wildteen88
-
Posts
10,480 -
Joined
-
Last visited
Never
Posts posted by wildteen88
-
-
Yes, you need to dynamically generate your query, eg.
$domains_list = implode("','", array_map('trim', $lines)); $query = "SELECT domain FROM domains WHERE domain IN('$domains_list')"; $result = mysql_query($query);That will query the database for all entered domains.
You should validate the domains the user has entered. Drop any invalid domains before querying the database.
-
VARCHAR is for storing string data not numbers! MySQL has special data types for numbers. Either set the data type to FLOAT or INT.
-
That is why we have a PHP Coding Help board. This board is for posting any issues you're having with the main site and/or forum. Not for getting help with your code.
-
Yh I know I was thinking they didn't actually exist but i saw this guy making a tutorial was using them and he didn't get any errors...
They must of either configured php to not display errors or set error_reporting so it ignores notices.
-
You have left off the semi-colon at the end of the line.
-
What data type have you set the quantityHand field to? It you have set to INT then it'll remove anything after the decimal point. If you are storing numbers such as 12.99 then you need to set the data type to FLOAT instead.
Or you can format $row['quantityHand'] as a float, eg
echo sprintf('%01.2f', $row['quantityHand']); -
Also this line will return an error too because you have left off ")); at the end of it
$parseRank = mysql_fetch_assoc(mysql_query("SELECT * FROM ranks WHERE id = '{$ranknum}' -
You need to check that the variables $_SERVER['HTTP_CLIENT_IP'] and $_SERVER['HTTP_X_FORWARDED_FOR'] exist before using them.
-
Your quotes are the wrong way round
$username = $assoc['username'];
Also this line will return an error too because you have left off ")); at the end of it
$parseRank = mysql_fetch_assoc(mysql_query("SELECT * FROM ranks WHERE id = '{$ranknum}' -
I maybe wrong but because your computers are behind a router. You may need to configure your routers firewall so it forwards all port 80 requests to your computers LAN address.
-
If you have named your submit button in your form then check for the $_POST['submit_button_name'] variable in exists in upload.php, eg
if(isset($_POST['submit'])) { // add the code for uploading the images here } else { // display error or redirect back to form.php here } -
You should not be using file system paths for the links in your webpages.
-
You need to reset the internal data pointer. Look into using mysql_data_seek.
-
Only guessing but maybe change
$information[] = array($action, $action_details[$k]);
to
$information[$action][] = $action_details[$k];
If not what is $news['action_id'] and $news['details'] set to?
-
You can use trim which will remove any white space before/after a string. Or iif you don't want any spaces within a username you can use preg_replace
$username = 'Bad Username'; echo preg_replace('~\s+~', '', $username); -
The basic code I gave you does what you want, you need to modify it slightly so it works with your existing code. I'm not going to do this for you. If you want someone else to modify your existing code you need to post in freelance board.
-
Yes, passwords stored in your database should be hashed. Therefore when you compare the passwords within your query you need to encrypt it before hand.
-
i have been working with a website but only locally. i am now trying to put it online which is ok. when i was working with it locally i have been able to create multiple users which have different privileges to each page. for example i said one of my users can only read and the other can read write.
the problem is when i have went to create these users online i can't seem to find the create user option in phpmyadmin.
i am missing the obvious or will i have to code them in and if so can you direct me to a tutorial which shows me how.
thanks in advance
That sounds to me you are creating new MySQL user accounts for each user that registers to your site? You should not be doing this.
Your user accounts should be stored within your own database. And code your own system for logging in users.
-
For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc...
Using mysql_real_escape_string will help to prevent sql injection attacks.
My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance??Just encrypt the password straight away using md5 or sha1 encryption. These only return hashes that contain letters and numbers regardless of what characters the user has in their passwords. Example
echo sha1('mybad"password"'); echo "<br />"; echo md5('mybad"password"')Will return the following hashes
107577e77c5ef454152af92f84ab36f5a9fdae75 <- sha1 hash 0c2f336b9977f0c40f1782e43f57e2e2 <- md5 hash
-
Where are you getting this data from? Where are these arrays?
-
This is the basic code you'll need to authenticate a user from a database
if(isset($_POST['Submit'])) { $username = mysql_real_escape_string($_POST['access_login']); $password = mysql_real_escape_string($_POST['access_password']); $query = "SELECT user_login_username, user_login_password FROM user WHERE user_login_username = '$username', user_login_password = '$username'"; $result = mysql_query($query); // check that the query executed if($result) { // check that the query returned a result. if(mysql_num_rows($result) == 1) { // user entered correct username/password credentials // consider them logged in $_SESSION['isLoggedIn'] = true; $_SESSION['username'] = $username; } // No results was returned. Display error message else { echo "Sorry the username/password you entered is incorrect"; } } // query failed for some reason, probably due to an error lets see why else { die('MySQL Error: ' . mysql_error() . '<br />Query: ' . $query); } }That code should be enough. However when dealing with passwords you should be storing them in their encrypted form rather than as plain text. The most popular are MD5 or SHA1 hashes. If you decide to store the users passwords in encrypted form you'll need to modify the code so it compares the passwords in their encrypted form rather than plain text. If the passwords are stored in the database as md5 hases then you'll chang the following line
$password = mysql_real_escape_string($_POST['access_password']);
to
$password = md5($_POST['access_password']);
Now query will compare the hashes.
Now to check if a user is logged in you'd use the following code in any page that requires the user to be logged in.
<?php session_start(); if(!isset(_SESSION['isLoggedIn']) || (isset($_SESSION['isLoggedIn']) && $_SESSION['isLoggedIn'] != true)) { header('Location login.php'); } ?> -
I meant the quotation mark, not the actual code I quoted. Sorry for not being clear.
I have edited my post to make it more clear.
-
Remove the highlighted quote.
echo "<a href='bio.php?shortName='" . $shortName . "'><img src='/images/spotlight/".$img[rand(0, (count($img)-1))]."' alt=Spotlight border=0 /></a>";This is ending the link too early and thus the shortname is not shown in the url.
Also a neater to way to do $img[rand(0, (count($img)-1))]. would be to use array_rand
-
You can use a ternary operator
echo (($submit) ? $name : $row['dnname']);
Path problem
in PHP Coding Help
Posted
Just start your links with a /