Shadow_Walker

Hello Guys, I have coded a successful log of accounts in localhost but when i uploaded this to webhost. These set of codes dont work anymore. Please help these are the codes. Student_login_handler.php include_once 'Connect.php'; $flag = ""; $learner_id = mysql_real_escape_string(htmlentities($_POST['learner_id'])); $student_password = mysql_real_escape_string(htmlentities($_POST['student_password'])); $student_id = htmlentities($_GET['id'], ENT_QUOTES); $student_id = htmlentities($_GET['id'], ENT_QUOTES); $query = "SELECT student_id,last_login_date FROM student_information WHERE learner_id='$learner_id' and student_password='$student_password'"; $result = mysqli_query($link_id, $query); if(mysqli_error() != null){ die(mysqli_error()); } if($date = mysqli_fetch_array($result)) { $lastdate = $date['last_login_date']; $date2 = date("d-m-Y h:i A",strtotime($lastdate)); $_SESSION['user_id'] = $date['student_id']; $_SESSION["lastlogin"] =$date2; $_SESSION["type"] = "Student"; mysqli_query("UPDATE student_information SET last_login_date=now() where student_id='{$_SESSION['user_id']}'",$link_id); if(mysqli_error() != null){ die(mysqli_error()); } header("location: Student_Home.php?id={$_SESSION['user_id']}"); die(); } else { $flag = "invalid"; header("location:Student_login.php?flag=$flag"); die(); } ?> Student_login.php <form name="form2" method="post" action="Student_login_handler.php" onSubmit="return validate();"> <tr> <td colspan="4"><table width="30%" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#666666" bgcolor="#CCCCCC"> <tr align="center" bgcolor="#999999"> <td colspan="2" bgcolor="#99CC33" class="styleblock">Learner Login Here</td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td width="35%" align="left" class="stylesmall">Learner Id : </td> <td width="65%" align="left"><input name="learner_id" type="text" id="learner_id" method="post"></td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td align="left" class="stylesmall">Password:</td> <td align="left"><input name="student_password" type="password" id="student_password" method="post"></td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"> <?php if(!empty($_GET['flag']) && $_GET['flag'] == "invalid") { ?> <span class="stylered">Invalid Learner Id or Password</span> <?php }?></td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"> <p><input name="login" class="stylesmall" type="submit" id="login" value="Login"></p> Note: This perfectly function on localhost but not in webhosts. function: the user can log in to its user account problem: different user log in directed to same account Please anyone spare time for me.

Hi Freak Dr. -----------------i supposed this is what u meant on line 19 mysql_query("UPDATE student_information SET last_login_date=now() where student_id='{$_GET[id]}'",$link_id); ---------------and i recode the line 23 header("location: Student_Home.php?id=$student_id"); ----------------i set variable $student_id on line 7 with this $student_id = htmlentities($_GET['id'], ENT_QUOTES); but still everything went the same it directed me to http://localhost/a/S...nt_Home.php?id= and the unique id of student is still not in the URL. Maybe i got it wrong declaring in setting the variable $student_id. Please help me out here.

Hello PHP Freaks, @mogosselin, that is a good tuturial i received from you.. so then i debug my codes and here is the Student_login.php <td width="35%" align="left" class="style7 style1">Learner Id : </td> <td width="65%" align="left"><input name="learner_id" type="text" id="learner_id" action="Student_Home.php" method="post"></td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td align="left" class="style7 style1">Password:</td> <td align="left"><input name="student_password" type="password" id="student_password"></td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"> <?php if(!empty($_GET['flag']) && $_GET['flag'] == "invalid") { ?> <span class="stylered style1">Invalid Learner Id or Password</span> <?php }?></td> and this is now the Student_login_handler.php <?php session_start(); include 'Connect.php'; $flag = ""; $learner_id = $_POST['learner_id']; $student_password = $_POST['student_password']; $query = "select last_login_date from student_information where learner_id='$learner_id' and student_password='$student_password'"; $result = mysql_query($query,$link_id); if(mysql_error() != null){ die(mysql_error()); } if($date = mysql_fetch_array($result)) { $lastdate = $date['last_login_date']; $date2 = date("d-m-Y h:i A",strtotime($lastdate)); $_SESSION["user_id"] = $_POST["student_id"]; $_SESSION["lastlogin"] =$date2; $_SESSION["type"] = "Student"; mysql_query("UPDATE student_information SET last_login_date=now() where student_id='$GET[id]'",$link_id); if(mysql_error() != null){ die(mysql_error()); } header("location: Student_Home.php?id={$student_id}"); die(); } else { $flag = "invalid"; header("location:Student_login.php?flag=$flag"); die(); } ?> i made it simple this time. when i click the log in button it directs me to http://localhost/a/Student_Home.php?id= but still i lost the student unique id,,i expect it to be http://localhost/a/Student_Home.php?id=51 (51 as the student_id "auto increment value" sometimes i suspected that the bugs are coming from Student_Home.php. Could it be possible, gentlemen?

Dear Sir, I have been silent for weeks in understanding your suggestions since im still new in PHP i find it hard translating your suggestions into codes though im really doing my best to work for it. i tried this recommendations though it works but i think it would be hard for the students to log in using their assigned auto-incremented number as their student_id. And so i wanted for them to log in using their desired learner_id but still using their student_id ( their assigned auto-incremented number) to call their information in Student_Home page. i think you have given me suggestions for this one or i may have not understood it translating it to codes. If you may as my mentor kindly give me suggestions by modifying codes (i think i would understand it faster than the other way around)

Hello ginerjm and Php Freaks!! Apology for that tidbits of codes. I manage to debug my codes and as of now using the learner id and password, they can now log-in to Student_Home.php. But another PROBLEM arise, eventhough every learner can log in now and direct to Student_Home.php the browser address goes like this http://localhost/a/Student_Home.php?id= It clearly shows that although they can log in, the field that does not provide their information because the unique id is not being called. I expect it must be like http://localhost/a/Student_Home.php?id=51 (51 is an example of unique id number per student) Here is my Student_login.php codes <body onLoad="javascript:document.form1.student_id.focus()"> <form name="form1" method="post" action="Student_login_handler.php" onSubmit="return validate();"> <table width="100%" height="100%" > <tr> <td height="15%"><?php include 'Header.php';?></td> </tr> <tr> <td width="100%" height="80%" align="center" valign="baseline"><table width="90%" > <tr> <td width="8%"><a href="index.php" class="stylelink style2 style3" style="text-decoration:none; font-family: Verdana, Arial, Helvetica, sans-serif;">Home</a></td> <td width="35%" align="center"><span class="style3"></span></td> <td width="27%"><span class="style3"></span></td> <td width="30%" align="right"> </td> </tr> <tr> <td><span class="style3"></span></td> <td><span class="style3"></span></td> <td><span class="style3"></span></td> <td><span class="style3"></span></td> </tr> <?php if(!empty($_GET['flag']) && $_GET['flag'] == "success") { ?> <tr> <td colspan="4" align="center" class="stylegreen style1 style2 style3">Congratulations! You Are successfully registered. You can use your Learner Id and Password to login to your account.</td> </tr> <?php } else if(!empty($_GET['flag']) && $_GET['flag'] == "exists") { ?> <tr> <td colspan="4" align="center" class="stylered style1 style2 style3">This Learner Id( <?=$_GET['learner_id']?>) already exists. Please, try again with another Learner Id</td> </tr> <?php }else if(!empty($_GET['flag']) && $_GET['flag'] == "error") { ?> <tr> <td colspan="4" align="center" class="stylered style1 style2 style3">Error while inserting data. Please, try again.</td> </tr> <?php } ?> <tr> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td colspan="4"><table width="30%" border="1" align="center" cellpadding="3" cellspacing="0" bordercolor="#CCCCCC" bgcolor="#CCCCCC"> <tr align="center" bgcolor="#999999"> <td colspan="2" bgcolor="#99CC33" class="stylebig style1">Learners Login Here</td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td width="35%" align="left" class="style7 style1">Learner Id : </td> <td width="65%" align="left"><input name="learner_id" type="text" id="learner_id" action="Student_Home.php" method="post"></td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td align="left" class="style7 style1">Password:</td> <td align="left"><input name="student_password" type="password" id="student_password"></td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"> <?php if(!empty($_GET['flag']) && $_GET['flag'] == "invalid") { ?> <span class="stylered style1">Invalid Learner Id or Password</span> <?php }?> </td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"><p> <input name="login" class="style10" type="submit" id="login" value="Login"> </p> <p><span class="style1">New Student?</span> Register <a href="Student_Registration.php">Here</a></p></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td height="5%" align="center"><?php include 'Footer.php';?></td> </tr> </table> </form> </body> </html> and here is my Student_login_handler codes <?php session_start(); include 'Connect.php'; $flag = ""; $learner_id = $_POST['learner_id']; $student_password = $_POST['student_password']; $student_id = htmlentities($_REQUEST['id'], ENT_QUOTES); $query = "select last_login_date from student_information where learner_id='$learner_id' and student_password='$student_password'"; $result = mysql_query($query,$link_id); if(mysql_error() != null){ die(mysql_error()); } if($date = mysql_fetch_array($result)) { $lastdate = $date['last_login_date']; $date2 = date("d-m-Y h:i A",strtotime($lastdate)); $_SESSION["student_id"] = $_POST["student_id"]; $_SESSION["lastlogin"] =$date2; $_SESSION["type"] = "Student"; mysql_query("UPDATE student_information SET last_login_date=now() where student_id='$GET[id]'",$link_id); if(mysql_error() != null){ die(mysql_error()); } header("location: Student_Home.php?id={$student_id}"); } else { $flag = "invalid"; header("location:Student_login.php?flag=$flag"); die(); } ?> Please take note of the header location in the Student_login_handler.php. I am expecting that the browser will post the unique student_id. Please advise gentlemen.

hello ginerjm, the link is dead

Hello Advance Members maxdd and ginerjm,, Sorry i forgot to give you the submit button. Actually it's a table inside the form. <td colspan="2" align="center"> <?php if(!empty($_GET['flag']) && $_GET['flag'] == "invalid") { ?> <span class="stylered style1">Invalid Learner Id or Password</span> <?php }?> </td> </tr> <tr bgcolor="#E1E1E1"> <td colspan="2" align="center"><p> <input name="login" class="style10" type="submit" id="login" value="Login"> </p> Please suggest me to modify something inside my codes.

Hello PHP freaks, my codes dont allow me to log-in to Student Home with unique id. It says "Invalid Login or Password" this is my form <tr bgcolor="#E1E1E1" class="stylesmall"> <td width="35%" align="left" class="style7 style1">Learner Id : </td> <td width="65%" align="left"><input name="learner_id" type="text" id="learner_id" action="Student_Home.php" method="post"></td> </tr> <tr bgcolor="#E1E1E1" class="stylesmall"> <td align="left" class="style7 style1">Password:</td> <td align="left"><input name="student_password" type="password" id="student_password">< /td> and this is my handler. <?php session_start(); include 'Connect.php'; $flag = ""; $learner_id = $_POST['learner_id']; $student_id = $_POST['student_id']; $student_password = $_POST['student_password']; $query = "select last_login_date from student_information where student_id='$student_id' and student_password='$student_password'"; $result = mysql_query($query,$link_id); if(mysql_error() != null){ die(mysql_error()); } if($date = mysql_fetch_array($result)) { $lastdate = $date['last_login_date']; $date2 = date("d-m-Y h:i A",strtotime($lastdate)); $_SESSION["student_id"] = $_POST["student_id"]; $_SESSION["lastlogin"] =$date2; $_SESSION["type"] = "Student"; mysql_query("UPDATE student_information SET last_login_date=now() where student_id='$student_id'",$link_id); if(mysql_error() != null){ die(mysql_error()); } header("location: Student_Home.php?id={$student_id}"); die(); } else { $flag = "invalid"; header("location:Student_login.php?flag=$flag"); die(); } ?> PLease help me PHP friends to correct my codes.

Thank you Ch0cu3r, It works!! I think i'd include that reminder in my homepage. This thread has been considered SOLVED.

Hello Quick Old car, The present working script i have where the DELETE link located is in ajax and here it is: $searchResults .= " <td><a href='Student_View.php?id={$student_id}'>View</a> </td>\n"; $searchResults .= " <td><a href='Admin_Edit_Student_Info.php?id={$student_id}'>Update</a></td>\n"; $searchResults .= " <td><a href='Admin_Delete_Student.php?id={$student_id}'>Delete</a></td>\n"; $searchResults .= "</tr>\n"; I have understood your suggested codes im sure if i written it in a "form" way, sure thing it will works. I wonder if there is any other way i could insert the javascript you suggested in this script to work the same way as we wanted. Please advise

Yes Adam Bray,, it's javascript confirmation---> the codes im looking for.

Hello PHP Freaks, I think this is just if else statement problem but im kinda lose to it. The whole code is succesful in deleting the data from database the problem is i wanted to put a script that remind the user if he/she really sure to delete the data. By the way this is the script. <?php // connect to the database include 'Connect.php'; // confirm that the 'student_id' variable has been set if (isset($_GET['student_id']) && is_numeric($_GET['student_id'])) { // get the 'student_id' variable from the URL $student_id = $_GET['student_id']; // delete record from database if ($stmt = $mysql->prepare("DELETE FROM student_information WHERE student_id = ? LIMIT 1")) { $stmt->bind_param("i",$student_id); $stmt->execute(); $stmt->close(); } else { echo "ERROR: could not prepare SQL statement."; } $mysql->close(); // redirect user after delete is successful header("Location: Admin_Home.php"); } else // if the 'student_id' variable isn't set, redirect the user { header("Location: Admin_Home.php"); } ?> Please help me modify these codes and where to put the missing line/s of codes.

Hi PHP freaks!! I have manage to make a script to upload file in database and its working. I will share to you the codes so for other viewers and readers to use also. if($result){ if($_FILES['LRCard']['name'] != ""){ $filename = $_FILES['LRCard']['name']; $ext = strrchr($filename,"."); $LRCardname = $student_id; $LRCardname .="_". $filename; if($ext ==".jpg" || $ext ==".jpeg" || $ext ==".JPG" || $ext ==".JPEG" || $ext ==".gif" || $ext ==".GIF"){ $size = $_FILES['LRCard']['size']; if($size > 0 && $size < 5000000){ $archive_dir = "LRCards"; $userfile_tmp_name = $_FILES['LRCard']['tmp_name']; if(move_uploaded_file($userfile_tmp_name, "$archive_dir/$LRCardname")){ /* if LRC is successfully uploaded then LRC is stored in database. */ mysql_query("update student_information set LRCard='$LRCardname' where student_id='$student_id'", $link_id); $flag = "success"; if(mysql_error()!=null){ die(mysql_error()); } } else{ if(file_exists('LRCard/' . $LRCardname)) { unlink('LRCards/' . $LRCardname); } rollbackData(); } } else{ if(file_exists('LRCards/' . $LRCardname)) { unlink('LRCard/' . $LRCardname); } rollbackData(); die("You can upload LRCard of 5 MB size only. Please, try again."); } } else{ if(file_exists('LRCards/' . $LRCardname)) { unlink('LRCards/' . $LRCardname); } rollbackData(); die("You can upload LRCard of .jpg, .jpeg, .gif extensions only. Please, try again. "); } } } else{ $flag="error"; } if($flag == "success"){ mysql_query(" COMMIT "); $flag="success"; if(mysql_error() != null){ die(mysql_error()); } } Now, my problem is how to make a Php script to DOWNLOAD this uploaded file considering the 1. file path 2. file name 3. file extension. 4. student_id (to determine the specific file from a specific student) My plan is to make a download button which hyperlink to download.php and after clicking that button the specified file to a specific student id will automatically be downloaded by the browser.

Hello Clarkey, Yes i just change the filename for easy remembering.Some of the codes have changes maybe because of luck this problem i posted in this thread has been solved but in respect to you and to the others helped me in this thread and for the other that may encounter also this kind of problem in the future. I will post the solution codes for the problem. Again, Thank you for the read,,you've been also a help in my other posts and hopefully in my future posts :-) This is the code that solve the thread. <?php ini_set('display_errors', true); error_reporting(E_ALL); session_start(); // $session_id = $_SESSION['admin_id']; // redundant if(empty($_SESSION['admin_id'])) { header("location: Admin_Home.php"); die(); } // change to require() so we're sure it's loaded require 'Connect.php'; $id = intval($_GET['id']); // no parens need to define string: $query = "DELETE FROM student_information WHERE student_id = $id"; // not using return value, and add some debug info mysql_query($query) or die(mysql_error().PHP_EOL.$query); // let's see if anything actually happened... $rowsDeleted = mysql_affected_rows(); if($rowsDeleted == 0) { error_log("Nothing deleted for this query:".PHP_EOL.$query); } echo "<script language='javascript' type='text/javascript'>alert('$rowsDeleted row(s) deleted!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('Admin_Home.php','_self')</script>"; Acknowledge also the effort and help of Sir Barand and Sir NOgdog

to Jacques: Im sorry if im wrong but i just think GURU is a title name given to teacher or a master. And im not referring it as his first name. http://en.wikipedia.org/wiki/Guru I can choose to call him Guru, Sir, Sensei, Teacher or Master and if it is wrong to use that idea in this site, I humbly ask for apology to the admins. Sorry for this reply admin. Im just trying to be obedient and respectful here. but anyways i am more worried about my PHP thing here that the definition of GURU :-)

The URL shows this when i click the DELETE link http://localhost/a/Admin_delete.php?id=hans Im sorry but my problem is i think i didn't have the codes to give value to student_id in the record.Maybe this is one of the reason previous codes appear to be unsuccesful.. When i click the DELETE link. This is the notification i get Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed and an alert says :1 rows deleted. As i checked the database...yes, the particular student data is deleted, but why i am getting this notification? Please advise.

Hi Guru Barand,, I think that is something i have missed cause honestly i don't know how to declare its value in the record. Yeah putting value of student_id is necessary to delete specific student. Pls, would you care to teach me create those codes. I think this is the missing link to solve the case.

Hi Guru Barand, i have followed all your advices and this is now the code <?php session_start(); $session_id = $_SESSION['admin_id']; if($session_id == null){ header("location:Admin_Home.php"); die(); } include 'Connect.php'; $id = intval($_GET['id']); $query = ("DELETE FROM student_information WHERE student_id = '$id'"); $res = mysql_query($query)or die (mysql_error() . "<pre>$query</pre>"); echo "<script language='javascript' type='text/javascript'>alert('Successfully Deleted!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('Admin_Home.php','_self')</script>"; ?> BUT as i have notice the specific student is still not deleted in the database. What do you think is still wrong with our codes? or do you think we need some coding adjustment also in other pages?

hello Psycho, i have followed your advice $query = "SELECT student_id, LRN, first_name, last_name, grade, section FROM student_information WHERE first_name LIKE '%{$first_name}%'"; i just deleted the comma after the section and it stil work well. Your the best!!!

Thank you for the advice Psycho. I will remember that.

Ahhh okay,,there was no error displayed during the clicking of DELETE link only a script saying Successfully Deleted. but the specific students data is not yet deleted in the database. ahhmnn sorry i dont expect in between query i just misunderstood the Can you tell me how to do the codes to display the error message or how to delete the speciific student data in the database. Please.

to mc_gyver: sometimes this account is hard to log in so i created the other one. Apology if i violated some rules. I acknowledge my fault. to barand: what does it mean, can you suggest something in betwen $query please,

Hello Barand, Presently this is my delete.php <?php session_start(); $session_id = $_SESSION['admin_id']; if($session_id == null){ header("location:Admin_Home.php"); die(); } include 'Connect.php'; $id = intval($_GET['id']); $query = ("DELETE FROM student_information WHERE student_id = $id'"); $res = mysql_query($query); echo "<script language='javascript' type='text/javascript'>alert('Successfully Deleted!')</script>"; echo "<script language='javascript' type='text/javascript'>window.open('Admin_Home.php','_self')</script>"; ?> All is going well but exasperately the account is still not deleted. Please anyone i need your suggestion to modify my codes

Hello PHP friends, With the help of 2 members here, namely Guru and Clarkey i manage to finalize the Search and this is part of the search.php codes. { $student_id = $row['student_id']; $searchResults .= "<tr>\n"; $searchResults .= " <td>{$row['LRN']}</td>\n"; $searchResults .= " <td>{$row['first_name']}</td>\n"; $searchResults .= " <td>{$row['last_name']}</td>\n"; $searchResults .= " <td>{$row['grade']}</td>\n"; $searchResults .= " <td>{$row['section']}</td>\n"; $searchResults .= " <td><a href='View_Profile.php?id={$student_id}'>View</a> </td>\n"; $searchResults .= " <td><a href='Admin_Edit_Student_Info.php?id={$student_id}'>Update</a></td>\n"; $searchResults .= " <td><a href='Delete.php?id={$student_id}'>Delete</a></td>\n"; $searchResults .= "</tr>\n"; } As we can see we have 3 target links here the VIEW/UPDATE/DELETE. My concern today is to create the Delete.php which if we are going to click the delete. The student selected will be deleted from the database. Thank you very much for reading. Please comment and never hesitate to give suggestions. By the way this is my present codes in connection, please comment and suggest here. //Connect to MySQL Server include 'Connect.php'; mysql_connect($host, $dbusername, $dbpassword); //Select Database mysql_select_db($dbname) or die(mysql_error()); // Escape User Input to help prevent SQL Injection $first_name = mysql_real_escape_string(trim($_GET['first_name'])); // Retrieve data from Query $query = "SELECT * FROM student_information WHERE first_name LIKE '%{$first_name}%'"; $result = mysql_query($query) or die(mysql_error()); :-)

Thank you Clarkey for helping me analyzing and understanding the codes. I miss that line though. Hello Psycho, i just replace this with $query = "SELECT * FROM student_information WHERE first_name LIKE '%{$first_name}%'"; and ALL IS WELL... thank you so much for a big help. This forum has been solved.