pneudralics

Everytime I logout and go to the url and type in localhost/logout.php I else statement which I shouldn't get unless I just logged out. I can type in localhost/logout.php all day and it'll show my else statement. But if I refresh the page I'll finally get my error.php. How do I fix it so after I logout and I type in localhost/logout.php it'll show the error page instead of showing that I just logged out. The below is my logout.php <?php ob_start(); if(!isset($_COOKIE['id']) && !isset($_COOKIE['idsession']) && !isset($_COOKIE['ip'])){ include ('c/connect.php'); include ('header.php'); include ('sideleft.php'); ?> <div id="maincolumn"> <?php require ("error.php"); ?> </div> <?php include ('footer.php'); } else { include ('c/connect.php'); include ('header.php'); setcookie('id', ''); setcookie('id', '', time() -3600); setcookie('idsession', ''); setcookie('idsession', '', time() -3600); setcookie('ip', ''); setcookie('ip', '', time() -3600); ob_flush(); ?> <?php include ('sideleft.php'); ?> <div id="maincolumn"> <div class="text"> You have successfully logged out of HappyProfile.com <br /> Thanks for visiting and come back soon! <br /> <a href="login.php" style="font-weight:bold;">Log Back In</a> </div> </div> <?php include ('footer.php'); }//End session else ?>

Is there something wrong with the following still? When I echo $postcommentq it echos 1....so if $postcommentq > 0 then we are good? Meant it like this: if (!empty($_POST['postcomment'])){ $postcommentq = mysql_query("INSERT INTO commentsuser (fromuser, touser, comment, date, approve) VALUES ('$cookieid', '$getid', '$postcomment', NOW(), 'N')"); //$postcommentr = mysql_query($postcommentq); if ($postcommentq > 0) { echo "<font color=\"red\">Comment posted. Waiting for approval.</font>"; } else { echo "<font color=\"red\">There was an issue posting the comment.</font>"; } } else { echo "<font color=\"red\">Post comment is empty.</font>"; }

Thanks for the help. The >0 got me going towards resolving the issue. I eventually did: if (!empty($_POST['postcomment'])){ $postcommentq = mysql_query("INSERT INTO commentsuser (fromuser, touser, comment, date, approve) VALUES ('$cookieid', '$getid', '$postcomment', NOW(), 'N')"); $postcommentr = mysql_query($postcommentq); if ($postcommentq > 0) { echo "<font color=\"red\">Comment posted. Waiting for approval.</font>"; } else { echo "<font color=\"red\">There was an issue posting the comment.</font>"; } } else { echo "<font color=\"red\">Post comment is empty.</font>"; }

Those are backticks. I had a post earlier that the backticks solved another issue. Anyways...even when I changed it to use with no backticks and change the field to: fromuser, touser I still get the else instead of if. If I add the == true it still echos else...but if I add == false it echos the if. The data is inserting, which I do not understand why it's echoing else if it's inserting.

It inserts to the database but still echo the else instead of if. if (!empty($_POST['postcomment'])){ $postcommentq = "INSERT INTO usercomments (`from`, `to`, `comment`, `date`, `approve`) VALUES ('$cookieid', '$getid', '$postcomment', NOW(), 'N')"; if (mysql_query($postcommentq)) { echo "<font color=\"red\">Comment posted. Waiting for approval.</font>"; } else { echo "<font color=\"red\">There was an issue posting the comment.</font>"; } }

Thanks. The backtick solved the problem.

I get the following: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, to, comment, date, approve) VALUES ('31', '31', 'testtexttesttext' at line 1 Oh and I'm using the latest XAMPP

Tried the escape string nothing happened. This is how I displayed the error: if (mysql_query($postcommentq).mysql_error()) { echo "<font color=\"red\">Comment posted. Waiting for approval.</font>"; }

No errors. echo shows data are in the value section.

No errors I just keep getting: There was an issue posting the comment. It also does not insert into the database. $getid = $_GET['id']; //Top of page

<?php $cookieid = $_COOKIE['id']; $postcomment = $_POST['postcomment']; if (isset($_POST['submitpostcomment'])) { if (!empty($_POST['postcomment'])){ $postcommentq = "INSERT INTO usercomments (from, to, comment, date, approve) VALUES ('$cookieid', '$getid', '$postcomment', NOW(), 'N')"; if (mysql_query($postcommentq)) { echo "<font color=\"red\">Comment posted. Waiting for approval.</font>"; } else { echo "<font color=\"red\">There was an issue posting the comment.</font>"; } } else { echo "<font color=\"red\">Post comment is empty.</font>"; } }//End isset submitpostcomment ?> <form action="comment.php" method="post"> Post Comment <br /> <textarea name="postcomment" cols="30" rows="10"> </textarea> <br /> <input type="submit" name="submitpostcomment" value="Submit" /> </form>

Thanks. Just what I needed.

All you do is change the mail to in the mail(); Ex: Users use contact form and the form will send it to yourgmail@gmail.com mail (yourgmail@gmail.com, "$subject", "$body", "From:$email");

I'm building a database with users. The table user has these 2 fields: contestpoints and totalpoints. The below is to add the contestpoints to the totalpoints and save it. My issue is it only takes one data from the various users and update everyone with the same data. Users will have a variety of contestpoints and totalpoints. I want to be able to hit submit and update all rows according to each different user not making everyone have the same totalpoints. I've tried adding the id to my while loop and using the following in my query WHERE id = '$id' <?php if (isset($_POST['convertpointssubmit'])) { $configconvertpoints = $_POST['convertpoints']; if (!empty($configconvertpoints)) { if ($configconvertpoints == 'YES') { $convertpointsupdateq = "SELECT * FROM user"; if ($convertpointsupdater = mysql_query($convertpointsupdateq)) { while ($convertpointsupdaterow = mysql_fetch_array ($convertpointsupdater)) { $convertcontestpoints = $convertpointsupdaterow['contestpoints']; $converttotalpoints = $convertpointsupdaterow['totalpoints']; $contestplustotal = "$convertcontestpoints" + "$converttotalpoints"; } } $updateconvertpointsq = "UPDATE user SET totalpoints = '$contestplustotal'"; if (mysql_query ($updateconvertpointsq)) { echo "<font color=\"red\">Contest points have been transfered to Total points!</font><br />"; $resetcontestpointsq = "UPDATE user SET contestpoints = '0'"; if (mysql_query ($resetcontestpointsq)) { echo "<font color=\"red\">Contest points have been reset to zero!</font>"; } else { echo "<font color=\"red\">Contest points did not reset.</font>"; } } else { echo "<font color=\"red\">Points did not transfer.</font>"; } } else { echo "<font color=\"red\">You have chosen to not transfer points.</font>"; } } else { echo "<font color=\"red\">Transfer points submit is blank!</font>"; } } ?>

Nevermind.. it's stored but how come the file stored on the computer reads different than print_r($_COOKIE) print_r($_COOKIE) Array ( [__utma] => 4169385.681049504.1242078723.1242078723.1242078723.1 [__utmb] => 4169385.11.10.1242078723 [__utmc] => 4169385 [__utmz] => 4169385.1242078724.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) [time] => 1242079307 [id] => 7 [idsession] => 4ac1b0e2d40cb0cfba3a5bac3c1b2108373a3d6c ) cookie txt __utma 4169385.681049504.1242078723.1242078723.1242078723.1 localhost.com/ 1088 3398296576 30150694 3645661472 30003843 * __utmb 4169385.11.10.1242078723 localhost.com/ 1088 165844992 30003848 3645791472 30003843 * __utmz 4169385.1242078724.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) localhost.com/ 1088 1951310720 30040555 3095228768 30003842 *

I'm using XAMPP and I can't find my cookies in my cookies folder. IE7 w/ Vista Searched in ../low/ and ../cookies/ folders. I can see cookies from actual website internet sites but not from localhost. Also tried: host file: 127.0.0.1 localhost.com

I got it! It did work. One of my require page was still including $_SESSION instead of $_COOKIE so it was throwing the error page. Thanks for all the help.

//does not work setcookie ('id', $idf['id']); setcookie ('idsession', $idsessionf['idsession']); //works... setcookie ('id', $idf); setcookie ('idsession', $idsessionf); Now the issue is how do I check for $idf and $idsessionf? //This doesn't work anymore if(!isset($_COOKIE['id']) && !isset($_COOKIE['idsession'])){ //error } { //else yay! }

//$idf gets primary id from database //$idsessionf gets idsession from database which is randomly generated when registration setcookie ('id', $idf['id']); setcookie ('idsession', $idsessionf['idsession']); //redirects to user page user page if(!isset($_COOKIE['id']) && !isset($_COOKIE['idsession'])){ //error } { //else yay! } When the broser prompts me to allow the cookie it always shows 1 character in the data section, even if 'id' as more than 1 character and 'idsession' is sha1

Thanks... Now what can I do to prevent session timeout when they close the browser?

Below code should time out session in 5 seconds? (Just testing). I login, don't touch anything for more than 5 seconds, refresh the page and I still have my session? ini_set('session.gc_maxlifetime', 5); session_start();

How should I filter it or do I need to since it gets turned into a new name anyways? Are there any security issues with my below code? if (isset($_POST['submit'])) { //Start image upload //Check for an image make new name with md5 $newname = md5($idsession*time()*rand(1,99999).$_FILES['signs']['name']); $newname2 = $newname.'.gif'; $title = mysql_real_escape_string(htmlentities(strip_tags(trim($_POST['title'])))); $categoryname = mysql_real_escape_string(htmlentities(strip_tags(trim($_POST['category'])))); if ( !empty ($_POST['signs']) && !empty ($title) && !empty ($categoryname) ) { if (move_uploaded_file ($_FILES['signs']['tmp_name'], "$tempfoldersigns\\"."$newname2")) { //Begin database insert if ( !empty ($newname2) ) { $insertsigns = "INSERT INTO temp (userid,type,title,category,image,timestamp) VALUES (\"$idsession\",'Signs',\"$title\",\"$categoryname\",\"$newname2\", NOW())"; $insertsignsresult = mysql_query ($insertsigns); //echo '<font color="red">Database added successfully!</font><br />'; echo '<font color="red">Sign uploaded successfully!</font><br />'; } else { echo '<font color="red">There is a problem with the database.</font><br />'; }//End database insert } else { echo '<font color="red">Sign did not upload.</font><br />'; } } else { echo '<font color="red">Field is blank.</font><br />'; } }//End isset submit

So how can I define the variables from this while loop before writing this loop? $userupdateq = "SELECT * FROM user WHERE id = '$idsession'"; if ($userupdater = mysql_query($userupdateq)) { while ($userupdaterow = mysql_fetch_array ($userupdater)) { $name= $userupdaterow['name']; $name2 = html_entity_decode($name); $email = $userupdaterow['email']; $email2 = html_entity_decode($email); } } //Incase while doesn't execute don't use variables here?

Is it good to use variables from included / require files... It seems to work? Is it good to use variables from while loops outside of the while loop? ...It seems to work.. Just 2 questions I've been pondering about and wondering if it's good practice or not even though they seem to work.

Should I hash an id for each user or can I just stick with their auto increment id when they sign up for the website? Can this easily get changed on the client side?