|
PHP - Trouble With Running A Captcha Script
My website is being overrun with spam and I am trying to install a php captcha script. I have installed php 5 on my website askthephysicist.com which is hosted on a 1&1 Windows server, but I think the problem is that I do not know where to point my script to find the lib. I have very little fluency with any scripting languages. Anyhow, the beginning of the script reads:
<?php require 'CaptchasDotNet.php'; // Required Parameters // Replace the values you receive upon registration at http://captchas.net. // // client: 'demo' // // secret: 'secret' // and when I run it I get the message: Fatal error: require(): Failed opening required 'CaptchasDotNet.php' (include_path='.:/usr/lib/php5.5') in /homepages/29/d191906528/htdocs/askthephysicist/query.php on line 4 The whole code may be found at http://captchas.net/sample/php/ if that is helpful, but the error occurs with the first statement require 'CaptchasDotNet.php'; Similar TutorialsThis is my first captcha script...it has 2 files, check.php and insert.php It works fine but I would like to hear your opinion what can I do to make it better? Is there any way that I can add random images ? Here is insert.php Code: [Select] <html> <body> <form action="check.php" method="post"> <img src="captcha.jpg"/> Insert captcha: <input type="text" name="cap"/> <input type="submit" value="submit"/> </form> </body> </html> here is check.php Code: [Select] <html> <body> <?php $cap= "flirc"; if ($_POST["cap"]==$cap) echo "Captcha is right!"; else echo " Captcha is wrong! "; ?> </body> </html>It is pretty basic, I know You can see it in action here Hi I have a script below which I have put together from a couple of other scripts which simply adds an email address to a database for a newsletter and sends an email to the owner and to the user it then shows a success page. The script checks that the email is valid and there is also a captcha. The script works in that it only send out the emails if the captcha etc is entered correctly but the email is being added to the database regardless of whether the capture is correct or not. I was proud of myself for getting this far but would love some instruction on what I have missed and how to stop the email adding to the database unless it has passed the captcha. Below you will see the script. The commented out sections are parts of the old script I don't use. <?php require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_TESTING); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { //$name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); //$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); if (tep_validate_email($email_address) == false) { $error = true; $messageStack->add('testing', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } //CAPTHCA CODE start require(DIR_WS_FUNCTIONS . 'capcha_code.php'); $code_query = tep_db_query("select code from capcha_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'"); $code_array = tep_db_fetch_array($code_query); $code = $code_array['code']; tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results $user_entered_code = $HTTP_POST_VARS['capcha_code']; if (!(strcasecmp($user_entered_code, $code) == 0)) { //make the check case insensitive $error = true; $messageStack->add('testing', CAPCTHA_CODE_ENTRY_ERROR); } //CAPTHCA CODE stop /* testing sign up start */ if (isset($HTTP_POST_VARS['testing_sign_up'])) { $testing_query = tep_db_query("select testing_id_number from " . TABLE_TESTING_SIGN_UP . " where testing_email_address = '" . tep_db_input($email_address) . "'"); if(tep_db_num_rows($testing_query) == 0) { $sql_data_array = array('testing_email_address' => $email_address, 'testing_firstname' => "", 'testing_lastname' => ""); tep_db_perform(TABLE_TESTING_SIGN_UP, $sql_data_array); } } /* testing sign up end */ if ($error == false) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $email_address,STORE_OWNER_EMAIL_ADDRESS); tep_mail(MESSAGE_TEXT, $email_address, CUSTOMER_SUBJECT, NUMBER_ONE, STORE_OWNER_EMAIL_ADDRESS); tep_redirect(tep_href_link(FILENAME_TESTING, 'action=success')); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_TESTING)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td><!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('testing', tep_href_link(FILENAME_TESTING, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td><td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td></tr> </table> </td></tr><td class="main"><?php echo INFORMATION_TEXT; ?></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td></tr> <?php if ($messageStack->size('testing') > 0) { ?> <tr> <td><?php echo $messageStack->output('testing'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="left"><?php echo tep_image(DIR_WS_IMAGES . 'clever.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_COMPLETE; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { ?> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2" > <!--<tr> <td class="main"><?php echo ENTRY_NAME; ?></td> </tr> <tr> <td class="main"><?php echo tep_draw_input_field('name'); ?></td> </tr>//--> <tr><td class="main"><?php echo INSTRUCTIONS_TEXT; ?></td></tr> <tr> <td class="main"><?php echo ENTRY_EMAIL; ?> <?php echo tep_draw_input_field('email'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <!--<tr> <td class="main"><?php echo ENTRY_ENQUIRY; ?></td> </tr> <tr> <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, $infotext); ?></td> </tr>//--> <!-- CAPTHCA CODE-- START--> <tr> <td class="main"><?php echo CAPCTHA_CODE_CATEGORY; ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <td class="main"><?php echo CAPCTHA_CODE_TEXT_INSTRUCTIONS; ?></td> <td class="main"> <?php // ----- begin garbage collection -------- tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE dt < DATE_SUB(NOW(), INTERVAL 5 HOUR)"); // ----- end garbage collection -------- //can replace the following loop with $capcha_code = substr(str_shuffle (CAPCTHA_CODE_CHARACTER_POOL), 0, rand(3,4)); if you have PHP 4.3 $capcha_code = ""; for ($i = 1; $i <= rand(3,4); $i++){ $capcha_code = $capcha_code . substr(CAPCTHA_CODE_CHARACTER_POOL, rand(0, strlen(CAPCTHA_CODE_CHARACTER_POOL)-1), 1); } $vvcode_oscsid = tep_session_id($HTTP_GET_VARS[tep_session_name()]); tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); $sql_data_array = array('oscsid' => $vvcode_oscsid, 'code' => $capcha_code); tep_db_perform(TABLE_CAPCTHA_CODE, $sql_data_array); $capcha_code = ""; echo('<img src="' . FILENAME_CAPCTHA_CODE_DISPLAY . '?vvc=' . $vvcode_oscsid . '"'); ?> </td> <td class="main"><?php echo CAPCTHA_CODE_BOX_IDENTIFIER; ?></td> <td class="main"><?php echo tep_draw_input_field('capcha_code'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- testing sign up start//--> <TD WIDTH="100%"> <tr> <td class="main" align="right"><?php echo ENTRY_TESTING_SIGN_UP; ?> <?php echo tep_draw_checkbox_field('testing_sign_up', '1', true); ?> </td></tr> <!--testing sign up end //--> <!-- CAPTHCA CODE-- STOP --> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } ?> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Hi Guys, I'm having some trouble running PHP scripts. I have two forms, each of which redirects to a PHP script (each PHP script is different, but essentially both have the same problem) as an action. The code is below. I'm hosted at Bluehost, which runs PHP on their servers so I know the tech is compatible. Thanks! Cheers! <html> <script type="text/php">include('newform.php');</script> <head> <title>TradeSquared></title> <p align="center">Trade Squared</p> </head> <body> <br> <br> <div align="center"> Create a new Listing: <form action="newform.php" method="get" name="newform"> Type:<select name="type"> <option value="book">Book</option> <option value="apt">Apartment</option> <option value="item">Class Items</option> </select> <input type="submit" value="Submit"/> </form> <br> Search current Listings: <form action="searchform.php" method="get" name="searchform"> Type:<select name="type"> <option value="book">Book</option> <option value="apt">Apartment</option> <option value="item">Class Items</option> </select> <input type="submit" value="Submit"/> </form> </div> </body> </html> This is the PHP code on which action redirects to <?php $type = $_GET=["type"]; if($type=="book") header("location:addbooklisting.html"); else if($type == "apt") header("location:aptform"); else header("location:itemform"); ?> Second page <html> <head> <title>Create New Book Listing</title> <p align="center"> <b>Create a New Book Listing</b> </p> </head> <body> <div align="center"> <br><br> <form name="addlisting" method="get" action="bookvalidation.php"> <table width="100" border="0" align="center"> <tr> <td align="center">Title </td> </tr> <tr> <td align="center"><input type="text" name="title"/> </td> </tr> <tr><td><p/></td></tr> <tr> <td align="center">Price </td> </tr> <tr> <td align="center">$<input type="text" name="dollars" size="3"/>.<input type="text" name="cents" size="2"/> </td> </tr> <tr><td><br></td></tr> <tr> <td align="center">ISBN</td> </tr> <tr> <td align="center"><input type="text" name="isbn"/></td> </tr> <tr><td><br></td></tr> <tr> <td align="center">Condition </td> </tr> <tr> <td align="center"><select name="cond"> <option name="used">Used</option> <option name="new">New</option> </select> </td> </tr> <tr><td><br></td></tr> <tr> <td align="center">Commentaries </td> </tr> <tr> <td align="center"><textarea rows="5" cols="30" name="comm"></textarea></td> </tr> <tr><td><br></td></tr> <tr> <td align="center"><input type="submit" value="Add Listing"/></td> </tr> </table> </form> </div> </body> </html> PHP code for second page <html> <head>Results</head> <body> The Following Occurred: <?php $title = $_GET["title"]; $dollar = $_GET["dollars"]; $cents = $_GET["cents"]; $price = $dollar.".".$cents $isbn = $_GET["isbn"]; $cond = $_GET["cond"]; $decide; $comments = $_GET["comm"]; for($i=0; $i<=12; i++) { if(ctype_digit($isbn)) $decide = true; else $decide = false; } if( !(($dollar && $cents)==int) ) echo "Price must be in numbers."; else if($decide == false || strlen($isbn)!=13) echo "ISBN contains 13 characters and must be numbers only" else { $db=mysql_connect("localhost","username","pass!"); mysql_select_db("db_dataabse",$db); $dbsucces=mysql_query("INSERT INTO BookListings (Title, ISBN, Price, Condition, Comments) VALUES ('$title', '$isbn', '$price', '$cond', '$comments')"); if($dbsuccess==true) echo "Posting was succesful"; else echo"Unsuccesful log."; } ?> </body> </html> Hi guys, i found simple php script which allow all visitors of my web site to create free email address thru my webmail service (like yahoo,hotmail,gmail,etc) and it works great, but in last month stupid bots created lots of funny user accounts and sending SPAM emails Signup script is one file (signup.php) doing all the stuff i need (registration form,lost passwords form,etc). Now i want to put captcha code into signup.php to have captcha image cheking to prevent bots from creating more user accounts ... i`m not a php programer but i know how to change some things, but not all Signup scripts is free, so i will post it here that you can help me with this (it does not have my mysql and other information,because of security issue) - i will be happy if some of you guys put all the code i need for captcha to work with signup.php script Here is the signup.php script: Code: [Select] <?php // HMailServer New user signup Script Configuration $dbhost = "localhost"; // host of the MySQL database $dbuser = "root"; // Database username $dbpassword = ""; // Your database password $dbname = "hmail"; // the name of the database that has the hmailserver tables $webmailurl = "http://www.yurdomainname.com/webmail/login.php"; // The url to login in the webbased mail system $quota = "50"; // The mailbox free space if (strlen($_POST["pas1"]) <= 4 && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Your password must be longer than 4 characters</center>"; } else if ($_POST["pas1"] == "12345" && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Too simple password</center>"; } // Get the action if (IsSet($_POST["action"])) { $action = $_POST["action"]; } else { $action = $_GET["action"]; } // A function to check addresses, probably i will have to use it later. function normalmail($visitormail) { if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,"."))) { return FALSE; } else { return TRUE; } } // If there is no action, open the page for a new registration if (!IsSet($action)) { // Load the domain names and their ids into a variable $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainactive = '1' ", $db); $domains = "<select name=\"domain\">"; while ($row = mysql_fetch_array($result)) { $domainid = $row['domainid']; $domainname = $row['domainname']; $domains .= "\n<option value=\"$domainid\">$domainname</option>"; } $domains .= "\n</select>"; mysql_close(); echo " <center><b>Open a new E-Mail Account</b> <p> (*) fields are reguired.<br> <form action=\"\" name=\"registration\" method=\"post\"> <table border=\"0\"> <tr> <td>* Username: <td><input type=\"text\" name=\"username\">@<td>$domains<tr> <td>* First name: <td><input type=\"text\" name=\"firstname\"><td><tr> <td>* Last name: <td><input type=\"text\" name=\"lastname\"><td><tr> <td>* Password: <td><input type=\"password\" name=\"pas1\"><Td><tr> <td>* Password again: <td><input type=\"password\" name=\"pas2\"><Td><tr> <td>Old email Address: <td><input type=\"text\" name=\"oldmail\"><td>(in case you forgot your password)<tr> <td>* Secret question: <td><input type=\"text\" name=\"squestion\"><td><tr> <td>* Secret answe <td><input type=\"text\" name=\"sanswere\"><td><tr> <td><td> <input type=\"hidden\" name=\"action\" value=\"register\"> <input type=\"Submit\" value=\"Signup\"><td><tr></td></tr></table></table> "; } else if ($action == "register") { // Load the variables from the posting $domainid = $_POST["domain"]; $username = $_POST["username"]; $pas1 = $_POST["pas1"]; $pas2 = $_POST["pas2"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $oldmail = $_POST["oldmail"]; // Do all the checks if ($oldmail != NULL && normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your desired username\n<br>"; } if ($domainid == NULL) { $error .= "Error: You have to choose a domain\n<Br>"; } if ($pas1 == NULL) { $error .= "Error: You have to enter your password\n<Br>"; } if ($pas1 != $pas2) { $error .= "Error: Your passwords does not match\n<Br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } //Check if the user exists for that domain $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainid = '$domainid' ", $db); $result = @mysql_fetch_array($result); $address = $username . "@" . $result['domainname']; $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$address' ", $db); $result = @mysql_fetch_array($result); if ($result['accountid'] != "") { $error .= "Error: The E-Mail address $address is already registered, please coose another username or domain\n<Br>"; mysql_close(); } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; } else { // Insert the new user infos into the database $passwd = md5($pas1); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "INSERT INTO hm_accounts (accountaddress, accountdomainid, accountadminlevel, accountpassword, accountactive, accountisad, accountmaxsize, accountpwencryption, accountvacationmessageon, accountoldaddress, accountfirstname, accountlastname, accountsecretque, accountsecretans) VALUES ('$address','$domainid','0','$passwd','1','0','$quota','2','0','$oldmail','$firstname','$lastname','$squestion','$sanswere')"; mysql_query($query) or die("Error: Can not query to the database"); mysql_close(); echo "<center><B>Completed!</b> <br><br> You have created an email account with us! you can use the E-Mail services eather by pop3/imap or by using the webmail system. <p>Please <A href=\"$webmailurl\">Login</a> to read or to send emails <p>Thank you $firstname $lastname for joining us"; } } else if ($action == "install") { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); mysql_query("ALTER TABLE `hm_accounts` ADD `accountoldaddress` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountfirstname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountlastname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretque` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretans` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accounttmpverify` VARCHAR(120) NOT NULL"); mysql_close(); Echo "The script is istalled successfuly"; } // If the user forgot his password, this is the page to recover it. else if ($action == "forgotpass") { echo "<Center><b>Welcome to the password recovery page</b> <br><br> This page will help you to recover your lost password, if you had filled the oldmail at the registration time You will be able to recover it by using the oldmail method, else you will have to use the secret question method"; echo "<br><br><center> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Old Email Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0><tr><td> Old email<td><input type=\"text\" name=\"oldemail\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassoldemail\"> <td><td><input type=\"submit\" value=\"Send me Recovery code\"></tr></td> </form></td></tr></table></table> <center><p> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Secret Question Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <tr><td>Frist name<td><input type=\"text\" name=\"firstname\"><tr> <tr><td>Last name<td><input type=\"text\" name=\"lastname\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassgetquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } // if the user submited data for the secret question method, // load the variables, and do the checks else if ($action == "fpassgetquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $questi = $result['accountsecretque']; echo "<center><b>Please answere your secret question: $questi </b>"; echo "<p><form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$questi\" name=\"squestion\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <td>Answe <td><input type=\"text\" name=\"sanswere\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } } else if ($action == "fpassquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } // If there was error, stop if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { echo "<b><center>Your info does match, please enter a new password for $username bellow</b>"; echo "<p><br><center> <table><tr><td> <center>Change password for $username<tr><Td> <center><table> <form name=\"forgot\" action=\"\" method=\"post\"> <tr><Td>Enter new password<td><input type=\"password\" name=\"pas1\"><Tr> <Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$squestion\" name=\"squestion\"> <input type=\"hidden\" value=\"$sanswere\" name=\"sanswere\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <input type=\"hidden\" value=\"forgpassquepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form></center>"; } else { echo "<b><center>Your info does NOT match</b><p> Your data does not match with the stored informations of $username, please enter the exact info"; } } } else if ($action == "forgpassquepro") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); if (normalmail($username) == FALSE) { die("Error"); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if ($_POST["pas1"] != $_POST["pas2"]) { $error = "<center><B>Your passwords does not match, please submit the form again</b></centeR>"; } if ($error != NULL) { echo $error; } else { if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { $accountid = $result['accountid']; //ok change the password $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<center><b>Ok Your password has changed, sign in now with your new password, and your ID $username</b></center>"; mysql_close(); } } } // forgot password, old email method. else if ($action == "fpassoldemail") { $username = $_POST["current"]; $oldmail = $_POST["oldemail"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if (normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username'", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($result['accountoldaddress'] == NULL) { $error .= "Error: Missing infos in the database for $username <Br>"; } if ($result['accountoldaddress'] != $oldmail) { $error .= "Error: The address $oldmail does not match with the old address of $username <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; mysql_close(); } else { // in that case somehow we have to generate a random code for($x=0;$x<10;$x++) { $y = rand(0,61); $z .= $y + (($y<10) ? 48 : (($y<20) ? 21 : 10)); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "UPDATE hm_accounts SET accounttmpverify = '$z' WHERE accountid = '$accountid'"; mysql_query($query); mysql_close(); $body = " The user account $username has this email associated with it. A Web user from " . $_SERVER['REMOTE_ADDR'] . " has just requested a Confirmation Code to change the password. Your Confirmation Code is: $z With this code you can now assign a new password at http://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?action=fpassconfirm&addr=$username&code=$z If you cant click in the link, copy paste the URL into your browser. If you didn't asked for this, don't worry. Just delete this Email."; $body = wordwrap($body, 70); $subject = "Lost password: confirmation code"; $headers=""; $headers = 'From: ' . $username; if (mail($oldmail, $subject, $body, $headers)) { echo "<b>Message successfully sent!</b> <p>Please read the email in your old address $oldmail to get the verification code and reset your password <p>Your IP address is loged for security reasons."; } else { echo "<b>Message delivery failed!</b>"; } } } else if ($action == "fpassconfirm") { $code = $_POST["code"]; $username = $_POST["addr"]; if (!IsSet($code)) { $code = $_GET["code"]; } if (!IsSet($username)) { $username = $_GET["addr"]; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; echo "<br><br> <form name=\"forgot\" action=\"\" method=\"post\"> <center> <table><tr> <Td>E-Mail address<td><input name=\"addr\" type=\"text\"> <tr><td>Code<td><input name=\"code\" type=\"text\"><tr> <input type=\"hidden\" value=\"fpassconfirm\" name=\"action\"> <td><td><input type=\"submit\" value=\"Submit\"></tr> </td></table></table></form></centeR> "; mysql_close(); } else { echo "<b><center>Confirmation code is valid, Please enter your new password bellow</b>"; echo "<p><br> <center><table><tr><Td> Change password for $username<tr><Td> <table><tr> <form name=\"forgot\" action=\"\" method=\"post\"> <Td>Enter new password<td><input type=\"password\" name=\"pas1\"> <Tr><Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$code\" name=\"code\"> <input type=\"hidden\" value=\"$username\" name=\"addr\"> <input type=\"hidden\" value=\"forgpasscodepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form>"; mysql_close(); } } // ok lets check the code again, and change the password. else if ($action = "forgpasscodepro") { $code = $_POST["code"]; $username = $_POST["addr"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($_POST["pas1"] != $_POST["pas2"]) { $error .= "Error: Passwords does not match. <Br>"; } if ($error != NULL) { echo $error; } else { $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<b>Your password has changed!</B><br><br> now you can sign in with your new password and your ID $username"; mysql_close(); } } echo "<center><p><em><font size=\"2\">Powered by <a target=\"hmail\" href=\"http://www.hmailserver.com\">HMailServer</a> @ All rights reserved</em></font></centeR>"; ?> Tnx Hi, I have a PHP script which I want to run from a different IP on my server. Example of what I want to do: My main ip: 4.5.6.7 Have several IP's on server. I want my PHP script (running from CLI) to use cURL with another IP, ay 4.5.6.9 Is this possible to do? Help would be greatly appreciated! I've written a script thats going to take a really long time to execute... Whats the best way to do this as far as the server not timing out? My script is calculating some statistics based on other tables in the database and then storing them in another table. The results are going to be hundreds of thousands or maybe even millions of rows. So I have a php script in public_html on my apache server, and it runs a global economy code for my browser game. If I open firefox and go to: http://localhost/Economy.php it runs the code, and it changes all the values in the database properly. How do I get that to run automatically, say every 6 minutes? I have windows so no cron jobs. I went to task scheduler and created a task which I thought would work, and it lists the task as running. But it gives me an error. Event Views: Code: [Select] Log Name: Microsoft-Windows-TaskScheduler/Operational Source: Microsoft-Windows-TaskScheduler Date: 9/28/2011 5:02:37 PM Event ID: 101 Task Category: Task Start Failed Level: Error Keywords: (1) User: SYSTEM Computer: Matt-PC Description: Task Scheduler failed to start "\Economy" task for user "Matt-PC\Matt". Additional Data: Error Value: 2147750687.Event Xml: Code: [Select] <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-TaskScheduler" Guid="{DE7B24EA-73C8-4A09-985D-5BDADCFA9017}" /> <EventID>101</EventID> <Version>0</Version> <Level>2</Level> <Task>101</Task> <Opcode>101</Opcode> <Keywords>0x8000000000000001</Keywords> <TimeCreated SystemTime="2011-09-28T22:02:37.967669800Z" /> <EventRecordID>18</EventRecordID> <Correlation /> <Execution ProcessID="1012" ThreadID="1484" /> <Channel>Microsoft-Windows-TaskScheduler/Operational</Channel> <Computer>Matt-PC</Computer> <Security UserID="S-1-5-18" /> </System> <EventData Name="TaskStartFailedEvent"> <Data Name="TaskName">\Economy</Data> <Data Name="UserContext">Matt-PC\Matt</Data> <Data Name="ResultCode">2147750687</Data> </EventData> </Event> EDITed for code tags hi
I am having problems trying to either include php file or execute a php script within <div with a class> which I use for a drop down menu, every bit of help much appreciated, thanks..singhy
<h2 class="hidenextdiv"><a href="#">dropdown menu1</a></h2> <div class="another dropmenuclass"> <h3>Test</h3> want to add my php working code here, have tried includes but no joy, it either breaks the dropdown menu or I am not getting the results back from the database, my script works ok, have tested it separately. <h3> </h3> <div style="clear: both;"> </div> </div> I am running some php via a cron and I was after the best way to achieve this. Currently I am doing it as follows:- Code: [Select] 0 * * * * lynx -dump http://www.domain.com/script.php This works fine but I don't want anybody being able to run the script by pointing their browser to the file. Any advice on the best method? Cheers. I have a php script that calls another script. It seems that the 2nd script times out or something. I have tried setting max_execution_time to 120 seconds. how can I fix this? I open to anything. Thanks Hi, i need some help with my script to take data from mysql database to be used for a login. Created table, with registration, checked passwords and such but the login button when clicked does nothing? please help <?php $username = $_POST['username']; $password = $_POST['upassword']; $self = $_SERVER['PHP_SELF']; $referer = $_SERVER['HTTP_REFERER']; #if either form field is empty return to the log-in page if( (!$username ) or (!$password ) ) { header( "Location:$referer" ); exit(); } #connect to mysql $conn = @mysql_connect( "server", "username", "password ) or die( "Could not connect" ); #select database $rs = @mysql_select_db( "removalspacelogin", $conn ) or die ( "Could not select db" ); #create query $sql="select * from users where username=\"$username\" and password = password( \$password\" )"; #execute query $rs = mysql_query( $sql, $conn ) or die( "Could not execute query" ); #get number of rows that match username and password $num = mysql_numrows( $rs ); #if there is a match the log-in in done if( $num != 0 ) { $msg = "Welcome $username - your log-in was successfull!"; } else #or return to: login.php { header( "Location:www.removalspace.com/wrong.html" ); exit(); } ?> <html> <head><title>Check-login</title></head> <body> <?php echo( $msg ); ?> </body> </html> Hi
I inserted javascript to track google ad conversions inside finalpage.htm which is parte of a major site I which I don’t have access to.
The site manager only allows uploading some .htm pages for customization purposes.
But the scripts are not running anymore.
When I use google label checker plugin to analyse the page, I got the message below:
<script> tag must not be included in a <span>
But the finalpage.htm is a blank page, so there is not <span>
Maybe <span> are coming from a higher level of the website.
Is there I way to prevent this and guarantee my seeing as a real blank page ?
Moises
I have a script there download a lot of images from a website it crawls, but when ever i started a crawler, it will keep downloading images. Even if i close firefox, it will continue to download images from the site. How can i stop it?. I am writing a script which will be dependent on the client's public ip address. e.g.
if the client is using ip address 203.122.55.124 script A should run and if else then script B should run. Now I know that the If and else will be used but cant guess how will the public ip be captured.
Please help
Hey y'all. Probably a dumb question here but I'm at a loss. I've got a PHP service script that has an include, written as so:
$config = new Config('config/config.json');
The config directory is next to the PHP script and does contain the config.json file, so when I run this from the CLI everything works great. However, I've got about 17 PHP services I need to start and really don't feel like typing them all out, so I've written a shell script that does this: #!bin/bash cd /path/to/my/script /usr/local/bin/php ./my-script.php This does start the service, but it bombs out because it can't find the config.json file. If I change the PHP to
$config = new Config('./config/config.json');
it works as expected from the shell script. Updating the files is technically possible, but fraught right now for reasons I can't really get into (sorry). Anybody know what the difference is, or have any ideas on how to get around this? Edited September 5, 2020 by maxxdI'm having trouble echoing $year in my script. Listed below is the script, just below ,$result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error());, in the script I try to echo $year. It doesn't show up in the table on the webpage. Everything else works fine. Any help wold be appreciated greatly. Thanks in advance. <?php include 'config2.php'; $search=$_GET["search"]; // Connect to server and select database. mysql_connect($dbhost, $dbuser, $dbpass)or die("cannot connect"); mysql_select_db("vetman")or die("cannot select DB"); $result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error()); // store the record of the "" table into $row //$current = ''; echo "<table align=center border=1>"; echo "<br>"; echo "<tr>"; echo "<td align=center>"; ?> <div style="float: center;"><a><h1><?php echo $year; ?></h1></a></div> <?php echo "</td>"; echo "</tr>"; echo "</table>"; // keeps getting the next row until there are no more to get if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 2; echo "<table align=center>"; echo "<br>"; while($row = mysql_fetch_array($result)) { // make the variables easy to deal with extract($row); // open row if counter is zero if($i == 0) echo "<tr>"; echo "<td align=center>"; ?> <div style="float: left;"> <div><img src="<?php echo $image1; ?>"></div> </div> <?php echo "</td>"; // increment counter - if counter = max columns, reset counter and close row if(++$i == $max_columns) { echo "</tr>"; $i=0; } // end if } // end while } // end if results // clean up table - makes your code valid! if($i > 0) { for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>'; } mysql_close(); ?> </table> Hello !
How I can make a script of my PHP code to work even if my website is not running
Can I make this with php ?
im testing the following script and it wont send 1 2 3 until the script has finished executing. What can i do to flush the buffer after every echo statement?? <?php echo "1"; ob_flush();flush(); sleep(5); echo "2"; ob_flush();flush(); sleep(5); echo "3"; ob_flush();flush(); ?> I have a php script that I've been running that seems to have been working but now I'm wondering if some of my logic is potentially off. I select records from a db table within a date range which I put into an array called ```$validCount``` If that array is not empty, that means I have valid records to update with my values, and if it's empty I just insert. The trick with the insert is that if the ```STORES``` is less than the ```Quantity``` then it only inserts as many as the ```STORES``` otherwise it inserts as many as ```Quantity```. So if a record being inserted with had Stores: 14 Quantity:12
Then it would only insert 12 records but if it had It would only insert 1 record. In short, for each customer I should only ever have as many valid records (within a valid date range) as they have stores. If they have 20 stores, I can have 1 or 2 records but should never have 30. It seems like updating works fine but I'm not sure if it's updating the proper records, though it seems like in some instances it's just inserting too many and not accounting for past updated records. This is the logic I have been working with:
if(!empty($validCount)){
for($i=0; $i<$row2['QUANTITY']; $i++){
try{
$updateRslt = $update->execute($updateParams);
}catch(PDOException $ex){
$out[] = $failedUpdate;
}
}
}else{
if($row2["QUANTITY"] >= $row2["STORES"]){
for($i=0; $i<$row2["STORES"]; $i++){
try{
$insertRslt = $insert->execute($insertParams);
}catch(PDOException $ex){
$out[] = $failedInsertStore;
}
}
}elseif($row2["QUANTITY"] < $row2["STORES"]){
for($i=0; $i<$row2["QUANTITY"]; $i++){
try{
$insertRslt = $insert->execute($insertParams);
}catch(PDOException $ex){
$out[] = $failedInsertQuantity;
}
}
}
}
Let's say customer 123 bought 4 of product A and they have 10 locations
customerNumber | product | category | startDate | expireDate | stores Because they purchased less than their store count, I insert 4 records. Now if my ```$validCheck``` query selects all 4 of those records (since they fall in a valid date range) and my loop sees that the array isn't empty, it knows it needs to update those or insert. Let's say they bought 15 this time. Then I would need to insert 6 records, and then update the expiration date of the other 9 records.
customerNumber | product | category | startDate | expireDate | stores There can only ever be a maximum of 10 (store count) records for that customer and product within the valid date range. As soon as the row count for that customer/product reaches the equivalent of stores, it needs to now go through and update equal to the quantity so now I'm running this but it's not running and no errors, but it just returns back to the command line
$total = $row2['QUANTITY'] + $validCheck;
if ($total < $row2['STORES']) {
$insert_count = $row2['QUANTITY'];
$update_count = 0;
} else {
$insert_count = $row2['STORES'] - $validCheck; // insert enough to fill all stores
$update_count = ($total - $insert_count); // update remainder
}
for($i=0; $i<$row2['QUANTITY']; $i++){
try{
$updateRslt = $update->execute($updateParams);
}catch(PDOException $ex){
$failedUpdate = "UPDATE_FAILED";
print_r($failedUpdate);
$out[] = $failedUpdate;
}
}
for($i=0; $i<$insert_count; $i++){
try{
$insertRslt = $insert->execute($insertParams);
}catch(PDOException $ex){
$failedInsertStore = "INSERT_STORE_FAILED!!!: " . $ex->getMessage();
print_r($failedInsertStore);
$out[] = $failedInsertStore;
}
}```
I want to id each comment so that where any member response on a comment, the INSERT and the SELECT knows where to display the responses, to what comment the responses belong to. t. it is like creating an id for each comment so the SELECT display each responses below in its messages. but i don't know if it is an html, php or javascript issue to handle below there are two forms, the parent form and the responses form below each comment form, I want the responses to display below each comment to what it belongs too. I have some tables structure problems and some html issues. the javascript is working for the parent comment it is working perfectly but for the second form the responses form it is not displaying below the comments. Code: [Select] <?php $id = $_GET['id']; // this id of the user being commented in the user table I guess I will need that id to identify which user is being commented "profile" that's the id of his profile if (isset($_SESSION['id'])) { $userid = $_SESSION['id']; $username = $_SESSION['name']; } else { // do this } // the userid contains the id and name of the user commenting "the user logged in". if ($_POST['comment_field_1'] != ""){ $comment_field_1 = $_POST['comment_field_1']; $comment_field_1 = stripslashes($comment_field_1); $comment_field_1 = strip_tags($comment_field_1); $comment_field_1 = mysql_real_escape_string($comment_field_1); $comment_field_1 = eregi_replace("'", "&#38;#39;", $comment_field_1); $sql = mysql_query("INSERT INTO comments (mem_id,commented_men_id, the_message,parent_id, message_date) VALUES('$userid','$idc','$comment_field_1', $parent_id now())") or die (mysql_error()); // i guess the $parent_id should be initialize somewhere in the top with a value of 0 or 1 depending weather it is a response or a comment. } // men_id is the field of the $userid, commented_men_id is the field for the commented on, $idc variable etc... if ($_POST['comment_field_2'] != ""){ // responses form field $comment_field_2 = $_POST['comment_field_2']; $comment_field_2 = stripslashes($comment_field_2); $comment_field_2 = strip_tags($comment_field_2); $comment_field_2 = mysql_real_escape_string($comment_field_2); $comment_field_2 = eregi_replace("'", "&#38;#39;", $comment_field_2); $sql = mysql_query("INSERT INTO comments (mem_id,commented_men_id, the_message,sub_commented_id, message_date) VALUES('$userid','$idc','$comment_field_1', $sub_commented_id now())") or die (mysql_error()); // here instead of $parent_id I use field created for responses to tag a comment as a response should be initialize somewhere in the top with a value of 0 or 1 depending weather it is a response or a comment. I am not sure weather I should leave the parent_id variable or come with this new field $sub_commented_id. What do you think? } // men_id is the field of the $userid, commented_men_id is the field for the commented on, $idc variable etc... if (isset($_SESSION['id'])) { if ($_SESSION['id'] == $userid ) { $the_message_form = ' comment (220 char max) <form align="left" id="comment" action="profile.php?id='.$idc.'" method="post" enctype="multipart/form-data" name="message_from"> <textarea type="text" id="text1" name="comment_field_1" rows="3" style="width:97%;"></textarea> <input class="commentinput" name="submit" type="button" value="submit comment" align="left" /> </form>'; } } $sql1 = mysql_query("SELECT id, mem_id, commented_men_id, the_message,parent_id, message_date FROM comments WHERE commented_men_id='$idc' ORDER BY message_date DESC LIMIT 20")or die ( mysql_error () ); $i = 0; while($row = mysql_fetch_array($sql1)){ $j = $i++; $message_id = $row["id"]; $uid = $row["mem_id"]; $the_message= $row["the_message"]; $message_date = $row["message_date"]; $message_date = strftime("%b %d, %Y, %Y %I:%M:%S %p", strtotime($message_date)); $sql_mem_data = mysql_query("SELECT id, name FROM users WHERE id='$uid' LIMIT 1"); while($row2 = mysql_fetch_array($sql_mem_data)){ $uid = $row2["id"]; $ufirstname = $row2["name"]; $ufirstname = mb_strimwidth($ufirstname, 0, 20, '…'); } $messageDisplayList .= ' <table width="100%" align="center" cellpadding="4" bgcolor="#CCCCCC" style="margin-bottom:0.5em"> <tr> <td width="auto" height="auto" bgcolor="#EFEFEF" style="vertical-align:top"><a width="auto" height="auto" title="'.$row2["name"] .' "href="profile.php?id='.$uid .'&name='.$row2["name"].'">' .$user_pic. '</a><br /> </td> <td width="93%" bgcolor="#EFEFEF"><a href="profile.php?id='.$uid.'">' . $ufirstname . ' </a> • <span style="font-size:10px; font-weight:bold; color:#A6A6A6;">' . $message_date . '</span><br /> <p id="only"> ' . $the_message . '</p><span class="comment">•<a style="padding-left:3.5px; color:#0099ff" href ="">Comment</a></span><div class="commentForm"><form align="left" id="bring" action="profile.php?id='. $uid .'" method="post" enctype="multipart/form-data" name="message_from"> <textarea name="comment_field_2" type="text" id="text2" rows="3" style="width:100%; height:30px;"></textarea> <input id="bringinput" name="submit" type="button" value="submit" align="left" /> </form></div> </td> </tr> </table> <br/>'; } $sql_sub_coment = mysql_query ("SELECT id, mem_id, commented_men_id, sub_commented_id, the_message, message_date FROM comments WHERE sub_commented_id='$blabid3' AND sub_commented_id != 0 ORDER BY blab_date DESC LIMIT 20"); while($row3= mysql_fetch_array($sql_sub_coment)){ $$message_id3 = $row3_sub["id"]; $uid3 = $row3_sub["mem_id"] ; $the_message3 = $row3_sub["the_message"]; $message_date3 = $row3_sub["message_date"]; $message_date3 = strftime("%b %d, %Y, %Y %I:%M:%S %p", strtotime($blab_date3)); $sql_mem_data = mysql_query("SELECT id, name FROM user WHERE id='$uid3' LIMIT 1"); while($row4 = mysql_fetch_array($sql_mem_data)){ $uid4 = $row4["category_id"]; $ufirstname2 = $row4["name"]; $ufirstname2 = mb_strimwidth($ufirstname2, 0, 20, '…'); } $$messageDisplayList2 .= '<table width="100%" align="center" cellpadding="4" bgcolor="#CCCCCC" style="margin-bottom:0.5em"> <tr> <td width="auto" height="auto" bgcolor="#FFFFFF"><a width="auto" height="auto" title="'.$row3["name"] .' "href="profile.php?category_id='.$uid4 .'">' .$blabber_pic2. '</a><br /> </td> <td width="93%" bgcolor="#EFEFEF"><a href="profile.php?id='.$uid4.'">' . $ufirstname2 . ' </a> • <span style="font-size:10px; font-weight:bold; color:#A6A6A6;">' . $message_date3 . '</span><br /><p id="submessage">' . $the_message3 . '</p> </td> </tr> </table>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title></title> <link rel="stylesheet" href="style/style.css" type="text/css" media="screen" /> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript"> $(document).ready(function(){ $(".commentForm").hide(); $(".comment").bind('click', function(){ $(this).nextAll(".commentForm:first").slideToggle(); return false; }); var html = $("#text1").html(); $(".blabinput").click(function() { console.log("AJAX EVENT OCCURED") $.post($('#comment').attr("action"), $("#comment").serialize(), function(html) { // Find the first table after the form in the HTML from the server and append it to the form on the page. $(html) .find('form + table').insertAfter('#comment').after('<br />'); }); }); var html2 = $("#text2").html(); $(".bringinput").click(function() { console.log("AJAX EVENT OCCURED") $.post($('#bring').attr("action"), $("#bring").serialize(), function(html2) { // Find the first table after the form in the HTML from the server and append it to the form on the page. $(html2) .find('form + table').insertAfter('#bring').after('<br />'); }); }); }); That's what I have so far. the first form the parent form is submitting and posting with the jquery of id #message, then the #bring id for the id of the second form or the response form is not working properly, it is inserting but posting the comment in the p tags with id only., that's where the parent comment post not the response comment form. it should post below but, somehow I have the html and the jquery mess up. Need help in there. the comment text is sliding toggling but the second time I click on, meaning sometimes it won't toggle the first time I click on it. But the main issue now is getting the responses form displaying below and Ajaxing without browser refresh. |
|||||||