|
PHP - First Php Program Attempt
I stumbled across this site after being slammed hard elsewhere for being a novice and really not knowing what I am doing. What I have read so far is more encouraging. I just wrote my first program in php and it is not working at all right now. All it keeps doing is opening window after window until I force the browser to close. I am using a Mac running Yosemite and using MAMP. Hopefully that is enough background.
I know this is an introduction area, so I will also post this in another forum in case this is closed for being off topic.
This is a login file to connect to the server:
<?php // login.php
// Get connection information
echo <<<_END
<form method = "post" action = "login.php">
<pre>
<input type = "text" name = "localhost" />host server<br />
<input type = "text" name = "username" />Username<br />
<input type = "text" name = "password" /><br />
<br />
<input type = "submit" value = "submit" />
</form>
_END
$db_server = sanitize_string($localhost);
$db_username = sanitize_string($username);
$db_password = sanitize_string($password);
/*
$user = 'root';
$password = 'root';
$db = 'rpsls';
$host = 'localhost';
$port = 3306;
$link = mysql_connect(
"$host:$port",
$user,
$password
);
$db_selected = mysql_select_db(
$db,
$link
);
*/
mysql_connect($db_server, $db_username, $db_password) or die(mysql_error());
// Create rpsls table if it does not exist
$tbl = "rpsls";
$query = "CREATE TABLE rpsls(human VARCHAR(10), computer VARCHAR(10), outcome VARCHAR(5),
action VARCHAR(15));
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Rock", "Paper", "Lose", "Covers");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Rock", "Scissors", "Win", "Crushes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Rock", "Lizard", "Win", "Crushes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Rock", "Spock", "Lose", "Vaporizes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Paper", "Rock", "Win", "Covers");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Paper", "Scissors", "Lose", "Cuts");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Paper", "Lizard", "Lose", "Eats");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Paper", "Spock", "Win", "Disproves");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Scissors", "Lizard", "Win", "Decapitates");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Scissors", "Spock", "Lose", "Smashes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Scissors", "Rock", "Lose", "Crushes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Scissors", "Paper", "Win", "Cuts");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Lizard", "Spock", "Win", "Poisons");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Lizard", "Rock", "Lose", "Crushes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Lizard", "Paper", "Win", "Eats");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Lizard", "Scissors", "Lose", "Decapitates");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Spock", "Rock", "Win", "Vaporizes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Spock", "Paper", "Lose", "Disproves");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Spock", "Scissors", "Win", "Smashes");
INSERT INTO rpsls (human, computer, outcome, action) VALUES ("Spock", "Lizard", "Lose", "Poisons");";
check_table($tbl, $query);
// Create choices table if it does not exist
$tbl = "choices";
$query = "CREATE TABLE choices(id SMALLINT, choice VARCHAR(10));
INSERT INTO choices (id, choice) VALUES (1, "Rock");
INSERT INTO choices (id, choice) VALUES (2, "Paper");
INSERT INTO choices (id, choice) VALUES (3, "Scissors");
INSERT INTO choices (id, choice) VALUES (4, "Lizard");
INSERT INTO choices (id, choice) VALUES (5, "Spock");";
check_table($tbl, $query);
// Sanitize user input
function sanitize_string($var)
{
$var = stripslashes($var);
$var = htmlentities($var);
$var = strip_tags($var);
return $var;
}
function check_table($tbl, $query){
$db = new mysqli(...);
$result = $db->query("SHOW TABLES LIKE "$tbl);
if ($result->num_rows == 0){
mysql_query($query);
}
}
?>
and this is the program:
<?php
// log into server and database
require_once 'login.php';
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
$conn = mysql_connect($db_server, $db_username, $db_password) or die(mysql_error());
$db_database = 'rpsls';
mysql_select_db($db_database) or die("Unable to select database: " . mysql_error());
// Start Game
ready_to_play();
// Rock Paper Scissors Lizard Spock game
function rock_paper_scissors_lizard_spock()
{
$human = human_play();
$computer = computer_play();
game_outcome($human, $computer);
play_again();
// Start Game Function
function ready_to_play(){
echo <<<_END
<form method = "post" action = "rpsls.php">
<h2>Ready to play Rock, Paper, Lizard, Spock?</h2>
<hr>
<table>
<tr>
<td><input type = "radio" name = "ready" value = "Yes" />Yes</td>
<td><input type = "radio" name = "ready" value = "No" />No</td>
</tr>
<tr>
<td colspan = "2"><input type = "submit" value = "Play!" /></td>
</tr>
</table>
</form>
_END
if ($ready == "Yes"){
$query = "CREATE TABLE gameResults (
games SMALLINT NOT NULL,
win SMALLINT NULL,
loss SMALLINT NULL,
draw SMALLINT NULL,
PRIMARY KEY (games))";
mysql_query($query);
rock_paper_scissors_lizard_spock();
}else{
close_rpsls();
}
}
// Play Again
// Start Game Function
function play_again()
{
echo <<<_END
<form method = "post" action = "rpsls.php">
<h2>Play Again?</h2>
<hr>
<table>
<tr>
<td><input type = "radio" name = "ready" value = "Yes" />Yes</td>
<td><input type = "radio" name = "ready" value = "No" />No</td>
</tr>
<tr>
<td colspan = "2"><input type = "submit" value = "Play!" /></td>
</tr>
</table>
</form>
_END
if ($ready == "Yes"){
rock_paper_scissors_lizard_spock();
}else{
close_rpsls();
}
}
// Human Play Selection
function human_play()
{
echo <<<_END
<form method = "post" action = "rpsls.php">
<h2>Let's Play Rock, Paper, Lizard, Spock</h2>
<hr>
<table>
<tr>
<td><input type = "radio" name = "human" value = "Rock" />Rock</td>
<td><input type = "radio" name = "human" value = "Paper" />Paper</td>
</tr>
<tr>
<td><input type = "radio" name = "human" value = "Scissors" />Scissors</td>
<td><input type = "radio" name = "human" value = "Lizard" />Lizard</td>
</tr>
<tr>
<td colspan = "2"><input type = "radio" name = "human" value = "Spock" />Spock</td>
</tr>
<tr>
<td colspan = "2"><hr></td>
</tr>
<tr>
<td colspan = "2"><input type = "submit" value = "Play!" /></td>
</tr>
</table>
</form>
_END
return $human;
}
// Computer Play Selection
function computer_play()
{
$play = rand(1,5);
$query = "SELECT choice FROM choices WHERE number = $play";
$computer = mysql_query($query);
return $computer;
}
// Game Outcome Function
function game_outcome($human, $computer)
{
$win = $loss = $draw = 0
if ($human == $computer){
echo "Draw<br />";
echo "We both played ".$human;
$draw = 1;
}else{
$query = "SELECT outcome, action FROM rpsls WHERE human = $human AND computer = $computer";
$results = mysql_query($query);
$results2 = mysql_fetch_array($results);
$outcome = $results2[0];
$action = $results2[1];
if ($outcome == "Win"{
echo "You Win!!!<br />"
echo "Your ".$human. " ".$action." my ".$computer."<br />";
$win = 1;
}else{
echo "You Lose/.<br />
echo "My ".$computer." ".$action." your ".$human."<br />";
$loss = 1;
}
}
$query = "INSERT INTO gameResults VALUES".(NULL, '$win', '$loss', '$draw')";
mysql_query($query);
}
// Game Statistics Function
function game_statistics ()
{
$query = "SELECT * FROM gameResults";
$result = mysql_query($query);
$rows = mysql_num_rows($result);
$games = $rows;
$win = $loss = $draw = 0;
for ($index = 0; $index < $rows; ++$index){
$row = mysql_fetch_row($result);
$win = $win + $row[1];
$loss = $loss + $row[2];
$draw = $draw + $row[3];
}
echo <<<_END
<table>
<tr>
<td>Games</td>
<td>Win</td>
<td>Loss</td>
<td>Draw</td>
</tr>
<tr>
<td>$games</td>
<td>$win</td>
<td>$loss</td>
<td>$draw</td>
</tr>
</table>
_END
}
// Print Statistics and close the game
function close_rpsls(){
echo <<<_END
<form method = "post" action = "rpsls.php">
<h3>Are you sure you want to quit?</h3>
<hr>
<table>
<tr>
<td><input type = "radio" name = "ready" value = "Yes" />Yes</td>
<td><input type = "radio" name = "ready" value = "No" />No</td>
</tr>
<tr>
<td colspan = "2"><input type = "submit" value = "Play!" /></td>
</tr>
</table>
</form>
_END
if ($ready == "No"){
rock_paper_scissors_lizard_spock();
}else{
$query = "DROP TABLE gameResults";
mysql_query($query);
}
}
// close connection
mysql_close($conn);
?>
Please forgive my novice errors and help me figure out what is wrong with this program.
Thank you.
Here is the contents of the error log:
141104 18:36:26 mysqld_safe Starting mysqld daemon with databases from /Applications/MAMP/db/mysql141104 18:36:28 [Warning] Setting lower_case_table_names=2 because file system for /Applications/MAMP/db/mysql/ is case insensitive 141104 18:36:28 [Note] Plugin 'FEDERATED' is disabled. 141104 18:36:28 InnoDB: The InnoDB memory heap is disabled 141104 18:36:28 InnoDB: Mutexes and rw_locks use GCC atomic builtins 141104 18:36:28 InnoDB: Compressed tables use zlib 1.2.3 141104 18:36:28 InnoDB: Initializing buffer pool, size = 128.0M 141104 18:36:28 InnoDB: Completed initialization of buffer pool 141104 18:36:28 InnoDB: highest supported file format is Barracuda. 141104 18:36:32 InnoDB: Waiting for the background threads to start 141104 18:36:33 InnoDB: 5.5.38 started; log sequence number 1711074 141104 18:36:33 [Note] Server hostname (bind-address): '0.0.0.0'; port: 8889 141104 18:36:33 [Note] - '0.0.0.0' resolves to '0.0.0.0'; 141104 18:36:33 [Note] Server socket created on IP: '0.0.0.0'. 141104 18:36:35 [Note] Event Scheduler: Loaded 0 events 141104 18:36:35 [Note] /Applications/MAMP/Library/bin/mysqld: ready for connections. Version: '5.5.38' socket: '/Applications/MAMP/tmp/mysql/mysql.sock' port: 8889 Source distribution Similar Tutorials
For example with an IDE to run a program is there a way to put some code in the path and let it tell me where it came from like a referral?
$ref = $_SERVER['HTTP_REFERER'];
echo("$ref<br>";
Result: https://www.mydomain.com/wp-admin/admin.php?page=lambo As you can clearly see the page that we have entered the code in is referred by the URL here. It tells me that it was last at a word press page /wp-admin/admin-php and I can go to that page and it will be the last page it was at.. So bottom line then if i add this code to the admin page and click the same button i had before.. it will tell me the file that called out the admin page. Baslcaly I am looking for ideas on how to track the page i am now all the way back to the page with the button on it and all intermediate pages that it passes thru to get to the final destination. It seems that to succesfully troubleshoot a fault is to follow the path of the entire job and see if any breaks... Any thoughts or suggestions on how to best do this would greatly be appreciated.
Hi all. I`m starting with the php programming and i try to create a simple questionnaire i want to ask few questions with few possible answers could anyone give me any sample how the code should look like, i`ve created few quetsions but they are all seperate code, how can i put them together into one code? any suggestions? Thanks Hey guys! In my tutorials they were putting together a login system. After I watched the tutorial I decided to put one together that was my own. also, the tutorial only used MD5. After I read the post on the top of this forum about MD5 I decided to give salt a go on my own to see if I could pull it off. I'd like to hear what more experienced coders have to say about my code, but I'd appreciate it if you went easy on me lol. I'm quite happy with myself that I put this together all on my own and it works, I have tested it with my database lol. Code: (php) [Select] <?php //Check for form values in POST array// if (isset($_POST['username'])&& isset($_POST['password'])){ //strip tags and whitespace from user// if(!empty($_POST['username'])){ $T_user = strip_tags($_POST['username']); $user = str_replace(' ','',$T_user); }else{ $user = false; } //strip tags and spaces// if(!empty($_POST['password'])){ $T_pass = strip_tags($_POST['password']); $T2_pass = str_replace(' ', '', $T_pass); //Generate SALT and encrypt// $salt = 'angelinajolie'; $pass = md5($T2_pass.$salt); }else{ $pass = false; } //Check User and Pass for NULL then query database// if($pass || $user != false){ $query = "SELECT id FROM users WHERE username = '$user' AND password ='$pass'"; $query_run = mysql_query($query); $query_rows = mysql_num_rows($query_run); if($query_rows == 0){ echo 'Password and/or Username are invalid!'; echo $query_rows; }else if ($query_rows != 0){ echo 'Welcome back!'; } }else{ echo 'Must specify Username and Password!'; } } ?> <form action="<?php echo $current_file; ?>" method="POST"> Username: <input type="text" name="username" /> Password: <input type="password" name="password" /> <input type="submit" value="Login" /> </form> Lately I've been telling myself to start touching up my security when it comes to passwords, so here I am with another question on PHPFreaks. I've read several salting guides, but I still have a few lingering questions. One of which is: once a salt has been created (see my function below), do I store it in a column named "salt" for each user in the "users" table? It seems like if a hacker got a hold of the database information, they could just ignore the salt and go straight to deciphering a user's hashed password. Just curious about that... Now, onto my simple function I decided to write to give this a try: function generateSalt($username) { //length of salt $char_max = 21; $char_list = array('A', 'B', 'C', 'D', 'G', 'Z', rand(0,200), 9, 8, 6, rand(3,55), rand(7, 1444)); //random numbers and letters will be appended to this variable $gen_chars = ''; for($x = 0; $x < 10; $x++) { $gen_chars .= $char_list[rand(0, count($char_list))]; } //random addition to salt $gen_chars = hash(sha256, $gen_chars); //shorten then hash -- max 5 chars $shorten_user = substr(sha1(strpos($username, 0, 3)), 0, 5); //salt var $salt = $gen_chars.$shorten_user.date('M-d-Y h:m:s'); $salt = substr(hash(sha256, $salt), 0, $char_max); return $salt; } Any feedback regarding this function? I've read that MD5 isn't really reliable, and people should be using SHA256, so I decided to go with that. I also tried to make each user's salt really random and unique. But how does this affect the user's password or make it any securer if I can't combine the salt and password? I know for a fact that I'm missing a piece of information or doing something wrong, so if anyone could help me out: that'd be very appreciated. I have possible HTTP_REFERER values such as the following:
[HTTP_REFERER] => http://www.example.com/lib/index.php?cid=components&controller=data&id=17&roles_id=15 [HTTP_REFERER] => http://www.example.com/lib/index.php?cid=createhelpI am just trying to get the value of "cid" Note that this applies to a TinyMCE plugin, and my $_GET variable does not include "cid". Looking at my $_SERVER array, HTTP_REFERER is the only element that includes "cid". I am also not concerned about spoofing HTTP_REFERER. I am getting the value of "cid" as follows. Is this the right way to do so? $RegExp = '/index\.php\?cid=([^&]+)/'; preg_match($RegExp, $_SERVER['HTTP_REFERER'], $matches); exit($matches[1]); At the fear of bothering all you, I will post here hoping that I am in the write section. I am new to php and mysql. I am using such to develope a webpage for my new business. I do believe that my php scripting is turned on because I have one script that "works". However when I take the wheel and write a script of my own and try to view it all I get is a blank white page and no errors nor anything that I wanted to display. I have tried numerous attempts at tiring to get anything to show up all I can ever seem to do is "echo" something anything else is null in displaying. Please feel free to take a look. http://72.28.26.162/rc/ phpinfo.php is accessible if you insert it after the last / (http://72.28.26.162/rc/phpinfo.php) I am at a loss. I have spent hours looking for something I miss during set up or with my procedure. I thank whomever my help me in advance. I am running ubuntu server 10 Apache/2.2.16 port 80 (Please advise if you need anything else) thanks What I am trying to do is to submit as POST values to database_write.php, from within the while statement. What is happening is I am getting the second row of data every time I change the primary button.
Currently database_write.php is just doing print_r($_POST), And my array is always the same, no matter which select box I choose from. How can I get the values to be associated with the row I am currently changing? Any help would be great, thanks.
What I have so far:
<table class="table table-bordered table-hover">
<thead>
<th>Room Number</th>
<th>Primary Caregiver</th>
<th>Seconday Caregiver</th>
</thead>
<tbody class="list">
<?php
$sql = 'SELECT alarm_device_id, alarm_description, alarm_device_type, notes FROM alarm_device where notes in (\'MSU\') ORDER BY alarm_description';
$retval = mysql_query( $sql, $con );
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
$x=0;
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
$id = $row['alarm_device_id'];
$alarm_description = $row['alarm_description'];
echo '<form id="msu_form">';
echo "<tr><td>{$row['alarm_description']}</td>";
echo "<td>";
$query2 = "SELECT alert_device_id,alert_description FROM alert_device WHERE notes = 'MSU'";
$result2 = mysql_query($query2) or die("Error in alarm_device select:" . mysql_error());
$count2 = mysql_num_rows($result2);
if($count2 > 0)
{
//echo '<select name='.$x.'>';
echo '<select id="Primary" name="primary" onchange="doAjaxPost(this)">';
while($row2 = mysql_fetch_array($result2))
{
echo "<option value=".$row2['alert_device_id'].">".$row2['alert_description']."</option>";
}
echo "</select>";
}else
{
echo "Please update alert device to this area";
}
echo "</td>";
echo "<td>";
$query3 = "SELECT alert_device_id,alert_description FROM alert_device WHERE notes = 'MSU2'";
$result3 = mysql_query($query3) or die("Error in alarm_device select:" . mysql_error());
$count3 = mysql_num_rows($result3);
if($count3 > 0)
{
echo '<select id="Secondary" name="secondary">';
while($row3 = mysql_fetch_array($result3))
{
echo "<option value=".$row3['alert_device_id'].">".$row3['alert_description']."</option>";
}
echo "</select>";
}else
{
echo "Please update alert device to this area";
}
echo "</td>";
$aid = $id + $x;
//echo $aid;
//$ad = $alarm_description + $x;
echo '<input type="hidden" id="ID" name="ID" value="'.$id.'"/>';
//echo '<input type="hidden" id="desc" name="desc" value="'.$ad.'"/>';
//echo '<td>'."<input type='submit' name='btnupdate' value='UPDATE' /></td>";
//echo '<td><input type="button" value="Ajax Request" onClick="doAjaxPost()"></td>';
echo '</form>';
$x = $x+1;
}
?>
<script>
function doAjaxPost() {
// get the form values
var primary = $('#Primary').val();
var secondary = $('#Secondary').val();
var hidden = $('#ID').val();
//var desc = $(sel).parent().nextAll('#desc').val();
$.ajax({
type: "POST",
url: "functions/database_write.php",
data: $('#msu_form').serialize(),
//data: "Primary="+primary+"&Hidden="+hidden+"&Secondary="+secondary,
success: function(resp){
//we have the response
alert("'" + resp + "'");
},
error: function(e){
alert('Error: ' + e);
}
});
}
</script>
</tr>
</tbody>
</table>
hope you all had a good Christmas/New Year. Hi guys, I am creating a piece of code that blocks a user a for 48 hours after attempting to login 5 times with the wrong password, within a 24hour period. If the user logs in successful within the 24hr and, it should reset the attempt count.
The issue I'm having ATM is that with the attempt count, It is only updating the first row of that user, if i attempt more times. Here is an example of whats going on:
User - Time - Attempt- count()
User 1 10:00pm Attempt 1 (5)
User 1 10:02pm Attempt 2 (4)
User 1 10:04pm Attempt 3 (3)
User 1 10:06pm Attempt 4 (2)
User 1 10:07pm Attempt 5 (1)
User 2 10:15pm Attempt 1 (2)
User 2 10:20pm Attempt 2 (1)
As you can see, all the attempts will increment (the numbers in the bracket) but the latest attempt will be set to one. How do I get it so that all the attempts are incremented so it looks like this.
User - Time - Attempt- count()
User 1 10:00pm Attempt 1 (5)
User 1 10:02pm Attempt 2 (5)
User 1 10:04pm Attempt 3 (5)
User 1 10:06pm Attempt 4 (5)
User 1 10:07pm Attempt 5 (5)
User 2 10:15pm Attempt 1 (2)
User 2 10:20pm Attempt 2 (2)
Here is a snippet of my code:
if (!$pw_ok) {
if (isset($_SERVER["REMOTE_ADDR"])) {
$str_RemoteHost = $_SERVER["REMOTE_ADDR"];
} else {
$str_RemoteHost = '';
}
$qry_WriteToDatabase = " INSERT INTO cms_user_login_attempts
(
cula_user_id,
cula_date_time,
cula_remote_host,
cula_attempt_count
)
VALUES (
" . $db->SQLString($row->user_id) . ",
Now(),
" . $db->SQLString($str_RemoteHost, true) . ",
'cula_attempt_count'
)";
$db->query($qry_WriteToDatabase);
$qry_UpdateCount = " UPDATE
cms_user_login_attempts
SET
cula_attempt_count = cula_attempt_count + 1
WHERE
cula_user_id = " . $db->SQLString($row->user_id) . " ";
$db->query($qry_UpdateCount);
$qry_CheckDatabase = " SELECT
CASE WHEN count(*) >= 5 THEN 0 ELSE 1 END as allowed_login
FROM
cms_user_login_attempts
WHERE
cula_date_time >= DATE_SUB(CURRENT_TIMESTAMP, interval 48 hour)
AND
cula_user_id = " . $db->SQLString($row->user_id) . "";
$rs_CheckDatabase = $db->query($qry_CheckDatabase);
if (! (isset($qry_CheckDatabase) && $qry_CheckDatabase)) {
$errors->defineError("invalid_user_pass", "Too many attempts, account locked for 48hours.", array("username","password"));
}
}
Edited by Navees_, 08 January 2015 - 06:15 PM. Bonjour, I have a form in php (name, adresse ... and Email). Somebody is playing me a joke in sending me about 100 mails a day through my form. It's a joke but at last not really funny. What I am lookink for is lines of PHP codes which control the Email field into the form and would not allow the form to be sent. If you have another solution it's with a great pleasure I will accept it; Thanks a lot My english is definitively french. sorry about it Ener Incorrect login attempt 1 \/ Incorrect login attempt 2 \/ Incorrect login attempt 3 -->> ?forgot your login details? What's the most effecient way of achieving this? Is it to: 1. create a session for the user who hasn't logged in 2. the user login fails once, session['fail']=1 3. the user login fails twice, session['fail']=2 4. the user login fails for a third time pushing the session['fail'] count to three: this triggers an 'if' on the index.php prompting the user to retrieve their details through the "forgot login details system" However if the session['fail'] count never reaches 3 then this temp session is destroyed and the proper one created allowing the user into the site?? As usual any pointers into the correct direction here would be very much appreciated (and i try to repay by answering other peoples questions [where i can ]) SET UP: Windows vista # XAMPP 1.7.3, # Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l # MySQL 5.1.41 + PBXT engine # PHP 5.3.1 # phpMyAdmin Error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') VALUES ('qwerty','uiop','asd')' at line 2 I'm trying to get this multi page order form to insert information into two tables via a session. But it comes up with the above error message. This script worked perfectly with one table but as soon as I coded he information to go into two tables it screwed up. Is it the sprint <?php //let's start our session, so we have access to stored data session_start(); session_register('membership_type'); session_register('terms_and_conditions'); include 'db.inc.php'; $db = mysql_connect('localhost', 'root', '') or die ('Unable to connect. Check your connection parameters.'); mysql_select_db('ourgallery', $db) or die(mysql_error($db)); //let's create the query $query = sprintf("INSERT INTO subscriptions ( name, email_address, membership_type,) VALUES ('%s','%s','%s')", mysql_real_escape_string($_SESSION['name']), mysql_real_escape_string($_SESSION['email_address']), mysql_real_escape_string($_SESSION['membership_type'])); //let's run the query $result = mysql_query($query, $db) or die(mysql_error($db)); $query = sprintf("INSERT INTO site_user_info ( terms_and_conditions, name_on_card, credit_card_number, credit_card_expiration_data) VALUES ('%s','%s','%s','%s')", mysql_real_escape_string($_SESSION['terms_and_conditions']), mysql_real_escape_string($_POST['name_on_card']), mysql_real_escape_string($_POST['credit_card_number']), mysql_real_escape_string($_POST['credit_card_expiration_data'])); //let's run the query $result = mysql_query($query, $db) or die(mysql_error($db)); echo '$result'; ?> I'm trying to insert into this database: <?php require 'db.inc.php'; $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); $query = 'CREATE TABLE IF NOT EXISTS subscriptions ( name VARCHAR(50) NOT NULL, email_address VARCHAR(50), membership_type VARCHAR(50), PRIMARY KEY (name) ) ENGINE=MyISAM'; mysql_query($query, $db) or die (mysql_error($db)); // create the user information table $query = 'CREATE TABLE IF NOT EXISTS site_user_info ( name VARCHAR(50) NOT NULL, terms_and_conditions VARCHAR(50) NOT NULL, name_on_card VARCHAR(50), credit_card_number VARCHAR(50), credit_card_expiration_data VARCHAR(50), FOREIGN KEY (name) REFERENCES subscriptions(name) ) ENGINE=MyISAM'; mysql_query($query, $db) or die (mysql_error($db)); echo 'Success!'; ?> What am I doing wrong? is there a code spell checker ? Also should I use the mysql_real_escape_string() on the user input as they become sessions variables or is it okay to wait and clean the input as it gets inserted in the table? Thanks for your help. I want to query a database (search) and pass the desired columns from the search results to another page like so: Code: [Select] <?php //address error handling ini_set ('display_errors', 1); error_reporting (E_ALL & ~E_NOTICE); //authenticate user require('auth.php'); if (isset($_POST['submit'])) { // Connect to the database. require_once ('config.php'); //Query the database. $sql = "SELECT* FROM members INNER JOIN images ON members.member_id = images_member_id WHERE members.ethnicity = '{$_POST['ethnicity']}'"; $query = mysql_query($sql); if(mysql_num_rows($query) > 0){ while(($row = mysql_fetch_assoc($query)) !== false) { //Redirect to search results page. header("Location: search_results.php?friend='.$row['member_id'].'&me='.$_SESSION['id'].' &pic='.$row['image'].'&name='.$row['username'].'"); } } else { //If no results found. echo 'No results match this search query.' ; } } ?> I get the following error when i try to run the page (by submitting a form from another page which executes this page): Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/a4993450/public_html/profile_search.php on line 31 The culprit line is this one: header("Location: search_results.php?friend='.$row['member_id'].'&me='.$_SESSION['id'].' &pic='.$row['image'].'&name='.$row['username'].'"); As you can see, I eliminated all white space between the variables and concatenations, thinking that that was the problem but I keep getting the error message. I'm at a loss about what to do next. Any help? I get the following error when I try to pass a value to a methiod in a loop: Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670 This one has me very baffled. It will work the first time, and seems to work every other time, so I have no clue what is wrong. Here is the code: This code is part of my "display" class: function display_partner ($type,$loc,$rand=0,$narrow=0) { $this->partners = new partner($this->cxn); $display = ' <div id="cont_info" class="partner-list"> <div> <h3 class="settings">'.ucfirst($loc).' '.ucfirst($type).last_letter($type).'s</h3> </div> <div class="settings-value" style="height:12px;padding:0;margin:0;text-align:right;padding-right:10px;"> <a href="" class="trunc">Add your organization to this list</a></p> </div> <div style="height:2px;padding:0;margin:0;"> <hr class="account" /> </div> '; $ids = $this->partners->get_partners_list($type,$loc,$rand); for ($b=0;$b<sizeof($ids->id);$b++) { $this->partnerID = $ids->id[$b]; $display .= ($narrow)? $this->card_partner_narr():$this->card_partner(); if ($b!=(sizeof($ids->id)-1)) { $display .= '<hr class="account" />'; } } if (sizeof($ids->id)==0) { $display .= '<div style="color:#999999;display:line;text-align:center;height:20px;">No Partners found for '.ucfirst($loc).' '.ucfirst($type).'</div>'; } $display .= ' </div>'; return $display; } function card_partner () { $this->partners->set_partner_id($this->partnerID); $part_info = $this->partners->get_partner_info(); if ($part_info) { $display .= ' <table class="settings"> <tr> '.$this->show_if($part_info['partLogo']['val'],'<td class="settings-value" rowspan="2"><img src="'.LOGO_FOLDER.$part_info['partLogo']['val'].'" '.resize_img(LOGO_FOLDER.$part_info['partLogo']['val'],175).'alt="'.$part_info['partName']['val'].'" /></td>').' <td class="settings-value" colspan="2"><h5>'.$part_info['partName']['val'].'</h5></td> </tr> <tr> <td class="settings-value"> <span style="color:999999;">'.$part_info['partAddress']['val'].'<br /> '.$part_info['partCity']['val'].', '.$part_info['partST']['val'].' '.$part_info['partZIP']['val'].'<br /> '.$part_info['partPhone']['val'].'</span><br /> <a href="'.$this->form->show_href($part_info['partWeb']['val']).'" target="_blank">'.$part_info['partWeb']['val'].'</a> </td> <td class="settings-value">'.$part_info['partInfo']['val'].'</td> </tr> </table> '; } return $display; } This code is part of my "partners" class: function set_partner_id($partID) { echo '<p>partID: '.$partID.' '.gettype($partID).'<br> $this->partner->id: '.$this->partner->id.'</p>'; $this->partner->id = $partID; ///*** ERROR HAPPENS HERE ***/ echo '<p>id set: '.$this->partner->id.'<br> $this->partner->id: '.$this->partner->id.'</p><hr>'; } function get_partner_id() { return $this->partner->id; } // gets user info at login function get_partner_info() { $this->partner = $this->cxn->proc_info('partner','partID',$this->partner->id);//$this->partner->id return $this->partner; } The following is the output generated: partID: 24 string $this->partner->id: id set: 24 $this->partner->id: 24 partID: 26 string $this->partner->id: Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670 id set: $this->partner->id: partID: 17 string $this->partner->id: id set: 17 $this->partner->id: 17 partID: 25 string $this->partner->id: Warning: Attempt to assign property of non-object in /Users/staceyschaller/Sites/dev_zone/ckwv2/classes/class.php on line 670 id set: $this->partner->id: As you can see, the value passes to $this->set_partner_id($partID) each time. It is formatted as a string. When it assigns the value to $this->partner->id, however, sometimes it works, and sometimes it doesn't. It's probably something obvious, but I've racked my brain to see what it is. Any ideas? Hi I need to include a exe program in a website. The only file of this program is the .exe file. It has a couple of textboxes, and when you insert values in these boxes and submit it gives an text output in the same window. Is there a way in php that I can take in values from an html form and insert it into this programs form? And then how can I read its output using php? Or is there another web-based language that I should rather use? Your help would be appretiated! C I need to execute a program in the command prompt in windows using php, which php functions would be best to do this? and would i need to set any type of permissions to be able to use them? Hello phpFreaks! I want to ask you if there are some ways to make your php program works with serial number (that you give in people that bought it). So the one that buy it can't copy and give it to his friend..Or something... Is there any way to make this with php ? Thanks alot! HI,
I am a beginner at programing and I have to do this project where it is asking me to valid ISBN 10 and 13 using MySQL database to store the information. I checked my php code to validate ISBN 10 and 13 and it works, but when I try to store the data to MySQL it is not working. What I mean is that when I click ShowISBN link it doesn't show this information:
ISBN Number
ISBN Type
Date Entered using timestamp
Valid or Invalid
This is the codes I have for input page of ISBN page:
<?php
//this is the isset function which allows us to submit back
//to the same form. If there isn't anything in the ISBN, it will
//show the bottom part of the form
if(isset($_POST["ISBN"])|| empty($_POST['isbn_type'])
|| empty($_POST['Valid_Invalid']))
{
$ISBN = $_POST["ISBN"];;
$IsbnType = $_POST["isbn_type"];;
$VaorIn = $_POST["Valid_Invalid"];;
$ISBN_Arr = str_split($ISBN);
$not10 =0;
$notNum=0;
$notX=0;
//entering error checking for the code
//check for 10 first, if clear do additional checking
if(strlen($ISBN) == 10)
{//start further error checking
//check to make sure first 9 are numeric
for($i=0;$i<=8;$i++)
{
if(!is_numeric($ISBN_Arr[$i]))
$notNum = 1;
}//end for loop check
//check to see if there is a X or a x
if($ISBN_Arr[9]=='x' || $ISBN_Arr[9]=='X')
{
$ISBN_Arr[9] = 10;
}
//if not an x, is it at least numeric?
else if (!is_numeric($ISBN_Arr[9]) )
{
$notX=1;
}
}//end additional error checking
else {
$not10=1;
}//end not 10 check
//start of error messages if prereqs are not met
if($notNum ==1 || $notX ==1 || $not10)
{
Print "<h2>Input error</h2><br/>";
Print "Here is the error(s) discovered:<br/>";
if($notNum ==1)
print"Your ISBN contains non-numeric data.<br/>";
if($notX ==1)
print"The last digit is not a number or a X.<br/>";
if($not10 ==1)
print"ISBN 10 number should contain 10 characters.<br/>";
include"ISBN_not_val_include.html";
}
//end error checking
else{
$chk_sum_num=10;
$chk_sum =0;
for($i=0;$i<=9;$i++)
{
$chk_sum +=$ISBN_Arr[$i] *$chk_sum_num;
//print"$ISBN_Arr[$i] | $chk_sum_num<br/>";
$chk_sum_num--;
}//end for loop
$is_valid_ISBN= $chk_sum%11;
//print"chk_sum: $chk_sum </br> is_valid_ISBN: $is_valid_ISBN</br>";
if($is_valid_ISBN==0)
{
print"<h3>VALID</h3><br/>";
print"$ISBN is a VALID 10 digit ISBN number.<br/>";
include"ISBN_val_include.html";
}
else{
print"<h3>INVALID</h3><br/>";
print"$ISBN is an INVALID 10 number ISBN.<br/>";
include"ISBN_not_val_include.html";
}//end is_valid if
}//end
}//end is set if
else{
include"ISBN_val_include.html";
}//end isset else
?>
</form>
<p><a href="_ShowISBN10and13DBProject.php">Show ISBN
</a></p>
</body>
</html>
This is the second part of the code that incorporates php and MySQL:
<?php
if (empty($_POST['ISBN'])|| empty($_POST['isbn_type'])
|| empty($_POST['Valid_Invalid']))
echo "<p>You must enter a Valid ISBN 10 to Continue!
Please Click your browser's Back Button to return
to the input page of ISBN 10 with Database.</p>\n";
else {
$DBConnect = @mysql_connect("xxx.xxx.xx.xxx", "xxxxxxxx", "xxxxxxxx");
if($DBConnect === false)
echo"<p>Unable to conenct to the database server.</p>"
. "<p>Error code " . mysql_errno()
. ": " . mysql_error() . "</p>";
else{
$DBName = "xxxxxxxx";
if (!@mysql_select_db($DBName, $DBConnect)) {
$SQLstring = "CREATE DATABASE $DBName";
$QueryResult = @mysql_query($SQLstring,
$DBConnect);
if ($QueryResult === FALSE)
echo "<p>Unable to execute the query.</p>"
. "<p>Error code " . mysql_errno($DBConnect)
. ": " . mysql_error($DBConnect) . "</p>";
else
echo "<p>You are the first visitor!</p>";
}
mysql_select_db($DBName, $DBConnect);
$TableName = "isbn";
$SQLstring = "SHOW TABLES LIKE '$TableName'";
$QueryResult = @mysql_query($SQLstring, $DBConnect);
if ($QueryResult === FALSE)
echo "<p>Unable to create the table.</p>"
. "<p>Error code " . mysql_errno($DBConnect)
. ": " . mysql_error($DBConnect) . "</p>";
$ISBNum = stripslashes($_POST['ISBN']);
$ISBNType = stripslashes($_POST['isbn_type']);
$VaORIn = stripslashes($_POST['Valid_Invalid']);
$SQLstring = "INSERT INTO $TableName
VALUES(NULL, '$ISBNum', '$ISBNType',
'$VaORIn')";
$QueryResult = @mysql_query($SQLstring, $DBConnect);
if($QueryResult === false)
echo"<p>Unable to execute the query.</p>"
. "<p>Error code " . mysql_errno($DBConnect)
. ": " . mysql_error($DBConnect) . "</p>";
else
echo"<h1>Thank you for trying our ISBN 10 program!</h1>";
mysql_close($DBConnect);
}
}
?><!--End PHP Script-->
This is the page where it is not working!
<?php
$DBConnect = @mysql_connect("xxx.xxx.xx.xxx", "xxxxxxx", "xxxxx");
if($DBConnect === false)
echo"<p>Unable to conenct to the database server.</p>"
. "<p>Error code " . mysql_errno()
. ": " . mysql_error() . "</p>";
else{
$DBName = "xxxxxx";
if (!@mysql_select_db($DBName, $DBConnect))
echo"<p>There are no entries in the guest book!</p>";
else {
$TableName = "isbn";
$SQLstring = "SELECT * FROM $TableName";
$QueryResult = @mysql_query($SQLstring, $DBConnect);
if (mysql_num_rows($QueryResult) == 0)
echo"<p>There are no entries in the ISBN 10 Database!</p>";
else{
echo"<p>The following ISBN have
been recorded:</p>";
echo"<table width='100%' border='1'>";
echo"<tr><th>ISBN Number</th><th>ISBN Type</th><th>
Date Entred</th><th>
Valid OR Invalid</th></tr>";
while (($Row = mysql_fetch_assoc($QueryResult)) !==FALSE) {
echo "<tr><td>{$Row['ISBN']}</td>";
echo "<tr><td>{$Row['isbn_type']}</td>";
echo "<tr><td>{$Row['TIMESTAMP']}</td>";
echo "<td>{$Row['Valid_Invalid']}</td></tr>";
}
}
mysql_free_result($QueryResult);
}
mysql_close($DBConnect);
}
When I click show ISBN nothing happens and I am not shore why!
This is how I have my table setup in MySQL Manually by clicking table and create table:
Columns:
count int(11) Al PK
ISBN varchar(45)
isbn_type varchar(45)
TIMESTMP datetime PK
Valid_Invalid varchar(45)
Can someone please tell me why when I click Show ISBN in the input page the first code pasted I get nothing! How do I fix the issue because my validation works, but it's not storing it or showing up when click Show ISBN!
Any help will be appreciate it!
I'd like to put a password requirement in this program & an expiration date (database record)so that at 11 months I output an alert and at the end of one year it shuts down. ? The below code works for the password but I can't find how to link to my main page? PHP Code: <?php mysql_connect(localhost,root,""); mysql_select_db(entrydb) or die( "Unable to select database"); if(!empty($_POST["submit"])) { $password = $_POST['password']; $expdate = $_POST['expdate']; $query="SELECT password, expdate FROM entrydata Where password='$password'"; $result=mysql_query($query); if(mysql_num_rows($result)) { echo "<form action='#' method='post'>"; echo "</form>"; } else{echo "Access denied<br />";} } ?> <form method="post" action="#"><br /> <input type="text" name="password"/><p> <input type="submit" name="submit" value="enter password"/> </form> |
|||||||