Jump to content

jeicrash

Members
  • Posts

    14
  • Joined

  • Last visited

    Never

Posts posted by jeicrash

  1. Here is my final code in case anyone else wants to do this type of thing.

     

    <? 
    $php_self = $_SERVER['PHP_SELF']; 
    $normal = 'images/eyes.jpg';
    $red = 'images/eyesred.jpg';
    $blue = 'images/eyesblue.jpg';
    $yellow = 'images/eyesyellow.jpg';
    $lipsnorm = 'images/lips2.jpg';
    $lipsgrey = 'images/lips2grey.jpg';
    $lipsred = 'images/lips2red.jpg';
    if (!ISSET($_POST['EyeColor']) OR ($_POST['EyeColor'] == 'Normal')){
    $eyes = $normal;
        }elseif	($_POST['EyeColor'] == 'Red') {
    		$eyes = $red ;
    	}elseif	($_POST['EyeColor'] == 'Blue') {
    		$eyes = $blue ;
    	}elseif	($_POST['EyeColor'] == 'Yellow') {
    		$eyes = $yellow ;
    		}
    if (!ISSET($_POST['Lips']) OR ($_POST['Lips'] == 'Normal')) {
    $lips = $lipsnorm;
    }elseif ($_POST['Lips'] == 'Red') {
    	$lips = $lipsred;
    }elseif ($_POST['Lips'] == 'Grey') {
    	$lips = $lipsgrey;
    }
    
    ?>
    <table border="1">
    <tr>
    	<td>
    <table border="1">
    <tr>
    <td>		
    <form id="form1" name="form1" method="post" action="">
      <label> Eye Color<br />
      <input type="radio" name="EyeColor" id="EyeColor" value="Red" />
      <img src="images/eyesred.jpg" /></label>
      <p>
        <label>
        <input type="radio" name="EyeColor" id="EyeColor2" value="Blue" />
        <img src="images/eyesblue.jpg" /></label>
      </p>
      <p>
        <label>
        <input type="radio" name="EyeColor" id="EyeColor3" value="Yellow" />
        <img src="images/eyesyellow.jpg" /></label>
      </p>
      <?
    if (ISSET ($_POST['EyeColor'])){
    	echo '<p><label>Last selected<br>
        <input type="radio" name="EyeColor" id="EyeColor4" value="' . $_POST['EyeColor'] . '" checked="checked"/>
        <img src="' . $eyes . '" /></label></p>';
    }
    ?>
      <p>Lips</p>
      <p>
        <label>
        <input type="radio" name="Lips" id="Lips" value="Grey" />
        <img src="images/lips2grey.jpg" /></label>
      </p>
      <p>
        <label>
        <input type="radio" name="Lips" id="Lips2" value="Red" />
        <img src="images/lips2red.jpg" /></label>
    <br>
    <label>
    <p>
    	<?
    if (ISSET ($_POST['Lips'])){
    	echo '<p><label>Last selected<br>
        <input type="radio" name="Lips" id="Lips3" value="' . $_POST['Lips'] . '" checked="checked"/>
        <img src="' . $lips . '" /></label></p>';
    }
    ?>
        <input type="submit" name="submit" id="submit" value="Preview" />
        </label>
      </p>
    </form>
    </td>
    </tr>
    
    </table>
    </td><td>
    <center>
    <table border="0" cellpadding="0" cellspacing="0">
    <tr>
    <td><img src="images/hair1.jpg"></td><td><img src="images/hair2.jpg"></td><td><img src="images/hair3.jpg"></td>
    </tr>
    <tr>
    <td><img src="images/hair4.jpg"></td><td><img src="<? echo $eyes; ?>"></td><td><img src="images/hair5.jpg"></td>
    </tr>
    <tr>
    <td colspan="3"><img src="images/nose.jpg"></td></tr>
    <tr>
    <td><img src="images/lips1.jpg"></td><td><img src="<? echo $lips; ?>"></td><td><img src="images/lips3.jpg"></td>
    </tr>
    <tr>
    <td colspan="3"><img src="images/chin.jpg"></td>
    </tr>
    </table>
    </td>
    </tr>
    </table>
    </center>
    </body>

     

  2. ok I figured out a work around. I did away with the multi-form layout and went with radio buttons with images next to them.

     

    Now users simply choose their choices and click the preview button to see what the char. will look like.

     

    This worked better for several reasons.

    1. Its now very easy to add more items to the form

    2. Less page hits while making the char.

    3. No javascript or other languages needed

     

    Now I get to start on creating some way to save it all to a database then they are done.

     

    Thanks again.

  3. $eyes = $_POST['EyeColor'];
    $lips = $_POST['Lips'];

     

    This part is suppose to hold the values after being posted.

    If I make it all one form it works fine, but then you have to make all your choices at once. I'm not sure if somewhere I am un-knowingly un-setting the values.

     

    I'm going to look around some more, there has to be a way to use the form ID in php.

     

    Thanks again, if all else fails I may look into ajax, but i'd like to stay away from any extra languages for now.

  4. I am working on a char builder for a game and have run into a small problem.

    The page contains two forms right now and will contain even more later.

    When I submit one form it resets the value for the second form.

    Is their a way to keep the form values after being submitted?

     

    Here is my code so far

    and this is not online yet I am using xampp to build it first.

    and no session is being used.

     

    <? 
    $php_self = $_SERVER['PHP_SELF']; 
    $normal = 'images/eyes.jpg';
    $red = 'images/eyesred.jpg';
    $blue = 'images/eyesblue.jpg';
    $yellow = 'images/eyesyellow.jpg';
    $lipsnorm = 'images/lips2.jpg';
    $lipsgrey = 'images/lips2grey.jpg';
    $lipsred = 'images/lips2red.jpg';
    $eyes = $_POST['EyeColor'];
    $lips = $_POST['Lips'];
    
    if (!ISSET($_POST['EyeColor']) OR ($_POST['EyeColor'] == 'Normal')){
    $eyes = $normal;
        }elseif	($_POST['EyeColor'] == 'Red') {
    		$eyes = $red ;
    	}elseif	($_POST['EyeColor'] == 'Blue') {
    		$eyes = $blue ;
    	}elseif	($_POST['EyeColor'] == 'Yellow') {
    		$eyes = $yellow ;
    		}
    if (!ISSET($_POST['Lips']) OR ($_POST['Lips'] == 'Normal')) {
    $lips = $lipsnorm;
    }elseif ($_POST['Lips'] == 'Red') {
    	$lips = $lipsred;
    }elseif ($_POST['Lips'] == 'Grey') {
    	$lips = $lipsgrey;
    }
    
    ?>
    <table border="1">
    <tr>
    <td>
    <form id="form1" name="form1" method="post" action="<? $php_self ?>">
      <p>Eye Color:<br>
        <select name="EyeColor">
          <option>Normal</option>
          <option>Red</option>
          <option>Blue</option>
          <option>Yellow</option>
        </select><br>
        <label>
        <input type="submit" name="submit" id="submit" value="Set" />
        </label>
    </p>
    </form>
    <form id="form2" name="form2" method="post" action="<? $php_self ?>">
    <p>Lip Color:<br>
    <select name="Lips">
          <option>Normal</option>
          <option>Red</option>
          <option>Grey</option>
        </select>  <br>
        <label>
        <input type="submit" name="submit" id="submit" value="Set" />
        </label>
    </p>
    </form>
    </td>
    </tr>
    
    </table>
    <? echo $lips . '<br>';
    echo $eyes; ?>
    <center>
    <table border="0" cellpadding="0" cellspacing="0">
    <tr>
    <td><img src="images/hair1.jpg"></td><td><img src="images/hair2.jpg"></td><td><img src="images/hair3.jpg"></td>
    </tr>
    <tr>
    <td><img src="images/hair4.jpg"></td><td><img src="<? echo $eyes; ?>"></td><td><img src="images/hair5.jpg"></td>
    </tr>
    <tr>
    <td colspan="3"><img src="images/nose.jpg"></td></tr>
    <tr>
    <td><img src="images/lips1.jpg"></td><td><img src="<? echo $lips; ?>"></td><td><img src="images/lips3.jpg"></td>
    </tr>
    <tr>
    <td colspan="3"><img src="images/chin.jpg"></td>
    </tr>
    </table>
    </center>
    </body>

  5. Ok got most of it sorted out now and figured out what all the _GET are for.

     

    after registering the user receives and email with a link in it. It then sends them to this part of code to verify.

     

    function user_confirm() {
    
    //global $supersecret_hash_padding;
    
    //verify they didn't tamper with the email address
    $new_hash = md5($_GET['email']);
    if ($new_hash && ($new_hash == $_GET['hash'])) {
    $query = "SELECT username FROM users WHERE confirm_hash = $new_hash'";
    $result = mysql_query($query);
    if (!$result || mysql_num_rows($result) < 1) {
    $feedback = 'ERROR -- Hash not found';
    return $feedback;
    } else {
    //Confirm email and set account active
    $email = $_GET['email'];
    $hash = $_GET['hash'];
    $query = "UPDATE users SET email='$email', is_confirmed='1' WHERE confirm_hash='$hash'";
    $result = mysql_query($query);
    return 1;
    }
    } else {
    $feedback = 'ERROR -- Values do not match';
    return $feedback;
    }
    }
    
    ?>
    

     

    Which is at the bottom of the register_func.inc.php file.

     

    and here is confirm.php

     

    <?php
    //confirmation page for email link
    ini_set ("display_errors", "1");
    error_reporting(E_ALL);
    require_once('includes/register_func.inc.php');
    if ($_GET['hash'] && $_GET['email']) {
    $worked = user_confirm();
    } else {
    $feedback_str = "<P class=\"errormess\">ERROR -- Bad link</p>";
    }
    if ($worked != 1) {
    $noconfirm = '<P class="errormess">Something went wrong. ' . 'Send email to webmaster@jeicrash.net for help.</p>';
    } else {
    $confirm = '<P class="big">You are now confirmed. <a ' . 'href="login.php">Log in</a> to start browsing the ' . 'site.</p>';
    }
    $page = <<< EOPAGE
    <table cellpadding=0 cellspacing=0 border=0 align=center width=621>
    <tr>
    <td><img width=15 height=1 src=../images/spacer.gif></td>
    <td width=606 class=left>
    $feedback_str
    $noconfirm
    $confirm
    </td>
    </tr>
    </table>
    EOPAGE;
    echo $page;
    ?>
    

     

    Now no matter what I get the error:

    Notice: Undefined variable: feedback_str in /home/jeicrash/public_html/sandbox/confirm.php on line 22

     

    Notice: Undefined variable: confirm in /home/jeicrash/public_html/sandbox/confirm.php on line 26

     

     

    Something went wrong. Send email to webmaster@jeicrash.net for help.

     

    even though I am using one email address for register and confirm.

     

    I'm wondering if its this line

     

    $new_hash = md5($_GET['email']);
    if ($new_hash && ($new_hash == $_GET['hash']))

    from register_func.inc.php.

     

    Thanks again.

  6. Ok, getting closer.

    Found out user_register existed, but for some reason did not have the

    function user_register anywhere. I put it in and now I have new errors.

     

    Fatal error: Call to undefined function validate_email() in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 19

     

    New code: for register_func.inc.php

    <?php
    include_once('db_vars.inc.php');
      //Connect to mysql server
            $link = mysql_connect("$db_host","$db_user","$db_secret");
            if(!$link) {
                    die('Failed to connect to server: ' . mysql_error());
            }
            //Select database
            $db = mysql_select_db("$db_selected");
            if(!$db) {
                    die("Unable to select database");
            }
    
    //$supersecret_hash_padding = 'midgets rule the world with monkeys on stilts.';
    //global $supersecret_hash_padding;
    
    function user_register() {
    
    if (strlen($_POST['username']) <= 25 && strlen($_POST['password1']) <= 25 && ($_POST['password1'] == $_POST['password2']) && strlen($_POST['email']) <= 50 && validate_email($_POST['email'])) {
    //validate username and password
    if (account_namevalid($_POST['username']) || strlen($_POST['password1'] >= 6)) {
    $username = strtolower($_POST['username']);
    $username = trim($username);
    //don't need to escape, because single quotes
    //aren't allowed
    $email = $_POST['email'];
    //Don't allow duplicate users or emails
    $query = "SELECT user_id FROM users WHERE username = '$username' AND email = '$email'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result) > 0) {
    
    $feedback = 'ERROR -- Username or email already exists, Please choose another';
    return $feedback;
    } else {
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $password = md5($_POST['password1']);
    $user_ip = $_SERVER['REMOTE_ADDR'];
    //create a new hash to insert into the db and
    //the confirmation email
    $hash = md5($email);
    
    $query = "INSERT INTO users (username, first_name, last_name, password, email, remote_addr, confirm_hash, is_confirmed, date_created)
    VALUES ('$username', '$first_name', '$last_name', '$password', '$email', '$user_ip', '$hash', '0', NOW())";
    $result = mysql_query($query);
    if (!$result) {
    $feedback = 'ERROR -- Database error';
    return $feedback;
    } else {
    //send confirmation emaiml
    $encoded_mail = urlencode($_POST['email']);
    $mail_body = <<< EOMAILBODY
    Thank you for registering at sandbox.jeicrash.net. Click the link below to confirm registration:
    http://sandbox.jeicrash.net/confirm.php?hash=$hash&email=$encoded_email
    Once you confirm you will be logged into sandbox.jeicrash.net
    EOMAILBODY;
    mail ($email, 'Sandbox.jeicrash.net confirmation',
    	$mail_body, 'From: webmaster@jeicrash.net');
    // Successful reg message
    $feedback = 'You have successfully registered. Your confirmation email will arrive in your inbox soon';
    return $feedback;
    }
         }
    } else {
    $feedback = 'ERROR -- Username or password is invalid';
    return $feedback;
          }
    } else {
    $feedback = 'ERROR -- Please fill in all fields correctly';
    return $feedback;
    }
    
    function account_namevalid() {
    // parameter for use with strspan
    $span_str = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ012345689-";
    
    //must have at least one character
    if (strspn($_POST['username'],$span_str) == 0) {
    return false;
    }
    //must contain all legal characters
    if (strspn($_POST['username'],$span_str) != strlen($username)) {
    return false;
    }
    //min and max length
    if (strlen($_POST['username']) < 5) {
    return false;
    }
    if (strlen($_POST['username']) > 25) {
    return false;
    }
    
    //illegal names
    if
    (eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$", $_POST['username'])) 
    {
    return false;
    }
    if (eregi("^(anoncvs_)", $_POST['username'])) {
    return false;
    }
    
    return true;
    }
    
    function validate_email() {
    return (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'. '@' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $_POST['email']));
    }
    
    function user_confirm() {
    
    //global $supersecret_hash_padding;
    
    //verify they didn't tamper with the email address
    $new_hash = md5($_GET['email']);
    if ($new_hash && ($new_hash == $_GET['hash'])) {
    $query = "SELECT username FROM users WHERE confirm_hash = $new_hash'";
    $result = mysql_query($query);
    if (!$result || mysql_num_rows($result) < 1) {
    $feedback = 'ERROR -- Hash not found';
    return $feedback;
    } else {
    //Confirm email and set account active
    $email = $_GET['email'];
    $hash = $_GET['hash'];
    $query = "UPDATE users SET email='$email', is_confirmed='1' WHERE confirm_hash='$hash'";
    $result = mysql_query($query);
    return 1;
    }
    } else {
    $feedback = 'ERROR -- Values do not match';
    return $feedback;
    }
    }
    }
    ?>
    

     

    However I see function validate_email()

     

    function validate_email() {
    return (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'. '@' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $_POST['email']));
    }

     

    Image of code from pdf

    http://sandbox.jeicrash.net/val_email.jpg

     

    So i'll be spending more time now going back through things, I am beginning to think a lot of my problems are coming from how the code is shown in the pdf possibly they way they continue code from one page to another.

     

     

     

     

  7. ok I miss-read . I changed

     

    if ($submit == 'submit') {

    to

    if ($_POST['submit'] == 'submit') {

    and

    if ($_POST['submit']) {

     

    and the error is now

     

    Notice: Undefined variable: username in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 80

     

    Fatal error: Call to undefined function user_register() in /home/jeicrash/public_html/sandbox/register.php on line 12

     

    I checked both register.php and the inc file and no user_register exists. except that one small part of code that read.

     

    $feedback = user_register();
    

     

    I think i'm getting closer to finding out what is wrong.

    1. This book is not laid out very well

    2. code is left out

    3.

    ini_set ("display_errors", "1");
    error_reporting(E_ALL);
    

    Should be covered more in these books.

  8. The book covers globals and states to keep them off, and they are.

     

    All the php books I have read this far talk about globals and how in 5 they are no longer on by default. All the information is being sent via the POST and not GET. Reading through this book I am finding other things that don't make since as well. Like saving include files as just .inc instead of .inc.php so the code can't be viewed by a browser.

     

    Regardless of the book ($1.00 pdf download). Is their anything in the pasted code, or an alternative I can use or do?

     

    I have a working reg form but it does not have any error checking or validation built in right now. And for some reason none of my login forms work.

     

    Here is the full errors from the page http://sandbox.jeicrash.net/register.php

     

    Notice: Undefined index: username in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: password1 in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: password1 in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: password2 in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: email in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: email in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 17

     

    Notice: Undefined index: email in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 105

     

    Notice: Undefined index: first_name in /home/jeicrash/public_html/sandbox/register.php on line 5

     

    Notice: Undefined index: last_name in /home/jeicrash/public_html/sandbox/register.php on line 6

     

    Notice: Undefined index: username in /home/jeicrash/public_html/sandbox/register.php on line 7

     

    Notice: Undefined index: email in /home/jeicrash/public_html/sandbox/register.php on line 8

     

    Notice: Undefined variable: submit in /home/jeicrash/public_html/sandbox/register.php on line 9

     

     

    REGISTER

    Fill this out so we will send you an email with stuff in it

     

    These errors are simply due to the form having a

    <? $_POST['varname']; ?>

    in the value= field of the form.

     

    I am assuming submit is shown since it is not an actual variable however I may be wrong.

     

    I have looked back through the code and so far can not see any typos between them or the database.

    For example having 'ID' in the form but 'id' in the database.

     

    Perhaps I am overlooking something else. But the code I see is the exact to what I pasted above.

     

    and when I change

    if ($submit == 'submit')

    to

    if ($submit == $_POST['submit'])

     

    I get this extra error

     

    Fatal error: Call to undefined function user_register() in /home/jeicrash/public_html/sandbox/register.php on line 10

  9. Ok I added

     

    ini_set ("display_errors", "1");
    error_reporting(E_ALL);

     

    to register.php and this is what I got, after filling out the form. Before I filled it out I got errors on all the unset variables in the script.

     

    Notice: Undefined variable: username in /home/jeicrash/public_html/sandbox/includes/register_func.inc.php on line 80

     

    Notice: Undefined variable: submit in /home/jeicrash/public_html/sandbox/register.php on line 9

     

    Line 79-81 read:

     

    //must contain all legal characters
    if (strspn($_POST['username'],$span_str) != strlen($username)) {
    return false;
    }
    

     

     

    Straight out of a php5 book? Really??

     

    if ($submit == 'Mail confirmation') {

     

    Surely that should be if ($_POST['submit'] ...

     

    And since the form method is post, where do all those $_GET variables come from?

     

    Yes as I said above the book is "php5 and mysql bible" by Tim Converse and Joyce Park. Chapter 44.

     

    I was asking myself where and why all the GET variables. I have also changed the value of submit from "Mail confirmation" to "submit" with no change.

     

    Thanks again.

  10. I am still trying to sort php out, I have learned how to do some neat stuff but I am completely stuck on this problem.

     

    php version: 5.2.5

    Mysql version: 5.0.45-community-log

    Apache version: 2.2.8

    hosting co.: bluehost.com

    domain: http://sandbox.jeicrash.net

     

    When I fill out the reg form I click the "submit" button and it takes me back to the form with no errors. I am using PHP_SELF for submitting the form and including another script with functions.

     

    I have commented out some of the lines to make the code a bit smaller and to try to remove any extras for testing. I have tried opening the files in aptana and dreamweaver to check for errors.

     

    register.php (http://sandbox.jeicrash.net/register.php)

     

    <?php
    require_once('includes/register_func.inc.php');
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $username = $_POST['username'];
    $email = $_POST['email'];
    if ($submit == 'Mail confirmation') {
    $feedback = user_register();
    
    //Give feedback reguardless
    $feedback_str = "<P class=\"errormess\">$feedback</P>";
    } else {
    //show form for the first time
    $feedback_str = '';
    }
    
    //The form
    //include_once('includes/header_footer.php');
    //site_header('Registration');
    
    //superglobals don't work with heredoc
    $php_self = $_SERVER['PHP_SELF'];
    
    $reg_str = <<< EOREGSTR
    <Table cellpadding=0 cellspacing=0 border=0 align=center width=621>
    <tr>
    <td rowspan=10><img width=15 height=1 src="../images/spacer.gif"></td>
    <td width=606></td>
    </tr>
    <tr>
    <td>
    $feedback_str
    <P classh="left"><B>REGISTER</B><br>
    Fill this shit out so we will send you an email with stuff in it</p>
    <form action="$php_self" method="post">
    <p class="bold">First Name<br>
    <input type="text" name="first_name" value="$first_name" size="20" maxlength="25"></p>
    <p class="bold">Last Name<br>
    <input type="text" name="last_name" value="$last_name" size="20" maxlength="25"></p>
    <p class="bold">Username<br>
    <input type="text" name="username" value="$username" size="10" maxlength="25"></p>
    <p classh="bold">Password<br>
    <input type="password" name="password1" value="" size="10" maxlength="25"></p>
    <p class="left"><b>Password</b>(again)<br>
    <input type="password" name="password2" value="" size="10" maxlength="25"></p>
    <p class="left"><b>Email</b> (Required for confirmation)<br>
    <input type="text" name="email" value="$email" size="30" maxlength="50">
    </p>
    <p><input type="SUBMIT" name="submit" value="Mail Confirmation">
    </p>
    </form>
    </td>
    </tr>
    </table>
    EOREGSTR;
    echo $reg_str;
    
    //site_footer();
    ?>
    

     

    register_func.inc.php (http://sandbox.jeicrash.net/includes/register_func.inc.php)

     

    <?php
    include_once('db_vars.inc.php');
      //Connect to mysql server
            $link = mysql_connect("$db_host","$db_user","$db_secret");
            if(!$link) {
                    die('Failed to connect to server: ' . mysql_error());
            }
            //Select database
            $db = mysql_select_db("$db_selected");
            if(!$db) {
                    die("Unable to select database");
            }
    
    //$supersecret_hash_padding = 'midgets rule the world with monkeys on stilts.';
    //global $supersecret_hash_padding;
    
    if (strlen($_POST['username']) <= 25 && strlen($_POST['password1']) <= 25 && ($_POST['password1'] == $_POST['password2']) && strlen($_POST['email']) <= 50 && validate_email($_POST['email'])) {
    //validate username and password
    if (account_namevalid($_POST['username']) || strlen($_POST['password1'] >= 6)) {
    $username = strtolower($_POST['username']);
    $username = trim($username);
    //don't need to escape, because single quotes
    //aren't allowed
    $email = $_POST['email'];
    //Don't allow duplicate users or emails
    $query = "SELECT user_id FROM users WHERE username = '$username' AND email = '$email'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result) > 0) {
    
    $feedback = 'ERROR -- Username or email already exists, Please choose another';
    return $feedback;
    } else {
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $password = md5($_POST['password1']);
    $user_ip = $_SERVER['REMOTE_ADDR'];
    //create a new hash to insert into the db and
    //the confirmation email
    $hash = md5($email);
    
    $query = "INSERT INTO users (username, first_name, last_name, password, email, remote_addr, confirm_hash, is_confirmed, date_created)
    VALUES ('$username', '$first_name', '$last_name', '$password', '$email', '$user_ip', '$hash', '0', NOW())";
    $result = mysql_query($query);
    if (!$result) {
    $feedback = 'ERROR -- Database error';
    return $feedback;
    } else {
    //send confirmation emaiml
    $encoded_mail = urlencode($_POST['email']);
    $mail_body = <<< EOMAILBODY
    Thank you for registering at sandbox.jeicrash.net. Click the link below to confirm registration:
    http://sandbox.jeicrash.net/confirm.php?hash=$hash&email=$encoded_email
    Once you confirm you will be logged into sandbox.jeicrash.net
    EOMAILBODY;
    mail ($email, 'Sandbox.jeicrash.net confirmation',
    	$mail_body, 'From: webmaster@jeicrash.net');
    // Successful reg message
    $feedback = 'You have successfully registered. Your confirmation email will arrive in your inbox soon';
    return $feedback;
    }
         }
    } else {
    $feedback = 'ERROR -- Username or password is invalid';
    return $feedback;
          }
    } else {
    $feedback = 'ERROR -- Please fill in all fields correctly';
    return $feedback;
    }
    
    function account_namevalid() {
    // parameter for use with strspan
    $span_str = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ012345689-";
    
    //must have at least one character
    if (strspn($_POST['username'],$span_str) == 0) {
    return false;
    }
    //must contain all legal characters
    if (strspn($_POST['username'],$span_str) != strlen($username)) {
    return false;
    }
    //min and max length
    if (strlen($_POST['username']) < 5) {
    return false;
    }
    if (strlen($_POST['username']) > 25) {
    return false;
    }
    
    //illegal names
    if
    (eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$", $_POST['username'])) 
    {
    return false;
    }
    if (eregi("^(anoncvs_)", $_POST['username'])) {
    return false;
    }
    
    return true;
    }
    
    function validate_email () {
    return (ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'. '@' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $_POST['email']));
    }
    
    function user_confirm() {
    
    //global $supersecret_hash_padding;
    
    //verify they didn't tamper with the email address
    $new_hash = md5($_GET['email']);
    if ($new_hash && ($new_hash == $_GET['hash'])) {
    $query = "SELECT username FROM users WHERE confirm_hash = $new_hash'";
    $result = mysql_query($query);
    if (!$result || mysql_num_rows($result) < 1) {
    $feedback = 'ERROR -- Hash not found';
    return $feedback;
    } else {
    //Confirm email and set account active
    $email = $_GET['email'];
    $hash = $_GET['hash'];
    $query = "UPDATE users SET email='$email', is_confirmed='1' WHERE confirm_hash='$hash'";
    $result = mysql_query($query);
    return 1;
    }
    } else {
    $feedback = 'ERROR -- Values do not match';
    return $feedback;
    }
    }
    ?>
    

     

    I took the code right out of php5 and mysql bible, I have went line for line from the book and checking myself for errors as well. I am sure its something simple like a missing comma or mistyped word. But I don't have a fresh pair of eyes here.

     

    Thanks again.

  11. Ok, I finally figured it out. Had some typos "CAPS" do matter. lol, i feel so stupid.

     

    Thanks for the help it did help me greatly track down my problem once I actually looked at the code line for line.

     

    Here is the Finished Edit.php code in case anyone wants it.

     

    <HTML>
    <BODY>
    <STYLE TYPE="text/css">
    <?php
        // Connect to the database server
        $dbcnx = @mysql_connect("MYSQLHOST", "username", "dbpass");
        if (!$dbcnx) {
          echo( "<P>Unable to connect to the " .
                "database server at this time.</P>" );
          exit();
        }
    
        // Select the client database
        if (! @mysql_select_db("databasename") ) {
          echo( "<P>Unable to locate the client " .
                "database at this time.</P>" );
          exit();
        }
    
    //If cmd has not been initialized
    if(!isset($cmd)) 
    {
       //display all the tripreport
       $result = mysql_query("select * from tripreport order by ID"); 
       
       //run the while loop that grabs all the tripreport scripts
       while($r = mysql_fetch_array($result)) { 
          $ID=$r["ID"];
          $customername=$r["customername"];
    
     //make the customername a link
             echo "<A HREF='$PHP_SELF?cmd=edit&ID=$r[iD]'>$customername - Edit </a>";
             echo "<br>";
        }
    } ?>
    <?php
    if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
    {
       if (!isset($_POST["submit"]))
       {
    
          $ID = $_GET["ID"];
          $sql = "SELECT * FROM tripreport WHERE ID=$ID";
              $result = mysql_query($sql) or die(mysql_error());        
          $myrow = mysql_fetch_array($result);
          ?>
      
          <form action="edit.php" method="post">
          <input type=hidden name="ID" value="<?php echo $myrow["ID"] ?>">
       
          customername:<INPUT TYPE="TEXT" NAME="customername" VALUE="<?php echo $myrow["customername"] ?>" SIZE=30><br>
          
       
          <input type="hidden" name="cmd" value="edit">
       
          <input type="submit" name="submit" value="submit">
       
          </form>
       
      
    <?php } ?>
    <?php
       if ($_POST["$submit"])
       {
          $customername = $_POST["customername"];
    
      
      $sql = "UPDATE tripreport SET customername='$customername' WHERE ID=$ID";
          //replace tripreport with your table name above
          $result = mysql_query($sql);
          echo "Thank you! Information updated.";
    }
    }
    ?>

  12. Ok I did that. Now I am getting

     

    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

     

    Heres the top portion of my script, Perhaps I have the wrong "connect" options. The script that adds and deletes records works fine and it has a different connect string.

     

    <? 
    mysql_connect("MYSQLHOST","username","dbpass"); 
    mysql_select_db("databasename"); 
    if(!isset($cmd)) 
    {
       //display all the tripreport
       $result = mysql_query("select * from tripreport order by id"); 
       
       //run the while loop that grabs all the tripreport scripts
       while($r=mysql_fetch_array($result)) 
       { 
          //grab the customername and the ID of the tripreport
          $customername=$r["customername"];//take out the customername
          $id=$r["id"];//take out the id
         
     //make the customername a link
          echo "<a href='edit.php?cmd=edit&id=$id'>$customername - Edit</a>";
          echo "<br>";
        }
    }
    ?>

  13. I am trying to create a simple script to edit mysql rows in php. I copied and pasted the code from spoono tutorial

    www.spoono.com/php/tutorials/tutorial.php?id=23

     

    Edited all the values to fit my database and its not working. I am very new to this part of php, so far the add and remove functions are working perfectly.

     

    Heres my code. without the db connection info.

     

    
    //If cmd has not been initialized
    if(!isset($cmd)) 
    {
       //display all the tripreport
       $result = mysql_query("select * from tripreport order by id"); 
       
       //run the while loop that grabs all the tripreport scripts
       while($r = mysql_fetch_array($result))
       { 
          //grab the customername and the ID of the tripreport
          $customername=$r["customername"];//take out the customername
          $id=$r["id"];//take out the id
         
     //make the customername a link
          echo "<a href='edit.php?cmd=edit&id=$id'>$customername - Edit</a>";
          echo "<br>";
        }
    }
    ?>
    <?
    if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
    {
       if (!isset($_POST["submit"]))
       {
    
          $id = $_GET["id"];
          $sql = "SELECT * FROM tripreport WHERE id=$id";
          $result = mysql_query($sql);        
          $myrow = mysql_fetch_array($result);
          ?>
      
          <form action="edit.php" method="post">
          <input type=hidden name="id" value="<?php echo $myrow["id"] ?>">
       
          customername:<INPUT TYPE="TEXT" NAME="customername" VALUE="<?php echo $myrow["customername"] ?>" SIZE=30><br>
          
       
          <input type="hidden" name="cmd" value="edit">
       
          <input type="submit" name="submit" value="submit">
       
          </form>
       
    <? } ?>
    <?
       if ($_POST["$submit"])
       {
          $customername = $_POST["customername"];
    
      
      $sql = "UPDATE tripreport SET customername='$customername' WHERE id=$id";
          //replace tripreport with your table name above
          $result = mysql_query($sql);
          echo "Thank you! Information updated.";
    }
    }
    ?>
    

     

    The customer name is turned into a link, but on the form section i am getting the error

    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /sandbox/edit.php on line 37

     

    line 37 is

    $myrow = mysql_fetch_array($result);

     

    Any help is appreciated, i'll try to get back and check as soon as i can.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.