PHP - Membership Script Help Needed

I'm planning to learn how to create membership sites. For example members can get certain features if they sign up with a plan.

Besides adding "subscribe" buttons is there a way to integrate Paypal with Mysql? Maybe if a member subscribes, update their "member" column with a "subscribed" status and then with php activate premium options if the user is subscribed.

Is this sort of integration possible with Paypal?   

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=349090.0

Hello All!

I was hoping one of you phpFreaks could help me out

I have the following code that produces links from a database. Certain sets of results have over 3000 links. I can currently set the amount of links to display per page but that's it.

I would like to be able to truncate the links to all the pages using pagination.

Any help would be greatly appreciated!

Here is the code:

<?php 
 
echo "Results<br><HR WIDTH=100% SIZE=1><br>";
mysql_connect("mysite.com", "mysite_mysite", "mysitepassword") or die(mysql_error()); 
mysql_select_db("user_database") or die(mysql_error()); 
 

 if (isset($_GET['pagenum']))
 {
  $pagenum = $_GET['pagenum'];
 } else
 {
  $pagenum = 1;
 } 
 
$rpg = $pagenum;
$data = mysql_query("SELECT * FROM mydb WHERE mfg='golf'") or die(mysql_error()); 
$rows = mysql_num_rows($data); 
$page_rows = 80; 
 
$last = ceil($rows/$page_rows); 
 
 if ($pagenum < 1)
  {
   $pagenum = 1;
  } 
 elseif ($pagenum > $last) 
  {
   $pagenum = $last;
  } 
 
$max = 'limit ' .($pagenum - 1) * $page_rows .',' .$page_rows; 
$data_p = mysql_query("SELECT * FROM mydb WHERE mfg='golf' $max") or die(mysql_error()); 
 
 while($info = mysql_fetch_array( $data_p )) 
  { 
   $page=$info['link'];
echo "<a href='$page' class='blue1'>". $info['title'] . "</a><br>"; 
  } 
   echo "<p>";
 
if ($pagenum > $last) 
  {$pagenum=1;} 
else
 { 
  echo "<HR WIDTH=100% SIZE=1><br>";
  $pagenum = 1;
    while ($pagenum <= $last)
    {
       $next = $pagenum;
       echo " <a href='{$_SERVER['PHP_SELF']}?pagenum=$next' class='g5'>$pagenum</a> ";
       $pagenum = $pagenum+1;
      
    }
  Echo "<br><br>Page $rpg of $last <br>";
 }

?>

Simple insertion of pagination would be GREAT! Thanks guys....

Hi all! I have a problem with an image uploading script and at the moment it keeps the image name the same, obviously people don't have very adventurous names for their images "image1" and they are over writing each other. How do I put a random 5 digit number on the end to make them all unique? Thanks.

Code: [Select]

$image1 = mysql_real_escape_string("$idir" . $_FILES['fupload2']['name']);
$image2 = mysql_real_escape_string("$idir" . $_FILES['fupload3']['name']);
$image3 = mysql_real_escape_string("$idir" . $_FILES['fupload4']['name']);
$logo = mysql_real_escape_string("$idir" . $_FILES['fupload']['name']);
$idir = "uploads/";   // Path To Images Directory


if (isset ($_FILES['fupload'])){

//upload the image to tmp directory
$url = $_FILES['fupload']['name'];   // Set $url To Equal The Filename For Later Use
if ($_FILES['fupload']['type'] == "image/jpg" || $_FILES['fupload']['type'] == "image/jpeg" || $_FILES['fupload']['type'] == "image/pjpeg") {
$file_ext = strrchr($_FILES['fupload']['name'], '.');   // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php
$copy = copy($_FILES['fupload']['tmp_name'], "$idir" . $_FILES['fupload']['name']);   // Move Image From Temporary Location To Permanent Location
}
}
if (isset ($_FILES['fupload2'])){

//upload the image to tmp directory
$url = $_FILES['fupload2']['name'];   // Set $url To Equal The Filename For Later Use
if ($_FILES['fupload2']['type'] == "image/jpg" || $_FILES['fupload2']['type'] == "image/jpeg" || $_FILES['fupload2']['type'] == "image/pjpeg") {
$file_ext = strrchr($_FILES['fupload2']['name'], '.');   // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php
$copy = copy($_FILES['fupload2']['tmp_name'], "$idir" . $_FILES['fupload2']['name']);   // Move Image From Temporary Location To Permanent Location
}
}
if (isset ($_FILES['fupload3'])){

//upload the image to tmp directory
$url = $_FILES['fupload3']['name'];   // Set $url To Equal The Filename For Later Use
if ($_FILES['fupload3']['type'] == "image/jpg" || $_FILES['fupload3']['type'] == "image/jpeg" || $_FILES['fupload3']['type'] == "image/pjpeg") {
$file_ext = strrchr($_FILES['fupload3']['name'], '.');   // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php
$copy = copy($_FILES['fupload3']['tmp_name'], "$idir" . $_FILES['fupload3']['name']);   // Move Image From Temporary Location To Permanent Location
}
}
if (isset ($_FILES['fupload4'])){

//upload the image to tmp directory
$url = $_FILES['fupload4']['name'];   // Set $url To Equal The Filename For Later Use
if ($_FILES['fupload4']['type'] == "image/jpg" || $_FILES['fupload4']['type'] == "image/jpeg" || $_FILES['fupload4']['type'] == "image/pjpeg") {
$file_ext = strrchr($_FILES['fupload4']['name'], '.');   // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php
$copy = copy($_FILES['fupload4']['tmp_name'], "$idir" . $_FILES['fupload4']['name']);   // Move Image From Temporary Location To Permanent Location
}
}

I need help with the attached script.  I am using ipage.com to host and when I log in with credentials that have been placed in the database I just get the login prompt coming up every time.  There is no die action that says access failed or anything.

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=342885.0

Hi!
I hope somebody can help me what im do wrong.
i have checked that the data from the file is in $source_file but nothing imports to the database

Code: [Select]
<?php

include('config.php');
include('opendb.php');

if(isset($_POST['upload']))
{
$source_file = @$_POST['userfile'];

//$source_file = fopen('http://localhost/test/upload/test.csv', 'r');
$target_table = 'foretag';
function csv_file_to_mysql_table($source_file, $target_table, $max_line_length=10000) {
     if (($handle = fopen("$source_file", "r")) !== FALSE) { 
        $columns = fgetcsv($handle, $max_line_length, ","); 
        foreach ($columns as $column) { 
            $column = str_replace(".","",$column); 
        } 
        $insert_query_prefix = "INSERT INTO $target_table (".join(",",$columns).")\nVALUES";
         while (($data = fgetcsv($handle, $max_line_length, ";")) !== FALSE) { 
            while (count($data)<count($columns)) 
                array_push($data, NULL); 
            $query = "$insert_query_prefix (".join(",",quote_all_array($data)).");";
             mysql_query($query); 
        } 
        fclose($handle); 
    } 
} 

function quote_all_array($values) { 
    foreach ($values as $key=>$value) 
        if (is_array($value)) 
            $values[$key] = quote_all_array($value); 
        else 
            $values[$key] = quote_all($value); 
    return $values; 
} 

function quote_all($value) { 
    if (is_null($value)) 
        return "NULL"; 

    $value = "'" . mysql_real_escape_string($value) . "'"; 
    return $value; 
}
}
include('closedb.php');

echo "<br>done<br>";

?>

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=321119.0

Hi,

I am pretty much a new newbie when it comes to PHP, and have a problem that I need to solve, for a website that has to go live tomorrow.

Basically I have been using a javascript upload script called 'uploadify' which had an option for the upload folder which was added to the script in the form:

Code: [Select]
'folder'    : '/songs/<?php echo $_SESSION["name"];?>',
I added the php echo to return the username from a PHP login, so it gets added to the path to the upload folder (each user has their own subfolder for uploading to).

With the new version of the uploadify script, the folder option has been moved to a separate PHP file where it is now in the form:

Code: [Select]
$targetFolder = '/songs/';
I need to find a way of adding the username variable to this line.  I have tried using echo in various ways, and googled about, but it has stumped me, simple as it may be.

If anyone could let me know how I construct this line I'd be very grateful.  Time is of the essence, as they say...

Thanks,

Nick

If you are a PHP expert, then I really your help. I have a question regarding PHP sessions and their security. So here is my story ...

I created a login script (login.php) for my website. When a user goes to the login.php page, they see a login form that they must fill with their username and password to login to the members' area and view their profile, etc.

On that login page, when the user enters their username and password and then clicks the "Login" button, my script filters the data, sends MySQL query and checks if the login is valid. If the login is NOT valid, then they get a "Login Failed" message. If the login is valid, I register their username and the password in sessions and redirect them to the members.php page.

Here is some of my code for my login.php page after mysql confirms the login is valid


<?php

$query = mysql_query('SELECT * FROM `users` WHERE username='$user' AND password='$pass'");
$numRows = mysql_num_rows($query);

if ( $numRows ) {
     
      // login is valid
      $_SESSION['username'] = $user;
      $_SESSION['pass'] = $pass;

      // redirect user to members area
      header('Location: /members.php');

} else {
     
       // login is invalid
       echo "Login failed";

}

?>


My question is ... is this login script secured? I mean, I am not generating any session id or any cookie. I am just storing the username and the password in two session variables and those are the things that i will use to display the user's profile, etc. Can attackers attack this script? Is this secured or is there any other way I can make it stronger?

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=342211.0

Hi everyone!

I've been working on a php script to replace links that contain a query with direct links to the files they would redirect to.

Hi i have this upload script which works fine it uploads image to a specified folder and sends the the details to the database.
but now i am trying to instead make a modify script which is Update set so i tried to change insert to update but didnt work can someone help me out please
this my insert image script which works fine but want to change to modify instead
Code: [Select]
<?php
mysql_connect("localhost", "root", "") or die(mysql_error()) ;
mysql_select_db("upload") or die(mysql_error()) ;

// my file the name of the input area on the form type is the extension of the file
//echo $_FILES["myfile"]["type"];

//myfile is the name of the input area on the form 
$name = $_FILES["image"] ["name"]; // name of the file
$type = $_FILES["image"]["type"]; //type of the file
$size = $_FILES["image"]["size"]; //the size of the file
$temp = $_FILES["image"]["tmp_name"];//temporary file location when click upload it temporary stores on the computer and gives it a temporary name
$error =array(); // this an empty array where you can then call on all of the error messages
$allowed_exts = array('jpg', 'jpeg', 'png', 'gif'); // array with the following extension name values
$image_type = array('image/jpg', 'image/jpeg', 'image/png', 'image/gif'); // array with the following image type values
$location = 'images/'; //location of the file or directory where the file will be stored
$appendic_name = "news".$name;//this append the word [news] before the name so the image would be news[nameofimage].gif

// substr counts the number of carachters and then you the specify how how many you letters you want to cut off from the beginning of the word example drivers.jpg it would cut off dri, and would display vers.jpg
//echo $extension = substr($name, 3);

//using both substr and strpos, strpos it will delete anything before the dot in this case it finds the dot on the $name file deletes and + 1 says read after the last letter you delete because you want to display the letters after the dot. if remove the +1 it will display .gif which what we want is just gif
$extension = strtolower(substr($name, strpos ($name, '.') +1));//strlower turn the extension non capital in case extension is capital example JPG will strtolower will make jpg
// another way of doing is with explode
// $image_ext strtolower(end(explode('.',$name))); will explode from where you want in this case from the dot adn end will display from the end after the explode

$myfile = $_POST["myfile"];

     if (isset($image)) // if you choose a file name do the if bellow
       {
       
       // if extension is not equal to any of the variables in the array $allowed_exts error appears
        if(in_array($extension, $allowed_exts) === false )
       {
         $error[] = 'Extension not allowed! gif, jpg, jpeg, png only<br />'; // if no errror read next if line
       }
        // if file type is not equal to any of the variables in array $image_type error appears
        if(in_array($type, $image_type) === false)
       {
          $error[] = 'Type of file not allowed! only images allowed<br />';     
       }
       
        // if file bigger than the number bellow error message
        if($size > 2097152)
       {
          $error[] = 'File size must be under 2MB!';     
       }
       
       // check if  folder exist in the server
        if(!file_exists ($location))
       {
          $error[] = 'No directory ' . $location. ' on the server Please create a folder ' .$location;     
       }
            
     }
     // if no error found do the move upload function
       if (empty($error)){
           if (move_uploaded_file($temp, $location .$appendic_name))
           {
             // insert data into database first are the field name teh values are the variables you want to insert into those fields appendic is the new name of the image
mysql_query("INSERT INTO image (myfile ,image)
 VALUES ('$myfile', '$appendic_name')") ;
           exit();
           }
         }
       else
          {
        foreach ($error as $error)
           {
               echo $error;
           }
        }
      
     
  
//echo $type;
?>