Adam93

Can't seem to get it to work. I've tried; <?php $qry="SELECT * FROM `badges` WHERE `badgeid`=`badgeid` FROM `user_badges` WHERE `userid`='$bobba'"; $result=mysql_query($qry); $getbadge = mysql_query($qry) or die(mysql_error()); if($result) { while ($row = mysql_fetch_array($getbadge)) { $imgs = explode(",",$row['base']); foreach ($imgs as $badgeurl) { echo "<img src='".$badgeurl."''>"; } } } ?> But obviously that isn't a valid query, but that's what I'm trying to achieve, if you get me? :-S

Hi, I'm wanting to make a badge system. I have a table in my database called 'badges', which contains all the badge information and image address; And then a table called 'user_badges', which holds the information of badges assigned to users; So, I'm wanting to do a query on the member's profile page which will display each badge assigned to them. I thought I could do through mysql_fetch_array, and echo 'base' as an <img> for each corresponding badgeid and user id, I don't know if it's possible to link them or if it's too complicated?

Thank you! :-)

Hi, Just wondering if it's possible to get the dynamic part of the URL with the GET method? I'm getting the address of the URL to add to a database when a user reports an error on that page; <?php $actual_link = $_SERVER['PHP_SELF'];?> But I've noticed the if the url is for example "profile.php?username=someone" then it is only getting "profile.php".

Ahh, thanks for you help!

Thank you! Works fine now! Just a quick question for future, why the '[0]'? :-)

Now I'm not getting anything

Whoops, so, cleared my sessions and logged in again, now it's displaying; Array ( [0] => Array ( [0] => frank [lastname] => frank ) ) 'frank' is the information in the table, which is correct, but I only want to display that piece of information, not "Array ( [0] => Array ( [0] =>"... Any ideas?

Thanks, but it's now displaying; Array ( [0] => Array ( [0] => 0 [lastname] => 0 ) )

Hi, So I'm not very familiar with using mySQLi, but I'm wanting to print a user's last name, depending on which user is logged in (obviously it needs to be their last name and not another users) So, we're getting the session for the user and saving their username as $username $user = Session::Get('current_user'); $username = $user->Get('username'); And then my query to display their lastname? $result = $db->Select('lastname')->Where('username', '$username')->Get(Config::Get('db.table')); print_r($result) But the query doesn't work, no error? Forgive my ignorance! >.<

Oh, I'm now getting the following error; Notice: Undefined index: userinfo in /home/public_html/core/core.php on line 7 Notice: Undefined index: logged in /home/public_html/core/core.php on line 8 Notice: Undefined index: logged in /home/public_html/index.php on line 3 Never seen this error before. Any ideas?

Thank's for the reply, So after adding the exit statement, the script still wasn't working. Also tried with the debugging statement you gave as an example, but still no luck. Just getting a blank index.php page. Really bizarre.

Hi guys, The idea of this script is to check if the website is under maintenance, and if it is, direct the user to the maintenance page. If the user is signed in, and has privileges to bypass the maintenance page and continue to look at the website, then they won't be redirected, but I can't seem to get it to work? I've checked all the tables in database, I've been through the code multiple times. It's not displaying an error, it's just running through the code and then doing nothing? (Maintenance has already been set to '1' in the database) index.php <?php include "core.php"; ?> <? $updatecounter = mysql_query("UPDATE webviews SET count = count+1 WHERE id = '1'"); if (!$updatecounter) { die ("Can't update the counter : " . mysql_error()); } ?> core.php <?php session_start(); include "config.php"; include "security.php"; $id = $_SESSION['userinfo']['id']; if ($_SESSION['logged'] == true) { $qry="SELECT * FROM fuserights WHERE userid='$id'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { $checks = mysql_fetch_assoc($result); $access = $checks['bypassmaintenance']; } } if($access == 1) { }else { $result = mysql_query("SELECT * FROM maintenance") or die(mysql_error()); while($row = mysql_fetch_assoc($result)) { if($row['check'] == 1) { header('location:/maintenance/'); } } } } ?> config.php <?php $server = "***"; $username = "***"; $password = "***"; $db_name = "***"; $connect = mysql_connect($server, $username, $password) or die(mysql_error()); mysql_select_db($db_name, $connect) or die(mysql_error()); mysql_query("SET NAMES utf8"); ?> security.php <?php $array = array( "union", "sql", "mysql", "database", "cookie", "coockie", "select", "from", "where", "benchmark", "concat", "table", "into", "by", "values", "exec", "shell", "truncate", "wget", "/**/", "1=1", "xss" ); foreach ($array as $d) { $string = security($_SERVER['QUERY_STRING']); if (strpos(strtolower($string), $d) != false) { $ip = $_SERVER['REMOTE_ADDR']; $loc = $_SERVER['PHP_SELF']; $browseros = $_SERVER['HTTP_USER_AGENT']; $oslanguage = $_SERVER['HTTP_ACCEPT_LANGUAGE']; $date = date("d.m.Y / H:i:s"); $file = security('' . $loc . '?' . $string . ''); $type = "SQL Injection"; $queryvalid = mysql_query("SELECT * FROM `hacker-attacks` WHERE file='$file' and type='SQL Injection' LIMIT 1"); $validator = mysql_num_rows($queryvalid); if ($validator > "0") { echo '<meta http-equiv="refresh" content="0;url=index.php" />'; exit(); } else { $log = "INSERT INTO `hacker-attacks` (ip, date, file, type, browseros, oslanguage) VALUES ('$ip', '$date', '$file', '$type', '$browseros', '$oslanguage')"; $result = mysql_query($log); echo '<meta http-equiv="refresh" content="0;url=index.php" />'; exit(); } } } function security($input) { $input = mysql_real_escape_string($input); $input = strip_tags($input); $input = stripslashes($input); return $input; } $guestip = $_SERVER['REMOTE_ADDR']; $querybanned = mysql_query("SELECT * FROM `bans` WHERE ip='$guestip'"); $banned = mysql_num_rows($querybanned); $row = mysql_fetch_array($querybanned); $reason = $row['reason']; if ($banned > "0") { die("<center><font size='7' color='red'><b>You are banned</b></font><br> Reason: $reason<br> <br /><img src='images/banned.png' /></center>"); } ?> Any help would be appreciated! Thanks.