PHP - Should "secret Questions" Be Used To Allow Password Changes?

<?php
require_once('upper.php');
require_once('database.php');
echo $error_msg='';
if(isset($_POST['submit']))
{
$LoginId=mysqli_real_escape_string($dbc,trim($_POST['LoginId']));
$Password1=mysqli_real_escape_string($dbc,trim($_POST['Password1']));
$Password2=mysqli_real_escape_string($dbc,trim($_POST['Password2']));
$Name=mysqli_real_escape_string($dbc,trim($_POST['Name']));
$Age=mysqli_real_escape_string($dbc,trim($_POST['Age']));
$BloodGroup=mysqli_real_escape_string($dbc,trim($_POST['BloodGroup']));
if(!isset($_POST['Sex']))
{
echo 'Please enter Sex<br>';
}
else{
$Sex= mysqli_real_escape_string($dbc,trim($_POST['Sex']));
}
$Qualification=mysqli_real_escape_string($dbc,trim($_POST['Qualification']));
$ContactNumber=mysqli_real_escape_string($dbc,trim($_POST['ContactNumber']));
$Email=mysqli_real_escape_string($dbc,trim($_POST['Email']));
$Address=mysqli_real_escape_string($dbc,trim($_POST['Address']));
$AboutYourself=mysqli_real_escape_string($dbc,trim($_POST['AboutYourself']));
//$countCheck=count($_POST['checkbox']);
//echo $countCheck;
//$checkbox=$_POST['checkbox'];
//$countCheck=count($checkbox);
if(empty($LoginId)){echo 'Please enter Login Id';}
elseif(empty($Password1)){echo 'Please enter Password';}
elseif(empty($Password2)){echo 'Please confirm Password';}
elseif($Password1!==$Password2){echo 'Password didn\'t match';}
elseif(empty($Name)){echo 'Please enter Name';}
elseif(empty($Age)){echo 'Please enter Age';}
elseif(!isset($_POST['Sex'])){}
elseif(empty($Qualification)){echo 'Please enter Qualification';}
elseif(empty($ContactNumber)){echo 'Please enter Contact Number';}
elseif(empty($Email)){echo 'Please enter Email';}
elseif(empty($Address)){echo 'Please enter Address';}
elseif(empty($AboutYourself)){echo 'Please enter About Yourself';}
elseif(!isset($_POST['checkbox'])){ echo 'You have to register at least one activity.';}
elseif(!isset($_POST['TermsAndConditions'])){ echo 'You have to agree all Terms and Conditions of Elite Brigade.';}
else
{
require_once('database.php');
$query="select * from registration where LoginId='$LoginId'";
$result=mysqli_query($dbc,$query);
if(mysqli_num_rows($result)==0)
{
$checkbox=$_POST['checkbox'];
$countCheck=count($_POST['checkbox']);
$reg_id=' ';
for($i=0;$i<$countCheck;$i++)
{
$reg_id=$reg_id.$checkbox[$i].',';
$query="insert into activity_participation (LoginId,Title,Date) values ('$LoginId','$checkbox[$i]',CURDATE())";
$result=mysqli_query($dbc,$query) or die("Not Connected");
}
$query="insert into registration (LoginId,Password,Name,Age,BloodGroup,Sex,Qualification,ContactNumber,Email,Address,AboutYourself,Activity)values ('$LoginId'[B],SHA('$Password1'),[/B]'$Name','$Age','$BloodGroup','$Sex','$Qualification','$ContactNumber','$Email','$Address','$AboutYourself',',$reg_id')";
$result=mysqli_query($dbc,$query) or die("Not Connect");

echo ' Dear '.$Name.'.<br>Your request has been mailed to admin.<br>Your account is waiting for approval<br>';
$from= 'Elite Brigade';
$to='ankitp@rsquareonline.com';
$subject='New User Registration';
$message="Dear admin,\n\nA new user request for registration. Please check it out.\n\nRegards\nMicro";
mail($to,$subject,$message,'From:'.$from);
//header('Location: index.php');
// header('Location: Registration.php');
}
else
{
echo 'Dear '.$Name. ', <br> An account already exist with login-id<b> '.$LoginId.'</b> <br>Please try another login-id';
}}
}
?>

<html>
<head>
<script src="jquery-latest.js"></script>
  <script type="text/javascript" src="jquery-validate.js"></script>
<style type="text/css">
* { font-family: Verdana;  }

label.error {  color: white;  padding-left: .5em; }
p { clear: both; }
.submit { margin-left: 12em; }
em { font-weight: bold; padding-right: 1em; vertical-align: top; }
</style>
  <script>
  $(document).ready(function(){
    $("#commentForm").validate();
  });
  </script>
  
</head>

<body>

<?php
echo $error_msg; ?>

<form action='<?php echo $_SERVER['PHP_SELF'];?>' id="commentForm" method='post'>
<div class="registration_and_activity">

<table border="0" width="380">
<tr><td colspan="2">
<h3>New User?</h3></td></tr>
<tr><td width="120">

<em>*</em>Enter Login id</td><td width="150"><input type='text' name='LoginId'  minlength="4" value='<?php if(!empty($LoginId))echo $LoginId;?>' /></td></tr>
<tr><td>
<em>*</em>Enter Password</td> <td><head>
   <div id="divMayus" style="visibility:hidden">Caps Lock is on.</div>
   <SCRIPT language=Javascript>

function capLock(e){
 kc = e.keyCode?e.keyCode:e.which;
 sk = e.shiftKey?e.shiftKey:((kc == 16)?true:false);
 if(((kc >= 65 && kc <= 90) && !sk)||((kc >= 97 && kc <= 122) && sk))
  document.getElementById('divMayus').style.visibility = 'visible';
 else
  document.getElementById('divMayus').style.visibility = 'hidden';
}

</SCRIPT>
   </HEAD>
<input onkeypress='return capLock(event)' type='password' name='Password1' value='<?php if(!empty($Password1))echo $Password1;?>' /></td></tr>

<tr><td>
<em>*</em>Confirm Password</td><td><input type='password' name='Password2' value='<?php if(!empty($Password2))echo $Password2;?>' /></td></tr>
<tr><td width="120">
<em>*</em>Enter Name</td> <td><input type='text'  name='Name' value='<?php if(!empty($Name))echo $Name;?>' /></td></tr>
<tr><td>
<em>*</em>Enter Age</td><HEAD>
   <SCRIPT language=Javascript>
      
      function isNumberKey(evt)
      {
         var charCode = (evt.which) ? evt.which : event.keyCode
         if (charCode > 31 && (charCode < 48 || charCode > 57))
            return false;

         return true;
      }
  
  
     
   </SCRIPT>
   </HEAD>
<td><INPUT onkeypress='return isNumberKey(event)'  type='text' name='Age' value='<?php if(!empty($Age))echo $Age;?>'/></td></tr>

<tr><td>
<em>*</em>Enter Blood</td><td><input type='text' name='BloodGroup' value='<?php if(!empty($BloodGroup))echo $BloodGroup;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Sex</td><td><input type='radio' name='Sex'  style='width:16px; border:0;' 'value='Male' />Male   <input type='radio' name='Sex' style='width:16px; border:0;' 'value='Female' />Female</td></tr>

<tr><td>
<em>*</em>Enter Qualification</td><td><input type='text' name='Qualification'  value='<?php if(!empty($Qualification))echo $Qualification;?>' /></td></tr>

<tr><td>
<em>*</em>Contact Number </td><td><input onkeypress='return isNumberKey(event)'type='text'  name='ContactNumber' value='<?php if(!empty($ContactNumber))echo $ContactNumber;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Email</td><td><input type='text' name='Email'class="email" value='<?php if(!empty($Email))echo $Email;?>' /></td></tr>

<tr><td>
<em>*</em>Enter Address</td><td><input type='text'   name='Address' value='<?php if(!empty($Address))echo $Address;?>' /></td></tr>


<tr ><td >
<em>*</em>About Yourself </td></tr>
<tr><td colspan="2"><textarea rows='10' cols='40'  name='AboutYourself'  /><?php if(!empty($Address))echo $Address;?></textarea></td></tr>
<tr><td>

<?php echo"
<tr><td colspan='2'><em>*</em><b>Select fields for which you want to register</b></td></tr>";

require_once('database.php');
$query="select * from activity";
$result=mysqli_query($dbc,$query);
while($row=mysqli_fetch_array($result)){
$Title=$row['Title'];
$ActivityId=$row['ActivityId'];
echo "<tr><td>$Title</td>";
echo "<td><input type='checkbox' name='checkbox[]' value='$Title' style='width:14px; text-align:right;'/></td></tr>";//value=$ActivityId tells ActivityId variable extracts with name="checkbox"
echo "<br/>";
}
echo "<td><em>*</em><input type='checkbox' name='TermsAndConditions'  style='width:14px; text-align:right;'/></td><td> I agree all <a href='TermsAndConditions.php'>Terms and conditions </a>of Elite Brigade</td></tr>";
echo "<tr><td colspan='2' align='center'><input type='submit' value='Register' name='submit' style='background:url(./images/button_img2.png) no-repeat 10px 0px; width:100px; padding:3px 0 10px 0; color:#FEFBC4; border:0;'/></td></tr><br>";

echo " </td></tr></table>

</div>

</form>
</body>
</html>";
require_once('lower.php');

?>


Hi Friends ....
I encrypt user password by SHA('$Password') method but now i want to add "Forget Password Module" for which I need to decrypt it first before tell my user but I don't Know how to decrypt it.
Please help me........

Hi. I'll like to ask few questions about PHP, as I think they are related to it.   I've came across some webpages, what I've spotted is that a webpage displays content but each "page" has different argument and there is no filename. For example: "http://www.website.com/?home" is home-like webpage, by changing "/?home" to "/?anotherpage" land me on some other webpage on their website and so on. My question is how is it done? Is it done from PHP? Another question I wanted to ask is.. I went on InvisionPower.Board forum (such as this PHP Freaks  ). How to force "folders" to be displayed as "files"? For example: "http://forums.phpfre...ks-on-facebook/" which links to a thread.   Thanks in advance 

Howdy,

I am new to SEO. Could you please help me? 

1. I like to post programming tutorials to both my website & various programming forums. Is that going to screw up my website's ranking in Google?

2. My editor of my history website who sometimes posts essays there also posts them in some history forums. Is that bad for SEO?

3. I made a Facebook page for my history website. It says there "Promote your page" basically you pay $5 for around 100 likes. Has anyone tried that? Does it work? Because $5 seems like little money for additional 100 likes which will increase the traffic considerably.

Thank you so much for the help!

I've been coding PHP for some time and would consider myself to be at an intermediate level. I can write code to do what I need but it's probably not the best way to do it. I rarely see any code that I am not able to read, understand, or follow. I've created modifications for everything from vBulletin, WordPress, Kayako Support Suit, Magento, and more.

However, I've never really built a strong understanding around OOP. For example, let say you have the following classes:
_main
  -  db
  -  admin
  -  -  modules
  -  -  -  dashboard

How would you share the db connection with the dashboard class? I've been trying to read up on Dependency Injections and Singletons but I haven't found an article that has explained it on a level that I can understand. I get a feeling that most people who use OOP in PHP have a background in Java or C++ and are much more familiar with everything.

Could someone please explain this to me in simple terms or link me to an extremely well explained article that I'd be able to understand without a background in computer science?
Thanks

Hello everyone, I have been doing web developing for a little while and just recently decided to make the leap to developing standalone applications.  I started learning C++ and JAVA for this purpose, but quickly learned that PHP can also be used to this end, and since I am quite familiar with PHP, I thought it would make sense to start with PHP GTK.  But before I jump right in, I have a few questions that I would greatly appreciate some answers for:

Does PHP have any significant advantages/disadvantages over lower level languages such as C++ ?  I would imagine that PHP being originally designed for web programming would be less suited for stand alones.

I'm a little confused as to whether the GTK is a graphical user interphase software, the likes of QT and Netbeans,  or is it a markup language like HTML, where the widgets are generated with text commands?  Please I need a little clarification on that.  Also are there any other tools that need to be downloaded to get started besides the GTK?

Finally, am I supposed to learn OOP PHP to get going or is traditional procedural PHP sufficient?


Answers to any or all of the above questions and any other advice would be highly appreciated.

Thanks.

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=348665.0

Hello everyone,
I am a hobbyist with programming. I have been playing with Php, sql, html for several years. I am building a program to organize my club. I am starting out fairly simple and hope in a year for it to be powerful. If anyone can point in the right direction to find out how I can do several things I can get my first version done this week maybe. Here are the things I am trying to accomplish.

1.) a page that I can view records with a First record, previous Record, next Record, last record buttons. The page will pull the information from a table or tables out of my mysql database. I would like to have an update button so I can update records as I go through them and to be able to search buy typing in first name or last name. I know there are functions that will help me and I have been trying to figure out what classes on php.net

2.) Last question for now. All my pages that deal with mysql I have included all the connection information. I was thinking about making a class and add using a class on the pages to open the connection. Not sure if this would be easy, or the best way.


Thanks in advance. I am new and I am not looking for the exact code just place to start. I really want to learn php and sql to be able to build my own applications and fix them.

What I want is to let visitors select a county they want to search in.
And when the choice is made - all ads, news, info that is shown is from the chosen county.

What I'm trying to say here, is that when a location is set, visitors don't need to set the location again. But they can change it all the time.

I belive this is done by setting a cookie with PHP. But don't know how.

Can anyone point me in the right direction?

First what are the possible $_FILES['file']['type'] s of .zip. I know one is "application/x-zip-compressed" but are there any others (basically I need to check if the uploaded file is a .zip?
Second question; how could I extract the contents of .zip to a directory on the server without the use of FTP?

Thanks

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=348384.0

I basically have a picture uploading system for users. I have two questions:

1) What CHMOD should I use for the folders that are there for uploading files to? Currently it is 755, but I want it to be accessible and safe.

2) When I use the standard mkdir() function to create folders in my main parent folder, the folders don't get created. Is this because my parent folder is CHMOD 755?

Thanks

Good day, I have 2 questions about that. Here is the context. I have a list of items that i query from a database and insert in a table. The last field of the table is a input box to typpe in the quantity ("qty"). My first question, how can I associate the inputbox to product_id from the database for that item.

Code: [Select]
//database connecting is working

<? while($row = mysql_fetch_array($result))
{
echo "<tr><td>" . $row['product_code'] . "</td><td>" . $row['product_name'] .  "</td><td><input type='text' maxlength = '3' value='0'></td></tr>";
}


And my second question (any tutorial reference) about how to select only the items that the qty is not = 0 and pass it to another page either by sessions or other means.

Thank you

Hi all, I my hunt for better coding i thought i look at some opensource CMS systems and one thing I saw in the index.php of the joomla cms was this.


define('JPATH_BASE', dirname(__FILE__) );
define( 'DS', DIRECTORY_SEPARATOR );

require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );


Are they using DS to make it work on any platform instead of using a /  or a \   ?

Also they define JPATH_BASE,  now they use  dirname(__FILE__) for this. I read that __FILE__ tells from where the script is running. But in that same guide they gave as example dirname(dirname((__FILE__)) instead of only 1 time dirname() That was this website btw: http://www.phpguru.org/php-application-structure
can anyone tell why i would use dirname 2 times and not 1 or 3 or 4?

-edit: OK that last question don't needs an answer, i just put loads of dirname() around it and it seems it's moving up in the file system. Leaves my first still open