Alex1646

Oh My Gosh. I am so dumb. I meant to use mysql_real_escape_string().

All I did was add cookies to my login system. Now I get this error: Notice: Undefined index: password in C:\wamp\www\Login\inc\login.php on line 7 And Notice: Undefined index: user_name in C:\wamp\www\Login\inc\login.php on line 6 Here is my code for the action page: <?php $username = mysql_fetch_assoc($_POST['user_name']); $password = mysql_fetch_assoc($_POST['password']); $q1 = " SELECT FROM login_info WHERE user = '$username' "; $s1 = mysql_query($q1) or die(mysql_error()); if(mysql_num_rows($s1)===0) { echo '<div id="error"> <div id="message"> We cannot seem to find your username. </div> </div>'; } else { $r1 = mysql_fetch_assoc($s1); if($password === $r1['password']) { if(isset($_POST['remember'])) { setcookie('user', $username); } else { $_SESSION['user'] = $username; } echo '<div id="message"> Login Sucssesful </div>'; } } ?> Here is line 6&7: $username = mysql_fetch_assoc($_POST['user_name']); $password = mysql_fetch_assoc($_POST['password']); And here is the form. <form action="?p=login" method="post" > <label for="user_name"> User Name: </label> <input type="text" name="user_name" /> <label for="password"> Password: </label> <br /> <input type="password" name="password"/> <input type="checkbox" name="remember" /> <label style="display:inline;" for='remember'> Remember Me.</label> <br /> <input name="submit" type="submit" value="Submit" /> <input name="reset" type="reset" value="Reset" /> </form>

What paramiter has the integer?

Try using uniqid(), then checking the database for any duplicates using a mysql WHERE statement.

You have to call the function for it to be executed. <?php echo limit_text( $row_novedades_RS['novedades_descripcion_esp'], 100 ); ?>

Yeah, Shuffle() do the trick.

Here is the error: Warning: image_type_to_extension() expects parameter 1 to be long, string given in C:\wamp\www\Login\inc\edit-profile.php on line 23 Here is the code for line 23: $type = image_type_to_extension($_FILES['pic']['type'], true); Here is the code for the whole page: <?php if(!$userb) { login('?p=edit-profile'); die(); } if(isset($_POST['submit'])) { $mottof = mysql_real_escape_string(bb($_POST['motto'])); $aboutf = mysql_real_escape_string(bb($_POST['about'])); $interesrsf = mysql_real_escape_string(bb($_POST['interests'])); $booksf = mysql_real_escape_string(bb($_POST['books'])); $authorsf = mysql_real_escape_string(bb($_POST['author'])); $randf = mysql_real_escape_string(bb($_POST['random'])); if($_FILES['pic']['type'] == 'image/gif' || $_FILES['pic']['type'] == 'image/jpeg' || $_FILES['pic']['type'] =-'image/pjpeg' || $_FILES['pic']['type'] == 'image/png') { if($_FILES['pic']['size'] < 8388608) { if($_FILES['pic']['name'] != '') { //mkdir('/images/user_images/' .$user_log); $type = image_type_to_extension($_FILES['pic']['type'], true); move_uploaded_file($_FILES['pic']['tmp_name'], 'images/user_images/' .$user_log .'pp' .$type); $path = 'images/user_images/' .$user_log .'pp' .$type; } else { $path = 'images/user_images/user.jpg';} } $q2 = "UPDATE login_info SET profile_picture = '$path' WHERE user='$user_log' "; mysql_query($q2) or die(mysql_error()); } $query = " UPDATE login_info SET motto = '$mottof', about = '$aboutf', fav_books = '$booksf', fav_authors = '$authorsf', interests = '$interesrsf', random = '$randf' WHERE user='$user_log' "; mysql_query($query); echo '<h3> Profile Updated </h3>'; } $q = "SELECT * FROM login_info WHERE user='$user_log' "; $s = mysql_query($q) or die(mysql_error()); $r = mysql_fetch_assoc($s); $motto = $r['motto']; $about = $r['about']; $books= $r['fav_books']; $authors = $r['fav_authors']; $rand = $r['random']; $interests = $r['Interests']; if(isset($_GET['act'])){$red = '?p=' .$rpage ;} else {$red='?p=edit_profile';} echo" <form action='?p=edit-profile' enctype='multipart/form-data' method='post' > <label>Motto: </label> <input type='text' name='motto' value='$motto' placeholder='Motto' /> <label> About :</label> <textarea name='about' cols='40' rows='10'> $about</textarea> <label> Interests: </label> <textarea name='interests' cols='40' rows='10'> $interests </textarea> <label> Favorite Books: </label> <textarea name='books' cols='40' rows='10'> $books </textarea> <label> Favorite Authors </label> <textarea name='author' cols='40' rows='10'> $authors </textarea> <label> Random: </label> <textarea name='random' cols='40' rows='10'> $rand </textarea> "; ?> <script type='text/javascript'> function if_checked() { if($('#cur').is(':checked')) { $('#pic').attr('disabled', true); } else { $('#pic').removeAttr('disabled'); } } </script> <label> Profile Picture: </label> <input type='checkbox' name= 'current' id='cur' onchange="if_checked();" checked /> <label for='current' style='display:inline;'> Current profile picture </label> <br /> <input type='file' id='pic' name='pic' disabled="disabled" /> <br /> <input type='submit' value ='Submit' name='submit' /> </form> Ive used the function before and I havent encountered this error. Im not sure what it means.

I am trying to take a variable from a database. But it keeps equaling nothing. Ive tried using mysql_error() and sI get nothing. I also keep tryed mysql_num_rows() and I get 3(just what Id exspect). Here is the code. <?php if($userb) { $q1 = " SELECT sub FROM login_info WHERE user='$user_log' LIMIT 1 "; $s1 = mysql_query($q1); $scribe = mysql_fetch_assoc($s1); $sub = explode('![sep]!' ,$scribe['sub']); foreach($sub as $key => $name) { $q2 = " SELECT * FROM subscribe WHERE user = '$name' "; echo 'Llama'; $s2 = mysql_query($q2); $num1 = mysql_num_rows($s2); echo '<h3>' .$name .' Posted ' .$num1 .' Storie(s)! </h3>'; while($stor = mysql_fetch_assoc($s2)); { $story = $stor['stor']; $sid = $stor['sid']; $q3 = " SELECT * FROM story_info WHERE id = $sid "; echo $q3 .'<br />'; $s3 = mysql_query($q3) or die(mysql_error()); $rows = mysql_fetch_assoc($s3); $viewsdb = $rows['views']; $titledb = $rows['title']; $userdb = $rows['user']; $catdb = $rows['cat']; $ratdb = $rows['rating']; $id_db = $rows['story_id']; $sumdb = shorten($rows['sum']); echo "<h3><a href='?p=page&id=$id_db'> $titledb </a> </h3>"; echo "<div id='fun_info'>"; echo "$sumdb <br />"; echo "By <a href='?p=profile&user=$userdb'> $userdb </a> <br /> "; echo "$viewsdb Views | Rated: $ratdb | Catagory: <a href='?p=cat_view&gen=$catdb'> $catdb </a> </div>"; } } } else { login('?p=sub'); }

Hello. I have a system worked out where I have 2 columes for friends in my database (login_info). One of these is requests and the other is friends. Each request/friend is seperated with a underscore (_). I use the explode() function to seperate the friends/requests into a array. My only problem is I want to display the a different text if the user has sent a requests or is already friends with the user. I tried to do this using the array_search() function and converting it into a boolean (with the boolean cast). It doesn't seem to be working. <?php $query = mysql_query('SELECT friends, requests FROM login_info WHERE user = \' ' .$userget .'\''); $friend = mysql_fetch_assoc($query); $req = explode('_', $friend['requests']); $friends = explode('_', $friend['friends']); if((bool)array_search($userget, $friends) && (bool)checkarray($userget, $req)) { echo '<a href="?p=add&user='.$userget .'"> Add As Friend </a>'; } if((bool)array_search($userget, $req)) { echo 'Friend Request Pending'; } if((bool)array_search($userget, $friends)) { echo $userget .'Is Your Friend' .$user_log .'!'; } ?> Any help?

Thanks for the help. I have my private messaging system up and running now.

SQL Server Verison: 5.1.5.3 Raw SQL statement: INSERT INTO pm(to, from, message, date) VALUES('alex', 'alex', 'Bored!', '2011-03-30 04:30') Error statement: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'to, from, message, date) VALUES('alex', 'alex', 'Bored!', '2011-03-30 04:30')' at line 1 I also went into the SQL demo in W3Schools (http://www.w3schools.com/sql/sql_tryit.asp) thinking it will give me more information. And I got this error message. Operation must use an updateable query. SQL structer: The table name is pm id int(11) to varchar(15) from varchar(15) message longtext date(datetime) I would like it to not give me a error message. Ive tried removing single quotes. Cant think of anything else to do. HELP!

Im using this mysql verison: 5.1.53 Im trying to select something from my database with a where clause. Here is my code: SELECT * FROM story_info ORDER BY added WHERE cat='drama' When I add or die(mysql_error()) I get You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE cat='drama'' at line 3

Not sure why this isnt working. <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script> <script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <LINK REL=StyleSheet HREF="inc/dyn_style.css" TYPE="text/css" MEDIA=screen /> <?php ?> <?php include('logic.inc'); mysqlConnect(); ?> <script type="text/javascript" src="bbeditor/ed.js"></script> <link rel="stylesheet" type="text/css" href="dyn_style.css" /> <title> Social </title> <script type="text/javascript"> function changeTitle(title) { document.title = title; } </script> </head> <body> <?php $inc = 'new_story.php'; $view = 'Newest '; $by = 'added'; $where = " "; $where2 = " "; $order = "ASC"; $gen = "All"; $rat = 'All'; $blerg = ""; $sort = 'newest'; //---------------------------------------------------------------------- if(isset($_GET['sub'])) { $sort = $_GET['sort']; switch($sort) { case "Most Popular"; $by = 'views'; $view = 'Most Popular '; $order = 'DESC'; break; case "Most Reviewed"; $view= 'Most Reviewed '; $by = 'reviews'; $order = 'DESC'; break; case "Newest"; $by = 'added'; $view = 'Newest'; $order = 'ASC'; break; } $genre = mysql_real_escape_string($_GET['cat']); $rating = mysql_real_escape_string($_GET['rat']); if($gen == 'All') { $where = " "; $blerg = ""; } else { $where = "WHERE cat='$gen'"; } if ($rat == "All") { $where2 = ' '; $blerg = 'AND'; } else { $where2 = $blerg ." rating = '$rat' "; } } //---------------------------------------------------------------------- ?> <?php serch(); ?> <form action="story.php" method="get"> <label id='inline'> Order By: </label> <select name='sort'> <option selected='yes' label='Currently Selected' > <?php echo $view; ?> </option> <option> Newest </option> <option> Most Popular</option> <option> Most Reviewed </option> </select> <input type='hidden' value='spec_view' name='p' /> <label id='inline'> Genre/Catagory: </label> <select name='gen'> <option selected='yes' label = 'Selected Genre - <?php echo $gen; ?>'> <?php echo $gen; ?> </option> <option> All </option> <option> Fantasy </option> <option> Adventure </option> <option> Science Fiction</option> <option> Drama</option> <option> Fable </option> <option> Horror</option> <option> Humor</option> <option> Realistic Fiction </option> <option> Tall Tale</option> <option> Mystery </option> <option> Mythology </option> <option> Poetry </option> <option> Shorty Story </option> <option> Romance </option> </select> <label id='inline'> Rating: </label> <select name='rat'> <option selected='yes' label = "Selected Genre - <?php echo $rat; ?>"> <?php echo $gen; ?> </option> <option> All </option> <option> C </option> <option> C13 </option> <option> YA </option> <option> A </option> </select> <input type='submit' value='Go!' name = 'go' /> </form> <?php $query = " SELECT * FROM story_info ORDER BY $by $order $where $where2 "; echo $query; $select = mysql_query($query) or die(mysql_error()); while($rows = mysql_fetch_assoc($select)) { $viewsdb = $rows['views']; $titledb = $rows['title']; $userdb = $rows['user']; $catdb = $rows['cat']; $ratdb = $rows['rating']; $id_db = $rows['story_id']; $sumdb = shorten($rows['sum']); echo "<h3><a href='?p=page&id=$id_db'> $titledb </a> </h3>"; echo "<div id='fun_info'>"; echo "$sumdb <br />"; echo "By <a href='?p=profile&user=$userdb'> $userdb </a> <br /> "; echo "$viewsdb Views | Rated: $ratdb | Catagory: <a href='?p=cat_view&gen=$catdb'> $catdb </a> </div>"; } ?> </div> </body> </html>

To validate form data without it getting submitted you have to use JavaScript. This is because PHP is interpreted on the server, so you have to make a request to the server for it to work(unless you use AJAX but that is a different story). Try looking into JavaScript form validation.

OMG. Really??? I spent like a hour debugging that code, and it was something as mundane as a semicolon. Well, at least I will never be making that mistake again. Thanks for everyone who read this post, and thanks even more to everyone who helped me!