Jump to content

rocky48

Members
  • Content Count

    199
  • Joined

  • Last visited

Community Reputation

0 Neutral

About rocky48

  • Rank
    Advanced Member
  • Birthday 03/03/1948

Contact Methods

  • Website URL
    www.1066cards4u.co.uk

Profile Information

  • Gender
    Male
  • Location
    Hastings, UK
  • Interests
    Programming, Radio Control Model Aircraft
  • Age
    71
  1. I think it was the parent bit that was stopping it! However there are still problems! Here is the error: Now I have cleared the original problem, It still errors! Now it is finding fault with the font scripts. Here is the error: Fatal error: Uncaught Exception: FPDF error: Incorrect font definition file name: /frscript.php in /homepages/30/d593365489/htdocs/fpdf.php:271 Stack trace: #0 /homepages/30/d593365489/htdocs/fpdf.php(1142): FPDF->Error('Incorrect font ...') #1 /homepages/30/d593365489/htdocs/fpdf.php(459): FPDF->_loadfont('/frscript.php') #2 /homepages/30/d593365489/htdocs/Prnpdf.php(110): FPDF->AddFont('french script m...', '', '/frscript.php') #3 {main} thrown in /homepages/30/d593365489/htdocs/fpdf.php on line 271 What is also wierd even if I change the font it still reports the error with the French Script font? Had a quick look at the font file, but can't see anything wrong. I'm guessing there is a change in the frscript.php, but I am not knowledgable to spot it! Before the upgrade to 7.2 it was working OK.
  2. Tried as suggested but get the same error! Fatal error: Uncaught Error: Call to undefined method FPDF::FPDF() in /homepages/30/d593365489/htdocs/Prnpdf.php:78 Stack trace: #0 /homepages/30/d593365489/htdocs/Prnpdf.php(108): PDF->__construct('L', 'mm', 'A4') #1 {main} thrown in /homepages/30/d593365489/htdocs/Prnpdf.php on line 78 Also tried amending this line: $pdf = new PDF($ort,'mm','A4'); to: $pdf = new __construct($ort,'mm','A4');, but that did not work and gave this error: Fatal error: Uncaught Error: Class '__construct' not found in /homepages/30/d593365489/htdocs/Prnpdf.php:108 Stack trace: #0 {main} thrown in /homepages/30/d593365489/htdocs/Prnpdf.php on line 108. Where do I go rom here? 😂
  3. I have used this program for many years without problems. My ISP urged me to upgrade PHP to 7.2 and it was working OK. Just went to use it and I get an error when parsing my FPDF file. Here is the error: Connected (added this to check if connected) Fatal error: Uncaught Error: Call to undefined method PDF::FPDF() in /homepages/30/d593365489/htdocs/Prnpdf.php:78 Stack trace: #0 /homepages/30/d593365489/htdocs/Prnpdf.php(108): PDF->PDF('L', 'mm', 'A4') #1 {main} thrown in /homepages/30/d593365489/htdocs/Prnpdf.php on line 78 I have not altered the file in any way, so why is this happening? Is it to do with PHP upgrade?😖 Here is the file: <?php include("connect_Verses4Cards.php"); $conn=get_db_conn_verse(); session_start(); $display_block =""; $color=""; $r =""; $g =""; $b =""; $image =""; //Get the Card Variables $Get_Size_sql = "SELECT * FROM `CSize` WHERE `Size` ='".$_POST["CSize"]."'"; $Get_Size_res = mysqli_query($conn, $Get_Size_sql) or die(mysqli_error($conn)); if (mysqli_num_rows($Get_Size_res) < 1) { //this Card does not exist $display_block = "You have selected an invalid Card size. Please try again."; } else { //get the print variables while ($Size_info = mysqli_fetch_array($Get_Size_res)) { $BoxX = stripslashes($Size_info['BoxX']); $Cellw = stripslashes($Size_info['Cellw']); $Cellh = stripslashes($Size_info['Cellh']); $SizeI = stripslashes($Size_info['Size']); $SID = stripslashes($Size_info['SID']); $floatx = stripslashes($Size_info['floatx']); $floaty = stripslashes($Size_info['floaty']); $floatw = stripslashes($Size_info['floatw']); $floath = stripslashes($Size_info['floath']); $ort = stripslashes($Size_info['ort']); } //create the display string $display_block = "$ort"; } //verify the Event exists //$the_id = mysqli_real_escape_string($mysqli, $_SESSION[VID]); $Get_Verse_sql = "SELECT id, Event, Sub_Type, Verse FROM verses WHERE id='".$_SESSION['Test']."'"; $Get_Verse_res = mysqli_query($conn, $Get_Verse_sql) or die(mysqli_error($conn)); if (mysqli_num_rows($Get_Verse_res) < 1) { //this Event does not exist $display_block = "You have selected an invalid Event. Please try again."; } else { //get the Event ID while ($Verse_info = mysqli_fetch_array($Get_Verse_res)) { $Verse = stripslashes($Verse_info['Verse']); } //create the display string $display_block = "$Verse"; //free results mysqli_free_result($Get_Verse_res); mysqli_free_result($Get_Size_res); //close connection to MySQL } mysqli_close($conn); require('fpdf.php'); class PDF extends FPDF { var $B; var $I; var $U; var $HREF; function PDF($orientation='P', $unit='mm', $size='A4') { // Call parent constructor $this->FPDF($orientation,$unit,$size); // Initialization $this->B = 0; $this->I = 0; $this->U = 0; $this->HREF = ''; } function SetStyle($tag, $enable) { // Modify style and select corresponding font $this->$tag += ($enable ? 1 : -1); $style = ''; foreach(array('B', 'I', 'U') as $s) { if($this->$s>0) $style .= $s; } $this->SetFont('',$style); } } $color = $_POST['color']; $r = substr($color,0,3); $g = substr($color,3,3); $b = substr($color,6,3); $image=$_POST['image']; $pdf = new PDF($ort,'mm','A4'); $pdf->AddPage(); $pdf->AddFont('French Script MT','','/frscript.php'); $pdf->AddFont('Batavia','','Batavia_.php'); $pdf->AddFont('Algerian','','Alger.php'); $pdf->AddFont('Bladerunner','','BLADRMF_.php'); $pdf->AddFont('Brush Script','','BRUSHSCI.php'); $pdf->AddFont('Helterskelter','','Helte___.php'); $pdf->AddFont('Justice','','Justice_.php'); $pdf->AddFont('Magneto','','MAGNETOB.php'); $pdf->AddFont('Old English','','OldEngl.php'); $pdf->AddFont('Sneakerhead Outline','','Sneabo__.php'); $pdf->AddFont('Trendy','','Trendy__.php'); $pdf->AddFont('Vladimir Script','','VLADIMIR.php'); $pdf->SetLeftMargin('float0'); $pdf->SetTextColor($r,$g,$b); $pdf->SetFont($_POST['fontface'],'',$_POST['font']); $pdf->SetXY($BoxX, $_POST['Top']); $pdf->Image($image,$floatx,$floaty,$floatw,$floath,'',''); $pdf->MultiCell($Cellw,$Cellh,$display_block,'' ,'C'); //$pdf->SetDisplayMode('fullpage',''); $pdf->SetFont(''); $pdf->Output('verse.pdf','D'); //end: ?>
  4. I am designing a form where the users input information to be stored on a database. All of the other inputs apart from the email post OK, but the email does not! The error is: Notice: Undefined index: email in /home/hp3-linc4-nfs2-y/555/1099555/user/htdocs/includes/renew1.php on line 19 Consequently the mysqli query does not succeed. Here is the section of code in the html file: <h1>Online Renewal Form</h1> <form action="includes/renew1.php" method="post"> <fieldset> <p><label for= "firstname"><b>Enter Firstname:</b></label> <input type="text" name="firstname" id="firstname" value="firstname" size="20" maxlength="20"/></p> <p><label for= "surname"> <b>Enter Surname: </b></label> <input type="text" name="surname" id="surname" value="surname" size="20" maxlength="40"/></p> <p><label for= "bmfa_no"> <b>Enter BMFA No:</b></label> <input type="text" name="bmfa_no" id="bmfa_no" value="BMFA_No" size="30" maxlength="80" /> </p> <p><label for= "road"> <b>Enter Road:</b></label> <input type="text" name="road" id="road" value="road" size="30" maxlength="80"/> </p> <p><label for="town"> <b>Enter Town:</b> </label> <input type="text" name="town" id="town" value="town" size="30" maxlength="80"/> </p> <p><label for="county"> <b>Enter County:</b></label> <input type="text" name="county" id="county" value="county" size="30" maxlength="80" /> </p> <p><label for= "pcode"> <b>Enter Post Code:</b></label> <input type="text" name="pcode" id="pcode" value="pcode" size="30" maxlength="80" /> </p> <p><label for="phone"> <b>Enter Phone No:</b></label> <input type="tel" name="phone" id="phone" value="phone" size="30" maxlength="80" /> </p> <p><label for="mobile"> <b>Enter Mobile No:</b></label> <input type="tel" name="mobile" id="mobile" value="mobile" size="30" maxlength="80" /> </p> <p><label for="email"> <b>Enter Email:</b></label> <input id="email" type="text"></p> <p><label for="date"><b>Enter Date of Birth:</b></label> <input id="date" type="date"> </p> </fieldset> <fieldset> <p><label><b>Do you wish that the club obtains your BMFA membership & Insurance: </b></label> (click on box to see the list) <SELECT name= "club_mem"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset> <p><label><b>Country Member: </b></label> (click on box to see the list) <SELECT name= "country_mem"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset> <p><label><b>Do you require training: </b></label> (click on box to see the list) <SELECT name= "train"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset><legend><b>The Amount to Pay</b></legend> <p><label><b>Membership Fees: </b></label> (click on box to see the list) <SELECT name= "subs_amount"> <option value="0">0</option> <option value="10.00">£10.00</option> <option value="13.00">£13.00</option> <option value="15.00">£15.00</option> <option value="17.00">£17.00</option> <option value="24.00">£24.00</option> <option value="27.00">£27.00</option> <option value="34.00">£34.00</option> <option value="44.00">£44.00</option> </SELECT><br><br> <b>Description of Fees</b><br><br> Social or Country members £10<br> Family Junior member £13<br> Junior Country member £17<br> Family Partner member £24<br> Junior Club member (Includes BMFA fees) £27<br> Family Senior member &£34<br> Senior Club member (Includes BMFA fees) £44<br> Family members must complete the renewal form if they want the club to sign them up for BMFA family membership.<br> If the family member has Country membership of BMFA they must enrol as a country member (£10). </p> </fieldset> <fieldset><legend><b>Please select the method of payment</b></legend> <p><label><b>Payment Method: </b></label> (click on box to see the list) <select name="pay_meth"> <option value="Cheque">Cheque</option> <option value="Cash">Cash</option> <option value="BACS">BACS</option> </select> </fieldset> <br /> <div align="left"><input type="submit" name="submit" value="Submit" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> The code in the PHP file is as follows: $trimmed = array_map('trim', $_POST); $Fname = mysqli_real_escape_string($dbc, $_POST['firstname']); $Sname = mysqli_real_escape_string($dbc, $_POST['surname']); $Road = mysqli_real_escape_string($dbc, $_POST['road']); $Town = mysqli_real_escape_string($dbc, $_POST['town']); $County = mysqli_real_escape_string($dbc, $_POST['county']); $Pcode = mysqli_real_escape_string($dbc, $_POST['pcode']); $Phone = mysqli_real_escape_string($dbc, $_POST['phone']); $Mobile = mysqli_real_escape_string($dbc, $_POST['mobile']); $Email = mysqli_real_escape_string($dbc, $_POST['email']); $DOB = mysqli_real_escape_string($dbc, $_POST['dob']); $BMFA = mysqli_real_escape_string($dbc, $_POST['bmfa_no']); $C_mem = mysqli_real_escape_string($dbc, $_POST['country_mem']); $Amount = mysqli_real_escape_string($dbc, $_POST['subs_amount']); $meth = mysqli_real_escape_string($dbc, $_POST['pay_meth']); $club = mysqli_real_escape_string($dbc, $_POST['club_mem']); $training = mysqli_real_escape_string($dbc, $_POST['train']); I thought that the problem was in the HTML file, but I am unable to see where it is incorrect. Please help?
  5. What do you mean by a prepared query? I am not putting user input directly into the query, otherwise I would have put the ($_POST['Value']) into the query! Am I not understanding why that no rows are produced with msqli_num_rows()? I am still somewhat 'green', probably due to my age!
  6. I know this question has been asked many times before, and I have looked at many of the answers, but i just can't see whats wrong. I have got it to print $r and that equals 1, so should print the message "Your renewal form has been received and added to the database", but it prints the other message? Never the less the INSERT is updating the database, so why is it not printing the correct echo. I've tried FALSE instead of <1. I also had it the other way around (correct message first), but I still get the same result. Please help! Here is the code: <?php require_once ('config.inc.php'); if (isset($_POST['submitted'])) { // Handle the form. // print_r($_POST); require_once('connect_renew.php'); // Trim all the incoming data: $trimmed = array_map('trim', $_POST); $Fname = $_POST['firstname']; $Sname = $_POST['surname']; $Road = $_POST['road']; $Town = $_POST['town']; $County = $_POST['county']; $Pcode = $_POST['pcode']; $Phone = $_POST['phone']; $Mobile = $_POST['mobile']; $Email = $_POST['email']; $DOB = $_POST['dob']; $BMFA = $_POST['bmfa_no']; $C_mem = $_POST['country_mem']; $Amount = $_POST['subs_amount']; $meth = $_POST['pay_meth']; $q= "INSERT INTO `Rform`(`firstname`, `surname`, `road`, `town`, `county`, `pcode`, `phone`, `mobile`, `email`, `dob`, `bmfa_no`, `country_mem`, `subs_amount`, `pay_meth`, date_sub) VALUES ('$Fname', '$Sname', '$Road', '$Town', '$County', '$Pcode', '$Phone', '$Mobile', '$Email', '$DOB', '$BMFA', '$C_mem', '$Amount', '$meth', now())"; $r = mysqli_query ($dbc, $q) or die(mysqli_error($dbc)); if (mysqli_num_rows($r) < 1){ // Available. echo $r; echo '<p>Somethings wrong, You need to re-enter your details</p>'; }else{ echo '<p> Your renewal form has been received and added to the database</p>'; } mysqli_close($dbc); } ?>
  7. I am trying to make my site more secure by staring a session at login which uses the user_id to identify a user. I had a previous post which was to change password, which I eventually found was due to not putting ob_start before the session start. Using this method I tried adding the same to another file, so that an intruder can't circumvent the login procedure. When I run this file all I get is a blank screen, no errors are shown. I added to show errors: ini_set('display_errors',1); error_reporting(E_ALL); Here is the script that is not working: <?php # MFC1066 - Club_Info.php // This is the main page for the site. ob_start(); session_start(); ini_set('display_errors',1); error_reporting(E_ALL); // Include the configuration file: require_once ('includes/config.inc.php'); // Set the page title and include the HTML header: $page_title = 'Club Info'; include ('includes/header1.html'); // If no user_id session variable exists, redirect the user: if (!isset($_SESSION[$uid])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. ?> <?php include ('includes/info.html'); ?> <?php // Include the HTML footer file: include ('includes/footer1.html'); ?> Here is the Login script: <?php # - login.php // This is the login page for the site. //ini_set('display_errors',1); //error_reporting(E_ALL); // Start output buffering: ob_start(); session_start(); $uid=$_SESSION('user_id'); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header1.html'); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your BMFA number!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']='user_id'; mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login3.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Forgot Password</a></h2> <?php // Include the HTML footer. include ('includes/footer1.html'); ?> I have isolated the problem to the redirect code lines 15 - 19, but can't see why it does not work! Please can you help?
  8. I take it back! The SESSION is still not being recognized! I am at my wits end trying to solve this problem. Please can anyone help?
  9. I eventually found that ob_start should go BEFORE Session_start, so it now recognizes the session. However, I now have another problem! The query is not working on line 436 of change_password.php. All I get is the echo of the array when the line is like so: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION=$_POST['user_id']"; I tried changing it but keep getting errors. I tried this: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION['loggedin']::'user_id'}"; As this field is not one that has been posted, how do you retrieve it from the record?
  10. Think it's 2008 version!
  11. Having some more thoughts on this! Do I need the line: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); Does this capture all of the data in the SELECT query? So if I then have the line: $_SESSION['loggedin']='user_id'; Should this not pass the user_id as a named session, so when I try to use it in the change_password script it will identify the user? Is my thinking correct or am I totally wrong?
  12. Just realized why it returns to home page! Its due to this line: if (!isset($_SESSION['loggedin'])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } So I guess it is not recognizing the session. Should I have the session start on this script?
  13. Firstly, I was at first trying to use the email address as the session data to use throughout the session, but soon realized tat was not a good idea. So my scripts were not totally changed. Here are the changes I have made. Login script: // Register the values & redirect: //$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']=$_POST['user_id']; As you can see I have only commented out the superfluous line for now. Now to the Change_password script: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION['loggedin']::$_POST['user_id']}"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); When i run this on my localhost, I get the following error: According to the web query that strange sounding error message is to do with double colons. It is inferring that it should be :: and not =, but when I changed it to the double colons it returned to my home page and did not process the html code on lines 62 onward. The ob_start is in the header1.html script! Any ideas to why this is happening?
  14. I am having difficulty finding out what is wrong with these scripts. When a user logs on a session is started in the logon script: Login.php: <?php # - login.php // This is the login page for the site. session_start(); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header1.html'); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your BMFA number!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']=$_POST['user_id']; echo $_POST['user_id']; mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Forgot Password</a></h2> <?php // Include the HTML footer. include ('includes/footer1.html'); ?> I am using output buffering, so that I can include files and only send to the server when the form is submitted. Would this screw up the sessions? I'm not sure if the way I have set the session is correct on line 48 as there is a session which is saving the array of the MYSQL query. I am using a book for this example, so I don't understand how the first session statement is saving the array, if it is not named? The script allows me to login OK and on the page it redirects to I have put a button that allows the user to change their password. This runs the change_password.php script. <?php # Change_password.php // This page allows a logged-in user to change their password. session_start(); ob_start; require_once ('includes/config.inc.php'); $page_title = 'Change Your Password'; include ('includes/header1.html'); // If no first_name session variable exists, redirect the user: if (!isset($_SESSION['email'])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } print_r($_POST); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Check for a new password and match against the confirmed password: $p = FALSE; if (preg_match ('/^(\w){4,20}$/', $_POST['password1']) ) { if ($_POST['password1'] == $_POST['password2']) { $p = mysqli_real_escape_string ($dbc, $_POST['password1']); } else { echo '<p class="error">Your password did not match the confirmed password!</p>'; } } else { echo '<p class="error">Please enter a valid password!</p>'; } if ($p) { // If everything's OK. // Make the query. $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION=$_POST['user_id']"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Send an email, if desired. echo '<h3>Your password has been changed.</h3>'; mysqli_close($dbc); // Close the database connection. include ('includes/footer.html'); // Include the HTML footer. exit(); } else { // If it did not run OK. echo '<p class="error">Your password was not changed. Make sure your new password is different than the current password. Contact the system administrator if you think an error occurred.</p>'; } } else { // Failed the validation test. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); // Close the database connection. } // End of the main Submit conditional. ?> <h1>Change Your Password</h1> <form action="change_password.php" method="post"> <fieldset> <p><b>New Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters, numbers, and the underscore. Must be between 4 and 20 characters long.</small></p> <p><b>Confirm New Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="Change My Password" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php include ('includes/footer1.html'); ?> When this runs all I get is a blank page and not the message that the password has been changed. As there are no error messages I am not sure where the script is wrong. Can someone tell me where I am going wrong?
  15. I am trying to write some code based on the scripts in Larry Ulmans Book PHP6 & MYSQL 5. When I run the script I get the following error: The config.inc.php is shown below: <?php # config.inc.php /* This script: * - define constants and settings * - dictates how errors are handled * - defines useful functions */ // Document who created this site, when, why, etc. // ********************************** // // ************ SETTINGS ************ // // Flag variable for site status: define('LIVE', FALSE); // Admin contact address: define('EMAIL', 't.e.hudson@btinternet.com'); // Site URL (base for all redirections): define ('BASE_URL', 'http://www.1066cards4u.co.uk/MFC1066/'); // Location of the MySQL connection script: define ('MYSQL', '\Connect_login.php\\'); // Adjust the time zone for PHP 5.1 and greater: date_default_timezone_set("Europe/London"); // ************ SETTINGS ************ // // ********************************** // // ****************************************** // // ************ ERROR MANAGEMENT ************ // // Create the error handler: function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) { // Build the error message. $message = "<p>An error occurred in script $e_file on line $e_line: $e_message\n<br />"; // Add the date and time: $message .= "Date/Time: " . date("j-n-Y H:i:s") . "\n<br />"; // Append $e_vars to the $message: $message .= "<pre>" . print_r ($e_vars, 1) . "</pre>\n</p>"; if (!LIVE) { // Development (print the error). echo '<div class ="error">' . $message . '</div><br />'; } else { // Do not show the error: // Send an email to the admin: mail(EMAIL, 'Site Error!', $message, 'From: email@example.com'); // Only print an error message if the error isn't a notice: if ($e_number != E_NOTICE) { echo '<div class="error">A system error occurred. We apologize for the inconvenience.</div><br />'; } } // End of !LIVE IF. } // End of my_error_handler() definition. // Use my error handler. set_error_handler ('my_error_handler'); // ************ ERROR MANAGEMENT ************ // // ****************************************** // ?> The header is called in the following script: <?php # - login.php // This is the login page for the site. include('includes/SessionManage.php'); SessionManager::sessionStart('login'); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header.html'); echo ""; if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Change Password</a></h2> <?php // Include the HTML footer. include ('includes/footer.html'); ?> I have highlighted the line that fails in red. It is used to open the script mempage.php, so I thought I would try opening the script with require, but all I get is a blank screen. Is there a bug in the script that was written by Larry Ulman or is it something is wrong with the way I have modified the script. If that is not the case is there an alternative way of proceeding to the next script? Your help would be appreciated!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.