wmeredith
-
Posts
22 -
Joined
-
Last visited
Posts posted by wmeredith
-
-
Thanks for the responses guys. I added a simple notification at the update page reminding all users to logout correctly and that seems to be working.
-
I need to run a query when the user exits the browser with out properly logging out.
Currently when a user logs out there is a query that runs that logs the users entry:
$sql2 = "INSERT INTO provider_submits
(provider_sub) values( '$provider_id')";
$result2 = sqlsrv_query($link, $sql2);[\code]
but if the user doesn't logout and exits the browser with out clicking on the logout link the query won't run.
Any ideas?
-
How can you run a query or a piece of code when a session ends or the user exits the browser with out logging out?
Thanks.
<?php session_start(); include('C:\inetpub\wwwroot\connect.php'); $provider_id = $_SESSION['provider_id']; $sql2 = "INSERT INTO provider_submits (provider_sub) values( '$provider_id')"; $result2 = sqlsrv_query($link, $sql2); exec('c:\\dblocal\\notes.bat'); ?> -
That worked just fine thanks!!!
-
Ok sorry thanks for the tip.
-
That seemed to work but removing the last three lines returnes Hex values.
Not sure if the Unpack Hex is in the wrong area when removing the 3 lines you requested.
Hers is the whole file;
<?phpsession_start();include('C:\inetpub\wwwroot\connect.php');// echo "<pre>";// print_r($_SESSION);// echo "</pre>";function mssql_escape($data) {if(is_numeric($data))return $data;$unpacked = unpack('H*hex', $data);return '0x' . $unpacked['hex'];}$provider_id = $_SESSION['provider_id'];$password = $_SESSION['password'];if(isset($_SESSION['provider_id'])) {$provider_id = $_SESSION['provider_id'];$password = $_SESSION['password'];$sql = "SELECTCOUNT(1) as cntFROM providersWHERE provider_id = '$provider_id'AND password = '$password'";$params = array();$options = array( "Scrollable" => SQLSRV_CURSOR_KEYSET );//$results = sqlsrv_query( $link, $sql, $params, $options);$row = sqlsrv_fetch_array(sqlsrv_query( $link, $sql, $params, $options));//$row_count = sqlsrv_num_rows( $results );//echo $row['cnt'] ;if($row['cnt'] == 1){//echo "logging in";$logged_in = true;$_SESSION['provider_id'] = $provider_id;$_SESSION['password'] = $password;} else {$logged_in = false;//echo "not logging in";}}if(!$logged_in){header("Location: index.php");} else {//Create Edit Form Here (Should verify if 'appointment_id' is associated with 'provider_id')if(isset($_POST['appointment_id'])){$appointment_id = mssql_escape($_POST['appointment_id']);$provider_id = mssql_escape($_SESSION['provider_id']);$sql = "SELECTCOUNT(*) as countFROM session_notesWHERE appointment_id = '$appointment_id'AND provider_id = '$provider_id'";$results = sqlsrv_query( $link, $sql, $params, $options);$row_count = sqlsrv_num_rows( $results );if($row_count == 1){if(isset($_POST['edit'])){$_SESSION['appointment_id'] = $appointment_id;//OUTPUT UPDATE FORM$sql = "SELECTprovider_id,patient_id,CONVERT(VARCHAR(10),appointment,110) as appt,notes,notes2,notes3FROM session_notesWHERE appointment_id = '$appointment_id'";$row = sqlsrv_fetch_array(sqlsrv_query($link,$sql));$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Notes Update Form";$tpl_vars['{{appointment_id}}'] = $appointment_id;$tpl_vars['{{provider_id}}'] = $row['provider_id'];$tpl_vars['{{patient_id}}'] = $row['patient_id'];$tpl_vars['{{appointment}}'] = $row['appt'];$tpl_vars['{{notes}}'] = $row['notes'];$tpl_vars['{{notes2}}'] = $row['notes2'];$tpl_vars['{{notes3}}'] = $row['notes3'];//get template & load data$tpl = file_get_contents('tpl/update_form.html');echo str_replace (array_keys ($tpl_vars),array_values($tpl_vars),$tpl);} elseif(isset($_POST['update'])){$notes = mssql_escape($_POST['notes']);$notes2 = mssql_escape($_POST['notes2']);$notes3 = mssql_escape($_POST['notes3']);//$notes = $_POST['notes'];//$notes2 = $_POST['notes2'];//$notes3 = $_POST['notes3'];$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Notes Update Complete";$sql1 = "UPDATE session_notesSET notes = '$notes',notes2 = '$notes2',notes3 = '$notes3'WHERE appointment_id = '$appointment_id'";$sql2 = "INSERT INTO provider_submits(provider_sub) values( '$provider_id')";$result1 = sqlsrv_query($link, $sql1);//$result2 = sqlsrv_query($link, $sql2);//include('C:\inetpub\wwwroot\notes\trigg.php');if ( $result1 ) {// your staff} else if ( $result2 ) {// your staff}if(sqlsrv_query($link,$sql)){$tpl_vars['{{message}}'] = "Note Edited Successfully";$Name = "Session Notes Entry App"; //senders name$email = "email@adress.com"; //senders e-mail adress$recipient = "notes@nipinst.org"; //recipient$mail_body = "Appointment ID: $appointment_id\nProvider ID: $provider_id"; //mail body$subject = "Note For AppID[$appointment_id] Updated"; //subject$header = "From: ". $Name . " <" . $email . ">\r\n"; //optional headerfieldsmail($recipient, $subject, $mail_body, $header); //mail command
//mail("wm@nipinst.org","Note For AppID[$appointment_id] Updated","Appointment ID: $appointment_id\nProvider ID: $provider_id");} else {//$tpl_vars['{{message}}'] = "Error! Please contact administrator.";die('Error: ' . mssql_get_last_message());}//get template & load data$tpl = file_get_contents('tpl/update_complete.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);} else {header("Location: index.php");//echo "A<br>";}} else {header("Location: index.php");//echo "B<br>";}} else {header("Location: index.php");//echo "C<br>";}}Thanks for your response thus far. -
Hi Guy's I have an issue when posting text that has a single quote " ' ". The data just won't load.
//get template & load data
$tpl = file_get_contents('tpl/update_form.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);} elseif(isset($_POST['update'])){$notes = mssql_escape($_POST['notes']);$notes2 = mssql_escape($_POST['notes2']);$notes3 = mssql_escape($_POST['notes3']);$notes = $_POST['notes'];$notes2 = $_POST['notes2'];$notes3 = $_POST['notes3'];$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Notes Update Complete";$sql1 = "UPDATE session_notesSET notes = '$notes',notes2 = '$notes2',notes3 = '$notes3'WHERE appointment_id = '$appointment_id'";If any text contains an ' Single quote it won't updat the data in the table. -
Hey guys I need help in to creating a second php file running just the second underlined query to run it when the user logs out.$sql1 = "UPDATE session_notes
notes2 = '$notes2',notes3 = '$notes3'WHERE appointment_id = '$appointment_id'";$sql2 = "INSERT INTO provider_submits(provider_sub) values( '$provider_id')";$result1 = sqlsrv_query($link, $sql1);$result2 = sqlsrv_query($link, $sql2);Attached is the full file with the session infoThanks -
I managed to figure out the Date formatting. I do need help with the equivalent of :
mysql_escape for sqlsrvif(isset($_POST['login'])){$provider_id = mysql_escape($_POST['provider_id']);$password = mysql_escape($_POST['password']);Thanks! -
I tried this:
<?php session_start();?><!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><title>Session Notes Entry Form</title><meta name="description" content=""><link rel="stylesheet" href="css/normalize.css"><link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.2.0/pure-min.css"><link rel="stylesheet" href="css/main.css"><link rel="icon" type="image/ico" href="favicon.ico"></head><?php include('C:\inetpub\wwwroot\connect.php'); ?><?phpif(isset($_POST['login'])){$provider_id = mysql_real_escape_string($_POST['provider_id']);$password = mysql_real_escape_string($_POST['password']);$sql = "SELECTCOUNT(*) as countFROM providersWHERE provider_id = '$provider_id'AND password = '$password'";$res = mysql_fetch_assoc(mysql_query($sql));if($res['count'] == 1){$logged_in = true;$_SESSION['provider_id'] = $provider_id;$_SESSION['password'] = $password;} else {$logged_in = false;}} elseif(isset($_SESSION['provider_id'])) {$provider_id = $_SESSION['provider_id'];$password = $_SESSION['password'];$sql = "SELECTCOUNT(*) as countFROM providersWHERE provider_id = '$provider_id'AND password = '$password'";$res = mysql_fetch_assoc(mysql_query($sql));if($res['count'] == 1){$logged_in = true;} else {$_SESSION = array();session_destroy();$logged_in = false;}} else {$logged_in = false;}if(!$logged_in){$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Entry | Login";$provider_id = isset($_POST['provider_id']) ? $_POST['provider_id'] : '';$tpl_vars['{{content}}'] = str_replace('{{provider_id}}',$provider_id,file_get_contents('tpl/login_form.html'));} else {$session_provider_id = $_SESSION['provider_id'];$sql = "SELECT *,DATE_FORMAT(appointment,'%b %d %Y %h:%i %p') as appt FROM session_notes WHERE provider_id = '$session_provider_id'";$res = mysql_query($sql);//Table Headers$table = "<table><tr><th>Appointment ID</th><th>Patient ID</th><th>Appointment</th><th>Method(s) Provided</th><th>Response/Goals</th><th>Plan/Comments</th></tr>";while($row = mysql_fetch_assoc($res)){$table .= "<tr>";$table .= "<td>$row[appointment_id]</td>";$table .= "<td>$row[patient_id]</td>";$table .= "<td>$row[appt]</td>";$table .= "<td>".nl2br($row['notes'])."</td>";$table .= "<td>".nl2br($row['notes2'])."</td>";$table .= "<td>".nl2br($row['notes3'])."</td>";$table .= "<td>";$table .= "<form action='update.php' method='post'>";$table .= "<input type='submit' value='edit' name='edit'>";$table .= "<input type='hidden' name='appointment_id' value='$row[appointment_id]'>";$table .= "</form>";$table .= "</td>";$table .= "</tr>";}$table .= "</table>";$tpl_vars['{{title}}'] = "Session Notes Entry";$tpl_vars['{{content}}'] = str_replace('{{table}}',$table,file_get_contents('tpl/notes_form.html'));}//get template & load data$tpl = file_get_contents('tpl/template.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~to this:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<?php session_start();?><!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><title>Session Notes Entry Form</title><meta name="description" content=""><link rel="stylesheet" href="css/normalize.css"><link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.2.0/pure-min.css"><link rel="stylesheet" href="css/main.css"><link rel="icon" type="image/ico" href="favicon.ico"></head><?php include('C:\inetpub\wwwroot\connect.php'); ?><?phpif(isset($_POST['login'])){$provider_id = sqlsrv_escape($_POST['provider_id']); ???$password = sqlsrv_escape($_POST['password']); ???$sql = "SELECTCOUNT(*) as countFROM [session_entry].[dbo].[providers]WHERE provider_id = '$provider_id'AND password = '$password'";$results = sqlsrv_fetch_array(sqlsrv_query($sql));if($res['count'] == 1){$logged_in = true;$_SESSION['provider_id'] = $provider_id;$_SESSION['password'] = $password;} else {$logged_in = false;}} elseif(isset($_SESSION['provider_id'])) {$provider_id = $_SESSION['provider_id'];$password = $_SESSION['password'];$sql = "SELECTCOUNT(*) as countFROM providersWHERE provider_id = '$provider_id'AND password = '$password'";$results = sqlsrv_fetch_array(sqlsrv_query($sql));if($res['count'] == 1){$logged_in = true;} else {$_SESSION = array();session_destroy();$logged_in = false;}} else {$logged_in = false;}if(!$logged_in){$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Entry | Login";$provider_id = isset($_POST['provider_id']) ? $_POST['provider_id'] : '';$tpl_vars['{{content}}'] = str_replace('{{provider_id}}',$provider_id,file_get_contents('tpl/login_form.html'));} else {$session_provider_id = $_SESSION['provider_id'];$sql = "SELECT *,DATE_FORMAT(appointment,'%b %d %Y %h:%i %p') as appt FROM session_notes WHERE provider_id = '$session_provider_id'";$results = sqlsrv_query($sql);//Table Headers$table = "<table><tr><th>Appointment ID</th><th>Patient ID</th><th>Appointment</th><th>Method(s) Provided</th><th>Response/Goals</th><th>Plan/Comments</th></tr>";while($row = sqlsrv_fetch_array($results)){$table .= "<tr>";$table .= "<td>$row[appointment_id]</td>";$table .= "<td>$row[patient_id]</td>";$table .= "<td>$row[appt]</td>";$table .= "<td>".nl2br($row['notes'])."</td>";$table .= "<td>".nl2br($row['notes2'])."</td>";$table .= "<td>".nl2br($row['notes3'])."</td>";$table .= "<td>";$table .= "<form action='update.php' method='post'>";$table .= "<input type='submit' value='edit' name='edit'>";$table .= "<input type='hidden' name='appointment_id' value='$row[appointment_id]'>";$table .= "</form>";$table .= "</td>";$table .= "</tr>";}$table .= "</table>";$tpl_vars['{{title}}'] = "Session Notes Entry";$tpl_vars['{{content}}'] = str_replace('{{table}}',$table,file_get_contents('tpl/notes_form.html'));}//get template & load data$tpl = file_get_contents('tpl/template.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);doesn't work -
Thats what I finally decided to do, wrote my own code to execute the bat file.
Thanks
-
I figured it out. I was making changes to the wrong php.ini file. The phpinfo page revealed where the actual php.ini file was residing and when I added the changes it worked!
You would thing it would be c:\php and c:\php\ext for all the needed extentions but no it was "C:\Program Files (x86)\PHP\php.ini" and "C:\Program Files (x86)\PHP\ext"
-
I'm having the same problem. I made the additions needed to the php.ini and added the "php ext" path, installed Microsoft SQL Server 2012 Native Client,
but when runnin the phpinfo script it doesn't reflect that the php drivers are loaded for SQL SRV.
Also the dll files that should be loaded according to documentatiion is php_sqlsrv_54_nts_vc9.dll but the extracted files don't have that file listed. The one listed is php_sqlsrv_54_nts.dll
Any thoughts?
-
Actually this worked;
<?php
exec('c:\\folder\\whatever.bat');
?>
Now I actually want a trigger in MYSQL to execute the php file after an INSERT of a certain table.
Have any ideas?
-
$cmd = 'c:\test.bat';exec($cmd);~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~$cmd=("c:\test.bat")function execInBackground($cmd) {if (substr(php_uname(), 0, 7) == "Windows"){pclose(popen("start /B ". $cmd, "r"));}else {exec($cmd . " > /dev/null &");}}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
exec('C:\Windows\System32\cmd.exe' /c START 'C:\test.bat')
-
Hey guys need help with running a windows bat file from php.
Thanks!
-
Hey Panda
That worked thanks!
-
<?phpsession_start();include('/Applications/xampp/htdocs/connect.php');// echo "<pre>";// print_r($_SESSION);// echo "</pre>";if(isset($_SESSION['provider_id'])) {$provider_id = $_SESSION['provider_id'];$password = $_SESSION['password'];$sql = "SELECTCOUNT(*) as countFROM providersWHERE provider_id = '$provider_id'AND password = '$password'";$res = mysql_fetch_assoc(mysql_query($sql));if($res['count'] == 1){$logged_in = true;} else {$_SESSION = array();session_destroy();$logged_in = false;}} else {$logged_in = false;}if(!$logged_in){header("Location: index.php");} else {//Create Edit Form Here (Should verify if 'appointment_id' is associated with 'provider_id')if(isset($_POST['appointment_id'])){$appointment_id = mysql_real_escape_string($_POST['appointment_id']);$provider_id = mysql_real_escape_string($_SESSION['provider_id']);$sql = "SELECTCOUNT(*) as countFROM session_notesWHERE appointment_id = '$appointment_id'AND provider_id = '$provider_id'";$res = mysql_fetch_assoc(mysql_query($sql));if($res['count'] == 1){if(isset($_POST['edit'])){$_SESSION['appointment_id'] = $appointment_id;//OUTPUT UPDATE FORM$sql = "SELECTprovider_id,patient_id,DATE_FORMAT(appointment,'%b %d %Y %h:%i %p') as appointment,notes,notes2,notes3FROM session_notesWHERE appointment_id = '$appointment_id'";$row = mysql_fetch_assoc(mysql_query($sql));$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Notes Update Form";$tpl_vars['{{appointment_id}}'] = $appointment_id;$tpl_vars['{{provider_id}}'] = $row['provider_id'];$tpl_vars['{{patient_id}}'] = $row['patient_id'];$tpl_vars['{{appointment}}'] = $row['appointment'];$tpl_vars['{{notes}}'] = $row['notes'];$tpl_vars['{{notes2}}'] = $row['notes2'];$tpl_vars['{{notes3}}'] = $row['notes3'];//get template & load data$tpl = file_get_contents('tpl/update_form.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);} elseif(isset($_POST['update'])){$notes = mysql_real_escape_string($_POST['notes']);$notes2 = mysql_real_escape_string($_POST['notes2']);$notes3 = mysql_real_escape_string($_POST['notes3']);$tpl_vars = array();$tpl_vars['{{title}}'] = "Session Notes Update Complete";$sql = "UPDATE session_notesSET notes = '$notes',notes2 = '$notes2',notes3 = '$notes3'WHERE appointment_id = '$appointment_id'";$sql = "INSERT INTO provider_submitSET provider_id = $provider_id";if(mysql_query($sql)){$tpl_vars['{{message}}'] = "Note Edited Successfully";$Name = "Session Notes Entry App"; //senders name$email = "email@adress.com"; //senders e-mail adress$recipient = "wm@nipinst.org"; //recipient$mail_body = "Appointment ID: $appointment_id\nProvider ID: $provider_id"; //mail body$subject = "Note For AppID[$appointment_id] Updated"; //subject$header = "From: ". $Name . " <" . $email . ">\r\n"; //optional headerfieldsmail($recipient, $subject, $mail_body, $header); //mail command //mail("wm@nipinst.org","Note For AppID[$appointment_id] Updated","Appointment ID: $appointment_id\nProvider ID: $provider_id");} else {//$tpl_vars['{{message}}'] = "Error! Please contact administrator.";die('Error: ' . mysql_error());}//get template & load data$tpl = file_get_contents('tpl/update_complete.html');echo str_replace(array_keys($tpl_vars),array_values($tpl_vars),$tpl);} else {header("Location: index.php");}} else {header("Location: index.php");}} else {header("Location: index.php");}}
-
That didn't work. Infact when I remove the 1 from $sql1= the first query work and the second didn't . Also when removing the 2 for the $sql2= again the second query worked and the 1st didn't. Its either one or the other. What gives?
-
Ok so now that I've learned that you can not make mutilple queries with one call how do you suggest I rewrite the code so that I can update on one table and insert on another once the submit button is clicked?
Thanks!!!
-
The the last half of following code doesn't work can anyone explain why?$sql = "UPDATE session_notesSETnotes = '$notes',notes2 = '$notes2',notes3 = '$notes3'WHERE appointment_id = '$appointment_id'";"INSERT INTO provider_submitSETprovider_id = $provider_id";Thanks!
Session timeout
in PHP Coding Help
Posted
Hey guys if the user exits the browser will this code still run the user_logout.php ?
Thanks
session_cache_expire( 20 ); session_start(); // NEVER FORGET TO START THE SESSION!!! $inactive = 1200; //20 minutes *60 if(isset($_SESSION['start']) ) { $session_life = time() - $_SESSION['start']; if($session_life > $inactive){ header("Location: user_logout.php"); } } $_SESSION['start'] = time(); if($_SESSION['valid_user'] != true){ header('Location: ../....php'); }else{