Jump to content

Skorpio

Members
  • Posts

    52
  • Joined

  • Last visited

Everything posted by Skorpio

  1. I hadn't thought of any alternatives other than return and echo the function which I have now, function navmenu($db){ $data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $row) { return "<li><a href='{$row['url']}' title='{$row['title']}'><i class='{$row['icon']}'></i> {$row['header']}</a></li>"; } } then // Navigation Menu Function echo navmenu($db);
  2. Thanks, when I put in the additional $row information I again added too many quotes. This has solved the issue which has resulted in the following code foreach ($data as $row) { echo "<li><a href='{$row['url']}' title='{$row['title']}'><i class='{$row['icon']}'></i> {$row['header']}</a></li>"; } If I use the quotes around the {$row['header']} -> '{$row['header']}' they print out on screen. Removing the 2 single quotes has solved the issue and when I view source I get the following <li><a href='?page=home' title='Home Page'><i class='fas fa-home site-nav--icon'></i> Home</a></li>
  3. Thanks for this however as I say I want to put the whole navigation code block into a function so the closing a and li would be an issue. From trying the code I get
  4. Thanks for this. It gives me part of the solution however I get the echo and quotes printed on screen. When I look at the colour coding in brackets the closing single quote, square bracket and closing brace are highlighted in red
  5. I have a navigation list displaying which is a mix of html and php, everything is working fine however now I want to convert this block of code into a function but am having major problems with quotes. The line of code I currently have is $data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $row) { ?> <li><a href="<?php echo $row['url']; ?>" title="<?php echo $row['title']; ?>"><?php echo $row['icon'] . ' ' . $row['header']; ?></a></li> <?php } ?> As I say everything works using the above but now I am trying to echo the full li out and am having major issues with single and double quotes. I currently have echo "<li><a href='#' title='the title'><i class='fas fa-user site-nav--icon'></i> Help</a></li>"; Now I am trying to use the $row['url'], $row['title'], $row['icon'] & $row['header'] as per the top example but I cannot get the combination of quote marks correct, whether to use double, single or a combination. I would be grateful if someone could suggest the correct syntax for the a tag then I can work through the rest. Thanks
  6. I am trying to resolve the initial problem, getting nowhere fast. so it should read $ As the variable is storing all data records? So Should read foreach ($row as $rows){ Is that what you are meaning requinix? The foreach that I am using in the 2nd example works as far as the navigation however I cannot include the content for the page within the foreach which makes the join redundant. I am unsure what the solution is to this but I feel as though I am going round in circles. The above, my first code with the foreach loop would present me with the same issue of not being able to sync the page contact with the navigation.
  7. Although still looking to resolve the issue with my php above I am looking at other solutions. Although the followi8ng code populates my navigation menu correctly I am unable to get the page data to sync with the appropriate navigation choice. $sql= "SELECT * FROM menu LEFT JOIN pages ON menu.id = pages.page_id"; $stmt = $db->query($sql); $row = $stmt->fetchAll(PDO::FETCH_ASSOC); // To print array out echo "<pre>"; print_r($row); echo "</pre>"; Then where the navigation is I have <?php foreach($db->query($sql) as $row){ ?> <a href="<?php echo $row['url']; ?>"><i class="<?php echo $row['icon']; ?>"></i>&nbsp;<?php echo $row['header']; ?></a> <?php } ?> As I say the nav menu is returned correctly but I am unable to sync with the corresponding page from the pages table, the join SQL statement above returns the full array from both tables synced but the issue I am having is the closing brace. I am unable to place it further down the page to enable all the relevant areas of the page to echo the relevant data from the pages table. As per screenshot2 attached it is the placement of the closing brace preventing me from having the corresponding navigation selection and corresponding page showing as the data areas for the pges table are outside of the foreach .
  8. What is? As I say the SQL is working, it is the PHP thats the issue.
  9. Hi I have a 4 button navigation, home, projects, about and contact. This is in one table, menu, this table has the relevant icon to display with the appropriate link and another field is the link itself, ?page=home. Menu is joined with the pages table using the following query SELECT * FROM menu LEFT JOIN pages ON menu.id = pages.page_id When I run this through phpmyadmin sql console everything is returned as expected, all pages match up with the navigation. When I print_r($row); all 4 fields from the nav table and all 7 fields from the pages table, totalling 11 fields, display as per the query running in phpmyadmin which was as expected however, on the actual page it isn't going as hoped and expected. I have /* query for page data(navigation & title) */ $sql= "SELECT * FROM menu LEFT JOIN pages ON menu.id = pages.page_id"; $stmt = $db->query($sql); $row = $stmt->fetchAll(PDO::FETCH_ASSOC); /* to go in php tags where table data required - <?php echo $row['header']; ?> */ // Sidenote, I realise prepare rather than query but need to get this working first echo "<pre>"; print_r($row); echo "</pre>"; // Everything, all records from both tables, showing up as expected in array If I use $row = $stmt->fetch(PDO::FETCH_ASSOC); As expected I only get 1 record returned, all nav buttons are home which is the 1 record with all page data from the pages table and all icons from the menu table are the home icon, again as expected since it is the 1 record. When I use fetchAll everything is returned undefined index, e.g. Undefined index: content3 in C:\xampp\htdocs\test\index.php on line 70 The php used for the navigation is <?php echo $row['url']; ?> <?php echo $row['icon']; ?> <?php echo $row['header']; ?> the full link is <a href="<?php echo $row['url']; ?>"><i class="<?php echo $row['icon']; ?>"></i>&nbsp;<?php echo $row['header']; ?></a> The above is listed 4 times for Home, Projects, About and contact. As I know the SQL is working I realise I have made an error in the PHP but cannot work out what. As far as I can see I should be using fetch, rather than fetchAll, so as to only return 1 record as requested via the navigation links however fetchAll would give me the data required for the navigation to be labelled correctly. I cannot work out where I am going wrong. Any help would be appreciated.
  10. Regarding I can run up to version 7 on the live server through cpanel however the host only supports up to 5.4 which obviously raises issues such as not renewing with them unless they update to at least 5.5 but that's another issue. The levels for access is something I was thinking about for the future but I need to get my head around PDO and Php in general without being overly ambitious but you have given me a lot to think about. Thanks for the suggestions and the help.
  11. I think I have found the reason for the 500 error if nothing else, my host only supports up to php 5.4 so the verify and hash are not supported but that's another issue. but the above code is running but I am still testing the is_valid you suggested.
  12. These are the current checks I have, everything running on xampp but when testing on live server throws a 500 after submission, does not show errors. So I have this, if($pdo){ $stmt = $pdo->prepare("select username, password, active from users where username = :username"); $stmt->bindValue(":username", $username); $stmt->execute(); $user = $stmt->fetch(PDO::FETCH_ASSOC); if($user === false){ $msg = ''; $error .= 'Incorrect Username/Password combination'; } else { $validPassword = password_verify($unhashed, $user['password']); if($validPassword){ if($user['active'] == 1){ if($total == $getCaptchaResults){ $msg = ''; $error .= 'Everything working so far'; // any more ifs - when live response from $_POST[] is HTTP ERROR 500 } else { $msg = ''; $error .= 'Captcha incorrect!'; } } else { $msg = ''; $error .= 'You cannot log in until you click the link in the registration email we sent you.'; }//active } else { $msg = ''; $error .= 'Incorrect Username/Password combination'; } } } } I will look at is_valid and see what happens. Thanks
  13. Starting with your last point, I have removed count and am checking I was planning on the function but wanted to get the code working here first. As the prepared statement is only checking for the username it is returning true even if the password does not match. As I said in my original post I am just going round in circles. If I place the above code in a function function check_credentials ($pdo, $username, $unhashed){ $stmt = $pdo->prepare("select username, password, active from users where username = :username"); $stmt->bindValue(":username", $username); $stmt->execute(); $results = $stmt->fetch(PDO::FETCH_ASSOC); if($results == 1 && password_verify($unhashed, $results['password'])){ $msg = ''; $error .= 'OK'; } else { $msg = ''; $error .= 'No entry'; var_dump($results); } return false; } That will still return a result if the username is entered correctly though, won't it?
  14. Surely it cannot be as easy as to force a return of false? if($pdo){ $stmt = $pdo->prepare("select username, password, active from users where username = :username"); $stmt->bindValue(":username", $username); $stmt->execute(); $results = $stmt->fetch(PDO::FETCH_ASSOC); if(count($results) > 0 && password_verify($unhashed, $results['password'])){ var_dump($results); echo 'Success'; } else { //var_dump($results); echo 'Try Again'; return false; // Is this the correct way or ? } }//if $pdo
  15. Tried to update last post, unable. Ok so further testing with totally incorrect login details returns bool false which is correct, screenshot So the issue is with entering any existing username returns a result as per failed screenshot in last post.
  16. From doing the var_dump it seems that despite thinking I had solved the issue I am back to square 1. I just have the one if else in place at the moment if($pdo){ $stmt->bindValue(":username", $username); $stmt->execute(); $results = $stmt->fetch(PDO::FETCH_ASSOC); if(count($results) > 0 && password_verify($unhashed, $results['password'])){ var_dump($results); echo 'Success'; } else { var_dump($results); echo 'Try Again'; } }//if $pdo On correct information being entered I get the expected output - success screenshot However when entering the incorrect information I still get output - Failed screenshot Finding a result when incorrect details are entered has taken me back to the start.
  17. Hi, as I said in the previous update as far as the form stretching, I had left the opening pre tag in when I was working with the array. That's sorted. I will start with the var_dump as you suggest. Thanks
  18. UPDATE: I had left the opening pre tag in. Ok, I have the following code, it works as far as logging in with the correct details, username and password however if the incorrect details are put in I do not get the else message now. if($pdo){ $stmt = $pdo->prepare("select username, password from users where username = :username"); $stmt->bindValue(":username", $username); echo '<pre>'; $stmt->execute(); $results = $stmt->fetch(PDO::FETCH_ASSOC); if(count($results) > 0 && password_verify($unhashed, $results['password'])){ $_SESSION['username'] = $results['username']; header('location: welcomelogged.php'); exit; }else{ $msg = ''; $error .= 'Passwords do not match';//Not being triggered at all } On incorrect details being submitted the form is stretched out and all over the place. I cannot identify what I am missing.
  19. I have changed to fetch rather than fetchAll as only want 1 result. As for the $rows and bindValue I am trying to work that out. I have initialized hashed only because I was getting error but can I take it that this is why it is triggering the else rather than the if? Thanks
  20. Right, thanks. So am I going in the right direction with the code above? I am getting the array results from the database now thanks to you, I was going round in circles before. I am just now trying to finish off the PDO so that I can actually do something with the data. Forgive the daft question but outgoing as from the database you mean? I am currently getting the following output, image, yet I am getting the else message from my if statement.
  21. Thanks for the quick response. So can I take it that this is starting to look better. I was under the wrong assumption that for POST data you were still meant to take precautions by escaping the data, i.e. script tags etc. <?php session_start(); //error_reporting(0); require '../php_inc/connection/connect.php'; require_once '../php_inc/functions.php'; $hashed = ''; $error = ''; // all error messages will use this variable $msg = 'Please fill in both fields and answer the captcha, they are all required to log in.'; if(isset($_POST['submitted'])){ //$dbuname = 'dashby'; // As if check with DB - If I comment these 2 out and try to get data from DB I get empty array //$hashed = '$2y$12$7hcyfm7UjboYGaNLF7vK1.qroo3YkvhKAR8EfxG1byEMkNB0oSQgi'; // As if check with DB - same password require 'Captcha.php'; $username = $_POST['username']; // Username $captcha = $_POST['captchaResult']; //Captcha $unhashed = $_POST['password']; //Password b4 hashing takes place //$submittedPassword = password_hash($unhashed, PASSWORD_DEFAULT, ['cost' => 12]); // connect to the database so the checks can be done. if($pdo){ $stmt = $pdo->prepare("select username, password from users where username = :username"); $stmt->bindParam(":username", $username); echo '<pre>'; if($stmt->execute()){ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); print_r($rows); } } echo '</pre>'; if(password_verify($unhashed, $hashed)){ $msg .= 'Password match'; $error .= ''; } else { $msg .= 'Password don\'t match'; $error .= ''; } // other ifs commented out until I get this functioning.
  22. I have been working on a login form, I have completed the registration side but the login form is proving to be fighting back. I have just jumped into the world of PDO and only recently PHP in a serious way. I have been trying to use the password_verify(); function but I have spent so long on it now trying to get it working I have made it more difficult than it should be and probably is. I would be grateful if someone could take a look at my code and just tell me what I am doing wrong. I have tested it with the username and password hard coded in and it returns an array however if I comment out the hard coded username and password I get an empty array. I dare say that someone will see the issue straight away but I cannot get my head round it. <?php session_start(); error_reporting(0); require '../php_inc/connection/connect.php'; require_once '../php_inc/functions.php'; $error = ''; // all error messages will use this variable $msg = 'Please fill in both fields and answer the captcha, they are all required to log in.'; if(isset($_POST['submitted'])){ $dbuname = 'dashby'; // As if check with DB - If I comment these 2 out and try to get data from DB I get empty array $hashed = '$2y$12$7hcyfm7UjboYGaNLF7vK1.qroo3YkvhKAR8EfxG1byEMkNB0oSQgi'; // As if check with DB - same password require 'Captcha.php'; $username = escape_in($_POST['username']); // Username $captcha = escape_in($_POST['captchaResult']); //Captcha $unhashed = escape_in($_POST['password']); //Password b4 hashing takes place //$submittedPassword = password_hash($unhashed, PASSWORD_DEFAULT, ['cost' => 12]); // connect to the database so the checks can be done. if($pdo){ $stmt = $pdo->prepare("select * from users where username = :username && password = :password"); $stmt->bindParam(":username", $username); $stmt->bindParam(":password", $unhashed); // If $hashed is the variable I get an array returned, as $unhashed I get an empty array echo '<pre>'; if($stmt->execute()){ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); print_r($rows); } } echo '</pre>'; if($total == $getCaptchaResults){ //Capcha OK if(password_verify($unhashed, $hashed)){ //$msg = ''; //$error .= 'Password match'; if($username == $dbuname){ //$msg = ''; //$error .= 'Captcha, username and password ok'; // working to this point $_SESSION['username']; //header('Location: welcomelogged.php'); } else { $msg = ''; $error .= 'Denied wrong username and/or password'; } } else { $msg = ''; $error .= 'Denied wrong password and/or username'; } } else { if(($total != $getCaptchaResults)){ $msg = ''; $error .= 'Captcha Wrong'; } } }// post submitted brace ?> The if statements all work bar the password_verify when I comment out the hard coded variables out, directly under if(isset($_POST['submitted'])) {} I would be grateful if someone could steer me in the right direction. Thanks in advance.
  23. I followed a tutorial sometime back and now I want to use this script unfortunately the tutorial at the time did not cover what I am looking for but I did end up with the code below. I am wanting to have an active class dependant on users selection. I would appreciate any help. <?php echo '<ul id="nav">'; $cat_sql="SELECT * FROM administration"; $cat_query=mysqli_query($con, $cat_sql); // calling data put into associative array $cat_rs=mysqli_fetch_assoc($cat_query); do{ ?> <li><a <?php if ($current_page == "name") { ?><?php } ?>href="index.php?page=<?php echo $cat_rs['link_name']; ?>"><?php echo $cat_rs['name']; ?></a></li> <?php } while ($cat_rs=mysqli_fetch_assoc($cat_query)); echo "</ul>"; ?> <!-- need to add - class='active' --> The code above gets the field names for the buttons but I am unable to work out how to have an active class. The code is messy but have been trying all sorts to sort this. Thanks again for any pointers/help.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.