Jump to content

Conjurer

Members
  • Posts

    107
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

Conjurer's Achievements

Member

Member (2/5)

0

Reputation

  1. Just now trying to implement and I don't understand the piece above where it says: elseif(mysql_num_rows($directoryResult)) { $output = "<tr><td>There are no records to display.</td></tr>"; } Don't I just want that when the value is 0 - cause if it is 1 or higher there are rows to display? So should it be like this instead: elseif(mysql_num_rows($directoryResult)='0') { $output = "<tr><td>There are no records to display.</td></tr>"; } Thanks for the help!
  2. Thanks for pointing me in a couple directions. I think I can figure it out from there, that will be very useful indeed! And I see the point in the second post, in this case I am only pulling a few elements, but in a larger query it could get messy.
  3. I have a database query set up that returns an array. I then cycle through the rows in a foreach statement that wraps each value in a <td> tag to output it to a table. It works really great, but now I need to access two of the values and add some info to them. The first field returned is an image filename and I want to wrap it in an image tag that also concatenates the image path location to the value. All the images are stored in the same location, so basically I want to take the first value form the array and add the path to where the images are and wrap the whole thing in an <img> tag. The other field I need to modify is the last value in the array which is actually an email address. For that field I want to make them an active email link so I need to wrap an <a>href=mailto: </a> tag around the value. How could I modify this code so I could add the necessary tags to these elements of the array? Here is the code I am running: $query = "Select member_image as 'Image', member_name as 'Name', city as 'City', phone as 'Phone', email as 'Email' FROM directory"; //connect to database $conn=db_connect(); //call function do_query to run the query and output the table do_query($conn, $querey); The functions called are as follows: function db_connect() { $conn = new mysqli("localhost", "username", "password", "databasename"); } function do_query($conn, $query); { $result = mysqli_query($conn, $query); WHILE ($row = mysqli_fetch_assoc($result)) { If (!$heading) //only do if header row hasn't been output yet { $heading = TRUE; //so we only do it once echo "<table>\n<tr<>\n"; foreach ($row as $key => $val) { echo "<th>$key</th>"; } echo "</tr>\n"; } echo "<tr>"; foreach ($row as $val) { echo "<td> $val </td>"; } echo "</tr>\n"; } //close the while echo "</table>\n"; }
  4. No, but I also stumbled on the empty() function which seems better...as in if (empty($_POST))
  5. I have a form that is populating fields based on a database query. I am then trying to update the database based on any changes made in the form and passed through a POST action. The problem I am having is with the block where I declare short variable names for the $_POST variables that will be passed when the user hits the submit button. For each variable declaration I get an error message like this: I have tried testing the $_POST variable using the isset function but it apparently is set but empty. What would be a good way to test to see if the user has pressed the submit button before I go into the processing block that is intended to handle those values from the form? Here is where my code is at right now: if (!isset($_POST)) { throw new Exception('You have not filled the form out completely - please go back' .' and try again.'); } else { //filled in so create short variable names $email=$_POST['email']; $first_name=$_POST['first_name']; $last_name=$_POST['last_name'];
  6. Sorry, I had db_connect defined in an include file: function db_connect() { $conn = new mysqli("localhost", "xyz_xyzuser", "x213", "xyz_members"); if (mysqli_connect_errno() > 0) { $errmsg = "Failure - Could not connect to database with db_connect.<br />mysqli_connect_error message: ".mysqli_connect_error()."<br /><br />"; throw (new Exception($errmsg)); } else { //echo "Connection worked! <br>"; return $conn; } }
  7. I am a bit rusty with mySQL and I tried to borrow some other query code and modify it into an update command...apparently I am trying to use an invalid property in my error checking. Basically I just want to check and see if there were NO rows updated so I can let the user no that nothing was changed. There are probably easier ways to do this? The page where I set the variable values is based on a form post. I am not sure how to write my validation tests. Right now it is running the update successfully but it is reporting back an error based on hitting the "else if" test where I am trying to see if no rows were updated. The error message is: //create a SQL statement $updt_cmd = "UPDATE users t1, directory t2 " ."SET t1.email = '$email', " ."t2.first_name='$first_name', " ."t2.last_name='$last_name', " ."t2.suffix='$suffix', " ."t2.website_url='$website_url' " ."WHERE t1.username ='$username' AND t2.directory_id = t1.directory_id"; $conn = db_connect(); $result = $conn->query($updt_cmd); if (!$result) {//could not execute query throw new Exception('<h2>Could not execute member profile update!</h2><p>Error: ' .mysqli_errno($conn) .mysqli_error($conn) .'</p>' ); } else if ($result->num_rows==0) {// no rows so nothing was updated. throw new Exception('<h2>No fields were updated! </h2><p>Error: ' .mysqli_errno($conn) .mysqli_error($conn) .'</p>' ); } else { $mbr_profile = $result->fetch_object(); print_r($mbr_profile); return $mbr_profile; } Am I using the right functions here to do this and if so where can I find the class properties to use to test if nothing was updated? Thanks
  8. I like simple! Thanks - back on track now. :-)
  9. Hmmm, not finding much on SALT and how to. There were two recent approaches at the MD5() documentation discussion. Are these both pretty much the same or would one approach be better than the other? Very ugly way to combine. <?php $salt = md5("1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"); $password = hash( 'MD5',$salt ); $hash = $password . $salt; $rand = rand(1, 256)%4; for ( $i = 0; $i < $rand; $i++ ) { $hash = hash('md5',$hash ); } echo $hash, '<br>'; echo (microtime(1)-$time)*10000,': time in ms'; ?> Anonymous 08-Jun-2010 08:36 Here's a relatively simple function I designed to hash out passwords using MD5. Assumes max length of user supplied password (20) max length of database field (40). <?php define ('SALT_ONE', 'some_random_123_collection_&$^%_of_stuff'); define ('SALT_TWO', 'another_random_%*!_collection_ANbu_of_stuff'); $password = 'dragon'; function generate_encrypted_password($str) { $new_pword = ''; if( defined('SALT_ONE') ): $new_pword .= md5(SALT_ONE); endif; $new_pword .= md5($str); if( defined('SALT_TWO') ): $new_pword .= md5(SALT_TWO); endif; return substr($new_pword, strlen($str), 40); } echo generate_encrypted_password($password); ?>
  10. So it sounds like I need to modify the function since I am not adding SALT except on my food. Here is the code I came up with for changing password. I am not sure how to SALT it and will research that in the reference doc, but given that I have to modify it to add SALT - should I change to something else? //--------------------------------------------------------------------------- // function to change user password //--------------------------------------------------------------------------- function change_password($username, $old_password, $new_password) // change password for username/old_password to new_password // return true or false { // if the old password is right // change their password to new_password and return true // else throw an exception $conn = db_connect(); assert ($conn); // echo "login parameters for the change_password function:<br>"; // echo "User = $username, Password = $old_password, Connection = $conn<br>"; login($username, $old_password, $conn); $result = $conn->query( "update users set password = sha1('$new_password') where username = '$username'"); if (!$result) throw new Exception('Password could not be changed.'); else return true; // changed successfully } //--------------------------------------------------------------------------- // function to get random word Suggestions on how best to modify the encryption would be appreciated. Thanks for the help.
  11. Well is there a need to do something more than sha1? Why do a md5 inside the sha1???! This site just has things like bylaws and meeting minutes and names/addresses. What I am really wondering is whether there is a compelling reason to change the sha1 encryption I am using. If it ain't broke....
  12. Boy, that is way deeper than I can assimilate. It is a membership area for a professional association. So my old work was to use SHA1() to encrypt and store the password. Is that probably good enough or should I seriously be using something else? Looking for real world practice here...if it isn't broke then I would prefer to not mess with it.
  13. I am reworking some code from a password authentication I did a long long time ago. The original code is using SHA1() function to encrypt the passwords for storage in the MySQL database. Is that still considered the way to go, or should I be using a different method for encrypting the little buggers? Thanks
  14. Thanks - I also posted a help ticket at the server site and got the following: PHP, Apache and MySQL was updated to the latest stable release (according to http://forums.xyzhosting.com/showthread.php?t=86495 topic) and some php extensions wasn't enabled automatically by cpanel. Please check all your sites and let us know if you find similar problems. Grrrr... glad it is sorted but wish I had found that out a couple hours earlier! Thanks for your help.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.