HeyRay2
Members-
Posts
223 -
Joined
-
Last visited
Never
Everything posted by HeyRay2
-
Heres a good series: http://www.tutorialized.com/tutorials/PHP/OOP/1
-
The script you found relies on a session side effect that no longer works on most web hosts that have "register_globals" turned off. Most web hosts have this setting turned off because it poses a security risk. Let's update this script to use a more secure method of session variable registering and variable passing. First, in the verification.php file, we'll place the $new_string variable into the session by adding to the $_SESSION array directly, like so: $_SESSION['new_string'] = $new_string; So the full code for that page will now look like this: verification.php <?php Header("Content-Type: image/png"); session_start(); $new_string; echo "<html><head><title>Verification</title></head>"; echo "<body>"; $im = ImageCreate(200, 40); $white = ImageColorAllocate($im, 255, 255, 255); $black = ImageColorAllocate($im, 0, 0, 0); srand((double)microtime()*1000000); $string = md5(rand(0,9999)); $new_string = substr($string, 17, 5); ImageFill($im, 0, 0, $black); ImageString($im, 4, 96, 19, $new_string, $white); ImagePNG($im, "verify.png"); ImageDestroy($im); $_SESSION['new_string'] = $new_string; echo "<img src=\"verify.png\">"; echo "<br><br>"; echo "Type the code you see in the image in the box below. (case sensitive)"; echo " <form action=\"formhandler.php\" method=post>"; echo "<input name=\"random\" type=\"text\" value=\"\">"; echo "<input type=\"submit\">"; echo "</form>"; echo "</body>"; echo "</html>"; ?> ... next, on the formhandler.php file, regarding this line: if ($new_string == $random){ ... because of the session side effect and "register_globals" most likely being turned off on your web host, both of these variables are NULL. So, you always get the verification success because this line basically reads: if ( NULL == NULL ){ ... which is always TRUE. So the way we want to access these variables is using the $_POST and $_SESSION arrays, like so: formhandler.php <?php session_start(); $random = trim($_POST['random']); if ($_SESSION['new_string'] == $random){ echo "You are verified"; } else{ echo "Please go back and get verified."; } ?> ... and that should make a successful check of the generated image.
-
Perhaps posting a little more of the related code is in order here. Namely, the code that you use to fetch and print your query results.
-
<?php $lookup = intval($_GET['lookup']); //conect to database $result = mysql_query("SELECT * FROM table_1 WHERE id = $lookup'); $row = mysql_fetch_row($result); if($row){ echo "ID: ".$row[0]."<br />"; echo "ID: ".$row[1]."<br />"; } else { "No match in database!"; } ?>
-
You can add a new class in your CSS to display todays date as you would like to, then just modify your calendar printing code to check for printing out todays cell. Change: if (in_array($d, $eventDays)) { $out .= "<td class=\"monthDay\">\n"; $out .= "<a href=\"?year=$year&month=$month&day=$d\"><div align=\"center\">$d</div></a>\n"; $out .= "</td>\n"; } else $out .= "<td class=\"monthDay\"><div align=\"center\">$d</div></td>\n"; ... to this: // Set the current date and the date to be printed // to compare them $today = date("m-d-Y"); $current = $month."-".$d."-".$year; // Check if the current day to be printed is today if($today == $current){ $td_class = "monthToday"; } else { $td_class = "monthDay"; } if (in_array($d, $eventDays)) { $out .= "<td class=\"".$td_class."\">\n"; $out .= "<a href=\"?year=$year&month=$month&day=$d\"><div align=\"center\">$d</div></a>\n"; $out .= "</td>\n"; } else $out .= "<td class=\"".$td_class."\"><div align=\"center\">$d</div></td>\n";
-
You could make a new table in your DB called "views", have track the following fields: content_id (int) (unique) views (int) date (date) When the page is accessed, check if a DB row already exists for that content that day and update it. Otherwise create a new row. SELECT COUNT(*) FROM views WHERE content_id = $content_id and date = NOW() Then when you want to run a query for the most popular items in a specific time frame, simply run a query that looks for the highest views later than a certain date, and limit the results to however many items you want to show. SELECT * FROM views WHERE date > $limit_date ORDER BY views DESC LIMIT 5
-
Nice catch kenrbnsn. I didn't even notice that.
-
That would be for printing to the browser or sending an HTML formatted email. Try this: $body = "Welcome\n" ."This is a test\n" ."1)blahblah\n" ."2)blahblah";
-
First of all, welcome to the forums. If you are seeing some of your code in the browser, then you've missed a quotation mark or semicolon somehwere in your code, or you've got an issue with how your chosen text editor is formatting your code. Might I also ask what text editor you are using to write your code?
-
[SOLVED] foreach statement saying not valid argument....whyyyyy?
HeyRay2 replied to simcoweb's topic in PHP Coding Help
You are using $err as a string. foreach() requires an array. If you simply want echo out $err, you don't need to use foreach(), just do something like this: if(!empty($err)){ echo $err; } However, if you want to separate each error into a list using foreach(), then change your error checking to something like this: <?php // Create and empty error array $err = array(); // input error checking if ($name=="") { $err[] = "Please enter your name.<br/>"; } if (!$phone==""){ $err[] = "Please enter your phone number.<br/>"; } if (!$email) { $err[] = "Please provide your email address<br>"; } if ($email) { if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { $err[] = $email. " is not a valid email address.<br/>"; } } /* if (!$secure) { $err[] = "No security code entered<br/>"; } if (($secure!=$match) && ($secure!="")) { $err[] = "Security code mismatch. Please re-enter.<br/>"; } */ if (empty($err)) { // mail the results to admin send_ebook_mail(); // run the query ebook_insert(); } else { ?> <div align='center'><font color='red'><strong id='errorTitle'><?= !empty($eg_error) ? 'One or more input fields on the form has not been correctly completed.' : '' ?></strong> <? // Loop through all errors ?> <ul> <? foreach($err as $value) { ?> <li id='errorMess'><? echo $value ?></li> <? } ?> </ul> <? } ?> -
Just place all your code in one file and use the same page for the form and the processing. Like so: <?php function showAttackForm($player_hp, $cpu_hp, $weapons){ echo '<form method="POST" action="'.$_SERVER['PHP_SELF'].'"> <table width="200" border="1"> <tr> <td>Player HP </td> <td>Dragon HP </td> </tr> <tr> <td><font color="green">'.$player_hp.'</font></td> <td><font color="red">'.$cpu_hp.'</font></td> </tr> </table> <p>Choose your weapon:<br> <select name="playerweapon_choose">'; for($i=0;$i < count($weapons);$i++){ echo '<option value="'.$i.'">'.$weapons[$i]['name'].' ('.$weapons[$i]['min'].'-'.$weapons[$i]['max'].' dmg)</option>'; } echo ' </select> </p> <p> <input type="hidden" name="playerhealth" value="'.$player_hp.'"> <input type="hidden" name="cpuhealth" value="'.$cpu_hp.'"> </p> <p> <input type="submit" name="submit" value="Attack!"> </p> </form>'; } // Set the default hitpoints for player and cpu $default_playerhealth = 50; $default_cpuhealth = 50; // Set damage variables for cpu $cpudamage = array(); $cpudamage['name'] = "Fire Breath"; $cpudamage['min'] = 0; $cpudamage['max'] = 15; // Set damage varaibles for player $playerweapons = array(); $playerweapons[0]['name'] = "Bow & Arrow"; $playerweapons[0]['min'] = 0; $playerweapons[0]['max'] = 20; $playerweapons[1]['name'] = "Sword"; $playerweapons[1]['min'] = 5; $playerweapons[1]['max'] = 10; if($_POST['submit']){ // Get the health levels for player and cpu $playerhealth = $_POST['playerhealth']; $cpuhealth = $_POST['cpuhealth']; // Get the player damage and weapon name for the round $playerweapon_round = $playerweapons[$_POST['playerweapon_choose']]['name']; $playerdamage_round = rand($playerweapons[$_POST['playerweapon_choose']]['min'],$playerweapons[$_POST['playerweapon_choose']]['max']); // Calculate the cpu damage for the round $cpudamage_round = rand($cpudamage['min'], $cpudamage['max']); // Apply the damage to the player and cpu $playerhealth = $playerhealth - $cpudamage_round; $cpuhealth = $cpuhealth - $playerdamage_round; echo '<div align="left"><font color="green">You attacked with the '.$playerweapon_round.' and did '.$playerdamage_round.' damage.</font></div> <div align="left"><font color="red">The dragon attacked you with '.$cpu_damage['name'].' and did '.$cpudamage_round.' damage.</font></div>'; // Check if player or cpu reached 0 hitpoints if($playerhealth <= 0 || $cpuhealth <= 0){ // Check who died if($playerhealth <= 0){ echo '<div align="left"><strong><font color="red">YOU HAVE DIED!</font></strong></div>'; } else { echo '<div align="left"><strong><font color="green">YOU HAVE SLAIN THE DRAGON!</font></strong></div>'; } echo '<div align="left"><a href="'.$_SERVER['PHP_SELF'].'">Start a new battle!</a></div>'; } else { // Show the attack form for another round showAttackForm($playerhealth, $cpuhealth, $playerweapons); } } else { // Just show the attack form showAttackForm($default_playerhealth, $default_cpuhealth, $playerweapons); } ?>
-
[SOLVED] Quick question... quick reply would be VERY appreciated
HeyRay2 replied to Ghettobusta's topic in PHP Coding Help
Don't use echo() and it won't show it. -
Post the code that you already have and we can try to help you along from there.
-
Are you trying to echo the actual query string, or the results of the query? If you want the query results to be displayed, you will need to actually run the query with mysql_query(): <?php $con = mysql_connect("$hostname", "$username", "$password") or die(mysql_error()); mysql_select_db('$database', $con) or die(mysql_error()); $query="Select * from users"; $result = mysql_query($query); if($result) { while($row = mysql_fetch_array($result)){ $fname = $row["fname"]; $lname = $row['lname']; $age = $row['age']; echo "Name: ".$fname." ".$lname.", ".$age."<br />"; } } ?>
-
http://www.php.net/manual/en/function.substr.php
-
[SOLVED] user login - direct to specific page
HeyRay2 replied to illuz1on's topic in PHP Coding Help
The following should do it for you: Header("Location: ".$_POST["username"].".php"); Additionally, you shouldn't blindly trust the information that someone enters into your login form. You open yourself up to SQL injection attacks. Protect yourself by formatting the $_POST['username'] and $_POST['password'] variables correctly for SQL queries: $username = mysql_real_escape_string(trim($_POST['username'])); $password = mysql_real_escape_string(trim($_POST['password'])); ... then change your query use the formatted variables: // Create query $q = "SELECT * FROM `dbUsers` " ."WHERE `username`='".$username."' " ."AND `password`= PASSWORD('".$password."') " ."LIMIT 1"; -
Yes, if you want to define a variable using the function, but it's not a must to use "return" in the function. I have many functions that do not "return" a value, but are useful nonetheless. A simple example: function showLoginForm(){ echo '<form action="'.$_SERVER['PHP_SELF'].'" method="POST"> Username: <input type="text" name="username" /><br> Password: <input type="password" name="password" /><br> <input type="submit" name="login" value="Log In!"> </form>'; } // Show the login form showLoginForm(); ... but again, yes you can define a variable by using a function return value. Take the above example, modified to return a value: function showLoginForm(){ $value = '<form action="'.$_SERVER['PHP_SELF'].'" method="POST">' .'Username: <input type="text" name="username" /><br>' .'Password: <input type="password" name="password" /><br>' .'<input type="submit" name="login" value="Log In!">' .'</form>'; return $value; } $t = showLoginForm(); // Show the login form echo $t; ... not the most efficient way in this case though ... :-\
-
Why would you need to define a function on a variable? Just define the function, and then when you need to use it, call it. Like: function foo(){ echo "Sup Foo!"; } foo();
-
??? I have no idea what you mean by that... I wasn't defining it in the variable. I was using the function as a way to define the value for the variable. I would assume that this function would already be defined somewhere in a users script before trying to use it.
-
Okay then... ??? Apart from my typo on the quoteSmart() function name, why won't this work? $userid = quoteSmart($_GET['userid']); ... and tell me how this will work ... $userid = $_GET['userid']; quoteSmart($userid); The function is returning a value, meaning that in order to use the function you have to use it to either populate a variable, echo it, or use it in another function as an argument. ???
-
Help!... how can i prevent the direct viewing of an image or php file
HeyRay2 replied to MrMuler's topic in PHP Coding Help
Perhaps you are looking for something like this? http://www.thesitewizard.com/archive/protectimages.shtml -
My pleasure.
-
As Hughesy1986 suggested, seeing some of your code would be helpful, but for now let's assume you have a form looking somewhat like this: <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> <input type="checkbox" name="checkboxes[]" value="CheckBox 1"> <input type="checkbox" name="checkboxes[]" value="CheckBox 2"> <input type="checkbox" name="checkboxes[]" value="CheckBox 3"> <input type="checkbox" name="checkboxes[]" value="CheckBox 4"> <input type="checkbox" name="checkboxes[]" value="CheckBox 5"> <input type="checkbox" name="checkboxes[]" value="CheckBox 6"> <input type="checkbox" name="checkboxes[]" value="CheckBox 7"> <input type="submit" name="submit" value="Submit!"> </form> You could check how many checkboxes were checked simply by doing something like this: <?php if($_POST['submit']){ $boxes_checked = count($_POST['checkboxes']); echo 'You clicked '.$boxes_checked.' box(es). You get $'.$boxes_checked.'!'; } ?>
-
[SOLVED] Generating a list of logged in users
HeyRay2 replied to soycharliente's topic in PHP Coding Help
We came up with a similar solution in the following thread if you are interested: http://www.phpfreaks.com/forums/index.php/topic,135959.0.html -
Here is some code from a script I wrote a while back doing something similar to what you are trying to do. I've generalized it, but you could probably take the concept and tailor it to your needs: <?php if($_POST['submit']){ // Remove blank elements from the "items" array (text boxes that werent filled in) $_POST['items'] = array_diff($_POST['items'], array("")); // Verify a match between the number chosen in the select box, and the // number of textboxes filled in if($_POST['numitems'] == count($_POST['items'])){ echo 'Match! '.$_POST['numitems'].' item(s) chosen. '.count($_POST['items']).' name(s) filled in.<br />'; require_once('queryrenewal/query'.$_POST['numitems'].'.php'); // YOU COULD DO YOUR REQUIRE HERE } else { echo 'Mismatch! '.$_POST['numitems'].' item(s) chosen, but '.count($_POST['items']).' name(s) filled in.<br />'; } } // Specify the maximum numitems to show $max_numitems = 5; // Create the form ?> <html> <body> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> Choose the number of items: <select name="numitems"> <?php for($i=1;$i <= $max_numitems;$i++){ echo '<option value="'.$i.'">'.$i.'</option>'; } ?> </select> Enter name for each item: <?php for($i=1;$i <= $max_numitems;$i++){ echo '<input type="text" name="items[]"></input>'; } ?> <input type="submit" name="submit" value="Submit!"> </form> </body> </html> I've consoliated choosing the number of items and entering the information for those items on the same page, but you could split that up into two pages pretty easily. A working example is available (temporarily) at the following URL: http://www.wearethereids.com/test/form_match/form_match.php