|
PHP - Another Set Of Eyes Required, Please
I am trying to update task based progress updates. I've got a very simple database that needs to be updated with:
Database name: progress
1. ID (auto increment)
2. admin (name of the project manager)
3. adminid (ID of the project manager in the project manager db)
4. member (name of the member of the project in the members db)
4. project (particular project being updated)
5. status (progress of the project as a number between 10 and 90)
6. timestamp
I have the following php script update insert a new line into my progress table:
if (!empty($_POST['progress'])) {
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$adminprogress = Input::get('admin');
$adminidprogress = Input::get('adminid');
$memberprogress = Input::get('member');
$projectprogress = Input::get('project');
$statusprogress = Input::get('status');
$timestamp = date('Y-m-d H:i:s');
$progressupdate = DB::getInstance()->insert(progress, array(
'admin' => $adminprogress,
'adminid' => $adminidprogress,
'member' => $memberprogress,
'project' => $projectprogress,
'status' => $statusprogress,
'timestamp' => $timestamp
));
Redirect::to('memberattire1.php');
}
}
}
And I have the following code in the body of my page:
<form method="post" action="">
<label>
<select name="status">
<option value=choose>---Please Select---</option>
<option value = "0">(10%) Bunker Registered</option>
<option value = "10">(20%) First discussions held</option>
<option value = "20">(30%) Initial research undertaken</option>
<option value = "30">(40%) Ideas shared</option>
<option value = "40">(50%) Enquiries made</option>
<option value = "50">(60%) Results of enquiries shared</option>
<option value = "60">(70%) Preferences shared</option>
<option value = "70">(80%) Decisions made</option>
<option value = "80">(90%) Decisions being executed</option>
<option value = "90">(100%) Project Completed</option>
</select>
</label>
<br><br>
<input type="hidden" name="member" value="<?php echo $membername; ?>">
<input type="hidden" name="admin" value="<?php echo $admin; ?>">
<input type="hidden" name="adminid" value="<?php echo $adminid; ?>">
<input type="hidden" name="project" value="attire1">
<input type="hidden" name="token" value="<?php if(isset($token)) { echo $token; } else { echo $token = Token::generate(); } ?>" >
<input type="submit" value="Submit Update" name="progress">
</form>
I know my $membername, $admin and $adminid are ok because I can simply echo them out to confirm them, so there is something silly in my coding that I've overlooked.
Can someone with a fresh pair of eyes see a typo or missed semi-colon or whatnot?
Many thanks for any help.
Similar TutorialsOk, I have been coding for a long time, but recently discovered I was doing things very sloppy and not very secure because register globals was on and I didn't know better. I am now in a globals off and having issues with a few scripts. In this case I am using post data and trying to retrieve data from a mysql db. The error is "Notice: Undefined variable: Item_Number in C:\wamp\www\MasterRetail\productupdate.php on line 8" I have searched and all the help I have found has not been of help, so I think I am probably over looking something fairly trivial. <?php $db = mysql_connect("localhost", "username here", ""); mysql_select_db("tablename",$db); // Get Variables Here. $_POST['Item_Number'] = '$Item_Number'; if ($Item_Number) { if ($submit) { $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql) or die($sql.'failed because '.mysql_error()); echo "Client Updated."; } else { // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); ?> And here is what the URL looks like "http://sandbox/masterretail/productupdate.php?Item_Number=34240" Please help so I can continue learning, I so far have fixed about 85% of the flaws I had in the application.. Parse error: syntax error, unexpected '{' in /home/content/54/6407054/html/test/adupload.php on line 31 <? include 'include/config.php'; $email = $_POST['email']; $code = $_POST['code']; $link = $_POST['link']; $sql = ( "SELECT * FROM ads WHERE email='$email' and code='$code' "); $result = mysql_query($sql); $count = mysql_num_rows($result); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/jpg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 5000000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { $_FILES["file"]["name"] = str_replace(" ", "_", $_FILES["file"]["name"]); if (file_exists("images/ads/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else ($count==1) { move_uploaded_file($_FILES["file"]["tmp_name"], "images/ads/" . $_FILES["file"]["name"]); $name = $_FILES["file"]["name"]; } header("Location: http://www.google.com"); } } } else { echo "Invalid file"; } ?> line 31 is here 29: && ($_FILES["file"]["size"] < 5000000)) 30: 31: { 32: 33: if ($_FILES["file"]["error"] > 0) I have a simple login - logout script as it stands working fine.. I can loggin get the proper message, choose to logout get the proper message and all sessions are being destroyed proper.. problem is when I try to go back directly to the member.php page it's given me an error of Notice: Undefined index: username in C:\wamp\www\protek\member.php on line 4 but still also telling me I have to be logged in to view this file <?php session_start(); if ($_SESSION['username']) { echo "Welcome, ".$_SESSION['username']."!<BR>"; echo "<a href=\"logout.php\">LOGOUT</a>"; } else { die("Your Have To Be Logged In To View This Page"); } ?> Hi Guys, What am I missing here Code: [Select] $lside_content2 .= "<tr><td> <a class=\"bl\" href = \"quiz_int3.php?id=$row[id]&pagenum=$pagenum\" target='_self'> $row[title]</a> ". echo ThumbsUp::item($row['id']); ."</p></td></tr>"; } I'm getting this error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING thank you for your help! Can anyone see any reason why the inputs in this form do not save any values entered into the database. Yet the selects and textareas do! Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Job Sheet</title> <link rel="stylesheet" type="text/css" href="styles.css"> </head> <body> <?php if(isset($_POST['submitform'])) { include('config-jobs.php'); //Parse & Escape form values $jobclient = mysql_real_escape_string(trim($_POST['jobclient'])); $jobbriefedby = mysql_real_escape_string(trim($_POST['jobbriefedby'])); $jobmanager = mysql_real_escape_string(trim($_POST['jobmanager'])); $jobdesc = mysql_real_escape_string(trim($_POST['jobdesc'])); $jobdate = mysql_real_escape_string(trim($_POST['jobdate'])); $joblocation = mysql_real_escape_string(trim($_POST['joblocation'])); $jobbrief = mysql_real_escape_string(trim($_POST['jobbrief'])); $jobassets = mysql_real_escape_string(trim($_POST['jobassets'])); //Create & Run insert query $query = "INSERT INTO jobnumbers (jobclient, jobbriefedby, jobmanager, jobdesc, jobdate, joblocation, jobbrief, jobassets) VALUES ('$jobclient', '$jobbriefedby', '$jobmanager', '$jobdesc', '$jobdate', '$joblocation', '$jobbrief', '$jobassets')"; $result = mysql_query($query); if (!$result) { //Query failed, display error echo"Error: <br />\n" . mysql_error() . "<br />\nQuery:<br />\n{$query}\n"; } else { //Display job id of inserted record. $id = mysql_insert_id(); $jobid = str_pad($id, 6, '0', STR_PAD_LEFT); $jobnum = "{$jobclient}-{$jobid}"; $query2 = "UPDATE jobnumbers SET jobnum = '$jobnum' WHERE jobid = '$id'"; $result2 = mysql_query($query2); if(!result2) { //Query failed, display error echo"Error 2: <br />\n" . mysql_error() . "<br />\nQuery:<br />\n{$query}\n"; }else{ echo"A new job has been added to the system. The ref number is $jobnum."; } } } ?> <div id="job-sheet"> <div id="job-sheet-inner"> <h1 class="job-sheet-h1">Job Sheet</h1> <h2 class="job-sheet-h2">No work will be accepted without a completed job sheet</h2> <form action="#" method="post"> <table cellpadding="0" cellspacing="0"> <tr> <td class="job-sheet-td-left">Client:</td> <td class="job-sheet-td-right"> <select id="jobclient" name="jobclient" class="job-sheet-select"> <?php include('config-jobs.php'); // Retrieve data from database $sql=" SELECT * FROM clients ORDER BY client_name ASC "; $result=mysql_query($sql); // Start looping rows in mysql database. while($rows=mysql_fetch_array($result)){ ?> <option value="<?php echo $rows['client_code']; ?>"><?php echo $rows['client_name']; ?></option> <?php // close while loop } // close connection mysql_close(); ?> </select> </td> </tr> <tr> <td class="job-sheet-td-left">Briefed By:</td> <td class="job-sheet-td-right"> <select id="jobbriefedby" name="jobbriefedby" class="job-sheet-select"> <?php include('config-clients.php'); // Retrieve data from database $sql=" SELECT staff_name FROM staff_list ORDER BY staff_name ASC "; $result=mysql_query($sql); // Start looping rows in mysql database. while($rows=mysql_fetch_array($result)){ ?> <option><?php echo $rows['staff_name']; ?></option> <?php // close while loop } // close connection mysql_close(); ?> </select> </td> </tr> <tr> <td class="job-sheet-td-left">Account Manager:</td> <td class="job-sheet-td-right"> <select id="jobmanager" name="jobmanager" class="job-sheet-select"> <?php include('config-clients.php'); // Retrieve data from database $sql=" SELECT staff_name FROM staff_list ORDER BY staff_name ASC "; $result=mysql_query($sql); // Start looping rows in mysql database. while($rows=mysql_fetch_array($result)){ ?> <option><?php echo $rows['staff_name']; ?></option> <?php // close while loop } // close connection mysql_close(); ?> </select> </td> </tr> <tr> <td class="job-sheet-td-left">Job Description:</td> <td class="job-sheet-td-right"><input type="text" id="jobdesc" name"jobdesc" class="job-sheet-input" value="Test Description" /></td> </tr> <tr> <td class="job-sheet-td-left">Date Required:</td> <td class="job-sheet-td-right"><input type="text" id="jobdate" name"jobdate" class="job-sheet-input" value="Test Date" /></td> </tr> <tr> <td class="job-sheet-td-left">Assets Located:</td> <td class="job-sheet-td-right"><input type="text" id="joblocation" name"joblocation" class="job-sheet-input " value="digital/kisumu/images/spring-summer-images" /></td> </tr> <tr> <td class="job-sheet-td-top" colspan="2">Brief:</td> </tr> <tr> <td class="job-sheet-td-bot" colspan="2"><textarea id="jobbrief" name="jobbrief" class="job-sheet-text" >Include as much information as possible</textarea></td> </tr> <tr> <td class="job-sheet-td-top" colspan="2">Assets Required:</td> </tr> <tr> <td class="job-sheet-td-bot" colspan="2"><textarea id="jobassets" name="jobassets" class="job-sheet-text">Include details of any logos, fonts, images, colours etc.</textarea></td> </tr> <tr> <td class="job-sheet-bot" colspan="2"><input type="submit" id="submitform" name="submitform" class="job-sheet-submit" value="Submit Job" /></td> </tr> </table> </form> </div><!-- /job-sheet-inner --> </div><!-- /job-sheet --> </body> </html> Parse error: syntax error, unexpected '(', expecting T_STRING or T_VARIABLE or T_NUM_STRING... I'm getting this error for this line: if ((int)$row['loyalty']<20) Thanks in advanced. Code: [Select] <?php session_start(); $successMsg = ''; $staff_id = $_SESSION['sid']; include_once "scripts/connect_to_mysql.php"; $customer_id = $_GET['cid']; $customer_id = mysql_real_escape_string($customer_id ); $customer_id = eregi_replace("`", "", $customer_id); $cust_project_id = $_GET['pid']; $cust_project_id = mysql_real_escape_string($cust_project_id ); $cust_project_id = eregi_replace("`", "", $cust_project_id); if (isset($_POST['billing_contact_fax_form_field_box'])){ $billing_contact_fname_form_field_box = $_POST['billing_contact_fname_form_field_box']; $billing_contact_lname_form_field_box = $_POST['billing_contact_lname_form_field_box']; $billing_contact_address_form_field_box = $_POST['billing_contact_address_form_field_box']; $billing_contact_city_form_field_box = $_POST['billing_contact_city_form_field_box']; $billing_contact_state_form_field_box = $_POST['billing_contact_state_form_field_box']; $billing_contact_zip_form_field_box = $_POST['billing_contact_zip_form_field_box']; $billing_contact_email_form_field_box = $_POST['billing_contact_email_form_field_box']; $billing_contact_phone_form_field_box = $_POST['billing_contact_phone_form_field_box']; $billing_contact_fax_form_field_box = $_POST['billing_contact_fax_form_field_box']; $billing_contact_pref_meth_contact_form_field_box = $_POST['billing_contact_pref_meth_contact_form_field_box']; $billing_contact_cc_billed_form_field_box = $_POST['billing_contact_cc_billed_form_field_box']; $sql = mysql_query("UPDATE billing_info SET contact_fname='$billing_contact_fname_form_field_box',contact_lame='$billing_contact_lname_form_field_box',address='$billing_contact_address_form_field_box',city='$billing_contact_city_form_field_box',state='$billing_contact_state_form_field_box',zip='$billing_contact_zip_form_field_box',email='$billing_contact_email_form_field_box',phone='$billing_contact_phone_form_field_box',fax='$billing_contact_fax_form_field_box',pref_meth_contact='$billing_contact_pref_meth_contact_form_field_box',cc_billed='$billing_contact_cc_billed_form_field_box' WHERE proj_id='$cust_project_id'"); $successMsg = '<p style="font-family:Myriad Web Pro" style="font-size:10px" style="color:#666">You have successfully updated the company\'s General Information.<br /><br /> <a href="javascript:window.close();">Close</a></p>'; echo $successMsg; exit(); } ?> I have played around with this for SOOOOO long. I have 2 other scripts that are almost exact replicas of this script. Only difference is they are communicating with a different table...but its basically the EXACT same structure of code and functions. My tables consist of some int values, some varchar values, and the data submitted in these variables should get written to the table where the project ID is = to the id I'm working with. All of that seems to be working fine but whenever I enter the info into the form and submit, NOTHING gets written to my table....I'm completely STUMPED and P-O'd that I just wasted a complete 2 hours doing guess and check and cross comparing scripts. I can't find a thing!!!! Below is my html.....hopefully someone smarter than me can put 2 and 2 together because obviously I am an idiot!!!! Also its organized so well that you would think diagnosing the issue would be simple....not the case. I am totally and utterly stumped. I will even add my other code that works to show you what I mean. Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link rel="stylesheet" type="text/css" href="style.css"/> <script type="text/javascript"> <!-- Form Validation --> function validate_form ( ) { valid = true; if ( document.form.billing_contact_fname_form_field_box.value == "" ) { alert ( "Please fill out the First Name field." ); valid = false; } if ( document.form.billing_contact_lname_form_field_box.value == "" ) { alert ( "Please fill out the Last Name field." ); valid = false; } if ( document.form.billing_contact_address_form_field_box.value == "" ) { alert ( "Please fill out the Address field." ); valid = false; } if ( document.form.billing_contact_city_form_field_box.value == "" ) { alert ( "Please fill out the City field." ); valid = false; } if ( document.form.billing_contact_state_form_field_box.value == "" ) { alert ( "Please fill out the State field." ); valid = false; } if ( document.form.billing_contact_zip_form_field_box.value == "" ) { alert ( "Please fill out the Zip field." ); valid = false; } if ( document.form.billing_contact_email_form_field_box.value == "" ) { alert ( "Please fill out the Email field." ); valid = false; } if ( document.form.billing_contact_phone_form_field_box.value == "" ) { alert ( "Please fill out the Phone field." ); valid = false; } if ( document.form.billing_contact_fax_form_field_box.value == "" ) { alert ( "Please fill out the Fax field." ); valid = false; } return valid; } <!-- Form Validation --> </script> </head> <body> <div id="pg_container"> <!--PAGE CONTAINER--> <div id="pgbdy_container"> <div id="pgbdy"> <div id="bdy_header"></div> <div id="bdy_content_area"> <div id="bdy_content_general_info"> <div id="bdy_form_header"> <p> Please complete the Billing Information form below.<br /> <i>Fields marked with a</i> <b>*</b> <i>are required fields.</i> </p> </div> <form action="" method="post" enctype="multipart/form-data" id="form" name="form" onsubmit="return validate_form ( );"> <!--BILLING CONTACT FIRST NAME--> <div id="billing_contact_fname_form"> <div id="billing_contact_fname_form_text"> <p>*First Name:</p> </div> <div id="billing_contact_fname_form_field"> <input name="billing_contact_fname_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT FIRST NAME--> <!--BILLING CONTACT LAST NAME--> <div id="billing_contact_lname_form"> <div id="billing_contact_lname_form_text"> <p>*Last Name:</p> </div> <div id="billing_contact_lname_form_field"> <input name="billing_contact_lname_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT LAST NAME--> <!--BILLING CONTACT ADDRESS NAME--> <div id="billing_contact_address_form"> <div id="billing_contact_address_form_text"> <p>*Address:</p> </div> <div id="billing_contact_address_form_field"> <input name="billing_contact_address_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT ADDRESS NAME--> <!--BILLING CONTACT CITY NAME--> <div id="billing_contact_city_form"> <div id="billing_contact_city_form_text"> <p>*City:</p> </div> <div id="billing_contact_city_form_field"> <input name="billing_contact_city_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT CITY NAME--> <!--BILLING CONTACT STATE NAME--> <div id="billing_contact_state_form"> <div id="billing_contact_state_form_text"> <p>*State:</p> </div> <div id="billing_contact_state_form_field"> <input name="billing_contact_state_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT STATE NAME--> <!--BILLING CONTACT ZIP NAME--> <div id="billing_contact_zip_form"> <div id="billing_contact_zip_form_text"> <p>*Zip:</p> </div> <div id="billing_contact_zip_form_field"> <input name="billing_contact_zip_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT ZIP NAME--> <!--BILLING CONTACT EMAIL NAME--> <div id="billing_contact_email_form"> <div id="billing_contact_email_form_text"> <p>*Email:</p> </div> <div id="billing_contact_email_form_field"> <input name="billing_contact_email_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT EMAIL NAME--> <!--BILLING CONTACT PHONE NAME--> <div id="billing_contact_phone_form"> <div id="billing_contact_phone_form_text"> <p>*Phone:</p> </div> <div id="billing_contact_phone_form_field"> <input name="billing_contact_phone_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT PHONE NAME--> <!--BILLING CONTACT FAX NAME--> <div id="billing_contact_fax_form"> <div id="billing_contact_fax_form_text"> <p>Fax:</p> </div> <div id="billing_contact_fax_form_field"> <input name="billing_contact_fax_form_field_box" type="text" /> </div> </div> <!--BILLING CONTACT FAX NAME--> <!--BILLING CONTACT PREFERRED METHOD OF CONTACT NAME--> <div id="billing_contact_pref_meth_contact_form"> <div id="billing_contact_pref_meth_contact_form_text"> <p>*Preferred Method of Contact:</p> </div> <div id="billing_contact_pref_meth_contact_form_field"> <select name="billing_contact_pref_meth_contact_form_field_box"> <option value="Email">Email</option> <option value="Phone">Phone</option> <option value="Fax">Fax</option> <option value="">Physical Mail</option> </select> </div> </div> <!--BILLING CONTACT PREFERRED METHOD OF CONTACT NAME--> <!--BILLING CONTACT CREDIT CARD OR BILLED NAME--> <div id="billing_contact_cc_billed_form"> <div id="billing_contact_cc_billed_form_text"> <p>*Will the customer pay with Credit Card or will they be billed (Credit must be approved before ordering)?</p> </div> <div id="billing_contact_cc_billed_form_field"> <select name="billing_contact_cc_billed_form_field_box"> <option value="Credit Card">Credit Card</option> <option value="Billed">Billed</option> </select> </div> </div> <!--BILLING CONTACT CREDIT CARD OR BILLED NAME--> <!-- SUBMIT BUTTON --> <div id="submit_billing_info"> <input name="submit_billing_info" type="submit" /> </div> <!-- SUBMIT BUTTON --> </form> </div> </div> </div> </div> <!--PAGE CONTAINER--> </div> </body> </html> Now here is the code that works in its entirety....please note that the above is broken up just as it would be seen on the page. PHP at the top and then the HTML. It mimics the script I am about to paste below. Please help meeeeeeee!!!! Code: [Select] <?php session_start(); $successMsg = ''; $staff_id = $_SESSION['sid']; include_once "scripts/connect_to_mysql.php"; $customer_id = $_GET['cid']; $customer_id = mysql_real_escape_string($customer_id ); $customer_id = eregi_replace("`", "", $customer_id); $cust_project_id = $_GET['pid']; $cust_project_id = mysql_real_escape_string($cust_project_id ); $cust_project_id = eregi_replace("`", "", $cust_project_id); if (isset($_POST['company_name'])){ $company_name = ereg_replace("[[^A-Z a-z0-9]]", "", $_POST['company_name']); // filter everything but numbers and letters $customer_fname = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_fname']); // filter everything but spaces, numbers, and letters $customer_lname = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_lname']); // filter everything but spaces, numbers, and letters $customer_address = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_address']); // filter everything but spaces, numbers, and letters $customer_city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_city']); // filter everything but numbers and letters $customer_state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['customer_state']); // filter everything but numbers and letters $customer_zip = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_zip']); // filter everything but numbers and letters $customer_email = stripslashes($_POST['customer_email']); $customer_email = strip_tags($customer_email); $customer_email = mysql_real_escape_string($customer_email); $customer_phone = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_phone']); // filter everything but spaces, numbers, and letters $customer_fax = ereg_replace("[^A-Za-z0-9]", "", $_POST['customer_fax']); // filter everything but spaces, numbers, and letters $cust_pre_meth_contact = $_POST['cust_pre_meth_contact']; // filter everything but spaces, numbers, and letters $date_of_entry = date("F j, Y, g:i a"); $sql = mysql_query("UPDATE company_info SET company_name='$company_name',contact_fname='$customer_fname',contact_lname='$customer_lname', address='$customer_address', city='$customer_city', state='$customer_state', zip='$customer_zip', email='$customer_email', phone='$customer_phone', fax='$customer_fax',pref_meth_contact='$cust_pre_meth_contact',entry_date='$date_of_entry' WHERE proj_id='$cust_project_id'"); $successMsg = '<p style="font-family:Myriad Web Pro" style="font-size:13px" style="color:#666">You have successfully updated <b>' . $company_name . '\'s</a></b> Company Information.<br /><br /> <a href="javascript:window.close();">Close</a></p>'; echo $successMsg; exit(); } $sql = mysql_query("SELECT * FROM company_info WHERE proj_id='$cust_project_id' LIMIT 1"); while ($row = mysql_fetch_array($sql)) { $company_name = $row["company_name"]; $company_contact_fname = $row["contact_fname"]; $company_contact_lname = $row["contact_lname"]; $company_address = $row["address"]; $customer_city = $row["city"]; $customer_state = $row["state"]; $customer_zip = $row["zip"]; $customer_email = $row["email"]; $customer_phone = $row["phone"]; $customer_fax = $row["fax"]; $cust_pre_meth_contact = $row["pref_meth_contact"]; $cust_entry_date = $row["entry_date"]; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link rel="stylesheet" type="text/css" href="style.css"/> <script type="text/javascript"> <!-- Form Validation --> function validate_form ( ) { valid = true; if ( document.form.company_name.value == "" ) { alert ( "Company Name field must not be blank." ); valid = false; } if ( document.form.customer_fname.value == "" ) { alert ( "Customer Address field must not be blank." ); valid = false; } if ( document.form.customer_lname.value == "" ) { alert ( "Customer Address field must not be blank." ); valid = false; } if ( document.form.customer_address.value == "" ) { alert ( "Customer Address field must not be blank." ); valid = false; } if ( document.form.customer_city.value == "" ) { alert ( "Customer City field must not be blank." ); valid = false; } if ( document.form.customer_state.value == "" ) { alert ( "Customer State field must not be blank." ); valid = false; } if ( document.form.customer_zip.value == "" ) { alert ( "Customer Password field must not be blank." ); valid = false; } if ( document.form.customer_email.value == "" ) { alert ( "Customer Email field must not be blank." ); valid = false; } if ( document.form.customer_phone.value == "" ) { alert ( "Customer Phone field must not be blank." ); valid = false; } if ( document.form.customer_fax.value == "" ) { alert ( "Customer Fax field must not be blank." ); valid = false; } return valid; } <!-- Form Validation --> </script> </head> <body> <div id="pg_container"> <!--PAGE CONTAINER--> <div id="pgbdy_container"> <div id="pgbdy"> <div id="bdy_header"></div> <div id="bdy_content_area"> <div id="bdy_content"> <div id="bdy_form_header"> <p> Create a new customer by filling out the form below.<br /> <i>Fields marked with a</i> <b>*</b> <i>are required fields.</i> </p> </div> <form action="edit_company_info.php?sid=<?php echo "$staff_id"; ?>&cid=<?php echo "$customer_id"; ?>&pid=<?php echo "$cust_project_id"; ?>" method="post" id="form" name="form" enctype="multipart/form-data" onsubmit="return validate_form ( );"> <!-- COMPANY NAME --> <div id="company_name_form"> <div id="company_name_text"> <p> Company Name: </p> </div> <div id="company_name_field"> <input name="company_name" type="text" id="company_name" value="<?php echo "$company_name"; ?>" /> </div> </div> <!--COMPANY NAME--> <!-- CUSTOMER FIRST NAME --> <div id="customer_fname_form"> <div id="customer_fname_text"> <p> Contact First Name: </p> </div> <div id="customer_fname_field"> <input name="customer_fname" type="text" id="customer_fname" value="<?php echo "$company_contact_fname"; ?>" /> </div> </div> <!-- CUSTOMER FIRST NAME --> <!-- CUSTOMER LAST NAME --> <div id="customer_lname_form"> <div id="customer_lname_text"> <p> Contact Last Name: </p> </div> <div id="customer_lname_field"> <input name="customer_lname" type="text" id="customer_lname" value="<?php echo "$company_contact_lname"; ?>" /> </div> </div> <!-- CUSTOMER LAST NAME --> <!-- CUSTOMER ADDRESS --> <div id="customer_address_form"> <div id="customer_address_text"> <p> Address: </p> </div> <div id="customer_address_field"> <input name="customer_address" type="text" id="customer_address" value="<?php echo "$company_address"; ?>" /> </div> </div> <!--CUSTOMER ADDRESS--> <!-- CUSTOMER CITY --> <div id="customer_city_form"> <div id="customer_city_text"> <p> City: </p> </div> <div id="company_name_field"> <input name="customer_city" type="text" id="customer_city" value="<?php echo "$customer_city"; ?>" /> </div> </div> <!--CUSTOMER CITY--> <!-- CUSTOMER STATE --> <div id="customer_state_form"> <div id="customer_state_text"> <p> State: </p> </div> <div id="customer_state_field"> <input name="customer_state" type="text" id="customer_state" value="<?php echo "$customer_state"; ?>" /> </div> </div> <!--CUSTOMER STATE--> <!-- CUSTOMER ZIP --> <div id="customer_zip_form"> <div id="customer_zip_text"> <p> Zip: </p> </div> <div id="customer_zip_field"> <input name="customer_zip" type="text" id="customer_zip" value="<?php echo "$customer_zip"; ?>" /> </div> </div> <!--CUSTOMER ZIP--> <!-- CUSTOMER EMAIL --> <div id="customer_email_form"> <div id="customer_email_text"> <p> Email: </p> </div> <div id="customer_email_field"> <input name="customer_email" type="text" id="customer_email" value="<?php echo "$customer_email"; ?>" /> </div> </div> <!--CUSTOMER EMAIL--> <!-- CUSTOMER PHONE--> <div id="customer_phone_form"> <div id="customer_phone_text"> <p> Phone: </p> </div> <div id="customer_phone_field"> <input name="customer_phone" type="text" id="customer_phone" value="<?php echo "$customer_phone"; ?>" /> </div> </div> <!--CUSTOMER PHONE--> <!-- CUSTOMER FAX--> <div id="customer_fax_form"> <div id="customer_fax_text"> <p> Fax: </p> </div> <div id="customer_fax_field"> <input name="customer_fax" type="text" id="customer_fax" value="<?php echo "$customer_fax"; ?>" /> </div> </div> <!--CUSTOMER FAX--> <!-- CUSTOMER PREFERRED METHOD OF CONTACT --> <div id="cust_pre_meth_contact_form"> <div id="cust_pre_meth_contact_text"> <p> What is the customer's preferred method of contact?<br /> <select name="cust_pre_meth_contact"> <option value="Email">Email</option> <option value="Fax">Fax</option> <option value="Phone">Phone</option> <option value="Physical Mail">Physical Mail</option> </select> </p> </div> </div> <!--CUSTOMER PREFERRED METHOD OF CONTACT --> <!-- SUBMIT BUTTON --> <div id="submit_new_customer_form"> <div id="submit_new_customer_button"> <p> <input name="submit_new_customer_info" type="submit" id="submit_new_customer" value="Update Customer Company Info" /> </p> </div> </div> </form> <!--SUBMIT BUTTON--> </div> </div> </div> </div> <!--PAGE CONTAINER--> </div> </body> </html> I've been hacking at this for 3 hours now.. My syntax seems to be screwed up on something, but I cannot find it for the life of me! Error thrown is obvious I am missing or have something nested wrong! Parse error: parse error in C:\wamp\www\php\php_study\login_processor.php on line 22 Here is my code. Error is being thrown on the line of the elseif statment. <?php include('db_cxn.php'); $cxn = mysqli_connect($host, $user, $pass, $db) or die("Query died: connect"); $sql = "SELECT username FROM users WHERE username = '$_POST[username]'"; $result = mysqli_query($cxn, $sql) or die("Query Died: username"); $num = mysqli_num_rows($result); if ($num > 0) { $sql = "SELECT username FROM users WHERE username='$_POST[username]' AND password=md5('$_POST[password]')"; $result2 = mysqli_query($cxn, $sql) or die("Query died: password"); $num2 = mysqli_num_rows($result2); if ($num2 > 0) { $_SESSION['auth']; $_SESSION['logname'] = $_SESSION['username']; } //if ($num2 > 0) header("Location: the_secret_page.php"); } //if ($num > 0) else { $message1 = "The login name, '$_POST[username]' does not exist in the database. Please try again"; $username = strip_tags(trim($_POST[username])); include('login_form.php'); } //else elseif ($num == 0) { $message1 = "The username you entered does not exist. Please try again.s"; include("login_form.php"); } //elseif ($num == 0) ?> I don't think my form html/php code is necessary, but I'll include it for reference: <h1>Login Form</h1> <?php $fields_1 = array("username" => "User Name", "password" => "Password"); ?> <form method="post" action="login_processor.php"> <fieldset> <legend>Login Form</legend> <?php if (isset($message_1)) { echo "$message_1"; } //if (isset($message_1)) foreach ($fields_1 as $field => $value) { if (preg_match("/pass/i", $field)) $type = "password"; else $type = "text"; echo "<div id='field'> <label for='$field'>$value</label> <input id='$field' name='$field' type='$type' value='" . @$$field . "' size='20' maxlength='50' /> </div>\n"; } //foreach ($fields_1 as $field => $value) ?> <input type="submit" name="Button" value="Login" /> </fieldset> </form> I am trying to insert into my database and it's just not having non of it. No errors are comming up at all, but no data is getting passed through. Code: [Select] if(isset($_POST['sub'])) { include("../scrips/php/cms/database.insert.class.php"); $table = "blog_posts"; $title = $_POST['ArticleTitle']; $img = "2"; $post = $_POST['ArticleBody']; $aurthor_id = "1"; $category_id = "4"; $date_posted = "NOW()"; $values = array("$title","$img","$post","$aurthor_id","$category_id","$date_posted"); $fields = array('title','img','post','aurthor_id','category_id','date_posted'); //echo $values['0']."<br/>".$fields['0']; //$obj->ArticleInsert($table,$fields,$tvalues); $values_imploded = implode("','",$values); $fields_imploded = implode(",",$fields); $i = "INSERT INTO $table ($values_imploded) VALUES ($fields_imploded)"; mysql_query($i) or die( "<br>Query string: <br>Produced error: " . mysql_error() );; } Hello We have a series of sites that use Google API to serve locations stored in local DB, that show google maps from within given PHP pages within our sites (these pages also have other db driven content we wish to keep.... Each 'member' in our sites, they each have a google map shown on each page present for their 'location' menu tab... These calls to the google map API, often goes over our daily allotment of freebie map presentations from the google API It is SE and other Bots that run these view numbers off the charts and prevent the google maps from loading the actual maps - we get a google map err message - advising that maximum views have been reached... (we see this in our server error logs) Thoughts on how i can serve this map code to only legit http requests (human eyes) or at least reduce the burden of bot crawl requests to the google API? here is the code we use to call the maps - We need to encapsulate Google Map Display in a snippet that will block it from getting hit by bots.... Huge Thanks! Code: [Select] <form target="_blank" method="GET" action="http://maps.google.com/maps"> <input type="hidden" name="daddr" value="<? echo "$address, $city, $state $zip $country" ?>"> <?php display_tooltip("Please enter your starting point in the form address, city, state zip country or simply enter your city", "mapdir");?> <input type="text" name="saddr" value="your starting point" onfocus=this.select()> <input class="clickableL" type="submit" value="Map and Directions"> </form> Hi Friends, I am trying to do an API with oracle database. The JSON request from 3rd party will look like below. {
"contact_id": "1",
"serial_no": "100",
"name": "baby",
"inv_date": "2018-06-27",
"due_date": "2018-06-27",
"currency": "KD",
"subtotal": "143",
"tax_total": "13",
"shipment_data": [
{
"serial_no": "33",
"master_no": "55",
"house_no": "77",
"cost_revenue_items": [
{
"charge_ref": "rr",
"currency": "INR",
"quantity": "2",
"selling_rate": "45",
"exchange_rate": "7",
"taxes": [
{
"serial_no": "1",
"ref": "INR",
"voiding_remarks": "oo"
},{
"serial_no": "2",
"ref": "KWD",
"voiding_remarks": "asd"
}
]
}
]
}
]
}
how to handle request for JSON in which master is updated (PUT) and child record is (Either INSERTED, UPDATED or DELETED) ? Trying to make the email field in my form mandatory. Im new to php, more used to javascript but from everything i have read php is more universal. Here is my code, any help would be great. Code: [Select] <?php $emailsubject = 'Golf Registration'; $webMaster = 'dustin@duncantek.com'; $namea = $_POST['namea']; $nameb = $_POST['nameb']; $namec = $_POST['namec']; $named = $_POST['named']; $total = $_POST['total']; $sponsor = $_POST['sponsor']; $email = $_POST['email']; $comments = $_POST['comments']; $body = <<<EOD <br><hr><br> Golfer1: = $namea <br> Golfer2: = $nameb <br> Golfer3: = $namec <br> Golfer4: = $named <br> Total Owed: = $total <br> Sponsorship Name: = $sponsor <br> Comments: = $comments<br> EOD; $headers = "From: $email\r\n"; $headers .= "Content-type: text/html\r\n"; $success = mail($webMaster, $emailsubject, $body, $headers); $theResults = <<<EOD <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Thanks For Registering</title> <link href="golf-website.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="border"> <div class="name">Thanks For Registering!</div> <div id="links_bg"> <div class="toplinks"><a href="default.html">Homepage</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">About Us</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Donations</a></div> <div class="toplinks"><a href="tourneyinfo.html">Events</a></div> <div class="toplinks"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Contact us</a></div> </div> <div class="gap"></div> </div> </div> <div id="heading-bg"> <div align="left">Registration Complete</div> </div> <div id="main"> <p>Thank you for taking the time to register, we will email you back shortly to confirm registration along with an invoice via paypal. This is strictly for your convenience, we will also accept payment at the course on the day of the tournament. Thanks Again!</p> </div> <div id="bottom"> <div class="bottomlink"><a href="default.html">Home</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="aboutus.html">About Us</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Donations</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="tourneyinfo.html">Events</a></div> <div class="sap">|</div> <div class="bottomlink"><a href="file:///C|/Users/Dustin/Desktop/Templates/Golf-Website/index.html">Contact Us</a></div> </div> <center><div class="quicklinks"></div> </div> </body> </html> EOD; echo "$theResults"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Tournament Info</title> <link href="golf-website.css" rel="stylesheet" type="text/css" /> </head> <body> <td width="104"><label for="namea"> <div align="right">Golfer #1:</div> </label> </td> <td width="387"><div align="left"> <input name="namea" type="text" id="namea" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="name2"> <div align="right">Golfer #2:</div> </label> </td> <td><div align="left"> <input name="nameb" type="text" id="nameb" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="namec"> <div align="right">Golfer #3:</div> </label> </td> <td><div align="left"> <input name="namec" type="text" id="namec" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="named"> <div align="right">Golfer #4:</div> </label> </td> <td><div align="left"> <input name="named" type="text" id="named" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"></div></td> <td><div align="left">The option to sponsor a hole is also available, the price per hole is $200.00, please enter in the box below what you would like the sponsorship to be if any.</div></td> </tr> <tr> <td><div align="right"> <label for="total">Total:</label> </div></td> <td><div align="left"> <input name="total" type="text" id="total" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"> <label for="sponsor">Sponsorship:</label> </div></td> <td><div align="left"> <input name="sponsor" type="text" id="sponsor" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><div align="right"> <label for="email">Email: </label> </div></td> <td><div align="left"> <input name="email" type="text" id="email" size="35" maxlength="80" /> </div></td> </tr> <tr> <td><label for="comments">Additional Comments:</label></td> <td><textarea name="comments" cols="35" rows="6" id="comments"></textarea></td> </tr> </table> <p> </p> <blockquote> <blockquote> <blockquote> <blockquote> <blockquote> <p> <input type="submit" name="send" id="send" value="Submit" /> <input type="reset" name="reset" id="reset" value="Reset" /> </p> </blockquote> < </body> </html> MOD EDIT: code tags added. Hi, I need a preg_match for the following criteria: - no leading or trailing white space allowed - only alphanumeric characters and spaces are allowed (no full stops, commas apostrophe's, explanation marks, quotes, etc) - only one space allowed between each word (if there is more than one word) Thanks. I have a login page that after logging in it sets a session Code: [Select] $_SESSION['user_info'] = $_POST['username']; and takes me to a start page (and checks for the session) which all works wonderfully. The problem is that no matter what link is clicked on that page it takes me to the login page again after checking to see if that same session is set Code: [Select] session_start(); if(!isset($_SESSION['user_info'])){ header("Location: http://website.com/folder/log_in.php"); } After logging in a second time every link on that same start page works wonderfully. If it works the second time why not the first? Hi All, I am new to PHP and HTML and I am trying to write an interface to MySQL 5.1 data base on Ubuntu 10.04LTS using PHP. My database has following tables 1) parts---> Part_no, Part_name--->PK is Part_no 2) operation---> Part_no,op_id--->PK is op_id, FK is Part_no 3)tool_list---->tl_id,op_id, tool---->PK is tl_id, FK is op_id 4)tool---->tool_part_no, tool_desc---->PK is tool_part_no I have many rows of data in 'tool' table. I want to referance/add these tools in to 'tool_list' table. these 'tool_list's are specific to a operatiom which once again is specific to a part. So Part_no--->op_id--->tool_list---->tool I have created 'one.php' which will aske the user for part no. This is a list which is populated from database. once the user selects the part_no and submits. it loads 'two.php' and lists operations specific to that part_no. Here once operation is selected and submited it calls 'three.php'. Here I need to add tools on to this selected operation. There can be as many as 20 different tool that can be added in to an operation. What i am looking to do is to list all tool in the 'tool' table as a list and add each tool in to the 'tool_list' table. once all tools are added press another button caled Exit which will take the user to Home page. The question is how do i accomplish this. 1) once a tool is selected it has to be added as a new row in to tool_list and the page need to be reloaded but has to remember the part_no, op_id for subsequent additions. 2) once all tools are added and exit is pressed it needs to goto home page. How do i accomplish these. Can a HTML page have two forms in it like on inside the other?. Or can this be accomplished with PHP only?. Thanks SKN Hi,
I am fairly new to PHP, I am tryin to put a code together that would see my incoming CLI as 44 and remove the 44 from it and add a 0 to it. I have managed to do this so far, now I am stuck, as any number thats not matching the length (10 digits ) or is not starting with 44 is also not forwarded to my database for query.
$input = ($cid); if(preg_match('/^(44|0)(\d{10})$/',$input,$matches)){ $phone = '0'.$matches[2]; }else die("Invalid Phone Number") ; What I would like is that any number starting with 441234567890 to become 01234567890, but should not involve 10 digits criteria. Any help would be appreciated. Okay, so below I have posted my code, the problem I am having is not knowing how PDO works that well. So what I have attempted to do here is use SQL to check if the user and password are correct, but I'm not sure how to carry on. I realize I have to determine if the database found the matching password and/or username but I have no idea how, any help will be much appreciated. <html> <head> <title>Database login</title> <?php if (isset($_POST['submit'])) { print_r($_POST); $password = md5($_POST['password']); echo'<p>'.$password.'</p>'; $username = ($_POST['username']); echo'<p>'.$username.'</p>'; } ?> </head> <body> <?php $db = new PDO('sqlite:login.sqlite'); $login = 'SELECT * FROM login WHERE userid="'.$username.'" AND password="'.$password.'";'; echo'<p>'.$login.'</p>'; $attempt = $db->query($login); ?> <form method="post" action="Db_login.php"> <p>Username:<br /><input type="text" name="username" /> </p> <p>Password:<br /><input type="password" name="password" /></p> <p><input type="submit" name="submit" value="Log In!" /></p> </body> </html> Hi Buddy I'm new to Php and downloaded shopping cart for www.phpwebcommerce.com/download/plaincart.zip With this code, i'm unable to update the shopping cart. On clicking the update button, it goes to previous page. But in demo version the update is working properly. Kindly help. Thanks Sakhsen How can I make it so that if file_get_contents cannot find the file else <?php $file = file_get_contents("http://www.example.com/lol.txt"); if ( $file == true ) { } else { } One of my virtual hosts contained php_value upload_max_filesize 8M which resulted in error when running as php-fpm. Also, looks like .htaccess files are no longer used. Any other gotcha's??? Reading up on it, looks like I want to move all .htaccess instructions to a https://www.php.net/manual/en/configuration.file.per-user.php file. Should be straight forward enough. Looking at https://www.php.net/manual/en/configuration.changes.php, looks like I should scan /etc/httpd/* as well as any virtual sites defined elsewhere for "php_" and move these requirements elsewhere. Will this also have to be a per directory .user.ini file? Reason I ask is I always thought it was better performance to when possible use apache's conf file than a .htaccess file. |
|||||||