A_Olle

I'm trying to integrate CKEditor into my simple CMS. I got it to show up in the right spot, but there is another instance of the editor open at the top of the page, and I can't figure out why. Here is my code: <?php require_once 'conn.php'; include_once 'ckeditor/ckeditor.php'; $CKEditor = new CKEditor(); $CKEditor->editor('body'); $title= ''; $body= ''; $article= ''; $author_id= ''; if (isset($_GET['a']) and $_GET['a'] == 'edit' and isset($_GET['article']) and $_GET['article']) { $sql = "SELECT title, body, author_id FROM cms_articles " . "WHERE article_id=" . $_GET['article']; $result = mysql_query($sql, $conn) or die ('Could not retrieve article data: ' . mysql_error()); $row = mysql_fetch_array($result); $title = $row['title']; $body = $row['body']; $article = $_GET['article']; $author_id = $row['author_id']; } require_once 'header.php'; ?> <form method="post" action="transact-article.php"> <h2>Compose Article</h2> <p> Title: <br /> <input type="text" class="ckeditor" name="title" maxlength="255" value="<?php echo htmlspecialchars($title); ?>" /> </p> <p> Body: <br /> <textarea class="ckeditor" name="body" id="ckeditor"><?php echo htmlspecialchars($body); ?></textarea> </p> <p> <?php echo '<input type="hidden" name="article" value="' . $article . "\" />\n"; if ($_SESSION['access_lvl'] < 2) { echo '<input type="hidden" name="author_id" value="' . $author_id . "\" />\n"; } if ($article) { echo '<input type="submit" class="submit" name="action" ' . "value=\"Save Changes\" />"; } else { echo '<input type="submit" class="submit" name="action" ' . "value=\"Submit New Article\" />"; } ?> </p> </form> <?php require_once 'footer.php'; ?> Any help is MUCH appreciated!

Thank you! This worked perfectly.

I just wanna know if I'm on the right track....but also, why it doesn't seem to be actually, checking the database.

Ok..sorry. First night posting in here.

Ok...this is what I came up with: <?php $dsn= 'mysql:host=localhost; dbname=file_share'; $username= 'root'; $password= ''; try { $db= new PDO($dsn, $username, $password); echo '<p>You are connected to the database!</p>'; } catch (PDOException $e) { $error_message= $e->getMessage(); echo "<p>An error occured while connecting to the database: $error_message </p>"; } $sql= 'SELECT * FROM `Users` WHERE `Username` = :username AND `Password` = :password LIMIT 1'; //SQL query with named placeholders $stmt = $db->prepare($sql); //Returns a PDOStatement class object if( isset($_POST['username'],$_POST['password']) && !empty($_POST['username']) && !empty($_POST['password']) ) { $username = $_POST['username']; $password = hash('md5',$_POST['password']); $stmt->bindParam(':username',$username,PDO::PARAM_STR,16); $stmt->bindParam(':password',$password,PDO::PARAM_STR,16); $stmt->execute(); $result = $stmt->fetch(PDO::FETCH_ASSOC); } if($stmt->rowCount() > 0) { $_SESSION['loggedIn']= "true"; header("Location: index.php"); } ?> Now, this eliminated any error messages, and redirects to "index.php", but it doesn't matter what you put in for login or password...it just goes regardless. ??

Ok...thanks!

Ok...thank you. So would it be easier to change that from the PDO connection to a mysql_connect (?) or change my other statements? Also, any chance you could give me an example of a query using a PDO statement?

I'm trying to make a simple login form for my page. Here is my html: <?php include "database.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Olle's FileShare</title> <link rel="stylesheet" type="text/css" href="styles/main.css" /> </head> <body> <?php include "view/header.php" ?> <div id="main"> <form method="post" action="database.php" name="loginform" id="loginform"> <fieldset> <label for="username">Username:</label><input type="text" name="username" id="username" /><br /> <label for="password">Password:</label><input type="password" name="password" id="password" /><br /> <input type="submit" name="login" id="login" value="Login" /> </fieldset> </form> </div> </body> </html> And this is my database.php file that connects to my umm... database. : <?php $dsn= 'mysql:host=localhost; dbname=file_share'; $username= 'root'; $password= ''; try { $db= new PDO($dsn, $username, $password); echo '<p>You are connected to the database!</p>'; } catch (PDOException $e) { $error_message= $e->getMessage(); echo "<p>An error occured while connecting to the database: $error_message </p>"; } //Get the input from form $username= $_POST['username']; $userpassword= $_POST['password']; //Secure the input $username= mysql_real_escape_string($_POST['username']); $userpassword= mysql_real_escape_string($_POST['password']); //Check the input against the database $query = "SELECT COUNT(`username`) AS `total` FROM `user` WHERE `username` = '$username' AND `password` = '$userpassword'"; $result = mysql_query($query); $row = mysql_fetch_assoc($result); if($row['total'] == 1) { $_SESSION['loggedIn']= "true"; header("Location: index.php"); } ?> My database is called "file_share" while my table is called "users". Whenever i try to login, it says account not found. I know it's there as I created the table myself with only 2 users currently entered. Neither one works. Any help would be greatly appreciated!