Love2c0de

Ok, I've done what it's said and required the file in my script. I notice when I opened up the PasswordHash.php that is it written in PDO. Does this mean i'll have to use PDO to call the functions etc or can I do it in a prodedural way? Regards, L2c.

How do I start using it? Do I need to put the files in the 'c' folder somewhere? Regards, L2c.

Is this not something I can just do with PHP native functions? Obviously I'll read up about how to do a basic hash and then improve upon that. Does it become too complicated with just the native PHP functions then? Regards, L2c.

Hello 50r That code is just far too complicated for me to understand right now, I'm very new to PHP. It seems like it isn't just a simple task then if you want to do it properly? Regards, L2c.

Hello, just had a look. Give this code a try: require_once 'myconn.php'; $sql = "SELECT course_id, course_name FROM course"; $result = mysql_query($sql); echo "<label>Select Course</label>"; echo "<select>"; while($row = mysql_fetch_array($result)) { echo "<option value='{$row['course_id']}'>{$row['course_name']}</option>"; } echo "</select>"; You might also want to check what the query returned before trying to use it's value. Hope it helps, Kind regards, L2c.

See my post above, I think it should get rid of your error message when the email is invalid. Edit: sorry you should be using mysql_affected_rows() with an INSERT query. Regards, L2c

Can you post your updated code? I remember getting that error but I think it was only when I was printing $stmt which is an array. Rather than doing this: $Result1 = mysql_query($insertSQL,$subscribers) or die(mysql_error()); do this: $Result1 = mysql_query($insertSQL,$subscribers); $rows = mysql_num_rows($Result1); if(!$rows) { echo "Username and/or password already in use."; } else { echo "You have successfully registered."; } If it failed, it returns false. If it is then send an error, if its anything else, it inserted ok. Note if it returns the number of rows, for instance 1 or above, the if statement will interpret that as being TRUE. Just like FALSE can be associated with 0 or -1 in some cases, at least in JS. Edit: try putting just the $Result1 in the if statement as well and coment out the num_rows and see what you get. Regards, l2c

Change your email field in your database to be unique. By doing this, if you someone tries to enter an email address which is already in the table, it will return either -1 or 0 for mysql_num_rows(), in which you know it didnt get inserted so you can show an error saying it's already in use. Regards, L2c.

What is the best function to use when hashing passwords? I've looked on php.net and they tell you on there to stay away from sha1() and md5(). I read also about hash() and crypt() and from what I read decided to go with crypt(). I don't really understand the hash types of this function though. Can anyone pelase explain a little on this or even the best way to encrypt your passwords? Kind regards, L2c.

Always been told to put session_start() right at THE VERY TOP of your script. Not sure if that applies in every instance but put it there for now. <?php session_start(); $login = htmlentities($_GET['login']); if($login == "admin") { $_SESSION['admin'] = true; $admin = $_SESSION['admin']; echo $admin; echo "welcome admin!"; } else{ return; } ?> Also, you need to always use curly braces '{' when writing more than one statement within an if statement. hope this puts you on the right track. Regards, L2C.

Why don't you scan the site directory, locate through your folders to find your folder full of images, then obviously depending on your logic or what you want to do with said images, it depends on the code. Give this a try: $full_dir = dirname(__FILE__); $site_dir = scandir($full_dir); Of course it all depends where your images are located in relation to the script you are running this PHP in. Kind regards, L2c.

I don't understand that question at all. Like Jessica said post some code and your errors, and we will know where to start looking then. We can advise you better, it's pretty much impossible with no code or errors. Kind regards, L2c.

Thank you very much, just edited it and now it is working perfectly. Kind regards, L2c.

I didn't know how to deal with the error.f what i It would seem that both the username and email are unique but I think I've done something wrong somewhere. Here is an image of what it is showing me: Kind regards, L2c.

Hello, I am attempting a user login system, got all my DB setup and wrote the code. I am having some issues with the username and email fields not being unique (even though when I created my table I made them both unique). Weird thing is, if I reload page and re-enter a username which I know is already entered, it re-enters it the firs time, but when I try to enter it again with a simple F5, it shows the error that it's already registered here..... Here's my form processing code: <?php //array to deal with any processing errors, such as empty strings, invalid email etc. $errors = array(); unset($_POST['reg_submit']); //registration form submitted, $_POST['username'] = trim($_POST['username']); $_POST['password'] = trim($_POST['password']); $_POST['email'] = trim($_POST['email']); if($_POST['username'] == "") { $errors[] = "You must enter a username."; } if($_POST['password'] == "") { $errors[] = "You must enter a password."; } if($_POST['email'] == "") { $errors[] = "You must enter an email address."; } if(!empty($errors)) { $res = implode("<br />",$errors); } else { //we know all fields now have some sort of data for us to work with. //check the username field $user_len = strlen($_POST['username']); if($user_len < 8 || $user_len > 32) { $errors[] = "Your username must be more than 7 and less than 32 characters."; } if(!ctype_alnum($_POST['username'])) { $errors[] = "Your username can only contain letters and digits."; } //check the password field $pass_len = strlen($_POST['password']); if($pass_len < 6 || $pass_len > 18) { $errors[] = "Your password must be more than 5 and less than 33 characters."; } //check the email field if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $errors[] = "You did not enter a valid email address."; } if(!empty($errors)) { $res = implode("<br />",$errors); } else { require("db_queries/registration_insert.php"); } } if(isset($rows)) { if($rows == 1) { $res = "Registration Successful."; } else { $res = "Username and/or email address already in use."; } } ?> Here is the prepared insert: <?php $conn = new mysqli("localhost","root","","gaming") or die("Error: "); $stmt = $conn->prepare("INSERT INTO users (username,password,email) VALUES(?,?,?)") or die("Error:".mysqli_error($conn)); $stmt->bind_param("sss",$_POST['username'],$_POST['password'],$_POST['email']); $stmt->execute(); $stmt->store_result(); $rows = $stmt->affected_rows; ?> I have also provided a couple of images. One of my db structure and one of the data which is entered. Can anyone help? Kind regards, L2c.

I was under the impression that you couldn't send an email at all if it was on localhost. I've always put my site live to test the emailing otherwise I think the mail() function ALWAYS returns FALSE (I always got errors when doing it locally). Not 100% on that. What, was you testing the email code on your localhost then? Regards, L2c.

Also, take a look here: http://php.net/manua...ysqli.query.php. When using the mysqli extension, I think you need to provide the mysqli_query() function a link to the connection, when coding procedural style. You could do something like: $conn = mysqli_connect($host, $username, "", $password) or die ("Can't connect"); $results = mysqli_query($conn,"portfolio", "SELECT * FROM users WHERE username='$myusername' and password='$mypassword'" ); Kind regards, L2c.

Sessions and Cookies are different things. To be honest I've never worked with Cookies. $_SESSION is a superglobal. Just like when you create an upload form and use the 'POST' method. When retrieving those values you use $_POST['name_of_form_input_field'], that is another superglobal. Here is a full list of superglobals:http://php.net/manua...uperglobals.php I've only been learning PHP for around 6 months myself so I'm not very good at explaining why things happen, although I seem to know some things without being able to explain it properly. Weird Yup it's like 5:20am here now, definitely time to get some Z's Glad to help you. Kind regards, L2c

If you copy my code and test it, it should work. I've just tested it on localhost (not the emailing but the setting and retrieving of the session variable), and it worked out so it should be what you're looking for I think. Let me know! Regards, L2c

No you have to actually set the session variable, just like you would any other variable. So: $var1 = "some value"; is basically the same as: $_SESSION['name_of_session_something_descriptive'] = "some value"; except that it's a session variable, so the value will be saved once you go into your thankyou.php script. I'm not 100% on what session_start() does but it basically allows you to set session variable which you can use across pages. As you found out when you tried: echo $name in thankyou.php, nothing printed out because it was just a normal variable and was only local to the email script.

Ok you had a couple of syntax errors to start off with, here is the code fixed: <?php session_start(); $to = "[email protected]"; $subject = "MEMBER SIGNUP"; $name = $_REQUEST['name']; $nickname = $_REQUEST['nickname']; $email = $_REQUEST['email']; $steamid = $_REQUEST['steamid']; $skype = $_REQUEST['skype']; $moreinfo = $_REQUEST['moreinfo']; $message = "Name: ".$name."\n"; $message .= "Nickname: ".$nickname."\n"; $message .= "Email: ".$email."\n"; $message .= "Steam ID: ".$steamid."\n"; $message .= "Skype: ".$skype."\n"; $message .= "More Info: ".$moreinfo."\n"; $headers .= "From: ".$email; $sent = mail($to, $subject, $message, $headers); if($sent) { header('Location: thankyou.php'); } else { header( 'Location: ../signup' ); } ?> Also, I notice you want to go the session route because you used session_start(); at the top of your script. The trouble is you are not making any use of any session. You need to set the session, preferably if the if statement executes. Like so: if($sent) { $_SESSION['their_name'] = $name; header('Location: thankyou.php'); } else { header( 'Location: ../signup' ); } ?> Then once you set that session variable it will be 'saved' and you will be able to access that value once the header() call has redirected you. So, in your thankyou.php file, you need to retrieve that session variable and use it. Like: if(isset($_SESSION['their_name'])) { echo $_SESSION['their_name']; } ----------------------------- Here is your updated code: <?php session_start(); $to = "[email protected]"; $subject = "MEMBER SIGNUP"; $name = $_REQUEST['name']; $nickname = $_REQUEST['nickname']; $email = $_REQUEST['email']; $steamid = $_REQUEST['steamid']; $skype = $_REQUEST['skype']; $moreinfo = $_REQUEST['moreinfo']; $message = "Name: ".$name."\n"; $message .= "Nickname: ".$nickname."\n"; $message .= "Email: ".$email."\n"; $message .= "Steam ID: ".$steamid."\n"; $message .= "Skype: ".$skype."\n"; $message .= "More Info: ".$moreinfo."\n"; $headers .= "From: ".$email; $sent = mail($to, $subject, $message, $headers); if($sent) { $_SESSION['their_name'] = $name; header('Location: thankyou.php'); } else { header( 'Location: ../signup' ); } ?> And thankyou.php: <?php session_start(); if(isset($_SESSION['their_name'])) { echo $_SESSION['their_name']; } ?> Let me know how you go. Regards, L2c.

You can recall variables from a previous script by saving the value into a session. You can also pass a normal variable value through a URL but it depends how you want to locate there. Can you post me your whole code and I'll try to edit it for you? For example, if using my previous example: if(mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader)) { echo "Email sent"; $_SESSION['their_name'] = $_REQUEST['name']; } else { echo "Email not sent"; } Please note when using sessions, you need to put this code right at the top of your script: session_start(); Because you have now set a session variable to the value of their name, when you go into thankyou.php, you access it like so: $users_name = $_SESSION['their_name']; This retrieves the value of the session variable and saves it into the new variable. You can also use it directly if you wish either: echo $_SESSION['their_name']; OR echo $users_name; ------------------------- If you don't want to use a session you can use a header() call and locate to a page and pass in a value: if(mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader)) { header("Location: thankyou.php?name={$_REQUEST['name']}"); } else { echo "Email not sent"; } Then in your thankyou.php if(isset($_GET['name'])){ echo $_GET['name']; } Does this help? If you want to post your script I will do my best to get you off in the right tracks. Regards, L2c.

Great news, glad to help dude. Kind regards, L2c!

Yep, you could do something like: $message = "NAME: ".$name."<br />\n"; $message .= "NICKNAME: ".$nickname."<br />\n"; $message .= "EMAIL: ".$email."<br />\n"; //etc etc If you want to keep it like you have it I'd write it like so: $message = "NAME: {$name}<br /> NICKNAME: {$nickname}<br /> EMAIL: {$email}<br /> STEAMID: {$steamid}<br /> SKYPE: {$skype}<br /> MOREINFO: {$moreinfo} "; I've always been advised to enclose variables inside curly braces when using them inside a string. Hope it helps you. Regards, L2c