Jump to content


  • Content count

  • Joined

  • Last visited

Community Reputation

1 Neutral

About chrisrulez001

  • Rank

Profile Information

  • Gender
    Not Telling
  1. chrisrulez001

    jQuery progressbar issue

    Hi I'm reading from a MySQL database and then looping though the results with PHP. I'm having an issue of using a progress bar within the loop, it's showing the progress bar but it isn't reading the value of a hidden field with the value. The value of the progress bar should be 200 (value in hidden field) but it's just not showing I've uploaded an image of what's happened. Is there something obvious that I'm not seeing? PHP: <?php $List = $this->conn->query("SELECT users.username as Username, challenge.item as Item, SUM(challenge.cost) as Cost FROM users LEFT JOIN challenge ON users.ID = challenge.user_id GROUP BY users.username"); $List->execute(); $row = $List->fetchAll(PDO::FETCH_ASSOC); echo "<div id=\"Challenge\">"; foreach($row as $user) { echo "<div class=\"ChallengeHeader\">"; echo $user['Username']; echo "<span id=\"ChallengeAction\"><input data-index=\"".$user['Username']."\" type=\"submit\" class=\"ChallengeExpand\" id=\"Expand\" value=\"Expand\" /></span>"; echo "</div>"; echo "<div id=\"".$user['Username']."\">"; echo "<div class=\"ProgressBar\"></div>"; echo "<input class=\"Value\" type=\"hidden\" value=\"".$user['Cost']."\">"; echo "</div>"; } echo "</div>"; ?> jQuery: $(document).ready(function(){ $("#Challenge").each(function(){ var $div = $(this); var val = $div.find(".Value").val(); $div.find(".ProgressBar").progressbar({ max: 600, value : val }); if($div.find(".ProgressBar").progressbar("value") <= 500) { $div.find(".ProgressBar").css({ 'background': 'White' }); $div.find(".ProgressBar > div").css({ 'background': 'LightGreen' }); } else { $div.find(".ProgressBar").css({ 'background': 'White' }); $div.find(".ProgressBar > div").css({ 'background': 'Red' }); } }); })
  2. chrisrulez001

    XSS prevention

    Ok thanks your your help
  3. chrisrulez001

    XSS prevention

    Ok thank you for your informative post Jacques1 I'll have a look at Twig and implementing a Content Security Policy. With regards to htmlspecialchars(), I see from your other post you use ENT_QUOTES | ENT_SUBSITITUTE are these the best flags to use?
  4. chrisrulez001

    XSS prevention

    Hi there, It's been a few months since I've touched PHP. I've read that you only use htmlspecialchars() when outputting data (for example from a database). Is that the correct way of doing it? Put to prevent XSS from getting into the database from the form, could you not use preg_match() to whitelist what you can actually enter into the field? Thanks
  5. chrisrulez001

    Problem Creating MySQL Event using PHP

    Thank you very much for helping me out with this. I'll probably use the ->query() method to run this query. EDIT: As I need to pass values to the query, I would probably be best setting PDO prepared query to emulated as suggested EDIT 2: Just tried this with what was suggested above and it works. Thanks again
  6. chrisrulez001

    Problem Creating MySQL Event using PHP

    Thanks for your reply, I'm connecting to the database at the moment through the root account, although that probably makes sense why it isn't creating events. The PDO connection is set to throw any exceptions but I'm not catching any exceptions for this query through a try catch, I'll try that. PHP's error reporting is set to E_ALL. Edit: I tried creating a new user with global privileges and re-ran the query, unfortunately this hasn't worked. I also tried a try catch on the query, no exceptions are thrown, PHP doesn't report any errors either.
  7. Hi there, I'm trying to create a MySQL event using the built-in MySQL event scheduler. This is so that in an hour the users account can be automatically unlocked. The following is the query I'm trying to run: CREATE EVENT update_locked ON SCHEDULE AT CURRENT_TIMESTAMP + INTERVAL 1 HOUR DO UPDATE `check_locked` SET `is_locked` = :locked WHERE `check_locked`.`username` = :username; Now if I take out the :username and replace it with a valid user from the database, example 'admin' and also replacing the :locked with 0, the query is run fine from PHPMyAdmin and the event is created. But when I run the query from PHP I get no errors and the query supposedly runs but when I check the events table in the MySQL database. Here is the code I'm trying to run in a function: protected function Lock_Account($username) { //Reset the login attempts to 0 $this->Reset_Login_Attempts($username); //Lock the users account //Use prepared query $Lock = $this->db->prepare("UPDATE check_locked SET is_locked=:locked WHERE username=:username"); //Bind values to prepared query //Execute the lock user prepared query $Lock->execute(array(":locked" => 1, ":username" => $username)); //Create event to unlock the users account after an hour //Use prepared query $Lock_Event = $this->db->prepare("CREATE EVENT update_locked ON SCHEDULE AT CURRENT_TIMESTAMP + INTERVAL 1 HOUR DO UPDATE `check_locked` SET `is_locked` = :locked WHERE `check_locked`.`username` = :username;"); //Bind values to prepared query and execute the set the lock event prepared query $Lock_Event->execute(array(":locked" => 0, ":username" => $username)); } I've tried just running the query from PHP with the :locked replaced with 0 and :username replaced with 'admin', that didn't create the event. Thanks in advance.
  8. chrisrulez001

    Why wont this go to mysql form?

    Hi there "it won't send to mysql" isn't detailed enough to help at this stage. Is there any specific error messages?
  9. chrisrulez001

    Whats wrong with line 17?

    Your welcome. Please mark this as fixed.
  10. chrisrulez001

    Whats wrong with line 17?

    You usually start the connection in connect.php and then include it on the pages that you are connecting to the database. From line 2 to line 12 would be classed as the database connection. However the connection process is different if you are using mysqli. Did you manage to connect to phpMyAdmin from the members area using the username and password you added to the code? Edit: Sorry hadn't noticed you'd managed to fix the problem
  11. chrisrulez001

    Whats wrong with line 17?

    Can you login to phpMyAdmin using the same username and password? If you can login, then I think maybe you need to double check the hostname.
  12. chrisrulez001

    Whats wrong with line 17?

    I'm not familiar with 000webhost but I think they use phpMyAdmin to manage the databases? When you login to phpMyAdmin you use a specific username and password, you need to put the username in the username variable and password in the password variable. mysqli is actual PHP code that is used to connect to (for example: phpMyAdmin). Take a look at this tutorial: http://codular.com/php-mysqli Edit: Take a look at this on the 000webhost's FAQ: http://www.000webhost.com/faq.php?ID=25
  13. chrisrulez001

    Whats wrong with line 17?

    Your welcome. The error message is saying that you are trying to login to your mysql server without a password and is giving you an access denied message. I see at the top of the code are these variables: $username="root"; //mysql username default is root. $password=""; //blank if no password is set for mysql. Is root the username and is the password blank for logging into your mysql server? Also what are you using for a mysql server? I should also point out that the mysql_* functions are now depreciated, you should be using mysqli or PDO.
  14. chrisrulez001

    Whats wrong with line 17?

    Hi there, After testing this code, and also taking into account of what sKunKbad has said, I think I might have found your problems. You have a capital letter, it should probably be lower-case letter on a few lines and you are missing the semi colon at the end of line 15. Line 15 should probably be include not Include. Line 15 is missing ; at the end of the line. Line 17, 19 and 27 If should probably be if. Line 21, 29 and 33 should probably be echo not Echo. Line 23 and 31 should probably be else not Else. These changes should be made in conjunction of the suggestion that sKunKbad has made. Hope this helps.
  15. chrisrulez001

    Best way to check if user is logged in

    Thanks very much for your help. Everything you suggested is in place and fixed

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.