Tom8001
-
Posts
205 -
Joined
-
Last visited
Everything posted by Tom8001
-
How can i make a clickable input button in photoshop, when i click save for web it's just and image.
-
Oh wow, i can't even believe i actually made that mistake haha, thanks man!
-
ok man thanks, i'll have a good read over it.
-
How would i fix that?
-
I got rid of the undefined variable error, but i'm still getting Notice: Undefined index: FileToUpload in C:\xampp\htdocs\uploadtut\upload.php on line 4 Notice: Undefined index: FileToUpload in C:\xampp\htdocs\uploadtut\upload.php on line 10 Warning: getimagesize(): Filename cannot be empty in C:\xampp\htdocs\uploadtut\upload.php on line 10 The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. Sorry, There was an error uploading your file.
-
Thanks
-
Hello, I'm trying to make a file upload script and i am getting the following errors Errors when the script it on localhost: Notice: Undefined variable: FILES in C:\xampp\htdocs\upload.php on line 4 Notice: Undefined variable: FILES in C:\xampp\htdocs\upload.php on line 10 Warning: getimagesize(): Filename cannot be empty in C:\xampp\htdocs\upload.php on line 10 The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. Sorry, There was an error uploading your file. And the errors on an actual web server: Warning: getimagesize() [function.getimagesize]: Filename cannot be empty in /home/thegekon/public_html/test/upload.php on line 10 The file you are trying to upload is not a valid iamge.Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file.Your file was not uploaded. Sorry, There was an error uploading your file. Here is my html page code where the users select a file <html lang="en"><head></head><meta charset="utf-8"> <title>PHP File Upload</title> <body> <form action="upload.php" method="POST"> <input type="file" name="FileToUpload" enctype="multipart/form-data" /> <BR> <BR> <input type="submit" name="submit" value="Upload Image" /> </form> </body> </html> And here's my upload.php page <?php $target_dir = "uploads/"; $target_file = $target_dir .basename($FILES["FileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); //Check if the image is a real image or even an image at all if(isset($_POST['submit'])) { $check = getimagesize($FILES["FileToUpload"]["tmp_name"]); if($check !== false) { $uploadOk = 1; } else { echo "The file you are trying to upload is not a valid iamge."; } //Restrict File Type if($imageFileType !== "jpg" && $imageFileType !== "png" && $imageFileType !== "jpeg" && $imageFileType !== "gif") { echo "Sorry, We only allow jpg, png, jpeg and gif file types to be uploaded. Please try again with a valid file."; $uploadOk = 0; } if($uploadOk == 0) { echo "Your file was not uploaded. <br><br><br>"; } if(move_uploaded_file($target_file, $target_dir)) { echo "Your file<font color='red'>" . basename($FILES["FileToUpload"]["name"]) ."</font> has been uploaded. <br><br><br>"; $uploadOk = 1; } else { echo "Sorry, There was an error uploading your file. <br><br><br>"; $uploadOk = 0; } } ?>
-
$password = mysqli_real_escape_string($con, hash('sha512', $password)); Didn't see that one. and what?
-
I have made the following changes, $result = $sql->get_result(); $row = $result->fetch_assoc(); And have removed real_escape_string from the username and password variables. This is my current code <?php session_start(); error_reporting(E_ALL | E_NOTICE); include 'header.php'; require 'connect.php'; if(isset($_SESSION['loggedIn'])) { echo "<br><br><br><br><br><br><br><center>You are already logged in, <a href='logout.php'><h3>click here</h3></a> if you want to logout</center>"; echo "<div id='index'><button><a href='index.php'>Index Page</a></div>"; echo "<style> a {color: #ff0000; font-weight: bold; text-decoration: none;} a:hover {color: #000;} #index {position: absolute; top: 80; left: 60;} #index button:hover {border: 2px solid #ff0000;}</style>"; exit(); } if(isset($_POST['submit'])) { $username = trim($_POST['username']); $password = $_POST['password']; $password = mysqli_real_escape_string($con, hash('sha512', $password)); if($username&&$password) { } else { die("Please enter a username and password"); } $sql = $con->prepare("SELECT username, password, user_level, active FROM $tbl_name WHERE username=? AND password=? AND active=? AND user_level=?"); $sql->bind_param("ssii", $username, $password, $active, $user_level); $sql->execute(); $result = $sql->get_result(); $row = $result->fetch_assoc(); $user_level = $row['user_level']; $active = $row['active']; if($result == 1) { if($row['active'] == 1) { if($row['user_level'] == 1) { $_SESSION['username'] = $_POST['username']; $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; header("Location: admin.php"); exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; $_SESSION['username'] = $_POST['username']; header("Location: index.php"); } else if($row['active'] == 0) { header("Location: banned.php"); $_SESSION['active'] = 0; exit(); } } else { echo "Username / Password is incorrect!"; exit(); } } ?> I don't get any errors, it automatically redirects to banned.php even when i enter a fake username and password.
-
I have changed all the things that i have done wrong but is still not working, this is my updated script <?php session_start(); error_reporting(E_ALL | E_NOTICE); include 'header.php'; require 'connect.php'; if(isset($_SESSION['loggedIn'])) { echo "<br><br><br><br><br><br><br><center>You are already logged in, <a href='logout.php'><h3>click here</h3></a> if you want to logout</center>"; echo "<div id='index'><button><a href='index.php'>Index Page</a></div>"; echo "<style> a {color: #ff0000; font-weight: bold; text-decoration: none;} a:hover {color: #000;} #index {position: absolute; top: 80; left: 60;} #index button:hover {border: 2px solid #ff0000;}</style>"; exit(); } if(isset($_POST['submit'])) { $username = trim($_POST['username']); $password = $_POST['password']; $password = mysqli_real_escape_string($con, hash('sha512', $password)); if($username&&$password) { } else { die("Please enter a username and password"); } $username = mysqli_real_escape_string($con, $_POST['username']); $password = mysqli_real_escape_string($con, $_POST['password']); $sql = $con->prepare("SELECT username, password, user_level, active FROM $tbl_name WHERE username=? AND password=? AND active=? AND user_level=?"); $sql->bind_param("ssii", $username, $password, $active, $user_level); $sql->execute(); $sql->get_result(); var_dump($sql); $row = $sql->fetch_assoc(); $user_level = $row['user_level']; $active = $row['active']; if($sql->num_rows > 0) { if($row['active'] == 1) { if($row['user_level'] == 1) { $_SESSION['username'] = $_POST['username']; $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; header("Location: admin.php"); exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; $_SESSION['username'] = $_POST['username']; header("Location: index.php"); exit(); } else if($row['active'] == 0) { header("Location: banned.php"); $_SESSION['active'] = 0; } } else { echo "Username / Password is incorrect!"; exit(); } } ?> And i get the following error Fatal error: Call to undefined method mysqli_stmt::fetch_assoc() in /home/www/ps3modding.co.uk/webdir/login.php on line 47 I ran a variable dump here object(mysqli_stmt)#1 (10) { ["affected_rows"]=> int(0) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(4) ["field_count"]=> int(4) ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["sqlstate"]=> string(5) "00000" ["id"]=> int(1) } And even without the error it still says username or password is incorrect, also not sure if this has anything to do with it but here is my register script <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', 1); require 'connect.php'; echo "<title> Register </title>"; if(isset($_POST['register'])) { $username = trim($_POST['username']); $username = mysqli_real_escape_string($con, $_POST['username']); $password = mysqli_real_escape_string($con, $_POST['password']); $password = hash('sha512', $_POST['password']); if(!$_POST['username'] OR !$_POST['password']) { die("You must enter a username and password!"); } $stmt = $con->prepare("INSERT INTO $tbl_name (username, password) VALUES (?, ?)"); $stmt->bind_param('ss', $username, $password); $stmt->get_result(); var_dump($stmt); $stmt->execute(); echo "New user has been created successfully"; $stmt->close(); $con->close(); } ?> I think it is to do with the password encryption i have done something wrong but i don't know what.
-
Thanks for that it's weird how i can make such an idiotic mistake,but that cleared a few things up, Thanks
-
I changed if(isset($_POST['submit'])) { $username = trim($_POST['username']); $password = $_POST['password']; $password = mysqli_real_escape_string($con, hash('sha512', $password)); and $sql->get_result($sql); Before i execute the statement.
-
It's ok i changed $stmt->close(); $conn->close(); to $stmt->close(); $con->close(); and the variables were wrong when i was binding the parameters, the variable dump now outputs object(mysqli_stmt)#2 (10) { ["affected_rows"]=> int(0) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(2) ["field_count"]=> int(0) ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["sqlstate"]=> string(5) "00000" ["id"]=> int(1) } New user has been created successfully and everything is successful, however in my login script when i try to login it says the username or password is incorrect, now i think i have done something wrong when trying to hash the password, here is my login script <?php session_start(); error_reporting(E_ALL | E_NOTICE); include 'header.php'; require 'connect.php'; if(isset($_SESSION['loggedIn'])) { echo "<br><br><br><br><br><br><br><center>You are already logged in, <a href='logout.php'><h3>click here</h3></a> if you want to logout</center>"; echo "<div id='index'><button><a href='index.php'>Index Page</a></div>"; echo "<style> a {color: #ff0000; font-weight: bold; text-decoration: none;} a:hover {color: #000;} #index {position: absolute; top: 80; left: 60;} #index button:hover {border: 2px solid #ff0000;}</style>"; exit(); } if(isset($_POST['submit'])) { $username = trim($_POST['username']); $password = $_POST['password']; $password = hash('sha512', $_POST['password']); if($username&&$password) { } else { die("Please enter a username and password"); } $username = mysqli_real_escape_string($con, $_POST['username']); $password = mysqli_real_escape_string($con, $_POST['password']); $sql = $con->prepare("SELECT username, password, user_level, active FROM $tbl_name WHERE username=? AND password=? AND active=? AND user_level=?"); $sql->bind_param("ssii", $username, $password, $active, $user_level); $sql->execute(); $row = $sql->fetch(); $user_level = $row['user_level']; $active = $row['active']; if($sql->num_rows == 1) { if($row['active'] == 1) { if($row['user_level'] == 1) { $_SESSION['username'] = $_POST['username']; $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; header("Location: admin.php"); exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; $_SESSION['username'] = $_POST['username']; header("Location: index.php"); exit(); } else if($row['active'] == 0) { header("Location: banned.php"); $_SESSION['active'] = 0; } } else { echo "Username / Password is incorrect!"; exit(); } } ?> I have also dumped the variables in my login script which outputs object(mysqli_stmt)#1 (10) { ["affected_rows"]=> int(-1) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(4) ["field_count"]=> int(4) ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["sqlstate"]=> string(5) "00000" ["id"]=> int(1) } I don't get any errors apart from my custom message "Username or Password is incorrect"
-
I can't figure out what's happening.
-
Hey, so this is my register script <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', 1); require 'connect.php'; echo "<title> Register </title>"; if(isset($_POST['register'])) { $username = trim($_POST['username']); $username = mysqli_real_escape_string($con, $_POST['username']); $password = mysqli_real_escape_string($con, $_POST['password']); $password = hash('sha512', $_POST['password']); if(!$_POST['username'] OR !$_POST['password']) { die("You must enter a username and password!"); } $stmt = $con->prepare("INSERT INTO usrs_usr (username, password) VALUES (?, ?)"); $stmt->bind_param("ss", $username, $password); $stmt->get_result(); var_dump($stmt); $stmt->execute(); echo "New user has been created successfully"; $stmt->close(); $conn->close(); } ?> Now the problem is i have done a variable dump which outputs nothing, and the only error i am getting is Fatal error: Call to a member function bind_param() on a non-object
-
<?php require 'connect.php'; error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); ini_set('memory_limit', '-1'); include 'footer.php'; if(isset($_POST['submit'])) { session_start(); if(!$_POST['username'] OR !$_POST['password']) { echo "Please make sure you enter both a username and password!"; exit(); } $username = trim($_POST['username']); $password = trim($_POST['password']); $password = hash('sha256', $password); $stmt = $conn->prepare("SELECT username,password,user_level,active FROM usrs_usr WHERE username=? AND password=?"); $stmt->bind_param("ss", $username, $password); $stmt->execute(); $row = $stmt->fetch(); $userlevel = $row['user_level']; $active = $row['active']; if($stmt->num_rows == 1) { if($row['user_level'] == 1) { $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;admin.php>"; exit(); } else if($row['user_level'] == -1) { $_SESSION['user_level'] = -1; $_SESSION['active'] = 0; $_SESSION['loggedIn'] = 0; echo "<meta http-equiv='refresh' content=0;banned.php>"; exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;index.php>"; exit(); } else { die("#~ Username or password is incorrect ~#"); } } ?>
-
I've taken everyone's advice but it still does not login.
-
Removed
-
So like this? $password = hash('sha256', $_POST['password']);
-
i added $password = hash('sha256', $password); to my login script but it's still not working This is my registration script <?php error_reporting(E_ALL | E_NOTICE); require 'connect.php'; ini_set('display_errors', 1); echo "<title> Register </title>"; if(isset($_POST['register'])) { if(!$_POST['username'] OR !$_POST['password']) { die("You must enter a username and password!"); } $username = trim($_POST['username']); $password = trim($_POST['password']); $username = mysqli_real_escape_string($conn, $_POST['username']); $password = mysqli_real_escape_string($conn, $_POST['password']); $password = hash('sha256', $password); $stmt = $conn->prepare("INSERT INTO usrs_usr (username, password) VALUES (?, ?)"); $stmt->bind_param("ss", $username, $password); $stmt->execute(); echo "New user has been created successfully"; $stmt->close(); $conn->close(); } ?>
-
Yeah i'm guessing that's the reason why it's saying the password and username are wrong.
-
My passwords are hashed but only in the registration script.
-
Hi, well i don't get an error from PHP but it says the username or password is incorrect Login script <?php require 'connect.php'; error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); ini_set('memory_limit', '-1'); include 'footer.php'; if(isset($_POST['submit'])) { session_start(); if(!$_POST['username'] OR !$_POST['password']) { echo "Please make sure you enter both a username and password!"; exit(); } $username = trim($_POST['username']); $password = trim($_POST['password']); $username = mysqli_real_escape_string($conn, $_POST['username']); $password = mysqli_real_escape_string($conn, $_POST['password']); $stmt = $conn->prepare("SELECT username,password,user_level,active FROM usrs_usr WHERE username=? AND password=?"); $stmt->bind_param("ss", $username, $password); $stmt->execute(); $row = $stmt->fetch(); $userlevel = $row['user_level']; $active = $row['active']; if($stmt->num_rows > 0) { if($row['user_level'] == 1) { $_SESSION['user_level'] = 1; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;admin.php>"; exit(); } else if($row['user_level'] == -1) { $_SESSION['user_level'] = -1; $_SESSION['active'] = 0; $_SESSION['loggedIn'] = 0; echo "<meta http-equiv='refresh' content=0;banned.php>"; exit(); } $_SESSION['user_level'] = 0; $_SESSION['active'] = 1; $_SESSION['loggedIn'] = 1; echo "<meta http-equiv='refresh' content=0;index.php>"; exit(); } else { die("#~ Username or password is incorrect ~#"); } } ?>
-
Worked perfectly thanks!
-
Hi, ok so i have just created a form in HTML and am having the following problem in CSS This is what the form looks like: http://gyazo.com/0aa86120ab01c1f660dcf8f30efe4f9d Now you can see that the width is covering the page each side How can i fix this? for both width and height? Here is my code: #form { background-color: #111; margin: 0; text-align: center; padding: 15px; width: auto; height: auto; color: yellow; } #form input { border: 2px solid #ff0000; color: #ff0000; }
