Jump to content

mac_gyver

Staff Alumni
  • Posts

    5,450
  • Joined

  • Days Won

    175

Everything posted by mac_gyver

  1. what have you tried? posting an image of your code is pointless on a programming help forum. we cannot read it and no one could copy/past any of it to point out things that are in error.
  2. what do you get when you do a 'view source' of the empty page in your browser?
  3. writing (building) a complete application requires that you have already mastered (learned and practiced) using the tools needed to build the application. unless you know how to produce a form for the browser and produce the .php code to take the submitted form data and insert it into a database table, you won't be able to do these things for your data. next, using ajax to submit a form, is an 'extra' feature, and in general, can be added to an existing working form by adding an event that calls a function that submits the data using an asynchronous http request and prevents the browser from submitting the form. the .php code that process the form data will be the same, regardless of using ajax or not. if you don't know how ajax works, you need to first learn and practice writing code that uses ajax to submit post data to a .php page. then, adding that functionality to a comment form will be the easy part.
  4. that you are not getting any application errors from the code to pin down where the problem is at, probably means that the code wasn't written with any application error checking logic in it. so, debugging what the code is doing to find where in it the problem is at will require that you have the ability to read and understand what the code is doing and to add debugging statements to display values and determine code execution paths to locate where in the code the problem is occurring at. if you don't have the skills and experience to do this, you are going to need to hire someone, because, unless you can narrow down the problem to just a small section of code or a database query that can be posted in the forum, we cannot help you. please don't expect to be able to post, attach, or link to your complete application code and get someone in a forum to debug the entire application for you for free. that's not what programming help is, that's asking someone else to do your work for you.
  5. i didn't look at the specific data, but the following should work - array_push($arrayFPTitle, (string)$temp->title); // cast the element as a string
  6. the receiving mail server @gmail.com probably blacklisted the sending mail server at your web host. the email is NOT being sent by or From: the email address that is being input in your form. the email is being sent from the mail server at your web host. the From: address in the email, at a minimum, needs to be a real mail box at your sending mail server. in addition to just helping to insure that an email will be processed, the From: email address is used as the return-path for bounce/error messages back from the receiving mail server when you haven't specifically supplied a Return-path email address in the mail headers. the email addressed entered in your form should be put into a Reply-to: mail header. what likely happens in these cases, is that enough people have entered xxxxx@gmail.com addresses in your form, which your code then used as the From: email address, and since gmail knows the sending mail server at your web host isn't a gmail mail server, all those emails saying they were From; xxxxx@gmail.com addresses eventually get your sending mail server blacklisted. another possibility, is that the receiving mail server received a 'flood' of emails from your sending mail server in a short time and blacklisted it. edit: another possibility, since you are NOT validating the user submitted data that you are currently putting into the mail header, which allows spammers to set any thing in the email message to anything they want, it that your script is being used to send huge volumes of spam, and has been blacklisted by numerous receiving isp's. in addition to fixing the mail headers, you will need to track down if your sending mail server is actually sending the email or if the receiving mail serve is discarding them them. after you can determine that your sending mail server is actually sending the emails, you can contact the 'postmaster' at @gmail.com to try and find out if/why they may be discarding emails you sending mail server has sent to their mail servers. an alternative that would allow you to send emails directly to your @gmail.com mail box, would be to use one of the php mailer classes and use smtp authentication against your mail box (you would use your email name and password in the script.) this would allow your php script to send the email directly to your mail box, without going through the mail server at your web host.
  7. the error is most likely in your main.php/sesstest() method - $count = $this->db->exec('SELECT * FROM sessions'); the pdo ->exec() method does NOT return results for a SELECT query and since a select query does not affect any rows, this usage will always return a zero, which is probably what you are basing the statement that the table is empty on. only insert, delete, update, and replace queries affect rows. you would need to get a row count using a method available for PostgreSQL (which i am not well versed with.) if you cannot get a count in the query statement, doing a pdo fetchall() of the result set and using php count() of the resultant array is the most universal method that would work with all database types. edit: if the PDOStatement::rowCount() method works for PostgreSQL, you would use the pdo query() method to run the query and get a count of the number of rows.
  8. you should probably post an example of the incorrect data the query is matching and an example of the data the query should match, along with the table definition. if your order by isn't returning the correct value, it's likely that your table definition is storing numbers as a character/text type.
  9. in the html <img ...> tag, you need to actually have php code that echos the variable - <img class="profile-photo" align="middle" src="uploads/<?php echo $actual_image_name; ?>" />
  10. there's no guarantee that any of those statements are still in the code. edit: it's also possible that the OP is on some web hosting that has disabled the error_reporting/ini_set statements.
  11. the 500 http error may be due to a php execution timeout or some other fatal php runtime error. set php's error_reporting to E_ALL and display_errors to ON to cause php to report and display the errors it detects when your code runs.
  12. ^^^ that's not the problem. that is a follow-on error. it is caused by a query that failed due to an error of some kind and your code didn't stop the rest of the code, the mysqli_fetch_assoc() statement, from trying to use the result from the failed query. to find out why the query failed, you can echo mysqli_error($link_id); after the line where you used the mysqli_query() statement.
  13. if that's the query statement that was formed, then you are not handling the $_GET variable correct, since it shows injected sql along with the numerical value. that particular sql injection attempt may have failed, but you can inject sql that doesn't contain any characters that are affected by an escape function, that isn't failing, isn't producing any errors, and does allow the hacker to dump the contents of your database tables. short-answer - that the sql statement you posted doesn't have any ' before the number, means that no amount of using an escape function will protect it, and that it shows injected sql with the id number, says you are not handling the value correctly. if you post your code showing how you are handling the $_GET variable before putting it into the sql statement, someone can help with it. an alternative would be to use prepared queries, where values are bound to place holders in the sql query statement, supplied when the query is executed, and cannot be used for sql injection.
  14. you didn't even bother to try and change your code to use the $points data that Barand's code extracts. this is a copy/paste fail on your part. i suggest that you look at the print_r() output from his code so that you know what format the name/point value is in, then remove all your existing code for the insert into points values ... query, and actually WRITE some new code that uses the $points array, keys/value pairs, to form and run the insert into points values ... query.
  15. that's too vague to help you. we can only answer specific questions.
  16. just off of the top of my head, you would do a GROUP BY some_time_interval to consolidate data for the time interval, getting an average, in the query, of the data for each time interval. it would be fairly easy to craft a query that either groups by - hour, day, week, month, or year intervals, depending on the scale you need, assuming you are storing a DATETIME value with each data point.
  17. you would need to post your current code responsible for forming and running the insert into points values ..., query, as it's likely it isn't using the $points array that Barand's code produces.
  18. here is the phpfreaks main site pagination script, modified to show dynamic items per page and showing the original mysql and equivalent mysqli database library functions - <?php define('SOURCE','mysqli'); // the method/type of data source - mysql, mysqli switch(SOURCE){ case 'mysql': // database connection info $conn = mysql_connect('localhost','dbusername','dbpass') or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db('dbname',$conn) or trigger_error("SQL", E_USER_ERROR); // find out how many rows are in the table $sql = "SELECT COUNT(*) FROM numbers"; $result = mysql_query($sql, $conn) or trigger_error("SQL", E_USER_ERROR); $r = mysql_fetch_row($result); $numrows = $r[0]; break; case 'mysqli': // database connection info $conn = mysqli_connect('localhost','dbusername','dbpass','dbname') or trigger_error("SQL", E_USER_ERROR); // find out how many rows are in the table $sql = "SELECT COUNT(*) FROM numbers"; $result = mysqli_query($conn,$sql) or trigger_error("SQL", E_USER_ERROR); $r = mysqli_fetch_row($result); $numrows = $r[0]; break; } // number of rows to show per page $rowsperpage = 10; // (default value when using dynamic rows per page) // dynamic rows per page, handling and form $per_page = array(1,5,10,25,50); // choices for select/option menu. also used to limit (min, max) the submitted value $rowsperpage = isset($_GET['perpage']) ? (int)$_GET['perpage'] : $rowsperpage; // get submitted value or the default $rowsperpage = max(min($per_page),$rowsperpage); // limit to the minimum value $rowsperpage = min(max($per_page),$rowsperpage); // limit to the maximum value // produce rows per page form $rpp_form = "<form method='get' action=''>\n<select name='perpage' onchange='this.form.submit();'>\n"; foreach($per_page as $item){ $sel = $rowsperpage == $item ? 'selected' : ''; $rpp_form .= "<option value='$item' $sel>$item</option>\n"; } $rpp_form .= "</select>\n<noscript><input type='submit'></noscript>\n</form>\n"; // find out total pages $totalpages = ceil($numrows / $rowsperpage); // get the current page or set a default if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) { // cast var as int $currentpage = (int) $_GET['currentpage']; } else { // default page num $currentpage = 1; } // end if // if current page is greater than total pages... if ($currentpage > $totalpages) { // set current page to last page $currentpage = $totalpages; } // end if // if current page is less than first page... if ($currentpage < 1) { // set current page to first page $currentpage = 1; } // end if // the offset of the list, based on current page $offset = ($currentpage - 1) * $rowsperpage; switch(SOURCE){ case 'mysql': // get the info from the db $sql = "SELECT id, number FROM numbers LIMIT $offset, $rowsperpage"; $result = mysql_query($sql, $conn) or trigger_error("SQL", E_USER_ERROR); $rows = array(); while ($row = mysql_fetch_assoc($result)) { $rows[] = $row; } // end while break; case 'mysqli': // get the info from the db $sql = "SELECT id, number FROM numbers LIMIT $offset, $rowsperpage"; $result = mysqli_query($conn,$sql) or trigger_error("SQL", E_USER_ERROR); $rows = array(); while ($row = mysqli_fetch_assoc($result)) { $rows[] = $row; } // end while break; } // while there are rows to be fetched... foreach($rows as $row) { // echo data echo $row['id'] . " : " . $row['number'] . "<br />"; } // end foreach // display dynamic rows per page form echo $rpp_form; /****** build the pagination links ******/ // range of num links to show $range = 3; // if not on page 1, don't show back links if ($currentpage > 1) { // show << link to go back to page 1 $_GET['currentpage'] = 1; $qs = http_build_query($_GET, '', '&'); echo " <a href='{$_SERVER['PHP_SELF']}?$qs'><<</a> "; // get previous page num $prevpage = $currentpage - 1; // show < link to go back to 1 page $_GET['currentpage'] = $prevpage; $qs = http_build_query($_GET, '', '&'); echo " <a href='{$_SERVER['PHP_SELF']}?$qs'><</a> "; } // end if // loop to show links to range of pages around current page for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) { // if it's a valid page number... if (($x > 0) && ($x <= $totalpages)) { // if we're on current page... if ($x == $currentpage) { // 'highlight' it but don't make a link echo " [<b>$x</b>] "; // if not current page... } else { // make it a link $_GET['currentpage'] = $x; $qs = http_build_query($_GET, '', '&'); echo " <a href='{$_SERVER['PHP_SELF']}?$qs'>$x</a> "; } // end else } // end if } // end for // if not on last page, show forward and last page links if ($currentpage != $totalpages) { // get next page $nextpage = $currentpage + 1; // echo forward link for next page $_GET['currentpage'] = $nextpage; $qs = http_build_query($_GET, '', '&'); echo " <a href='{$_SERVER['PHP_SELF']}?$qs'>></a> "; // echo forward link for lastpage $_GET['currentpage'] = $totalpages; $qs = http_build_query($_GET, '', '&'); echo " <a href='{$_SERVER['PHP_SELF']}?$qs'>>></a> "; } // end if /****** end build pagination links ******/ ?>
  19. the items per page is just a form with a select/option menu. mysqli is just a database library of functions. implementing either of those things in an existing pagination script just involves writing and testing the code that does what you want. for the items per page. you would produce and output a get method form with the select/option menu, pre-selecting the existing/default choice. you would use an on-change event to submit the form if javascript is enabled, or display a submit button, if javascript is not enabled, using <noscript></noscript> tags. the submitted value would be validated and be used as the items per page value in the pagination code. the existing/default choice would be passed in any pagination links. if i have time, i will post an example. as to using mysqli (or PDO) as the database library in any script, it doesn't matter which library of database functions any code uses (as long as they are not obsolete/depreciated.) the database specific statements in code are at a lower-level 'layer' and is (should be) separated, and abstracted, from the application code. once you learn how to use the database library functions you have chosen, you simply use them at the point they are needed by the application code. if you need to learn how to use the mysqli or PDO database library functions, start with the php.net documentation. you will first need to know how to make a connection to the database server, how to run queries (and test for errors), and how to retrieve the data from the query.
  20. the mysql_fetch_array() expects parameter 1 to be resource, boolean given error is very common. you can search the web to find out what it means and how to find what is causing it. however, the mysql_ (no i) database functions are obsolete, depreciated, and will be removed in an future php release. you should not be wasting any time writing code using the msyql_ functions. you should instead be using either the mysqli_ (with an i) or PDO database libraries.
  21. yes, we can help you with your coding problem, but you must ask a specific question in order to get help. i.e. you ask a question, someone answers it. all you have done is to state you want or need something and we are not your mom, who is usually in charge of giving you things you need. the point is, you must have actually made some attempt to do this, in order to be at the point of asking someone for help with it. if you are asking for someone to help with it before you have even made an attempt, you are instead asking them to do your work for you and that's not how programming help works.
  22. if php's output_buffing is on prior to any output being produced, the output is buffered instead of being sent to the browser and header() statements will function. php's output buffering can be turned on in the php.ini on your system. this is not the ideal situation, as it hides things like php error messages and messages your application intentionally displays, and results in code that is not portable between systems. it's always best to NOT rely on any sort of setting like output_buffing when developing code so that your code is properly structured and will work on the largest number of systems.
  23. some/most of points that were made in one of your earlier threads were to reduce the amount of code you are writing to accomplish any task. it's likely that your giant isset() statement contains a typo and that whole block of code is being skipped over. to repeat one of the recommendations previously given, to detect if your form has been submitted, you only need to test one of the fields you know will always exist in the form using an isset() statement. because isset() won't produce any php errors when you have made a typo in an variable name, php won't help you find mis-typed variables in your current code. edit: and i just proof-read your code and you do have a typo in one of the variables in the isset() statement. i'll let you find it (hint: a programming editor with a spell checker would be of some use.) PLEASE make use of the recommendations made. they will reduce the amount of code needed, which in turn reduces the chance of errors, makes it easier to write your code because you don't have to spend as much time copy/pasting/updating things, makes it easier to see what your code actually is and makes it easier to debug your code.
  24. you have to present the data in a meaningful form (no pun intended) in the client/browser, so, there needs to be some structure. however, what you have shown in this thread is a basic CRUD (Create, Read, Update, Delete) application. this can be coded general purpose, where all you do is define what database table(s) you want, what fields to include/exclude, and everything else can be handled by the code, using array variables/array functions, without writing out specific code for each field name. here's one such application that i know of - http://www.phpmyedit.org/
  25. the msyql_connect() statement you posted is incorrect. the 4th parameter is NOT the database name. it's a flag the controls if a new connection is made if an existing connection with the same credentials already exists. however, you should not be using mysql_ functions as they are depreciated, should not be used for new code, and will be removed in a future version of php. you should be using either the msyqli_ or PDO database library functions. if you were using mysqli_connect(), the 4th parameter is the database name and your code would then be closer to running. does your development system you have php's error_reporting set to E_ALL and display_errors set to ON so that php would report and display all the errors it detects? you also need to test if queries work or not. for development you would display any query errors, on the live server you would log any database errors. lastly, the posted php code has no security to limit who can post data to it and no protection against sql injection. it's not even testing if a form was submitted before trying to use the $_POST form data values. all of these things are needed if this is more than just a classroom assignment for learning purposes that won't ever be on a live server.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.