froppo

HA! Oh i'm so dumb. In the HTML form itself I was was using the "id=..." instead of "name=..." Everything is all fixed!

So you're wanting the three boxes stacked on top of each other in the center of the page? If that's what you're looking for would this work? Remove the float:left; <body> <center> <div id=”Container”> <div id="left"></div> <div id="center"></div> <div id="right"></div> </div> </center> </body> Not 100% sure that's what you're going for.

Hey All, I have built a website using PHP and MySQL where users have to log in to use the site. I'm now trying to create a page on the site where logged in users can change their password if they need/want to. I thought this would be fairly easy and straight forward but I'm having a ton of issues. I've never been formally trained in PHP and MySQL, I've just picked up stuff along the way throughout the years so when I get into advanced stuff I start to struggle. I'm using MD5 hashing for the passwords right now. I already know this isn't the most secure method but since I'm familiar with it I'm just going to go with it for now. I'll worry about changing the hashing later. Anyway, the PHP code lives on the same page as the form. The HTML portion of the form has the following fields: Current Password (id="cur_password") New Password (id="password1") Confirm New Password (id="password2") Within the script I'm trying to verify that the Current Password and the password in the database match, but because of the MD5 I'm not exactly sure how to do this. Here is what I have so far: $sql = "SELECT * FROM users WHERE username='$log_username'"; $query = mysqli_query($db_conx, $sql); while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) { $username = $row[username]; $password = $row[password]; } $cur_password=md5($_POST['cur_password']); $password1=md5($_POST['password1']); $password2=md5($_POST['password2']); if (empty ($_POST['cur_password'])){ echo "Fill out all fields."; } else if ($cur_password != $password) { echo "There was a problem. Wrong Password."; } else if ($passord1 != $password2) { echo "Passords don't match."; } else { $sql = "UPDATE users SET password = MD5('$password1') WHERE username='$log_username' LIMIT 1"; $query = mysqli_query($db_conx, $sql); echo "Success! Password has been changed."; } When I test I keep getting the "Fill out all fields." message even though I submitted the form and none of the fields were blank. If I take the "empty" statement out I just keep getting the "There was a problem. Wrong Password." message which should happen only if the current password typed in and the current password in the database don't match. I know that I'm putting in the correct matching password. Anyway, any help you could give would be greatly appreciated. Thanks so much.

Hey thanks for your help! Any way you could give me the PHP code I would use to test this and where in the code (above in my original post) I would insert it? Sorry, I'm extremely visual and I get it a lot quicker if I see it. Thanks!

Hey there, I've been dabbling in PHP/MySQL for quite a few years. You'll have to forgive me, most of what I have learned has been self taught and therefore my programming vocab is very limited. That being said I've stumbled on a problem that I just can't figure out. I recently followed a tutorial that taught me how to build a fairly effective photo upload/gallery system for my website. It works just fine when dealing with photos of a small size (less than 1MB) but I keep getting an error with photos that are bigger. I have diligently searched through the code and made all the adjustments I can think of in order to allow larger photos to upload but I can't figure it out. So here is the error that I receive when attempting to upload larger photo sizes: Warning: getimagesize() [function.getimagesize]: Filename cannot be empty in php_parsers/photo_system.php on line 94 ERROR: That image has no dimensions OK. Now for the code. It's pretty substantial so I'll attempt to just include the relevant part. I have commented the offending 'line 94': if (isset($_FILES["photo"]["name"]) && isset($_POST["gallery"])){ $sql = "SELECT COUNT(id) FROM photos WHERE user='$log_username'"; $query = mysqli_query($db_conx, $sql); $row = mysqli_fetch_row($query); if($row[0] > 1000){ header("location: ../message.php?msg=The demo system allows only 1000 pictures total"); exit(); } $gallery = preg_replace('#[^a-z 0-9,]#i', '', $_POST["gallery"]); $fileName = $_FILES["photo"]["name"]; $fileTmpLoc = $_FILES["photo"]["tmp_name"]; $fileType = $_FILES["photo"]["type"]; $fileSize = $_FILES["photo"]["size"]; $fileErrorMsg = $_FILES["photo"]["error"]; $kaboom = explode(".", $fileName); $fileExt = end($kaboom); $db_file_name = date("DMjGisY")."".rand(1000,9999).".".$fileExt; // WedFeb272120452013RAND.jpg list($width, $height) = getimagesize($fileTmpLoc); //OFFENDING LINE 94 if($width < 10 || $height < 10){ echo "ERROR: That image has no dimensions"; exit(); } if($fileSize > 10485760) { header("location: ../message.php?msg=ERROR: Your image file was larger than 10mb"); exit(); } else if (!preg_match("/\.(gif|jpg|png)$/i", $fileName) ) { header("location: ../message.php?msg=ERROR: Your image file was not jpg, gif or png type"); exit(); } else if ($fileErrorMsg == 1) { header("location: ../message.php?msg=ERROR: An unknown error occurred"); exit(); } $moveResult = move_uploaded_file($fileTmpLoc, "../user/$log_username/$db_file_name"); if ($moveResult != true) { header("location: ../message.php?msg=ERROR: File upload failed"); exit(); } include_once("../php_includes/image_resize.php"); $wmax = 8000; $hmax = 9000; if($width > $wmax || $height > $hmax){ $target_file = "../user/$log_username/$db_file_name"; $resized_file = "../user/$log_username/$db_file_name"; img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt); } $sql = "INSERT INTO photos(user, gallery, filename, uploaddate) VALUES ('$log_username','$gallery','$db_file_name',now())"; $query = mysqli_query($db_conx, $sql); mysqli_close($db_conx); header("location: ../photos.php?u=$log_username"); exit(); } Any ideas or help would be greatly appreciated. I've been banging my head on my keyboard for over a week trying to figure this out. Could this be a php.ini issue? Am I doing something wrong with the temp file name? Thanks in advance for your help!

Hey does anyone know of any good tutorials on the web on how to create an upload form that collects data from the user (ex. Name, Email Address, Phone Number, etc.) and also uploads a file (ex. mp3) at the same time and inserts the form and file info into a mysql table? I've found numerous tutorials that teach how to create a PHP file upload script and I've found numerous tutorials on how to create a Form and how to use PHP to insert the Form info into a MySQL Table, but I can't seem to find a tutorial or example that shows a combination of both. I built something a while ago that I though worked fine. Every time I would test it I had no problems. Form info and file name would get inserted into the mysql table, the file would upload to the correct directory, but I just found out that numerous people have attempted to use the upload form but the info never gets inserted into the mysql table and thus I'm oblivious to the fact that someone tried uploading anything. The file sometimes gets uploaded to the correct directory and sometimes the file doesn't get uploaded at all. Functionality seems sporadic at best. Anyway, rather than attempt to fix what I've created I'm looking for a clean example / tutorial that shows an example of the HTML, PHP and MySQL code. Any help would be greatly appreciated. :-\ Thanks!!!

Hey everyone, I posted something similar to this before and thought I had received an answer, but for whatever reason, the script I wrote had inconsistent functionality. It would work sometimes, but not others. At any rate I had to completely revamp the script. Now I'm having the same initial problem with this new script. Basically, what I'm trying to do is get my PHP script to upload a file, insert form info into the MySQL Database Table, and insert the name of the uploaded file into the MySQL Database table as well. I've been able to get everything to work except inserting the name of the uploaded file into the MySQL Database table. I'll show you what I have currently (a stripped down version anyway) then any suggestions you could give would be much appreciated! Please help! I've been working on this for the past month and keep running into issues: <?php $target_path = "Images/"; $target_path = $target_path . basename($name = $_FILES['pic']['name']); $first_name=$_POST['first_name']; $last_name=$_POST['last_name']; $middle_init=$_POST['middle_init']; mysql_connect("localhost", "My_Username", "My_Password") or die(mysql_error()) ; mysql_select_db("My_Database") or die(mysql_error()) ; if (!$_POST['first_name'] | !$_POST['last_name'] | !$_POST['middle_init']) { header('Location:http://www.mysite.com/error.html'); die(); } $insert = "INSERT INTO image (first_name, last_name, middle_init, name) VALUES ('".$_POST['first_name']."', '".$_POST['last_name']."', '".$_POST['middle_init']."', '".$_POST['name']."')"; $add_member = mysql_query($insert); move_uploaded_file($_FILES['pic']['tmp_name'], $target_path) ?> <HTML> <HEAD> <TITLE>My Site</TITLE> HTML "Confirmation Script" continues on from there. Like I said before, everything works except the name of the uploaded file doesn't get inserted into the MySQL table. Oh...that specific field in the MySQL table is titled "name". Anyway, again, any help you could give would be awesome! Thanks!

HA! I figured it out!!! Instead of: $target_path = $target_path . basename( $_FILES['resume']['name']); I instead used: $target_path = $target_path . basename($name = $_FILES['resume']['name']); I now have the file defined as $name. Now all I have to do is include "$name" in the insert field: $query = "INSERT INTO `intern` VALUES ('$first_name', '$last_name', '$middle_init', '$name')"; $result = mysql_query($query) or die();

Hmm...i tried both of those and i still get the same result. File uploads to directory just fine, application info gets inserted into the MySQL database, but uploaded filename is not getting inserted into the database table. :-\

Hello, I'm having some frustrations right now. I have built an application form where an applicant inputs their info and then uploads their resume. Even though the resume gets uploaded to a directory on the server i would also like the file name of the resume to get inserted into the mysql database so that I can easily see which resume matches which applicant...if that makes sense. At any rate I'm able to get everything else to work, the applicant's info gets inserted into the database, the resume gets uploaded to the directory, i just can't seem to get the resume file name to also insert into the database. Most of the info i have found on this subject through googleing and the like has been a little over my head and/or a little more complex than what i'm looking for. Here is an extremely simplified version of what I have right now. I have excluded the 'connect to database' code since it's working fine and really doesn't have anything to do with this issue: <?php $target_path = "docs/"; $target_path = $target_path . basename( $_FILES['resume']['name']); $first_name=$_POST['first_name']; $last_name=$_POST['last_name']; $middle_init=$_POST['middle_init']; $resume=$_POST['resume']; mysql_query("INSERT INTO `intern` VALUES ('$first_name', '$last_name', '$middle_init', '$resume')") ; if (move_uploaded_file($_FILES['resume']['tmp_name'], $target_path)); ?> HTML begins after that. At any rate, any info, help, etc. you could provide would be GREATLY appreciated! Thanks! :'(

Hello. So I already know an extremely elementary way to check to see if a form field is blank using PHP. For example: if ($subject == "") The question I have is, is there a way to have php check every field in a form to make sure it has some sort of value? I want to create an 'if' statement which basically says, "If all form fields have something filled in, then do this" For example if ($subject == "any value") & ($name == "any value") & ($comment == "any value") Not sure if that makes sense. Any help would be greatly appreciated!!!

Hey I was working through a PHP tutorial for building a php registration and login script. I was able to get the registration script to work fine but I'm having trouble with the PHP login script I keep getting the following error when I test the form: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /public_html/login/login.php on line 23 Parse error: syntax error, unexpected $end in /public_html/login/memberspage.php on line 29 Here is the login.php file minus the actual db login info for obvious reasons: <?php //Database Information $dbhost = "localhost"; $dbname = "your database name"; $dbuser = "username"; $dbpass = "yourpass"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); session_start(); $username = $_POST['username']; $password = md5($_POST['password']); $query = "select where username='$username' and password='$password'"; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = "Bad Login"; include "login.html"; } else { $_SESSION['username'] = "$username"; include "memberspage.php"; } ?> Here is the memberspage.php file: <? // members page session_start(); if ( empty( $username ) ) { print "Please login below!"; include 'login.html'; } else { // you can use regular html coding below the ?> // and before the <? ?> <html> <head> <title>MEMBERS ONLY</title> </head> <body> Your Members Page.... </body> </html> <? I went through other tutorials and tried altering the offending lines but I wasn't able to get it to work right. Also, I'm looking to add a logout script to the memberspage.php file. I want the user to be able to click a simple href link that will log them out. How do you attach a logout php file to a normal link? Any help would be greatly appreciated. Thanks! ???

Sorry. The entire page script is as follows: [code] <?php # You must set this correctly to a # location where you are allowed to # create a file! $guestbook = 'guestbook.dat'; # Choose your own password $adminPassword = 'CHANGEME';         # Hide harmless warning messages that confuse users.         # If you have problems and you don't know why,         # comment this line out for a while to get more         # information from PHP         error_reporting (E_ALL ^ (E_NOTICE | E_WARNING)); # No changes required below here $admin = 0; if ($adminPassword == 'frank2') { die("You need to change \$adminPassword first."); } # Undo magic quotes - useless for flat files, # and inadequate and therefore dangerous for databases. See: # http://www.boutell.com/newfaq/creating/magicquotes.html function stripslashes_nested($v) { if (is_array($v)) { return array_map('stripslashes_nested', $v); } else { return stripslashes($v); } } if (get_magic_quotes_gpc()) { $_GET = stripslashes_nested($_GET); $_POST = stripslashes_nested($_POST); } ?> <html> <head> <title>Really Simple PHP Guestbook</title> </head> <BODY BGCOLOR=#000000 LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0 link="#97C5F4" vlink="#80A8D1"> <font face="helvetica" size=2 color="#ffffff"> <h1 align="center">Really Simple PHP Guestbook</h1> <div align="center"> <?php   $password = "";   if ($_POST['password'] == $adminPassword) {       $admin = 1;       $password = $adminPassword;   } else if (strlen($_POST['password'])) {       echo("<h2>Login Failed (Bad Password)</h2>\n");   } ?>  <table border="0" cellpadding="3" cellspacing="3"> <tr><th>Date</th><th>Name</th><th>Email</th><th>Comment</th> <?php   if ($admin) {       echo "<th>Controls</th>";   } ?> </tr> <?php   if ($_POST['submit']) {       $file = fopen($guestbook, "a");       if (!$file) {         die("Can't write to guestbook file");       }       $date = date('F j, Y, g:i a');       $id = rand();       $name = $_POST['name'];       $email = $_POST['email'];       $comment = $_POST['comment'];       $name = clean($name, 40);       $email = clean($email, 40);       $comment = clean($comment, 40);       fwrite($file,         "$date\t$name\t$email\t$comment\t$id\n");       fclose($file);    }   $file = fopen($guestbook, 'r');   $tfile = null;   $delete = 0;   $deleteId = '';   if ($admin && $_POST['delete']) {       $delete = 1;       $deleteId = $_POST['id'];       $tfile = @fopen("$guestbook.tmp", 'w');       if (!$tfile) {         die("Can't create temporary file for delete operation");       }   }   if ($file) {       while (!feof($file)) {         $line = fgets($file);         $line = trim($line);         list ($date, $name, $email, $comment, $id) =             split("\t", $line, 5);         if (!strlen($date)) {             break;         }         if (!strlen($id)) {             // Support my old version             $id = $date;         }          if ($delete) {             if ($id == $deleteId) {               continue;             } else {               fwrite($tfile,                   "$date\t$name\t$email\t$comment\t$id\n");             }         }         echo "<tr><td>$date</td><td>$name</td>";         echo "<td>$email</td><td>$comment</td>";         if ($admin) {             echo "<td>";             echo "<form action=\"guestbook.php\" " .               "method=\"POST\">";             passwordField();             hiddenField('id', $id);             echo "<input type=\"submit\" " .               "value=\"Delete\" " .               "name=\"delete\">";             echo "</form>";             echo "</td>";         }         echo "</tr>\n";       }       fclose($file);       if ($delete) {         fclose($tfile);         unlink($guestbook);         rename("$guestbook.tmp", $guestbook);       }    }   function clean($name, $max) {       # Turn tabs and CRs into spaces so they can't       # fake other fields or extra entries       $name = ereg_replace("[[:space:]]", ' ', $name);       # Escape < > and and & so they       # can't mess withour HTML markup       $name = ereg_replace('&', '&amp;', $name);       $name = ereg_replace('<', '&lt;', $name);       $name = ereg_replace('>', '&gt;', $name);       # Don't allow excessively long entries       $name = substr($name, 0, $max);       # Undo PHP's "magic quotes" feature, which has       # inserted a \ in front of any " characters.       # We undo this because we're using a file, not a       # database, so we don't want " escaped. Those       # using databases should do the opposite:       # call addslashes if get_magic_quotes_gpc()       # returns false.       return $name;   }   function passwordField() {       global $admin;       global $password;       if (!$admin) {         return;       }       hiddenField('password', $password);   }   function hiddenField($name, $value) {       echo "<input type=\"hidden\" " .         "name=\"$name\" value=\"$value\">";   } ?> </table> <?php   if (!$admin) { ?> <form action="guestbook.php" method="POST"> Admin Login <p> Admin Password: <input type="password" name="password"> <input type="submit" name="login" value="Log In"> </form> <?php   } ?> <form action="guestbook.php" method="POST"> <table border="0" cellpadding="5" cellspacing="5"> <tr> <td colspan="2">Sign My Guestbook!</td> </tr> <tr> <th>Name</th><td><input name="name" maxlength="40"></td> </tr> <tr> <th>Email</th><td><input name="email" maxlength="40"></td> </tr> <tr> <th>Comment</th><td><input name="comment" maxlength="40"></td> </tr> <tr> <th colspan="2"> <input type="submit" name="submit" value="Sign the Guestbook"> </th> </tr> </table> <?php   passwordField(); ?> </form> </div> </body> </html> [/code] I just want the posts that the people leave in the guestbook...(date, name, email, comment) to be white instead of the color black. I've tried just using the typical html tag <font color=....> but that didn't work. How would I change the color of the posts people leave?

Hey everyone. I'm way new to this so please bare with me. I downloaded a simple pre-built php script for a guestbook for my website. I've been able to alter everything in the script the way I want, except the color of the text that people post. The script is as follows: ------------------------------------------------------------------------------------------ <?php $password = ""; if ($_POST['password'] == $adminPassword) { $admin = 1; $password = $adminPassword; } else if (strlen($_POST['password'])) { echo("<h2>Login Failed (Bad Password)</h2>\n"); } ?> <table border="0" cellpadding="3" cellspacing="3"> <tr><th>Date</th><th>Name</th><th>Email</th><th>Comment</th> <?php if ($admin) { echo "<th>Controls</th>"; } ?> </tr> <?php if ($_POST['submit']) { $file = fopen($guestbook, "a"); if (!$file) { die("Can't write to guestbook file"); } $date = date('F j, Y, g:i a'); $id = rand(); $name = $_POST['name']; $email = $_POST['email']; $comment = $_POST['comment']; $name = clean($name, 40); $email = clean($email, 40); $comment = clean($comment, 40); fwrite($file, "$date\t$name\t$email\t$comment\t$id\n"); fclose($file); } $file = fopen($guestbook, 'r'); $tfile = null; $delete = 0; $deleteId = ''; if ($admin && $_POST['delete']) { $delete = 1; $deleteId = $_POST['id']; $tfile = @fopen("$guestbook.tmp", 'w'); if (!$tfile) { die("Can't create temporary file for delete operation"); } } if ($file) { while (!feof($file)) { $line = fgets($file); $line = trim($line); list ($date, $name, $email, $comment, $id) = split("\t", $line, 5); if (!strlen($date)) { break; } if (!strlen($id)) { // Support my old version $id = $date; } if ($delete) { if ($id == $deleteId) { continue; } else { fwrite($tfile, "$date\t$name\t$email\t$comment\t$id\n"); } } echo "<tr><td>$date</td><td>$name</td>"; echo "<td>$email</td><td>$comment</td>"; if ($admin) { echo "<td>"; echo "<form action=\"guestbook.php\" " . "method=\"POST\">"; passwordField(); hiddenField('id', $id); echo "<input type=\"submit\" " . "value=\"Delete\" " . "name=\"delete\">"; echo "</form>"; echo "</td>"; } echo "</tr>\n"; } fclose($file); if ($delete) { fclose($tfile); unlink($guestbook); rename("$guestbook.tmp", $guestbook); } } function clean($name, $max) { # Turn tabs and CRs into spaces so they can't # fake other fields or extra entries $name = ereg_replace("[[:space:]]", ' ', $name); # Escape < > and and & so they # can't mess withour HTML markup $name = ereg_replace('&', '&amp;', $name); $name = ereg_replace('<', '&lt;', $name); $name = ereg_replace('>', '&gt;', $name); # Don't allow excessively long entries $name = substr($name, 0, $max); # Undo PHP's "magic quotes" feature, which has # inserted a \ in front of any " characters. # We undo this because we're using a file, not a # database, so we don't want " escaped. Those # using databases should do the opposite: # call addslashes if get_magic_quotes_gpc() # returns false. return $name; } function passwordField() { global $admin; global $password; if (!$admin) { return; } hiddenField('password', $password); } function hiddenField($name, $value) { echo "<input type=\"hidden\" " . "name=\"$name\" value=\"$value\">"; } ?> </table> <?php if (!$admin) { ?> <form action="guestbook.php" method="POST"> <b>Admin Login</b> <p> Admin Password: <input type="password" name="password"> <input type="submit" name="login" value="Log In"> </form> <?php } ?> <form action="guestbook.php" method="POST"> <table border="0" cellpadding="5" cellspacing="5"> <tr> <td colspan="2">Sign My Guestbook!</td> </tr> <tr> <th>Name</th><td><input name="name" maxlength="40"></td> </tr> <tr> <th>Email</th><td><input name="email" maxlength="40"></td> </tr> <tr> <th>Comment</th><td><input name="comment" maxlength="40"></td> </tr> <tr> <th colspan="2"> <input type="submit" name="submit" value="Sign the Guestbook"> </th> </tr> </table> <?php passwordField(); ?> </form> </div> </body> </html> ----------------------------------------------------------- How would I change the color of the text that people post from black to white? The website's background color is black so when they post their guestbook comments obviously it's not visible and it needs to show up as white. Also, is there any way I can change the size of the text? Examples would be very helpful. Thanks for your time and patience. -froppo ;D