelevant. I'm doing this for my own happies So using Facebook.com's API you can extract all of a specific user's friends in an array. Well I'm making a array check to see who on that users friend list was removed or deleted them that week using array_dif(); in this method: 1) User allows the application 2) Application catches the user's friends_id's in an array and stores them // this is where i'm having trouble, i'll come back to it 3) User then waits a few days and notices their friend count is no longer 400, it's now 399! 4) User logs into my application, and checks the previously uploaded array against their current array of friends. Okay now to the part i'm struggling with is, what would you do? Should i store them each uniquely in a database? Because some users have 4,000+ friends and that gets quite strenuous. OR! Should i save them into a txt file unique to that person's user_id. I kind of like the 2nd option, however it's less ( to my newbish mind ) customizable versus the sql_queries. Once again, i'd like to reiterate, i don't care that this is again Facebooks terms of service, it's for my own personal gain and just enjoy taking on projects in my spare time that force my brain to work hard. That's all, hope you excuse the typos and poor grammar. Typed this pretty quickly, any questions - feel free to ask! I have a user registration page that requires the user to input a Username, Password, Confirm Password, Email. If the user passes all the validation requirements for the new account, I then need to have the username, password, email fields saved to a file called 'login.dat'
Here is my code that I have so far, it runs perfectly.
<?php
include 'helpfulfunctions.inc';
include 'productsdata.inc';
$user_login_file = 'login.dat';
//var_dump($_POST);
// product data for photo, name, and price.
$alluserinfo = load_users_info($user_login_file);
//validate users info
$errors = array();
if (array_key_exists('register_submit', $_POST)) {
//check to see if username is taken
$username_entered = $_POST['username'];
//check to see if username already exists
if (array_key_exists($username_entered, $alluserinfo)) {
$errors['username']['username_exists'] = "Username already exists.";
}
//validate username is 4-11 characters long using only a-z A-Z 0-9
if(preg_match("/^[0-9a-zA-z]{4,11}$/",$_POST['username']) ===0){
$errors['username']['invalid_username']= "Invalid username. Username must be 4-11 characters long and use only letters and numbers.";
}
//validate password "." means any character
//.* allows numbers 0-9 to be inserted anywhere
//?= positive lookahead: next text must be like this and follow these rules
// must be at least 6 characters, contain 0-9, a-z, A-Z
$pw_entered=$_POST['password'];
if(preg_match("/^.*(?=.{6,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["password"]) === 0){
$errors['password']['invalid_password']="Password must be at least 6 characters and must contain at least one lower case letter, one upper case letter and one digit.";
}
//validate that "confirm password" matches password above
$pw_repeat=$_POST['confirmpassword'];
if($pw_repeat != $pw_entered){
$errors['confirmpassword']['pw_no_match']="Passwords do not match. Try again.";
}
//validate email format
$email_entered=($_POST['email']);
if(!filter_var($email_entered, FILTER_VALIDATE_EMAIL)){
$errors['email']['invalid_email']="Not a valid email. Please try again.";
}
//no validation errors=>print invoice
if (empty($errors)) {
include 'invoice.inc';
exit;
}
}
//reprint if invalid entry. if no errors print invoice
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<h3>Please register to continue.</h3>
<table>
<tr>
<td>
*Username:
</td>
<td>
<input type="text" name="username"/>
<?php
if (isset($errors['username'])) {
print implode('<br>', $errors['username']);
}
?>
</td>
</tr>
<tr>
<td>
*Password:
</td>
<td>
<input type="password" name="password"/>
<?php
if (isset($errors['password'])) {
print implode('<br>', $errors['password']);
}
?>
</td>
</tr>
<tr>
<td>
*Confirm Password:
</td>
<td>
<input type="password" name="confirmpassword"/>
<?php
if (isset($errors['confirmpassword'])) {
print implode('<br>', $errors['confirmpassword']);
}
?>
</td>
</tr>
<tr>
<td>
*Email:
</td>
<td>
<input type="text" name="email"/>
<?php
if (isset($errors['email'])) {
print implode('<br>', $errors['email']);
}
?>
</td>
</tr>
<tr>
<td>
* required info <br>
<input type="submit" value="Register" name="register_submit">
<?php
//print out hiddens with quantities
save_hidden_qty($_POST['quantity']);
?>
</form>
</td>
</tr>
</table>
In case it's needed, this is the 'helpfulfunctions.inc' file and the included functions:
<?php
if (!function_exists('load_users_info')) {
function load_users_info($users_data_file) {
$fp = fopen($users_data_file, 'r');
//read all lines of login.dat file and create user info arrays
while (!feof($fp)) {
$users_info_line = fgets($fp);
$user_info_parts = explode(',', $users_info_line);
$user_info_array = array('username' => $user_info_parts[0], 'password' => $user_info_parts[1], 'email' => $user_info_parts[2]);
$complete_user_info_array[$user_info_array['username']] = $user_info_array;
}
fclose($fp);
return $complete_user_info_array;
}
}
// function to display products
if (!function_exists('display_products')) {
function display_products($products_to_display, $quantities = array()) {
global $errors;
?>
<table border="1">
<tbody>
<tr>
<td style="text-align: center;"><b><big>Product</big></b></td>
<td style="text-align: center;"><b><big>Brand</big></b></td>
<td style="text-align: center;"><b><big>Price(each)</big></b></td>
<td style="text-align: center;"><b><big>Quantity Desired</big></b></td>
</tr>
<?php
// quantities are 0 unless already inputted, if quantities previously were inputted, return the values.
// input boxes
for ($i = 0; $i < count($products_to_display); $i++) {
if (empty($quantities)) {
$qty = isset($_POST['quantity'][$i]) ? $_POST['quantity'][$i] : 0;
$qty_str = "<input type=text size=3 maxlength=3 name='quantity[$i]' value='$qty'>";
if (isset($errors['quantity'][$i])) {
$qty_str .= "<span style='font-style:italic;font-size:8px;color:red;'>{$errors['quantity'][$i]}</span>";
}
} else {
$qty_str = $quantities[$i];
}
// loop to print out table of photo of board, name of the brand, price, and quantity selected
printf('
<tr>
<td><img alt="Small" id="lightboxImage"
style="width: 119px; height: 88px; bgcolor="#cccccc;"
src="http://imgur.com/%s"
height="300" width="300"></td>
<td style="text-align: center;">%s</td>
<td style="text-align: center;">$%.2f</td>
<td style="text-align: center;">' . $qty_str . '</td>
</tr>
', $products_to_display[$i]['item'], $products_to_display[$i]['board'], $products_to_display[$i]['price']);
}
?>
<tr><td colspan="4" style="text-align: right; border: none">
<input type="submit" value="Purchase"></td></tr>
</tbody>
</table>
<?php
}
}
if (!function_exists('save_hidden_qty')) {
function save_hidden_qty($the_quantities){
foreach ($the_quantities as $key=>$value){
print "<input type='hidden' name='quantity[$key]' value='$value'>\n";
}
}
}
?>
Can anyone help me out?
where does the connection details go and in what manner order etc, server url, username, password <?php define( "DB_DSN", "); define( "DB_USERNAME", " ); define( "DB_PASSWORD", " ); define( "PAGE_SIZE", 5 ); define( "TBL_", " ); define( "TBL_", "" ); ?> I have a PHP script that is encrypted with Ion Cube. Since I don't want to violate the license, I can't modify anything in the script. The script makes calls to an XML based config file. I want to create a database to store the config data and then feed it to the encrypted script based on the referer URL that made the request. Basically, I want to "virtualize" the config XML file so I can feed the encrypted script the data I want based on the referer URL. Any ideas? I'm really embarrassed asking this.. I have two files. config.php & program.php config.php<php $max_columns = 3; ?> program.php<?php include ('config.php'); echo $max_columns; ?> I can't get the script to echo anything. I have tried... $max_columns = '3'; $max_columns = "3"; include_once include ("config.php"); include ('/path/to/file/config.php'); require .....etc. etc. Any thoughts? PLEASE, I'm going nuts here. Thanks for you patience with what must be a very trivial question for you guys I have a very simple password protection set-up on a page as a temporary measure until I can set something better up. The person I set it up for wants to be able change the Username and Password occasionally but wants me to set up a simple form which will overwrite the data in the config file (connection.php) instead of having to open the file himself (don't ask!). I have has a read round to see if there is any obvious and simple solutions but none seem as simple as I had hoped. I intend to work on a system via MySQL where there can be multiple users and passwords but as time is tight at the moment I just want to get something basic and working. The nature of the 'hidden' content is not sensitive (it is just a football clubs live commentary stream that they are hoping to get people to subscribe to) so there are no issues at this moment with security. All he needs to do is choose a new Username and Password every game and email it to the subscribers. The data that he wants to update in connection.php, via a form, is Code: [Select] $username = "user"; $password = "pass"; The code in the actual page with the log-in is Code: [Select] <?php require_once('connection.php'); if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) { ?> <h1 style="color: #FFF">Login</h1> <form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <p class="white_text"><label for="txtUsername">Username:</span></label> <br /> <input type="text" title="Enter your Username" name="txtUsername" /></p> <p class="white_text"><label for="txtpassword">Password:</label> <br /> <input type="password" title="Enter your password" name="txtPassword" /></p> <p><input type="submit" name="Submit" value="Login" /></p> </form> <?php } else { ?> CONTENT TO BE SHOWN................Is there a simple way of creating a form just to update those two bits in the connection.php or will I have to bite the bullet and set it up via MySQL from the off? Thanks in advance Steve This is my first post on your forums. I've some problems with a registration form that I've been trying to work out for 2+ days now, asking about it here is a last resort - I have a config.php file located at config/config.php there's a register.php file in the sites root directory and a includes/form_handlers/register.php
My config.php file is:
<?php
ob_start();
session_start();
$timezone = date_default_timezone_set("America/Cancun");
$servername = "localhost";
$username = "root";
$password = "";
$database = "social";
$conn = mysqli_connect($servername, $username, $password, $database);
if (mysqli_connect_error()) {
echo "Failed to connect: " . mysqli_connect_error();
}
?>
This is my register.php file:
<?php
require 'config/config.php';
require 'includes/form_handlers/register.php';
?>
<!-- REMOVED THE <HEAD> SECTION -->
<body class="login-img3-body">
<div class="container">
<form class="login-form" action="includes/form_handlers/register.php" method="POST">
<div class="login-wrap">
<p class="login-img"><i class="icon_lock_alt"></i></p>
<div class="input-group">
<span class="input-group-addon"><i class="icon_profile"></i></span>
<input type="text" class="form-control" name="fname" placeholder="First Name" value="<?php
if(isset($_SESSION['fname'])) {
echo $_SESSION['fname'];
}
?>" required>
<br>
<?php if(in_array("Your first name must be 2-50 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your first name must be 2-50 characters long.</span><br>"; ?>
</div>
<div class="input-group">
<span class="input-group-addon"><i class="icon_profile"></i></span>
<input type="text" class="form-control" name="lname" placeholder="Last Name" value="<?php
if(isset($_SESSION['lname'])) {
echo $_SESSION['lname'];
}
?>" required>
<br>
<?php if(in_array("Your last name must be 2-50 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your last name must be 2-50 characters long.</span><br>"; ?>
</div>
<div class="input-group">
<span class="input-group-addon"><i class="icon_mail_alt"></i></span>
<input type="text" class="form-control" name="email" placeholder="Email" value="<?php
if(isset($_SESSION['email'])) {
echo $_SESSION['email'];
}
?>" required>
</div>
<div class="input-group">
<span class="input-group-addon"><i class="icon_mail_alt"></i></span>
<input type="text" class="form-control" name="email2" placeholder="Confirm Email" value="<?php
if(isset($_SESSION['email2'])) {
echo $_SESSION['email2'];
}
?>" required>
<br>
<?php
if(in_array("Email already in use<br>", $error_array)) echo "<span style='color: #AD0303;'>Email already in use</span><br>";
else if(in_array("Invalid Email<br>", $error_array)) echo "<span style='color: #AD0303;'>Invalid Email</span><br>";
else if(in_array("Emails don't match<br>", $error_array)) echo "<span style='color: #AD0303;'>Emails don't match</span><br>";
?>
</div>
<div class="input-group">
<span class="input-group-addon"><i class="icon_key_alt"></i></span>
<input type="password" class="form-control" name="pwd" placeholder="Password" required>
</div>
<div class="input-group">
<span class="input-group-addon"><i class="icon_key_alt"></i></span>
<input type="password" class="form-control" name="pwd2" placeholder="Confirm Password" required>
<br>
<?php
if(in_array("Your passwords don't match.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your passwords don't match.</span><br>";
else if(in_array("Your password must contain English characters or numbers.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your password must contain English characters or numbers.</span><br>";
else if(in_array("Your password must be 5-30 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your password must be 5-30 characters long.</span><br>";
?>
</div>
<input class="btn btn-info btn-lg btn-block" type="submit" name="register" value="Register">
</div>
<?php if(in_array("<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>", $error_array)) echo "<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>"; ?>
</form>
</div>
</body>
</html>
and my includes/form_handlers/register.php file:
<?php
//error variables
$fname = "";
$lname = "";
$email = "";
$email2 = "";
$pwd = "";
$pwd2 = "";
$date = "";
$error_array = array();
if(isset($_POST['register'])) {
//form values
$fname = clean($_POST['fname']);
$_SESSION['fname'] = $fname;
$lname = clean($_POST['lname']);
$_SESSION['lname'] = $lname;
$email = clean($_POST['email']);
$_SESSION['email'] = $email;
$email2 = clean($_POST['email2']);
$_SESSION['email2'] = $email2;
$pwd = strip_tags($_POST['pwd']);
$pwd2 = strip_tags($_POST['pwd2']);
$date = date('Y-m-d'); //signup date
if($email == $email2) {
//validate email format
if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
//does email exist??
$email_check = mysqli_query($conn, "SELECT email FROM users WHERE email='$email'");
//number of rows returned
$num_rows = mysqli_num_rows($email_check);
if($num_rows > 0) {
array_push($error_array, "Email already in use<br>");
}
} else {
array_push($error_array, "Invalid Email<br>");
}
} else {
array_push($error_array, "Emails don't match<br>");
}
//first name length
if(strlen($fname) > 50 || strlen($fname) < 2) {
array_push($error_array, "Your first name must be 2-50 characters long.<br>");
}
//last name length
if(strlen($lname) > 50 || strlen($lname) < 2) {
array_push($error_array, "Your last name must be 2-50 characters long.<br>");
}
if($pwd != $pwd2) {
array_push($error_array, "Your passwords don't match.<br>");
} else {
if(preg_match('/[^A-Za-z0-9]/', $pwd)) {
array_push($error_array, "Your password must contain English characters or numbers.<br>");
}
}
if(strlen($pwd) > 30 || strlen($pwd) < 2) {
array_push($error_array, "Your password must be 5-30 characters long.<br>");
}
if(empty($error_array)) {
$pwd = md5($pwd); //encrypts password
$username = strtolower($fname . "_" . $lname);
$check_username = mysqli_query($conn, "SELECT username FROM users WHERE username='$username'");
//assign unique username if original is taken
$snum = 0;
while(mysqli_num_rows($check_username) != 0) {
$snum++;
$username = $username . "00" . $snum;
$check_username = mysqli_query($conn, "SELECT username FROM users WHERE username='$username'");
}
//assign a random profile pic
$rand = rand(1,3);
switch ($rand) {
case '1':
$profile_pic = "assets/images/profile_pics/default/01.jpeg";
break;
case '2':
$profile_pic = "assets/images/profile_pics/default/02.jpeg";
break;
case '3':
$profile_pic = "assets/images/profile_pics/default/03.jpeg";
break;
}
$query = mysqli_query($conn, "INSERT INTO users VALUES (NULL, '$fname', '$lname', '$username', '$email', '$pwd', '$date', '$profile_pic', '0', '0', 'no', ',')");
array_push($error_array, "<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>");
//clear session variables
$_SESSION['fname'] = "";
$_SESSION['lname'] = "";
$_SESSION['email'] = "";
$_SESSION['email2'] = "";
}
}
//polish user imput
function clean($data) {
$data = str_replace(" ","", $data);
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = strip_tags($data);
$data = trim($data);
return $data;
}
?>
I can't get the reg. form handler to recognize the $conn variable from the config.php file. if I add require '../../config/config.php'; to it I get this error:
Warning: require(../../config/config.php): failed to open stream: No such file or directory in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 3 I don't know why it can't find that file, but the way I understand PHP is that I don't need that line because it's in the register.php. When I don't use it I get a party of errors all connected to it not recognizing the $conn variable:
Notice: Undefined variable: conn in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 43
There's about 6 more that look like the ones above but from different lines where $conn is referenced, I just deleted them for brevity sake. I'm pretty new to PHP and this is the most difficult situation I've encountered so far, can someone help me find the way here?
Hi there, I am trying to create a custom registration form and connect the file to mysql using a config.php file. I created the file with a tutorial. I placed both the config.php and the registration.php in a "page-templates folder" inside the "theme folder". Using wordpress "add new page" I am able to select the registration.php file as a template. I am able to open the newly created page and type in information like username and password. I am able to press submit and I get redirected to a new page.
Problem: I would really appreciate your help. Siegfried I'm very fresh to php coding, and embedding it in html, so I'm a bit lost here. I have made a script for doing backups of mysql on the QNAP box, I want to make a page to set the variables in it, so the users don't have to change directly in the script like they do now. First the page should read in the current config, and display that in the form, and then users can change the values, and press save, quite simple I'm sure for the experienced php coder :-) I'm not sure if it's a HTML or PHP question, so here goes, if it's in the wrong forum, maybe the moderator will forgive me, and move the topic to the right one. THe page I've currently created looks like this: Code: [Select] <html><body> <h1>Mysql Backup Script</h1> <?php $config=parse_ini_file("config.txt"); ?> <form action="writeconfig.php" method="post"> <p>Days to save config: <input type="text" name="configdays" value="<?php echo $config('configdays'); ?>"/> <br> <p>Name of Backup location (share): <input type="text" name="share" value="<?php echo $config('share'); ?>"/> <br> <p>MySQL Backup User: <input type="text" name="user" value=<?php echo $config('user'); ?>"/> <p>Errorlevel (0=off, 1=error, 2=error+warn, 3=error+warn+info: <select name="error"> <option>0</option> <option>1</option> <option>2</option> <option>3</option> </select> <br> <p><input type="submit" value="Save" /> </form> </body></html> The problem is that it doesn't show the variables in the value fields, but rather the php code And the writeconfig.php looks like this: Code: [Select] <?php $configdays = $_POST['configdays']; $share = $_POST['share']; $user = $_POST['user']; $error = $_POST['error']; $int_options = array("options"=>array("min_range"=>1, "max_range"=>100)); if (!filter_var($configdays, FILTER_VALIDATE_INT, $int_options)) die("Value for number of config days is incorrect allowed value is 1-100"); $fp = fopen("config.txt", "w"); fwrite($fp, "configdays=" . $configdays . "\r\n" . "share=". $share . "\r\n" . "user=". $user . "\r\n" . "error=". $error . "\r\n"); fclose($fp); echo "Config file successfully written" ?> It's all still very raw, but the write part works ok, still needs a lot of input validation of course. As you can see, I'm still in the beginning part of this, so if I'm doing something wrong, or there's another way to do it properly, let me know! Well hello there, I want to create a script that writes a few PHP constants to a file called config.php. It does not work however, with the way I wrote it as below: Code: [Select] $configdata = "<?php //Configuration File \define("DBHOST", $dbhost); //DB Hostname \define("DBUSER", $dbuser); //DB Username \define("DBPASS", $dbpass); //DB Password \define("DBNAME", $dbname); //Your database name \define("DOMAIN", $domain); //Your domain name (No http, www or . ) \define("SCRIPTPATH", $scriptpath); //The folder you installed this script in \define("PREFIX", $prefix); ?>"; $file = fopen('../inc/config.php', 'w'); fwrite($file, $configdata); fclose($file); I am getting this error 'syntax error, unexpected T_STRING in ...', and I have no idea how to fix it. Strangely the below codes using PHP variables work flawlessly: Code: [Select] $configdata = "<?php //Configuration File \$dbhost = '{$dbhost}'; //DB Hostname \$dbuser = '{$dbuser}'; //DB User \$dbpass = '{$dbpass}'; //DB Password \$dbname = '{$dbname}'; //Your database name \$domain = '{$domain}'; //Your domain name (No http, www or . ) \$scriptpath = '{$scriptpath}'; //The folder you installed this script in \$prefix = '{$prefix}'; ?>"; //Write the config.php file... $file = fopen('../inc/config.php', 'w'); fwrite($file, $configdata); fclose($file); This confuses me, all I did was to change the string to output from a list of variables to a list of constants, and it gives weird errors that I have absolutely no idea how to fix. Can anyone please lemme know what I did wrong? Thanks. Hey guys, Just lately I have been trying to start a specific project for myself. I started off by designing the pages etc on HTML, and then a friend of mine helped me convert them to PHP.
At the moment, when a user registers to the site, they only require to enter a Username and Password. I would like to add their email to it too, due to adding slightly extra security. It would also be used for future reasons such as sending emails out etc.
I'm not sure about adding this, I know that most likely it is going to be VERY similar to how it already is, but I couldn't seem to get it to work when I tried.
Ill give the coding which I am using for this below (the documents which I believe would need editing) :
Register.php
<?php
require($_SERVER['DOCUMENT_ROOT'] . '/TruckWorld/includes/config.php');
$sOutput .= '<div id="register-body">';
if (isset($_GET['action'])) {
switch (strtolower($_GET['action'])) {
case 'register':
// If the form was submitted lets try to create the account.
if (isset($_POST['username']) && isset($_POST['password'])) {
if (createAccount($_POST['username'], $_POST['password'])) {
$sOutput .= '<h1>Account Created</h1><br />Your account has been created.
You can now login <a href="login.php">here</a>.';
}else {
// unset the action to display the registration form.
unset($_GET['action']);
}
}else {
$_SESSION['error'] = "Username and or Password was not supplied.";
unset($_GET['action']);
}
break;
}
}
// If the user is logged in display them a message.
if (loggedIn()) {
$sOutput .= '<h2>Already Registered</h2>
You have already registered and are currently logged in as: ' . $_SESSION['username'] . '.
<h4>Would you like to <a href="login.php?action=logout">logout</a>?</h4>
<h4>Would you like to go to <a href="index.php">site index</a>?</h4>';
// If the action is not set, we want to display the registration form
}elseif (!isset($_GET['action'])) {
// incase there was an error
// see if we have a previous username
$sUsername = "";
if (isset($_POST['username'])) {
$sUsername = $_POST['username'];
}
$sError = "";
if (isset($_SESSION['error'])) {
$sError = '<span id="error">' . $_SESSION['error'] . '</span><br />';
}
$sOutput .= '<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Truck World - Register</title>
<!-- Core CSS - Include with every page -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<!-- SB Admin CSS - Include with every page -->
<link href="css/sb-admin.css" rel="stylesheet">
</head>
<body>
<div align=center><img src="images/logintitle.png" alt="LoginTitle" /></div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Register To Join Truck World!</h3>
</div>
<div class="panel-body">
' . $sError . '
<form name="register" method="post" action="' . $_SERVER['PHP_SELF'] . '?action=register">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="Username" name="username" type="username" autofocus="">
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password" value="">
</div>
<div class="form-group">
<input class="form-control" placeholder="Email" name="email" type="email" value="">
</div>
<!-- Change this to a button or input when using this as a form -->
<input type="submit" class="btn btn-lg btn-success btn-block" name="submit" value="Register" />
<a href="login.php"class="btn btn-lg btn-success btn-block">Login</a>
</fieldset>';
}
$sOutput .= '</div>
</div>
</div>
</div>
</div>
<div align=center><h5><small>Copyright - Lewis Pickles 2014 - All Rights Reserved</small></h5></div>
<!-- Core Scripts - Include with every page -->
<script src="js/jquery-1.10.2.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/plugins/metisMenu/jquery.metisMenu.js"></script>
<!-- SB Admin Scripts - Include with every page -->
<script src="js/sb-admin.js"></script>
</body>
</html>
';
// display our output.
echo $sOutput;
?>
Functions.php (Not sure if this would need editing, I think it might, Correct me if I'm wrong)
<?php
function createAccount($pUsername, $pPassword) {
// First check we have data passed in.
if (!empty($pUsername) && !empty($pPassword)) {
$uLen = strlen($pUsername);
$pLen = strlen($pPassword);
// escape the $pUsername to avoid SQL Injections
$eUsername = mysql_real_escape_string($pUsername);
$sql = "SELECT username FROM users WHERE username = '" . $eUsername . "' LIMIT 1";
// Note the use of trigger_error instead of or die.
$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());
// Error checks (Should be explained with the error)
if ($uLen <= 4 || $uLen >= 11) {
$_SESSION['error'] = "Username must be between 4 and 11 characters.";
}elseif ($pLen < 6) {
$_SESSION['error'] = "Password must be longer then 6 characters.";
}elseif (mysql_num_rows($query) == 1) {
$_SESSION['error'] = "Username already exists.";
}else {
// All errors passed lets
// Create our insert SQL by hashing the password and using the escaped Username.
$sql = "INSERT INTO users (`username`, `password`) VALUES ('" . $eUsername . "', '" . hashPassword($pPassword, SALT1, SALT2) . "');";
$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());
if ($query) {
return true;
}
}
}
return false;
}
/***********
string hashPassword (string $pPassword, string $pSalt1, string $pSalt2)
This will create a SHA1 hash of the password
using 2 salts that the user specifies.
************/
function hashPassword($pPassword, $pSalt1="2345#$%@3e", $pSalt2="taesa%#@2%^#") {
return sha1(md5($pSalt2 . $pPassword . $pSalt1));
}
/***********
bool loggedIn
verifies that session data is in tack
and the user is valid for this session.
************/
function loggedIn() {
// check both loggedin and username to verify user.
if (isset($_SESSION['loggedin']) && isset($_SESSION['username'])) {
return true;
}
return false;
}
/***********
bool logoutUser
Log out a user by unsetting the session variable.
************/
function logoutUser() {
// using unset will remove the variable
// and thus logging off the user.
unset($_SESSION['username']);
unset($_SESSION['loggedin']);
return true;
}
/***********
bool validateUser
Attempt to verify that a username / password
combination are valid. If they are it will set
cookies and session data then return true.
If they are not valid it simply returns false.
************/
function validateUser($pUsername, $pPassword) {
// See if the username and password are valid.
$sql = "SELECT username FROM users
WHERE username = '" . mysql_real_escape_string($pUsername) . "' AND password = '" . hashPassword($pPassword, SALT1, SALT2) . "' LIMIT 1";
$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());
// If one row was returned, the user was logged in!
if (mysql_num_rows($query) == 1) {
$row = mysql_fetch_assoc($query);
$_SESSION['username'] = $row['username'];
$_SESSION['loggedin'] = true;
return true;
}
return false;
}
?>
The Database for the email is as follows:
Edited by Lewis2212, 06 August 2014 - 10:20 AM. Quote i want to store a value from a database and use it as variable in php code can anyone help me out in this code i want to store value of copies in a php variable and want that it should be more than 0 (zero) for furthur calculations $update_book="update book set copies=copies-1 where bookid='$bookid'"; $result=mysql_query($update_book,$linkID1); if($result) { print "<html><body background=\"header.jpg\"> <p>book successfully subtracted from database</p></body></html>"; } else { print "<html><body background=\"header.jpg\"> <p>problem occured</p></body></html>"; } Can anyone tell me whats wrong with this: The file uploads fine, the url however does not get posted to the database? I added a 'or die' but it didn't execute...Do I need to move the query higher up the script? <?php include ('base.php'); $id = $_GET['id']; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("upload/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "imgs/pictures/" . $_FILES["file"]["name"]); echo "Stored in: " . "upload/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } $file = $_FILES["file"]["name"]; $sql = "UPDATE `chillp_security`.`staff` SET `picture` = \'imgs/pictures/$file\' WHERE `staff`.`id` = $id;"; ?> Im making a application but many users can access it at the same time, also the data that needs to be stored into the database in 3 parts firstly the user will enter some details the comany will fill out the reamining details and the user will then accept or decline the companies proposal. The issue im havign will it be easier to just store all of this information into session variables and then save them into the database at the end when all of the details are ready ? Thank You |
|||||||