garethhall

Hi I have not seen this syntax can some tell what it means? $name_sql = ($newTemplateName===$templateNewname)? '' : "`name`='$newTemplateName',";

Hi there, I agree getting the information from the DB won't be a problem but ......... I am not sure on how wise that would be. If the system you are working on is small (only a couple of users) then I guess it's ok but if it has the potential to have hundreds or even thousands of users then I would say no. I have a very large system having to do the same as yours. Here is my code perhaps it will help you out. <?php //******************************** User and session authentication ************************************** function auth(){ /*** If remeber cookies are set validate them ***/ if(isset($_COOKIE['ql_loginName']) && isset($_COOKIE['ql_loginPassword'])){ $sql = "SELECT * FROM usr WHERE (usrName = ".cv($_COOKIE['ql_loginName'])." OR usrEmail = ".cv($_COOKIE['ql_loginName'])." ) AND usrPass = ".cv($_COOKIE['ql_loginPassword'])." LIMIT 1"; $rs = mysql_query($sql); $rw = mysql_fetch_assoc($rs); /*** if user details is valid set sessions ***/ if(mysql_num_rows($rs)){ session_regenerate_id(); $_SESSION['ql_login'] = 1; $_SESSION['ql_usrID'] = $rw['usrID']; $_SESSION['ql_compID'] = $rw['compId']; $_SESSION['ql_level'] = $rw['usrLevel']; $_SESSION['ql_master'] = comp($rw['compId'],'master'); $_SESSION['ql_toDate'] = comp($rw['compId'],'compRenewDate'); if(basename($_SERVER['PHP_SELF']) == "index.php"){// if user is already logged in then redirect to main.php mysql_query("UPDATE usr SET usrLastLog = NOW() WHERE usrID = ".cv($rw['usrID'])); header("Location: main.php"); } }else{// user details not valid // expire the cookies setcookie("ql_loginName","", time() - 3600, "/"); setcookie("ql_loginPassword","", time() - 3600, "/"); header("Location: index.php"); exit(); } mysql_free_result($rs); /*** If Sessions are not set ***/ }else if(!isset($_SESSION['ql_login']) || !isset($_SESSION['ql_usrID']) || !isset($_SESSION['ql_compID']) || !isset($_SESSION['ql_level']) || !isset($_SESSION['ql_master']) || !isset($_SESSION['ql_toDate'])){ unset($_SESSION['ql_login']); unset($_SESSION['ql_usrID']); unset($_SESSION['ql_compID']); unset($_SESSION['ql_level']); unset($_SESSION['ql_master']); unset($_SESSION['ql_toDate']); session_destroy(); if(basename($_SERVER['PHP_SELF']) != "index.php"){ header("Location: index.php"); } }else{ /*** session are set so regenerate id and privileges ***/ session_regenerate_id(); $_SESSION['ql_level'] = usr($_SESSION['ql_usrID'],'usrLevel'); $_SESSION['ql_master'] = comp($_SESSION['ql_compID'],'master'); $_SESSION['ql_toDate'] = comp($_SESSION['ql_compID'],'compRenewDate'); if(basename($_SERVER['PHP_SELF']) == "index.php"){ header("Location: main.php"); } } } auth();//Run User and session authentication ?>

I have never seen a pre-build script that can do this for your. I think you will have to script it. Should be hard to do.

Ok So lets try this. Note you may need to make some variable global or pass them into the function. <?php function showLevel(){ {* DISPLAY USER LEVEL *} <table cellpadding='0' cellspacing='0' width='100%' style='margin-bottom: 10px;'> <tr> <td class='header'>User Level</td> <tr> <td class='profile'> {if $owner->user_info.user_level_id == 1} <img src="../images/nophoto.gif" border="0" /> {/if} {if $owner->user_info.user_level_id == 2} <img src="../images/newupdates.gif" /> {/if} {if $owner->user_info.user_level_id == 3} <img src="../images/search.gif" /> {/if} </td> </tr> </table> {* END USER LEVEL *} } if(user_level_id <= "3"){ showLevel(); } ?>

This will probably give you an error but worth a try. I suspect you will get a header already sent error. If you do then perhaps ajax is the answer. <?php include_once $_SERVER['DOCUMENT_ROOT'] . '/webdevolpments/securimage/securimage.php'; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { ?> <script>alert("Wrong code!")</script> <?php die (header("Location: http://webdevolpments.com/?p=join")); }

stop the mail function from running and echo $body just to see if you are getting the correct data <?php echo $body = "earlybird: $earlybird n\n\ Veszin lid: $veszin n\n\ Normaal: $normaal n\n\ voornaam: $contactVoorname \n\n achternaam: $contactachterName \n\n adres: $contactAdres \n\n pc/plaats: $contactpcPlaats \n\n mobiel: $contactMobiel \n\n\n\n sportcentrum: $Sport_centrum \n\n sportcentrum adres: $Sport_adres \n\n sportcentrum postcode en plaats: $Sport_pcplaats \n\n sportcentrum email: $Sport_email"; ?>

Maybe this <?php if(user_level_id <= "3"){?> <table > tr and td's here </table> <?php }?>

Still no go. When I echo the xmlHttp.response text with Javascript I get the following. "����

Hey gurus , I am having trouble to make the file download script to work. I have used this script before and works but now I want to to work with some ajax sending the query strings. I am positive that i am getting the data to the page! Why isn't the download working? <?php include("../includes/conn.php"); include("../includes/shared.php"); // Allow direct file download (hotlinking)? // Empty - allow hotlinking // If set to nonempty value (Example: example.com) will only allow downloads when referrer contains this text define('ALLOWED_REFERRER', ''); // Download folder, i.e. folder where you keep all files for download. // MUST end with slash (i.e. "/" ) /*** Get file folder name ***/ function theFolderName($id){ $sel = "SELECT compFolder FROM comp WHERE compID =".cv($id)." LIMIT 1"; $rs = mysql_query($sel); $rw = mysql_fetch_assoc($rs); return $rw['compFolder']; mysql_free_result($rs); } define('BASE_DIR','../ql_uploads/'.theFolderName($_POST['compID']).'/'); // log downloads? true/false define('LOG_DOWNLOADS',true); // log file name define('LOG_FILE','downloads.log'); /*************** Get all extentions and content types ***************/ // If myme type is set to empty string then script will try to detect mime type // itself, which would only work if you have Mimetype or Fileinfo extensions // installed on server. $selE = "SELECT * FROM ext";//extention from DB $rsE = mysql_query($selE,$admin); $allowed_ext = array ();//create array to hold extentions and content type while($rwE = mysql_fetch_assoc($rsE) ){ $allowed_ext[substr(strrchr($rwE['ext'],'.'),1)] = $rwE['extCon'];// add to the array } /*** Get file information from DB ***/ function theFile($fID,$col){ $sel = "SELECT fileName,fileOrigName FROM files WHERE fileID =".cv($fID)." LIMIT 1"; $rs = mysql_query($sel); $rw = mysql_fetch_assoc($rs); return $rw[$col]; mysql_free_result($rs); } // If hotlinking not allowed then make hackers think there are some server problems if (ALLOWED_REFERRER !== '' && (!isset($_SERVER['HTTP_REFERER']) || strpos(strtoupper($_SERVER['HTTP_REFERER']),strtoupper(ALLOWED_REFERRER)) === false)) { die("Internal server error. Please contact system administrator."); } // Make sure program execution doesn't time out // Set maximum script execution time in seconds (0 means no limit) set_time_limit(0); if(!isset($_POST['fileID']) || !isset($_POST['compID']) || empty($_POST['fileID']) && empty($_POST['compID']) ){ die("Please specify file name for download."); } // Get real file name. // Remove any path info to avoid hacking by adding relative path, etc. $fname = basename(theFile($_POST['fileID'],'fileName')); // Check if the file exists // Check in subfolders too function find_file ($dirname, $fname, &$file_path) { $dir = opendir($dirname); while ($file = readdir($dir)) { if (empty($file_path) && $file != '.' && $file != '..') { if (is_dir($dirname.'/'.$file)) { find_file($dirname.'/'.$file, $fname, $file_path); } else { if (file_exists($dirname.'/'.$fname)) { $file_path = $dirname.'/'.$fname; return; } } } } } // find_file // get full file path (including subfolders) $file_path = ''; find_file(BASE_DIR, $fname, $file_path); if (!is_file($file_path)) { die("File does not exist. Make sure you specified correct file name."); } // file size in bytes $fsize = filesize($file_path); // file extension $fext = strtolower(substr(strrchr($fname,"."),1)); // check if allowed extension if (!array_key_exists($fext, $allowed_ext)) { die("Not allowed file type."); } // get mime type if ($allowed_ext[$fext] == '') { $mtype = ''; // mime type is not set, get from server settings if (function_exists('mime_content_type')) { $mtype = mime_content_type($file_path); } else if (function_exists('finfo_file')) { $finfo = finfo_open(FILEINFO_MIME); // return mime type $mtype = finfo_file($finfo, $file_path); finfo_close($finfo); } if ($mtype == '') { $mtype = "application/force-download"; } } else { // get mime type defined by admin $mtype = $allowed_ext[$fext]; } // Browser will try to save file with this filename, regardless original filename. // You can override it if needed. if (!isset($_POST['fileID']) || empty($_POST['fileID'])) { $asfname = $fname; }else{ // remove some bad chars $asfname = str_replace(array('"',"'",'\\','/'), '', theFile($_POST['fileID'],'fileOrigName')); if ($asfname === '') $asfname = 'NoName'; } // set headers header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: public"); header("Content-Description: File Transfer"); header("Content-Type: $mtype"); header("Content-Disposition: attachment; filename=\"$asfname\""); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . $fsize); // download @readfile($file_path); $file = @fopen($file_path,"rb"); if ($file) { while(!feof($file)) { print(fread($file, 1024*); flush(); //DB UPDATE HERE if (connection_status()!=0) { @fclose($file); die(); } } @fclose($file); } // log downloads if (!LOG_DOWNLOADS) die(); $f = @fopen(LOG_FILE, 'a+'); if ($f) { @fputs($f, date("m.d.Y g:ia")." ".$_SERVER['REMOTE_ADDR']." ".$fname."\n"); @fclose($f); } mysql_free_result($rsE); ?>

Please confirm that your sql query is working. So make the query a variable and echo it out, the test in phpmyadmin or what ever it is you use.

I am not sure whats wrong on your end But I just tested your code and it works for me?

Hello, If I had a string say How would I go about removing the last "," from the string? So I want it to read ".jpg,.gif,.psd"??

Hello, I have this function that runs when you click a button. This functions take the selected items from box A adds it to box B and removes it from box A. Now this works ok but, as soon as you do a second selection then the remove from box A don't work. Any help would be great function addExt(){ var toRemExt = new Array(); //Create array to hold items to remove elm = document.getElementById('ext'); for(e = 0; e < elm.length; e++){ //loop all the select box items if(elm.options[e].selected){ //work with only the selected items addOption(document.frmExt.curExt, elm.options[e].value, elm.options[e].value); //Add option approved side toRemExt[e] = elm.options[e].value; //write item value to the array } /*** If at the end off the loop remove the items matching the array ***/ if(e == (tExt-1)){ for(a = 0; a < toRemExt.length; a++){ //loop throught the array for(f = 0; f < elm.length; f++){ //for each item in the array loop through the items in the select box if(toRemExt[a] == elm.options[f].value){ //if items match then removeOption(document.frmExt.ext,f); //remove item from select box } } } } //endif } }

Thanks guys so simple there was a space in the php

Hey Guys, I am stuffed if I know what is causing this page not to work I have now spend I don't know how many hours on it. Please have a look and see if you can see what is wrong? I keep on getting the "BAD" alert? but when I alert(xmlHttp.responseText) I get "ok" then how how come it is alerting "BAD" should it not be "GOOD"? Initial PHP page code libEdtBook.php <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script type="text/javascript" src="ajax/js/edtBook.js"></script> </head> <body> <form name="frmAddBook" method="post"> <input type="button" name="updateTheBook" id="updateTheBook" value="Update book details" onclick="svBook()"/> </form> </body> </html> JS ajax code edtBook.js var xmlHttp function svBook(){ xmlHttp=GetXmlHttpObject() if(xmlHttp==null){ alert("Browser does not support HTTP Request"); return; } var qstr; xmlHttp.onreadystatechange = bookSaveResult; xmlHttp.open("POST","ajax/edtBook.php?",true); xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlHttp.send(qstr); } function bookSaveResult(){ if(xmlHttp.readyState==4 || xmlHttp.readyState=="complete"){ if(xmlHttp.responseText == "ok"){ alert("GOOD"); }else { alert("BAD"); } } } function GetXmlHttpObject(){ var xmlHttp=null; try{ // Firefox, Opera 8.0+, Safari xmlHttp=new XMLHttpRequest(); }catch (e){ // Internet Explorer try{ xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); }catch (e){ xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); } } return xmlHttp;} PHP page Ajax is calling edtBook.php <?php echo "ok" ?>

You also have other options that might be better to use, but it real depends on what you are trying to do. You also don't need the extra brackets "()". This <?php if ($_POST['val1'] == "" || $_POST['val2'] == "" || $_POST['calc'] == "") { header("Location: http://127.0.0.1/calculate_form.html"); } ?> Or This <?php if (empty($_POST['val1']) || empty($_POST['val2']) || empty($_POST['calc'])) { header("Location: http://127.0.0.1/calculate_form.html"); } ?> Or This <?php if (!isset($_POST['val1']) || !isset($_POST['val2']) || !isset($_POST['calc'])) { header("Location: http://127.0.0.1/calculate_form.html"); } ?>

You will need to set the second query with in first loop. Say I want to list the team with a member Sample <?php $sql = "SELECT * FROM members"; $rs = mysql_query($sql, $con); while($rw = mysql_fetch_assoc($rs)){ echo $rw['MemberName']; $sqlT = "SELECT * FROM team WHERE teamID = ".$rw['memberTeamID']; $rsT = mysql_query($sqlT,$con); while($rwT = mysql_fetch_assoc($rsT)){ echo "Part of team: ".$rwT['teamName']."<br/>"; } mysql_free_result($rsT) } mysql_free_result($rs); ?>

Found the problem needed to set the content type to text/xml

Hi when I do alert(xmlHttp.responseText) this is my result <?xml version="1.0" encoding="UTF-8"?> <member> <memName>starwars</memName> <memFirstName>Luke</memFirstName> <memLastName>Hall</memLastName> </member> When I alert(xmlHttp.responseXML) I get null? I have since the last post change my php page and the code is like this now. <?php include("../../includes/cmsConfig.php"); include("../../includes/sharedFunctions.php"); auth(); $sql = "SELECT * FROM members WHERE memID = ".checkVars($_POST['memID']); $rs = mysql_query($sql ,$admin); $rw = mysql_fetch_assoc($rs); $xmltext = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<member></member>"; $xmlobj = simplexml_load_string($xmltext); $xmlobj->addChild("memName", $rw['memName']); $xmlobj->addChild("memFirstName", $rw['memFirstName']); $xmlobj->addChild("memLastName", $rw['memLastName']); print header("Content-type: text/plain") . $xmlobj->asXML(); ?>

Anyone please?

Would love to help but where is the code?

Sorry typo ' is present but the same fault.

Hello Guys I have page I am working on but my xml object is null? well it's null when I do an alert? Can you guys see something work? Javascript var xmlHttp function getMemDetail(){ xmlHttp=GetXmlHttpObject() if(xmlHttp==null){ alert("Browser does not support HTTP Request"); return; } var qstr; qstr = "memID="+document.getElementById('members').value; xmlHttp.onreadystatechange = returnDetails; xmlHttp.open("POST","ajax/getMemberDetails.php?",true); xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlHttp.send(qstr); } function returnDetails(){ if(xmlHttp.readyState==4 ){ //alert(xmlHttp.responseText); //xmlDoc = xmlHttp.responseXML; alert(xmlHttp.responseXML); //WHY IS THIS NULL document.getElementById("toName").innerHTML = xmlDoc.getElementsByTagName("memFirstName")[0].childNodes[0].nodeValue; } } function GetXmlHttpObject(){ var xmlHttp=null; try{ // Firefox, Opera 8.0+, Safari xmlHttp=new XMLHttpRequest(); }catch (e){ // Internet Explorer try{ xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); }catch (e){ xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); } } return xmlHttp;} PHP <?php include("../../includes/cmsConfig.php"); include("../../includes/sharedFunctions.php"); auth(); $sql = "SELECT * FROM members WHERE memID = ".checkVars($_POST['memID']); $rs = mysql_query($sql ,$admin); $rw = mysql_fetch_assoc($rs); echo '<?xml version="1.0" encoding="ISO-8859-1"?>'; echo '<member>'; echo '<memName>'.$rw['memName'].'</memName>'; echo '<memFirstName>'.$rw['memFirstName'].'</memFirstName>'; echo '<memLastName>'.$rw['memLastName'].'</memLastName>'; // echo '<memAddress>'..'</memAddress>'; echo '</member>'; ?>

Hello Guys I have page I am working on but my xml object is null? well it's null when I do an alert? Can you guys see something work? Javascript var xmlHttp function getMemDetail(){ xmlHttp=GetXmlHttpObject() if(xmlHttp==null){ alert("Browser does not support HTTP Request"); return; } var qstr; qstr = "memID="+document.getElementById('members').value; xmlHttp.onreadystatechange = returnDetails; xmlHttp.open("POST","ajax/getMemberDetails.php?",true); xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlHttp.send(qstr); } function returnDetails(){ if(xmlHttp.readyState==4 ){ //alert(xmlHttp.responseText); //xmlDoc = xmlHttp.responseXML; alert(xmlHttp.responseXML); //WHY IS THIS NULL document.getElementById("toName").innerHTML = xmlDoc.getElementsByTagName("memFirstName")[0].childNodes[0].nodeValue; } } function GetXmlHttpObject(){ var xmlHttp=null; try{ // Firefox, Opera 8.0+, Safari xmlHttp=new XMLHttpRequest(); }catch (e){ // Internet Explorer try{ xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); }catch (e){ xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); } } return xmlHttp;} PHP <?php include("../../includes/cmsConfig.php"); include("../../includes/sharedFunctions.php"); auth(); $sql = "SELECT * FROM members WHERE memID = ".checkVars($_POST['memID']); $rs = mysql_query($sql ,$admin); $rw = mysql_fetch_assoc($rs); echo '<?xml version="1.0" encoding="ISO-8859-1"?>'; echo '<member>'; echo '<memName>'.$rw['memName'].'</memName>'; echo '<memFirstName>'.$rw['memFirstName'].'</memFirstName>'; echo '<memLastName>'.$rw['memLastName'].'</memLastName>'; // echo '<memAddress>'..'</memAddress>'; echo '</member>'; ?>

Yes but the website does not have an ftp connection to the server it has a http connection therefor isn't the file being uploaded to the php temp folder still a http ?