widget

That link is where I started but Im not sure where it has to go in relation to my code above

Hi, Im after a script that will change the content of a page based on the date. My site will be having a giveaway for each day of december and therefore I need the script to allow me to choose what to display by date and not randomly. Anyone know any good scripts? NVM found one

Does it go in the output or would I put it on the input form? Still need help with this please

Hi, I would like some help on how to incorporate wordwrap in the code below. I've tried a few different ways but as a newb I just stuff it up. $getShops[shop_desc] = strip_tags(substr("$getShops[shop_desc]", 0, 350), " <b><br><a><img><font>"); $getShops[shop_desc] .= "...";

Thank you so much wildteen88!!!! It works perfectly.

Hi, When i do an IP check on my website to search for matching users I want it to display the users status next to the name but its not working properly. Could someone please take a look at my code and tell me what Im doing wrong? Thank you $x = 0; while ($getQuery = mysql_fetch_array($query)) { $x++; $findUser = fetch("SELECT * FROM members2 WHERE id = '$getQuery[userid]'"); $rank1 = $findUser[rank]; if ($rank1 = "0") { $rank = "<font color=red>Suspended</font>"; } if ($rank1 = "1") { $rank = "<font color=red>Logged In - No Rank</font>"; } if ($rank1 = "2") { $rank = "<font color=red>Under 13</font>"; } if ($rank1 = "3") { $rank = "<font color=red>Regular User</font>"; } else { $rank = "<font color=green>Staff</font>"; } $results .= "$x. $findUser[username] - $getQuery[ip_addr] - $rank<br>"; } print "<p>$x results found.</p><p>$results</p>"; }

I dont have any scripts for this as yet. Thats why I need pointing in the right direction Thank you for your reply

Hi, I have a pet website and I need to create houses for the pets to live in. The houses will need to be able to be furnished. What I need is a push in the right direction of how i might accomplish this. I know of a few drag and drop scripts out there but what about ones that save as well and not just via a cookie for that user. Pretty much the page will just be a flat gridded square in which you can place a piece of furniture, rotate it and save it in place. Any ideas?

Nevermind, I've set up 2 forms. 1 to give me the password and then another to compare the password. I was going to have my site mods use this tool. The passwords are encrypted, so is it still safe to let them use it? Is there a way they can work out what the passwords are?

that just gives me the username or password (depending on what I change the row number to) of the person I typed into the form. I need to to display all usernames that have a matching password. if ($act) { $sql_query = "SELECT username, password FROM `members2` WHERE `username`='$pw_user'"; //store the SQL query in the result variable $result = mysql_query($sql_query) or die('Query Error:<br />'.$sql_query.'<br /><br />'.mysql_error()); if(mysql_num_rows($result)) { //output as long as there are still available fields ?><table><? while($row = mysql_fetch_row($result)) { echo ("<tr><td>$row[0]<br><br></td></tr>"); } ?></table><? } //if no fields exist else { echo "no values in the database"; } }

Just the usernames All im trying to do is enter a username in the form and have it display all usernames with a matching password.

thank you for that but now i get this error Query Error: SELECT username FROM `members2` WHERE `password` = 'SELECT password FROM members2 WHERE `username` == '%lollypopchicka%'' Unknown column 'lollypopchicka' in 'where clause' current code is if ($act) { $pw = ("SELECT password FROM members2 WHERE `username` == '%$pw_user%'"); $sql_query = ("SELECT username FROM `members2` WHERE `password` = '$pw'"); //store the SQL query in the result variable $result = mysql_query($sql_query) or die('Query Error:<br />'.$sql_query.'<br /><br />'.mysql_error()); if(mysql_num_rows($result)) { //output as long as there are still available fields ?><table><? while($row = mysql_fetch_row($result)) { echo ("<tr><td>$row[1]<br><br></td></tr>"); } ?></table><? } //if no fields exist else { echo "no values in the database"; } }

My site has a quite strict 1 account per user rule. Sometimes the IP check is not 100% accurate and I have found that most duplicate users use the same password for each account. What I have done is created a form with a user name input field. I would then like to store that users password in a variable and then cross check the users table and display all matching results by username. This is what I currently have and its not working. if (!$act) { <FORM ACTION="admin_search_pw.php" METHOD=get> <input type=hidden name=act value=search> <INPUT TYPE=text NAME="pw_user" VALUE="" SIZE=38> <INPUT TYPE=submit VALUE="Search!"> </FORM> } if ($act) { $pw = "SELECT * FROM members2 WHERE `username` == '%$pw_user%'"; $sql_query = ("SELECT username FROM `members2` WHERE password == $pw"); //store the SQL query in the result variable $result = mysql_query($sql_query); if(mysql_num_rows($result)) { //output as long as there are still available fields ?><table><? while($row = mysql_fetch_row($result)) { echo ("<tr><td>$row[1]<br><br></td></tr>"); } ?></table><? } //if no fields exist else { echo "no values in the database"; } } Any help would be much appreciated, oh and no I dont want to see the password, just the usernames with matching passwords. The actual form method works, just not my database results code. this is the error Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/chicka/public_html/admin/admin_search_pw.php on line 59 no values in the database

thank you darkfreaks your a god send!! Hopefully this will fix up the security issues somewhat.

ok for example I have the page where a user can update their profile. This page has the basic form elements then passes them to another page that has all the code for placing the information into the database. Ill paste the second pages code below. <?php /* Process Update Profile (update_profile.pro.php) */ ob_start(); include "global.inc.php"; $check_username = strtolower(ereg_replace(" ", "", $update_display_name)); if ($check_username == $username) { mysql_query("UPDATE members2 SET display_name = '$update_display_name' WHERE username = '$username' AND game = '$game'") or die ("Database error: ".mysql_error()); } if (($update_mybirthmonth >= 1) AND ($update_mybirthmonth <= 12) AND ($update_mybirthday >= 1) AND ($update_mybirthday <= 31) AND ($update_mybirthyear >= 0) AND ($update_mybirthyear <= $this_year)) { $birthday = "$update_mybirthmonth-$update_mybirthday-$update_mybirthyear"; mysql_query("UPDATE members_profiles2 SET birthday = '$birthday' WHERE username = '$username' AND game = '$game'") or die ("Database error: ".mysql_error()); } if (($update_my_gender >= 1) OR ($update_my_gender <= 2)) { mysql_query("UPDATE members_profiles2 SET gender = '$update_my_gender' WHERE username = '$username' AND game = '$game'") or die ("Database error: ".mysql_error()); } if (($update_mailsettings >= 0) OR ($update_mailsettings <= 2)) { mysql_query("UPDATE members_profiles2 SET mail_settings = '$update_mailsettings' WHERE username = '$username'") or die ("Database error: ".mysql_error()); } if ((!$update_location) OR (!$update_myemail) OR (!$update_myname)) { die(header(error("update_profile.php?game=$game","BOLD RED fields must not be blank!"))); } $profile = smilies(badwords(strip_tags($update_myprofile,"<embed><b><u><a><font><img><p><br><body><table><tr><td><background><style><bg><center><bgsound><div><span>"))); $signature = badwords(strip_tags($update_signature,"<b><u><a><font>")); $update_myemail = badwords(strip_tags($update_myemail,"")); $update_myname = badwords(strip_tags($update_myname,"<b><u>")); $update_location = badwords(strip_tags($update_location,"")); mysql_query("UPDATE members_profiles2 SET location = '$update_location' WHERE username = '$username' AND game = '$game'"); mysql_query("UPDATE members_profiles2 SET profile = '$profile' WHERE username = '$username' AND game = '$game'"); mysql_query("UPDATE members_profiles2 SET signature = '$signature' WHERE username = '$username' AND game = '$game'"); mysql_query("UPDATE members_profiles2 SET real_name = '$update_myname' WHERE username = '$username' AND game = '$game'"); mysql_query("UPDATE members_profiles2 SET email = '$update_myemail' WHERE username = '$username' AND game = '$game'"); mysql_query("UPDATE members_profiles2 SET avatar = '$avatar_name' WHERE username = '$username'"); die(header(error("update_profile.php?game=$game","Your information has been updated successfully!"))); ?> So where on here does it go?

darkfreaks that all sounds good but I have no idea what it is or where I should put it.

All I can tell you is that this is what someone wrote on a forum about my site. and I do use strip tags on any input areas.

Hi, I need some help with making my site secure. Using php and mysql Im totally new to php and mysql but have been doing ok with it all so far. Apparently my sites scripts arent secure and I have no idea where to start to fix this. Is there anyone out there who would be willing to take a look for me and help me fix this problem?

Sorry but I dont understand where I should put that line of code or how to implement it. Could you please show me

Sorry, m a newb. What is a right join?

I need some help with my high score table. Currently it outputs the top 50 scores but not sorted by highest per user. EXAMPLE OF OUTPUT Top Scores 1. Lolly Pop Chicka - 1485 2. Lolly Pop Chicka - 1102 3. Lolly Pop Chicka - 1024 4. Pistoche - 741 5. Pistoche - 727 CURRENT CODE $x = 1; $findTop5 = mysql_query("SELECT * FROM highscores WHERE game_name = 'bubblepop' ORDER BY score DESC LIMIT 50"); while ($getTop5 = mysql_fetch_array($findTop5)) { $getUsername = fetch("SELECT username,display_name,premium,display_prem FROM members2 WHERE game = '1' AND id = '$getTop5[user]'"); if (($getUsername[premium] == 1) AND ($getUsername[display_prem])) { $getUsername[display_name] = $getUsername[display_prem]; } $top5 .= "$x. <A href=user_profile.php?game=$game&user=$getUsername[username]>$getUsername[display_name]</a> - $getTop5[score]<br>"; $x++; } I need to to output like this Top Scores 1. Lolly Pop Chicka - 1485 2. Pistoche - 741 I've had a go at grouping but couldnt get it to work. If someone could please show me a code example, that would be great!! Thank you in advance for any help - its much appreciated.

Hi, can you recommend a free database backup program?

Hi, my sites using mysql and php. I have 2 tables I wish to compare. members2 ( which holds the members data such as username password email address etc etc ) members_profile2 ( which holds the users profile information and a few other bits and bobs ) What I would like to do is delete all profile information for users who no longer exist in the members2 table. Below is the code I have written, yes im a newb so I have no idea if this is how you do it. I dont want to test it and risk wiping out my users - omg what a nightmare that would be. $members_check1 = mysql_query("SELECT * FROM `members2` ORDER BY `members2`.`username`"); $members_check2 = mysql_query("SELECT * FROM `members_profiles2` ORDER BY `members2`.`username`"); if($members_check2[username] != $members_check1[username]) { mysql_query("DELETE FROM `members2` WHERE `members2`.`username` = $members_check1[username]"); } ?> Any help id much appreciated

I have this snippet of code in my site for displaying a select box from the database <select name="avatar_name"> <?php $sql11 = "select * from `avatar_blank` where `user_name` = '$username'"; $query11 = mysql_query($sql11) or die(mysql_error()); while($dd11 = mysql_fetch_array($query11)){ $avatar_name = $dd11['avatar_name']; echo "<option value=\"$avatar_name\">$avatar_name</option>"; } ?> </select>

Site uses php and MySQL I have a game where the users score is submitted into a table that is used for lots of games. The best explaination is to see for yourself. Here is the output Top Scores 1. pistoche - 2727 2. pistoche - 2580 3. pistoche - 2566 4. pistoche - 2478 5. pistoche - 2431 6. pistoche - 2429 7. pistoche - 2399 8. pistoche - 2399 9. pistoche - 2397 10. pistoche - 2344 11. pistoche - 2310 12. pistoche - 2295 13. pistoche - 2176 14. pistoche - 2175 15. pistoche - 2168 16. pistoche - 2144 17. pistoche - 2121 18. pistoche - 2120 19. Lolly Pop Chicka - 2070 20. pistoche - 2062 21. j e f f g o r d o n - 2045 22. pistoche - 2041 23. pistoche - 2040 24. pistoche - 2031 25. pistoche - 2029 26. j e f f g o r d o n - 2023 27. Lolly Pop Chicka - 2019 and here is the code $game_name = bubblepop; mysql_query("INSERT INTO highscores (game, user, game_name, score, daily) VALUES ('1', '$userid', '$game_name', '$score', '$datestamp')"); $x = 1; $findTop5 = mysql_query("SELECT * FROM highscores WHERE game_name = 'bubblepop' ORDER BY score DESC LIMIT 50"); while ($getTop5 = mysql_fetch_array($findTop5)) { $getUsername = fetch("SELECT username,display_name,premium,display_prem FROM members2 WHERE game = '1' AND id = '$getTop5[user]'"); if (($getUsername[premium] == 1) AND ($getUsername[display_prem])) { $getUsername[display_name] = $getUsername[display_prem]; } $top5 .= "$x. <A href=user_profile.php?game=$game&user=$getUsername[username]>$getUsername[display_name]</a> - $getTop5[score]<br>"; $x++; } $yourTotalScore = fetch("SELECT score FROM highscores WHERE game_name = 'bubblepop' AND game= '$game' AND user = '$userid'"); print "<p align=center><TABLE CELLSPACING=0 CELLPADDING=10 WIDTH=80%> <TR BGCOLOR=\"#F5E462\"> <TD> <CENTER> <B>Top Scores</B> </CENTER> </TD> </TR> <TR BGCOLOR=\"#FCFFDE\"> <TD valign=\"top\"> $top5 </TD> </TR> </TABLE> Is there a way to make it sort through the data to find a double up of a username and only display that usernames high score. So the output would be Top Scores 1. pistoche - 2727 2. Lolly Pop Chicka - 2070 3. j e f f g o r d o n - 2045 etc etc