andy_b_1502

HI everyone... my code is not updating how it's expected to and i'm having trouble working out why? Here is the form with the page i want to update: <?PHP session_start(); if(!isset($_SESSION['id']) || !isset($_SESSION['valid_user']) || $_SESSION['valid_user'] != "yes") { $_SESSION = array(); session_destroy(); header("Location: index.php"); exit(); } include ('php only scripts/db.php'); $id = $_GET['id']; $query ="SELECT * FROM companies WHERE id = '$id'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); ?> <!DOCTYPE html> <head> <title>Removalspace.com</title> <style type="text/css"> <!-- body { background-image: url(styles/downloaded%20styles/todo/todo/images/bg.png); } --> </style> <link href="styles/downloaded styles/todo/todo/css/style.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/style9.css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/demo.css" /> <link href='http://fonts.googleapis.com/css?family=Terminal+Dosis' rel='stylesheet' type='text/css' /> <style type="text/css"> <!-- .Stile1 {color: #333333} --> </style> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-31656176-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </head> <body> <!--start container --> <div id="container"> <header> <nav> <div id="logo"><a href="index.php"><img src="images/header2.png" alt="Logo here" width="219" height="161" /></a> </div> <div id="search-top"><img src="styles/downloaded styles/todo/todo/images/quote-right.png" alt="images" /><span class="cursive">Enter your postcode here</span><img src="styles/downloaded styles/todo/todo/images/quote-left.png" alt="images" /> <form method="post" action="search.php"> <input type="text" name="strSearch" onFocus="if(this.value=='Search Area')this.value='';" onBlur="if(this.value=='')this.value='Search Area';" value="Search Area" id="search-field"/> <input type="submit" value="" id="search-btn"/> </form> </div> <div id="nav_social"><a href="http://www.facebook.com/pages/Removalspace/181434181939226"><img src="styles/downloaded styles/todo/todo/images/facebook_32.png" alt="Become a fan" width="32" height="32" /></a><a href="#"><img src="styles/downloaded styles/todo/todo/images/twitter_32.png" alt="Follows on Twitter" /></a><a href="id=183427956&trk=tab_pro"><img src="styles/downloaded styles/todo/todo/images/linkedin_32.png" alt="Linked in" /></a><a href="contact.php"><img src="styles/downloaded styles/todo/todo/images/email_32.png" alt="Contact" width="32" height="32" /></a><!-- Place this tag where you want the +1 button to render --> <g:plusone size="small" annotation="inline"></g:plusone> <!-- Place this render call where appropriate --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> </div> </nav> </header> <p><figure><a href="removals.php">Search Removals</a></figure> |</p> <p><figure><a href="storage.php">Search Storage</a></figure> |</p> <p><figure><a href="register00.php">Add Listing</a></figure> |</p> <p><figure><a href="about.php">About</a></figure> |</p> <p><figure><a href="contact.php">Contact</a></figure> |</p> <p><figure><a href="login00.php">Login</a></figure></p> <div class="content"> <!--star main --> <main></main> <!--end main --> <!--start middle --> <middle> <div class="section_slogan"><table> <tr> <td valign="top"><div class="abox"> <figure> <fcapion> <h1><img src="images/thumbs/<?PHP echo $row['upload']; ?>" alt="logo"/></h1> </fcaption></figure></div></td> <td valign="top"> <div class="abox"> <figure> <fcapion> <h1><?PHP echo $row['street1'] . "<br>" . $row['street2'] . "<br>" . $row['city'] . "," . $row['postcode'] . "<br>phone: " . $row['phone'] . "<br>email: " . $row['email'] . "<br>website: " . $row['website'] ; ?></h1> </fcaption></figure> </div> </td> </tr> <tr> <td><div class="abox"> <figure> <fcapion> <h1><?PHP echo nl2br($row['premiumuser_description']); ?></h1> </fcaption></figure> </div></td> </tr></table> <?PHP /* create an email validation function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } /** * CALLBACK - determine if the provided postcode is valid. * * @param string $postcode * @return bool TRUE if valid, FALSE otherwise * @author George Edwards */ function is_valid_uk_postcode($postcode) { $pattern = "/^([A-PR-UWYZ0-9][A-HK-Y0-9][AEHMNPRTVXY0-9]?[ABEHMNPRVWXY0-9]? {1,2}[0-9][ABD-HJLN-UW-Z]{2}|GIR 0AA)$/"; if (preg_match($pattern, $postcode)) { return TRUE; } $this->validation->set_message('is_valid_uk_postcode', 'That is not a valid %s.'); return FALSE; } /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; } /* PREPARE DATA FOR INSERTION INTO TABLE */ //Writes the information to the database if(strlen(trim($error_message)) <1){ $salt = createsalt(); $username = trim($_POST['username']); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name'])); $website = mysql_real_escape_string(trim($_POST['website'])); $contact_name = mysql_real_escape_string(trim($_POST['contact_name'])); $location = mysql_real_escape_string(trim($_POST['location'])); $postcode = mysql_real_escape_string(trim($_POST['postcode'])); $street1 = mysql_real_escape_string(trim($_POST['street1'])); $street2 = mysql_real_escape_string(trim($_POST['street2'])); $city = mysql_real_escape_string(trim($_POST['city'])); $phone = mysql_real_escape_string(trim($_POST['phone'])); $phone2 = mysql_real_escape_string(trim($_POST['phone2'])); $email = mysql_real_escape_string(trim($_POST['email'])); $premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description'])); $salt = mysql_real_escape_string($salt); $upload = mysql_real_escape_string($upload); $query ="INSERT INTO `companies` (company_name, what_services, website, contact_name, location, postcode, street1, street2, city, phone,phone2, email, premiumuser_description, username, password, salt, approved, upload) VALUES ('$company_name', '$what_services', '$website', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$phone2', '$email', '$premiumuser_description', '$username', '$hash', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); if ($result) { } /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ } }//if (isset($_POST['submit'])) ?> <?php if (!empty($error_message)){ echo $error_message; } ?> <div class="abox"> <figure> <fcapion> <h1><hr> <form action="view02.php" method="get" enctype="multipart/form-data" class="cursive"> <table width="316" border="0"> <tr> <td colspan="2"><h1>Edit Your details </h1><p>fill out the form with your details...</p></td> </tr> <tr> <td> </td> <td><p> </p> <p>Click submit to update...</p><p> </p></td> </tr> <tr> <td> </td> <td><p> </p><p></p><p><input type="hidden" name="id" value="<?php echo $row['id']; ?>"/><p> </p></td> </tr> <tr> <td>Website:</td> <td><p> </p><p><input name="website" type="text" id="website" /></p> <p> </p></td> </tr> <tr> <td>Primary Number:</td> <td><p> </p><p><input name="phone" type="text" id="phone" /></p> <p> </p></td> </tr> <tr> <td>Secondary Number:</td> <td><p> </p> <p><input name="phone2" type="text" id="phone2" /></p> <p> </p></td> </tr> <tr> <td>Company Description:</td> <td><p><em>Write a description of what your company does, the services it offers and any additional information here.</em> </p> <p><textarea rows="10" cols="100" name="premiumuser_description" id="premiumuser_description"></textarea></p> <p> </p></td> </tr> <tr> <td> </td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="submit" /></td> </tr> </table> </form></h1> </fcaption></figure> </div> </div> </middle> </div> <!--end middle --> <!--start footer --> <footer> <div id="footer"></div> </footer> <!--end footer --> </div> <!--end container --> <!-- Free template distributed by http://freehtml5templates.com --> </body> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js"></script> </html> and here is the code to update it: <?PHP session_start(); include ('php only scripts/db.php'); $setArray = array(); $setstr = ''; $id = intval($_GET['id']); if (isset($_GET['website']) && $_GET['website']) { $website = mysql_real_escape_string($_GET['website']); $setArray[] = "website = '$website'"; } if (isset($_GET['phone']) && $_GET['phone']) { $phone = mysql_real_escape_string($_GET['phone']); $setArray[] = "phone = '$phone'"; } if (isset($_GET['phone2']) && $_GET['phone2']) { $phone2 = mysql_real_escape_string($_GET['phone2']); $setArray[] = "phone2 = '$phone2'"; } if (isset($_GET['premiumuser_description']) && $_GET['premiumuser_description']) { $premiumuser_description = mysql_real_escape_string($_GET['premiumuser_description']); $setArray[] = "premiumuser_description = '$premiumuser_description'"; } if (isset($_GET['username']) && $_GET['username']) { $username = mysql_real_escape_string($_GET['username']); $setArray[] = "username = '$username'"; } if (isset($_GET['password']) && $_GET['password']) { // These are the same so you'd need to make them different if your comparing the password to ensure they entered it correctly ex: $_GET['password1'] for another field in your form $password= mysql_real_escape_string($_GET['password']); // This is fine if the 2 values above are first compared $setArray[] = "password = SHA('$password')"; // If they are compared and validation checks out then just do the query to update the password here.. } /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; }} if (count($setArray) > 0) { $setstr = join (', ', $setArray); $query ="UPDATE `companies` (company_name, what_services, website, contact_name, location, postcode, street1, street2, city, phone,phone2, email, premiumuser_description, username, password, salt, approved, upload) VALUES ('$company_name', '$what_services', '$website', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$phone2', '$email', '$premiumuser_description', '$username', 'SHA($password)', '$salt', '$approved', '$upload')"; mysql_query($query); } header("Location: view01.php?id=" . $id); exit(0); ?> Why is it not working correctly? any ideas? thank you in advance

doesn't upload even

<?PHP /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "server path"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; } ?> thats the bit i put in/added, how come the username, password, phone numbers, company description all update and not ADD a new field? but the image does?

Hi everyone! I am trying to add an update picture or logo to be precise, i used the same resize and crop technique from the register script but this dropped a NEW listing into my mySQL table, i would like to get that script to use it with the update system. Here's the resize and crop script on register: <?php /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "server path"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; } ?> here is the form, (just the upload bit, there are other fields): <form action="view02.php" method="get" enctype="multipart/form-data" class="cursive"> <input name="upload" type="file" class="style7" id="upload"> <input type="submit" name="submit" value="submit" /> </form> and the code to process form: <?PHP session_start(); include ('php only scripts/db.php'); $setArray = array(); $setstr = ''; $id = intval($_GET['id']); if (isset($_GET['website']) && $_GET['website']) { $website = mysql_real_escape_string($_GET['website']); $setArray[] = "website = '$website'"; } if (isset($_GET['phone']) && $_GET['phone']) { $phone = mysql_real_escape_string($_GET['phone']); $setArray[] = "phone = '$phone'"; } if (isset($_GET['phone2']) && $_GET['phone2']) { $phone2 = mysql_real_escape_string($_GET['phone2']); $setArray[] = "phone2 = '$phone2'"; } if (isset($_GET['premiumuser_description']) && $_GET['premiumuser_description']) { $premiumuser_description = mysql_real_escape_string($_GET['premiumuser_description']); $setArray[] = "premiumuser_description = '$premiumuser_description'"; } if (isset($_GET['username']) && $_GET['username']) { $username = mysql_real_escape_string($_GET['username']); $setArray[] = "username = '$username'"; } if (isset($_GET['password']) && $_GET['password']) { // These are the same so you'd need to make them different if your comparing the password to ensure they entered it correctly ex: $_GET['password1'] for another field in your form $password= mysql_real_escape_string($_GET['password']); // This is fine if the 2 values above are first compared $setArray[] = "password = SHA('$password')"; // If they are compared and validation checks out then just do the query to update the password here.. } if (isset($_GET['upload']) && $_GET['upload']) { $upload = mysql_real_escape_string($_GET['upload']); $setArray[] = "upload = '$upload'"; } if (count($setArray) > 0) { $setstr = join (', ', $setArray); $query ="INSERT INTO `companies` (company_name, what_services, website, contact_name, location, postcode, street1, street2, city, phone,phone2, email, premiumuser_description, username, password, salt, approved, upload) VALUES ('$company_name', '$what_services', '$website', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$phone2', '$email', '$premiumuser_description', '$username', 'SHA($password)', '$salt', '$approved', '$upload')"; mysql_query($query); } header("Location: view01.php?id=" . $id); exit(0); ?> Now you see, i put the resize and crop script into the other coding, what happens is that the image added by the user goes into a new field INSTEAD of changing what's already in there, in other words it's not updating? i hope i have explained my problem enough. If anyone know how to get it to update correctly please help, thank you very much.

that works perfectly! i was just a bit confused there, many thanks!!!

will that still work though as when the user registers it uses hash/salt for passwords? I'll test it now, thanks.

i have just tried this out (changed the password of my log in) it seems i do need to update everything password, hash and salt. how should i write the update query? something like: if (isset($_GET['password']) && $_GET['password']) { $password= mysql_real_escape_string($_GET['password']); $setArray[] = "password = '$password'"; } if (isset($_GET['hash']) && $_GET['hash']) { $hash= mysql_real_escape_string($_GET['hash']); $setArray[] = "hash= '$hash'"; } little help if any of you guys have any?

Hi all, I am using update to SET fields in mySQL table, my question is; do i have to update hash/salt as well as password or can i just update password as hash and salt are unique? The path goes like this: index.php > login.php > view01.php?id= > view02.php > ^ <<< < < <back to view01.php view01.php: <?PHP session_start(); if(!isset($_SESSION['id']) || !isset($_SESSION['valid_user']) || $_SESSION['valid_user'] != "yes") { $_SESSION = array(); session_destroy(); header("Location: index.php"); exit(); } include ('php only scripts/db.php'); $id = $_GET['id']; $query ="SELECT * FROM companies WHERE id = '$id'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); ?> <!DOCTYPE html> <head> <title>Removalspace.com</title> <style type="text/css"> <!-- body { background-image: url(styles/downloaded%20styles/todo/todo/images/bg.png); } --> </style> <link href="styles/downloaded styles/todo/todo/css/style.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/style9.css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/demo.css" /> <link href='http://fonts.googleapis.com/css?family=Terminal+Dosis' rel='stylesheet' type='text/css' /> <style type="text/css"> <!-- .Stile1 {color: #333333} --> </style> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-31656176-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </head> <body> <!--start container --> <div id="container"> <header> <nav> <div id="logo"><a href="index.php"><img src="images/header2.png" alt="Logo here" width="219" height="161" /></a> </div> <div id="search-top"><img src="styles/downloaded styles/todo/todo/images/quote-right.png" alt="images" /><span class="cursive">Enter your postcode here</span><img src="styles/downloaded styles/todo/todo/images/quote-left.png" alt="images" /> <form method="post" action="search.php"> <input type="text" name="strSearch" onFocus="if(this.value=='Search Area')this.value='';" onBlur="if(this.value=='')this.value='Search Area';" value="Search Area" id="search-field"/> <input type="submit" value="" id="search-btn"/> </form> </div> <div id="nav_social"><a href="http://www.facebook.com/pages/Removalspace/181434181939226"><img src="styles/downloaded styles/todo/todo/images/facebook_32.png" alt="Become a fan" width="32" height="32" /></a><a href="#"><img src="styles/downloaded styles/todo/todo/images/twitter_32.png" alt="Follows on Twitter" /></a><a href="id=183427956&trk=tab_pro"><img src="styles/downloaded styles/todo/todo/images/linkedin_32.png" alt="Linked in" /></a><a href="contact.php"><img src="styles/downloaded styles/todo/todo/images/email_32.png" alt="Contact" width="32" height="32" /></a><!-- Place this tag where you want the +1 button to render --> <g:plusone size="small" annotation="inline"></g:plusone> <!-- Place this render call where appropriate --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> </div> </nav> </header> <p><figure><a href="removals.php">Search Removals</a></figure> |</p> <p><figure><a href="storage.php">Search Storage</a></figure> |</p> <p><figure><a href="register00.php">Add Listing</a></figure> |</p> <p><figure><a href="about.php">About</a></figure> |</p> <p><figure><a href="contact.php">Contact</a></figure> |</p> <p><figure><a href="login00.php">Login</a></figure></p> <div class="content"> <!--star main --> <main></main> <!--end main --> <!--start middle --> <middle> <div class="section_slogan"><table> <tr> <td valign="top"><div class="abox"> <figure> <fcapion> <h1><img src="images/thumbs/<?PHP echo $row['upload']; ?>" alt="logo"/></h1> </fcaption></figure></div></td> <td valign="top"> <div class="abox"> <figure> <fcapion> <h1><?PHP echo $row['street1'] . "<br>" . $row['street2'] . "<br>" . $row['city'] . "," . $row['postcode'] . "<br>phone: " . $row['phone'] . "<br>email: " . $row['email'] . "<br>website: " . $row['website'] ; ?></h1> </fcaption></figure> </div> </td> </tr> <tr> <td><div class="abox"> <figure> <fcapion> <h1><?PHP echo nl2br($row['premiumuser_description']); ?></h1> </fcaption></figure> </div></td> </tr></table> <?PHP /* create an email validation function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } /** * CALLBACK - determine if the provided postcode is valid. * * @param string $postcode * @return bool TRUE if valid, FALSE otherwise * @author George Edwards */ function is_valid_uk_postcode($postcode) { $pattern = "/^([A-PR-UWYZ0-9][A-HK-Y0-9][AEHMNPRTVXY0-9]?[ABEHMNPRVWXY0-9]? {1,2}[0-9][ABD-HJLN-UW-Z]{2}|GIR 0AA)$/"; if (preg_match($pattern, $postcode)) { return TRUE; } $this->validation->set_message('is_valid_uk_postcode', 'That is not a valid %s.'); return FALSE; } /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; } /* PREPARE DATA FOR INSERTION INTO TABLE */ //Writes the information to the database if(strlen(trim($error_message)) <1){ $salt = createsalt(); $username = trim($_POST['username']); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name'])); $website = mysql_real_escape_string(trim($_POST['website'])); $contact_name = mysql_real_escape_string(trim($_POST['contact_name'])); $location = mysql_real_escape_string(trim($_POST['location'])); $postcode = mysql_real_escape_string(trim($_POST['postcode'])); $street1 = mysql_real_escape_string(trim($_POST['street1'])); $street2 = mysql_real_escape_string(trim($_POST['street2'])); $city = mysql_real_escape_string(trim($_POST['city'])); $phone = mysql_real_escape_string(trim($_POST['phone'])); $phone2 = mysql_real_escape_string(trim($_POST['phone2'])); $email = mysql_real_escape_string(trim($_POST['email'])); $premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description'])); $salt = mysql_real_escape_string($salt); $upload = mysql_real_escape_string($upload); $query ="INSERT INTO `companies` (company_name, what_services, website, contact_name, location, postcode, street1, street2, city, phone,phone2, email, premiumuser_description, username, password, salt, approved, upload) VALUES ('$company_name', '$what_services', '$website', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$phone2', '$email', '$premiumuser_description', '$username', '$hash', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); if ($result) { } /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ } }//if (isset($_POST['submit'])) ?> <?php if (!empty($error_message)){ echo $error_message; } ?> <hr> <form action="view02.php" method="get" enctype="multipart/form-data" class="cursive"> <table width="316" border="0"> <tr> <td colspan="2"><h1>Edit Your details </h1><p>fill out the form with your details...</p></td> </tr> <tr> <td> </td> <td><p> </p> <p>Click submit to update...</p><p> </p></td> </tr> <tr> <td> </td> <td><p> </p><p></p><p><input type="hidden" name="id" value="<?php echo $row['id']; ?>"/><p> </p></td> </tr> <tr> <td>Website:</td> <td><p> </p><p><input name="website" type="text" id="website" /></p> <p> </p></td> </tr> <tr> <td>Primary Number:</td> <td><p> </p><p><input name="phone" type="text" id="phone" /></p> <p> </p></td> </tr> <tr> <td>Secondary Number:</td> <td><p> </p> <p><input name="phone2" type="text" id="phone2" /></p> <p> </p></td> </tr> <tr> <td>Company Description:</td> <td><p><em>Write a description of what your company does, the services it offers and any additional information here.</em> </p> <p><textarea rows="10" cols="100" name="premiumuser_description" id="premiumuser_description"></textarea></p> <p> </p></td> </tr> <tr> <td>Username:</td> <td><p> </p> <p><input name="username" type="text" id="username" /></p> <p> </p></td> </tr> <tr> <td>Password:</td> <td><p> </p> <p><input name="password" type="text" id="password" /></p> <p> </p></td> </tr> <tr> <td> </td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="submit" /></td> </tr> </table> </form> </div> </middle> </div> <!--end middle --> <!--start footer --> <footer> <div id="footer"></div> </footer> <!--end footer --> </div> <!--end container --> <!-- Free template distributed by http://freehtml5templates.com --> </body> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js"></script> </html> view02.php: <?PHP session_start(); include ('php only scripts/db.php'); $setArray = array(); $setstr = ''; $id = intval($_GET['id']); if (isset($_GET['website']) && $_GET['website']) { $website = mysql_real_escape_string($_GET['website']); $setArray[] = "website = '$website'"; } if (isset($_GET['phone']) && $_GET['phone']) { $phone = mysql_real_escape_string($_GET['phone']); $setArray[] = "phone = '$phone'"; } if (isset($_GET['phone2']) && $_GET['phone2']) { $phone2 = mysql_real_escape_string($_GET['phone2']); $setArray[] = "phone2 = '$phone2'"; } if (isset($_GET['premiumuser_description']) && $_GET['premiumuser_description']) { $premiumuser_description = mysql_real_escape_string($_GET['premiumuser_description']); $setArray[] = "premiumuser_description = '$premiumuser_description'"; } if (isset($_GET['username']) && $_GET['username']) { $website = mysql_real_escape_string($_GET['username']); $setArray[] = "username = '$username'"; } if (isset($_GET['password']) && $_GET['password']) { $website = mysql_real_escape_string($_GET['password']); $setArray[] = "password = '$password'"; } if (count($setArray) > 0) { $setstr = join (', ', $setArray); $query = "UPDATE companies SET $setstr WHERE id = $id"; mysql_query($query); } header("Location: view01.php?id=" . $id); exit(0); ?> I have already used update to update the password but what about salt/hash iv'e got? Many thanks in advance

The only reason i said that is because the cursor doesn't change on hover? is there any way to change this?

I am using sessions to log in users, this whole new law is slightly confusing, i just want to make absolutely sure that i'm "covered". There's in one set up now on the site just in case. Thanks.

Sorry my bad, it works!!

Okay thank you, it's on my homepage now, i cannot accept it or decline either? www.removalspace.com

Are these used like landing pages, instead of index.php? the second script on that site doesn't seem to have an "accept" button on upload/test

well, i was just surfing, in fact it was a local aquatics website near me: www.marineaquatics.co.uk, i noticed that a new pop came up, explaining about this new law... I looked into it and it seems that all websites are required to inform user's, the method is hazy but it does seem that i will get fined if i fail to do this so i'm NOT taking any chances. Therefore as iv'e just seen a pop version of the new law, i'm trying source my own pop up to use.. Currently reading up on a script to copy/paste.

Thanks kadeous, i don't know why it's not popping up, do i have to do anything to test it out? iv'e copied and pasted the code where it tells me to?

Hi everyone, There is a new law in the UK which everyone has to adhere to, this is to inform user's on websites for the use of cookies. I now need a simple pop area/box to show the user a little bit of information about this with "yes" and "no" buttons for them to use, making the popup disappear once one button has been selected. It's just needs to be simple and functional, i'm asking you guys to help me with this as i'm worried about any infringement i may cause by not having this, please help, many thanks!

Hi everyone, There is a new law in the UK which everyone has to adhere to, this is to inform user's on websites for the use of cookies. I now need a simple pop area/box to show the user a little bit of information about this with "yes" and "no" buttons for them to use, making the popup disappear once one button has been selected. It's just needs to be simple and functional, i'm asking you guys to help me with this as i'm worried about any infringement i may cause by not having this, please help, many thanks!

I'm not using apache, well not on my system anyways.. the php .ini file is on my host's cpanel. why is it -1?

Just check my php ini file, the error report is turned on: - Show all errors, except for notices and coding standards warnings ; ;error_reporting = E_ALL & ~E_NOTICE

i'm using dreamweaver, i don't know why it's working for me but it comments out the code, turning it yellow? i don't know...

how come it comments the code out then? or it that just the "standard" way? There's nothing wrong, it works great thank you but for the sake of trying to understand it i was simply trying to clarify for myself each section...

<?php session_start(); */ Start session */ include ('php only scripts/db.php'); */ connect to db */ $setArray = array(); $setstr = ''; */ having trouble finding much on google for this */ $id = intval($_GET['id']); */ get the interger value of 'id' from the table */ */ get's information from each field set, from the table */ if (isset($_GET['website']) && $_GET['website']) { $website = mysql_real_escape_string($_GET['website']); $setArray[] = "website = '$website'"; } if (isset($_GET['phone']) && $_GET['phone']) { $phone = mysql_real_escape_string($_GET['phone']); $setArray[] = "phone = '$phone'"; } if (isset($_GET['phone2']) && $_GET['phone2']) { $phone2 = mysql_real_escape_string($_GET['phone2']); $setArray[] = "phone2 = '$phone2'"; } if (isset($_GET['premiumuser_decription']) && $_GET['premiumuser_decription']) { $premiumuser_decription = mysql_real_escape_string($_GET['premiumuser_decription']); $setArray[] = "premiumuser_decription = '$premiumuser_decription'"; } */ if there IS NOT a match then add the new user information/details, if there IS a match, leave or do not change */ if (count($setArray) > 0) { $setstr = join (', ', $setArray); $query = "UPDATE companies SET $setstr WHERE id = $id"; mysql_query($query) } */ direct user back to view01.php */ header("Location: view01.php?id=" . $id); exit(0); ?> Please correct me where i have gone wrong or miss understood the information? Thank you.

so the full code would look like this: <?PHP session_start(); include ('php only scripts/db.php'); $setArray = array(); $setstr = ''; $id = intval($_GET['id']); if (isset($_GET['website']) && $_GET['website']) { $website = mysql_real_escape_string($_GET['website']); $setArray[] = "website = '$website'"; } if (isset($_GET['phone']) && $_GET['phone']) { $phone = mysql_real_escape_string($_GET['phone']); $setArray[] = "phone = '$phone'"; } if (isset($_GET['phone2']) && $_GET['phone2']) { $phone2 = mysql_real_escape_string($_GET['phone2']); $setArray[] = "phone2 = '$phone2'"; } if (isset($_GET['premiumuser_decription']) && $_GET['premiumuser_decription']) { $premiumuser_decription = mysql_real_escape_string($_GET['premiumuser_decription']); $setArray[] = "premiumuser_decription = '$premiumuser_decription'"; } if (count($setArray) > 0) { $setstr = join (', ', $setArray); $query = "UPDATE companies SET $setstr WHERE id = $id"; mysql_query($query) } header("Location: view01.php?id=" . $id); exit(0); ?>

What is the value i want?

iv'e just tested it and it doent't update anything with the isset() functions added? nothing is changed from the original