HDFilmMaker2112
-
Posts
547 -
Joined
-
Last visited
Never
Posts posted by HDFilmMaker2112
-
-
This is the script I used:
http://www.phpeasystep.com/phptu/29.html
Example:
http://www.GhostHuntersPortal.com/store.php?cat=emf-meters&num_products=8
-
Alright... I made my own cipher that converts the password to another string... then from there I'm going to use MD5 + salt , and then SHA512 on the MD5 Hash... or would this be complete over kill?
hash('sha512',(md5s(cipher($string)))) -
$letter['a']=01;
$number['01']="0";
My GF pointed out that $letter['a']=01; should have quotes around the 01.
$letter['a']="01";
Solved it.
-
if(isset($_GET['item']) && ctype_digit($_GET['item'])){ $item_id=$_GET['item']; $sql50="SELECT * FROM $tbl_name WHERE item_id='$item_id'"; $result50=mysql_query($sql50); while($row50=mysql_fetch_array($result50)){ //product display here } }From that whenever you have ?item=item number in the URL you'll get a SQL Query for that product/item.
-
I expanded this out to the whole alphabet lower and capital case + 0-9.
And it's now converting a 10 character string to 8 characters.
<?php require_once 'llib.php'; require_once 'nlib.php'; $str = 'Asda12Ka12'; $new_str = ''; foreach (str_split($str) as $char) { $new_str .= $number[$letter[$char]]; } echo $new_str; ?>I've tracked it down to the lowercase a
$letter['a']=01;
$number['01']="0";
so instead of inserting 0 into the new string it just doesn't insert anything.
I end up with this:
q9eRSvRS
It should be:
q9e0RSv0RS
-
hmmm alright that works now
$nh = mysql_num_rows(mysql_query("SELECT mail.*,messages.* FROM `messages` JOIN `mail` WHERE `mail`.`status`='1' AND `messages`.`to`='{$_SESSION['id']}' AND `messages`.`mail_id`=mail.id"));but... came to a glitch. I want to show if there is a new message the the current user. right now it will show if there has been any messages sent to the current user (any at all) where messages.mail_id=mail.id and mail.status=1
so basically if current user sends message to userid=40 and mail_id=12 then it sets mail.status=1 where mail.id=12
and userid=40 sends message back it marks mail.status=1 again so it will still think the current user has a new message.
any idea how to fix that flaw in my system?
You're out of my range now... Hope I don't make admins mad here, but go to the MySQL section on http://forums.devshed.com/mysql-help-4/
And look for some help from the mod "r937". Pretty much solved any complex SQL Query I've ever had to write.
-
I apologize I had two files called the same thing and uploaded the wrong one. Your way is working.
-
SELECT COUNT(messages.mail_id) FROM messages JOIN mail WHERE mail.status=1 AND messages.mail_id=mail.id
-
-
SELECT mail.*,messages.* FROM messages JOIN mail WHERE mail.status=1 AND messages.to=
-
How are you determining what user to get the messages for?
I would think it should be straight forward like this, if I'm understanding correctly.
SELECT * FROM messages WHERE status=1 AND user_id=USERID
-
Here's what I have right now:
$input = "YAPePAsdf"; $input = str_split($input); foreach($input as $key=>$char){ if(isset($letter[$char])){ $input[$key] = $letter[$char]; } } $output = implode("-", $input); echo $output;above that is a bunch of code assigning a letter to a number in this format:
$letter['letter']=number 1-52;
This isn't displaying anything.
-
Looking for the best way to convert a string to a bunch of numbers and then those numbers to a new string.
Something like this:
$string="APWE";
A into 05, 05 into Y.
P into 36, 36 into A
W into 23, 23 into e
E into 13, 13 into P
So it will go from APWE to 05362313 to YAeP
Looking at str_split($numbers, 2) to get from the numbers to the letters, but do I need to have a full library of each letters corresponding number and then the corresponding letter to those numbers to convert back to the new letters?
-
I'm having an issue redirecting my page to an error page if my UPDATE query does not find a matching entry to update:
elseif($_GET['forgot']=="password"){ $new_password =& generatePassword(); $username=sanitize($_POST['username']); $sql1="UPDATE $tbl_name SET password='$new_password' WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result1=mysql_query($sql1); $num_rows1=mysql_affected_rows(); if($num_rows1==1){ $content.='<p class="center">New password generated. It has been emailed to the email address provided.</p><br />'; $message='Some one (hopefully you) requested a new password be generated for your account on Make the Movie Happen. Below is the newly generated password: Password: '.$new_password.' Once you log-in, please change your password. Thank You, Make the Movie Happen Support Team '; mail($email, 'Make the Movie Happen - New Password', $message, 'From: general@makethemoviehappen.com'); } elseif($num_rows1=="-1"){ header("Location: ./index.php?forgot&e=1"); } else{ $content.='New password could not be generated. If you continue to have issues, please email <a href="mailto:general@makethemoviehappen.com">general@makethemoviehappen.com</a> for assistance.'; } }mysql_affected_rows should return a positive number if it finds rows to update and -1 if the query fails. I thought if it didn't find anything to update the query would fail... should it be 0 instead of -1?
Here's where the page redirects if it doesn't find anything to update.
else{ $content='<div class="main"> <div class="main_header clear">Forgot Password/Username</div> <br /> <div> <p class="eighteen">Forget Password</p> <p>Enter the information below to reset your password.</p>'; if($_GET['e']=="1"){ $content.='<p class="red">Information entered incorrect.</p>'; } $content.=' <form action="./index.php?forgot=password" method="post"> <p><label>Username:</label> <input type="text" name="username" size="30" /></p> <p><label>E-Mail of Original Donation/Purchase:</label> <input type="text" name="email" size="32" /></p> <p><label>Total Donation Amount:</label> <input type="text" name="donation_amount" size="5" /> <span class="twelve">(In x,xxx.xx format. Any other format will cause an error.)</span></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> <br /> <div> <p class="eighteen">Forget Username</p> <p>Enter the information below to have your username emailed to you.</p>'; if($_GET['e']=="2"){ $content.='<p class="red">Information entered incorrect.</p>'; } $content.=' <form action="./index.php?forgot=username" method="post"> <p><label>E-Mail of Original Donation/Purchase:</label> <input type="text" name="email" size="32" /></p> <p><label>Total Donation Amount:</label> <input type="text" name="donation_amount" size="5" /> <span class="twelve">(In x,xxx.xx format. Any other format will cause an error.)</span></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> <br /> '; } -
Can the following be condensed into one query?
$username=sanitize($_POST['username']); $sql="SELECT * FROM $tbl_name WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result=mysql_query($sql); $num_rows = mysql_num_rows($result); if($num_rows==1){ $sql1="UPDATE $tbl_name SET password='$new_password' WHERE username='$username' AND email='$email' AND amount='$donation_amount'"; $result1=mysql_query($sql1); $num_rows1=mysql_affected_rows();Should I just throw out the SELECT and just use the update? $num_rows1 will equal 0 if it doesn't find an entry to update correct?
-
One more question...
When somebody tried to log-in, how do I compare the hashed/encrypted password to the one entered? Do I convert the one in DB back to readable characters, or convert the one entered to try to match the data in the DB?
-
AND when I do log in through the main login section it is not recognizing the user.
First invert the if statement... make it so the if is checking if they are logged in, not if there not... this way worst case some one can't log-in. Right now the else is letting anybody have access.
-
Forgot to post my current Table set-up:
ideas
message_number
donor_id
username
name
amount
message
This is for a system of donors submitting ideas to a film production. So we need to permit the submission of an idea, and me to communicate back and forth with them while keeping all the messages corresponding with that idea under the same group.
-
What would be the best password encryption to use... I've seen MD5, SHA1, SHA256, and SHA512.. but I've recently posts suggesting that bcrypt or CRYPT_BLOWFISH is a better method? The will be my first attempt at password encryption.
-
join is good, but to keep it simple u could do what u are trying to just exclude the while loop like this:
$findBarIdBy_sql = "SELECT * FROM barer WHERE city_id = '$city_id'";
$findBarIdBy_query = mysql_query($findBarIdBy_sql) or die(mysql_error());
$row_barid = mysql_fetch_assoc($findBarid)or die(mysql_error());
// then put the row u want into a varible and query again with sed varible
$barid = $row_barid['store id '];
//
query again and put that $barid into your query .....
the method i use i never use joins take longer !
JOIN is actually quicker... Let MySQL do as much as possible. Every time you do a new query, your starting...stopping... and then starting MySQL again. If I'm not mistaken. And it's cleaner code.
-
What would be the best way to set-up a database for a messaging system? I'm basically looking for some like GMail where the messages are kept together. So if you go back and forth with the discussion, each piece of the discussion would be show up with those other replies.
Should I just do a unique message id and link together those unique ids some how?
-
http://www.novahost.com.... $6 a month.
And there's no such thing as unlimited bandwidth... Read the terms of service... they say they can cap your bandwidth at any point should they feel you're using to much. It's basically up to the mood of who ever keeps tabs on your bandwidth use for that day, if they feel like capping it.
-
*******
form.php
*******
<?php $form=' some php code... <form> some php and html ... php form... </form>'; ?>
******
config.php
******
<?php include 'form.php'; $foo='<table> <tr><td> // I would like to get the contents of form.php and add the to the rest of the contents of $foo. some text ' .$form. ' some more text </tr></td> </table>'; ?>
******
file.php
******
<?php include("config.php"); ?> <html> <head> <?php // Some php code here. ?> <title>title</title> </head> <body> Please fill out our form.<br> <?php echo $foo; // Some php code here too. ?> </body> </html> -
Below is the code for one of my pages
if ($_SESSION['loggedin']!='1') { echo "Please <a href='login.php'>Login</a> or <a href='members/regster.php'>Register</a> to view this page.<br> You will be redirected to <a href='members/login.php'>Login</a> page after 3 seconds."; echo "<meta http-equiv=\"refresh\" content=\"3;url=members/register.php\"></center>"; } else { if ($_GET['action']=='complete') { $query = "SELECT * FROM `pending` WHERE offer_id='".mysql_real_escape_string($_GET['oid'])."' AND user_id='".$ui['id']."'"; $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result)>0) { print "<center>You already submited this offer.<br>Please return to <a href='offers.php'>Offers</a> page and submit another offer.</center>"; exit; } else { $date = date("F j, Y, g:i a"); $getoffer = "SELECT * FROM `offers` WHERE id='".mysql_real_escape_string($_GET['oid'])."'"; $result = mysql_query($getoffer) or die(mysql_error()); $offer = mysql_fetch_array($result); $query = "INSERT INTO `pending` VALUES('','".$offer['id']."','".$ui['id']."','".$date."','".$offer['reward']."','1')"; mysql_query($query) or die(mysql_error()); print "<center>Offer moved to pending list. Please allow it up to 3 days to get approved.<br>Complete more <a href='../offers.php'>Offers</a></center>"; exit; } } else { if ($_GET['action']=='list') { print "<table width=\"100%\"> <tr> <td>Name</td> <td>Reward</td> <td>Status</td> </tr>"; $getpend = "SELECT * FROM `pending` WHERE user_id='".$ui['id']."'"; $pend = mysql_query($getpend) or die(mysql_error()); $getcomp = "SELECT * FROM `completed` WHERE user_id='".$ui['id']."'"; $comp = mysql_query($getcomp) or die(mysql_error()); if ((mysql_num_rows($pend)==0) && (mysql_num_rows($comp)==0)) { print"<center>You don't have any pending or denied offers, Please go to <a href='offers.php'>Offers</a> page to submit any offer by your choice and get reward for it.</center>"; } else { if (mysql_num_rows($comp)>0) { while ($completed = mysql_fetch_array($comp)) { $getoffer = "SELECT * FROM offers WHERE id='".$completed['offer_id']."'"; $offer = mysql_query($getoffer) or die(mysql_error()); if (mysql_num_rows($offer)==0) { continue; } else { $offer = mysql_fetch_array($offer); print" <tr> <td>".$offer['name']."</td> <td>".$offer['reward']."</td> <td><font color=green>Completed</font></td> </tr>"; } } } if (mysql_num_rows($pend)>0) { while ($pending = mysql_fetch_array($pend)) { $getoffer = "SELECT * FROM offers WHERE id='".$pending['offer_id']."'"; $offer = mysql_query($getoffer) or die(mysql_error()); if (mysql_num_rows($offer)==0) { continue; } else { $offer = mysql_fetch_array($offer); if ($pending['status']==1) { $status='<font color=red>Pending</font>'; } if ($pending['status']==2) { $status='<font color=#72a3eb>Denied</font>'; } print" <tr> <td>".$offer['name']."</td> <td>".$offer['reward']."</td> <td>".$status."</td> </tr>"; } } } } print "</table>"; print"<br><center>Back to <a href='../?os=home'>offer</a> page.</center>"; exit; } } print "<center>View <a href='?action=list'>Denied, Pending and Completed</a> offer list.<br><br>"; print "<center>Please select offer type.</center>"; $query = "SELECT * FROM `offer_types` WHERE active=1"; $result = mysql_query($query) or die(mysql_error()); print "<center>"; while ( $otypes = mysql_fetch_array($result)) { print" | <a href='offers.php?type=".$otypes['id']."'>".$otypes['type']."</a> | "; } print "</center><br>"; if ($_GET['type']) { $query = "SELECT * FROM `offers` WHERE active=1 AND type='".mysql_real_escape_string($_GET['type'])."' ORDER BY `reward` DESC"; } else { $query = "SELECT * FROM `offers` WHERE active=1 ORDER BY `reward` DESC"; } $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result)==0) { print "<center>No Offers available at the moment, please check other sections for different offer types.</center>"; } else { print "<table width=\"100%\"> <tr> <td>Name</td> <td>Description</td> <td>Countries</td> <td>Reward</td> <td>Action</td> </tr>"; while ( $offer = mysql_fetch_array($result)) { $getcompleted = "SELECT * FROM `completed` WHERE offer_id='".$offer['id']."' AND user_id='".$ui['id']."'"; $completed = mysql_query($getcompleted) or die(mysql_error()); if (mysql_num_rows($completed)>0) { continue; } else { $getpending = "SELECT * FROM `pending` WHERE offer_id='".$offer['id']."' AND user_id='".$ui['id']."'"; $pending = mysql_query($getpending) or die(mysql_error()); if (mysql_num_rows($pending)==0) { $link = "<form method=GET><input type=hidden name=action value=complete><input type=hidden name=oid value='".$offer['id']."'><input type=submit value='Submit'></form>"; } else { $pend=mysql_fetch_array($pending); if ($pend['status']==1) { $link = "<font color=red>Pending</font>"; } if ($pend['status']==2) { $link = "<font color=#72a3eb>Denied</font>"; } } print " <tr> <td><a href='".$offer['url']."' target=_blank>".$offer['name']."</a></td> <td>".$offer['info']."</td> <td>".$offer['country']."</td> <td>".$offer['reward']."</td> <td>".$link."</td> </tr>"; } } } print "</table>"; } ?>when someone press the submit button it goes to ?action=complete&oid=411 how can i make it go to ?os=offers&action=complete&oid=411
You have to wrap your current code in an if statement that has $_GET['os']=="offers" as it's condition. And change your form action="" to match.
Limit the amount of searches per day
in PHP Coding Help
Posted
Session/Cookie and increment on each search? Or DB and count rows per day... Wipe it out weekly so it doesn't get too large?