biscoe916
-
Posts
17 -
Joined
-
Last visited
Never
biscoe916's Achievements
Newbie (1/5)
0
Reputation
-
solved
-
Hello?
-
Thanks for the advice, but i already have a column that is set to primary and auto increment. Here is my table: imgid int(11) auto_increment Primary userid int(11) sixfourdata longtext
-
Ok so i made a little upload image app, and it works great if there isn't already a picture in the database, otherwise it will just keep putting the same picture into the database over and over, regardless of what picture i choose from my harddrive...... For example: The table is empty with no pictures in it, so i upload image1.jpg. My program then encodes it then stores it into the database. Then I upload image2.jpg it seems to work ok but when i check the database there are just two instances of the first image. This keep going on and on no matter how many different pictures i upload... Just copies the first one over and over. Here is my code: <?php include("auth.php"); // uploadimg.php // By Tyler Biscoe // 09 Mar 2008 // Test file for image uploades include("connect.php"); include("include/header.php"); $max_file_size = 786432; $max_kb = $max_file_size/1024; if($_POST["imgsubmit"]) { if($_FILES["file"]["size"] > $max_file_size) { $error = "Error: File size must be under ". $max_kb . " kb."; } if (!($_FILES["file"]["type"] == "image/gif") && !($_FILES["file"]["type"] == "image/jpeg") && !($_FILES["file"]["type"] == "image/pjpeg")) { $error .= "Error: Invalid file type. Use gif or jpg files only."; } if(!$error) { echo "<div id='alertBox'> Image has been successfully uploaded! </div>"; $handle = fopen($_FILES["file"]["tmp_name"],'r'); $file_content = fread($handle,$_FILES["file"]["size"]); fclose($handle); $encoded = chunk_split(base64_encode($file_content)); $id = $_POST["userid"]; echo $_FILES["file"]["tmp_name"]; $default_exist_sql = "SELECT * FROM members WHERE id='".$id."'"; $default_result = mysql_query($default_exist_sql); $results = mysql_fetch_array($default_result); if(!$results["default_image"]) { $insert_sql = "UPDATE members SET default_image = '$encoded' WHERE id='". $id ."'"; mysql_query($insert_sql); } $sql = "INSERT INTO images (userid, sixfourdata) VALUES ('$id','$encoded')"; mysql_query($sql); } else { echo "<div id='alertBox'>". $error . "</div>"; } } ?> <br /> <font class="heading"> Upload images </font> <br /><br /> <form enctype = "multipart/form-data" action = "<?php $_SERVER['PHP_SELF']; ?>" method = "post" name = "uploadImage"> <input type = "hidden" name="userid" value = "<?php echo $_GET["userid"]; ?>" > <input id="stextBox" type="file" name="file" size="35"><br /> <input type="submit" name="imgsubmit" value="Upload"> </form> <?php include("include/footer.php"); ?> So frustrating!!
-
Problem solved. Thanks alot for the help!
-
But what if someone actually wanted to put slashes in their post... Would that remove the intentional ones as well?
-
I have a little message board app. It works ok but for some reason PHP is adding slashes before certain punctuation.... Why? And how do i stop this? So if i were to type this into the form: Hi I'm tired. It would be displayed on the page(and entered into the database) as: Hi I\'m tired. How can i fix this. Is the fact that im using: mysql_real_escape_string(); the problem?
-
That solved it thanks
-
session_start() is called in a seperate file called auth.php which is called on the top of all pages(except logout.php).
-
Here is my code: <?php // Logout.php // By Tyler Biscoe // 08 Mar 2008 // This file logs the user out... include("include/header.php"); session_destroy(); ?> <div id="alertBox"> Logged out successfully!<br> <a href="index.php"> Redirecting... </a> </div> <meta http-equiv="REFRESH" content="5;url=http://www.tylerbiscoe.com/blackbook/"> <?php include("include/footer.php"); ?> It won't log the user out and i get this error message: Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in /home/2212/domains/tylerbiscoe.com/html/blackbook/logout.php on line 7 I don't get it, because I know there is a session registered... Why does it say its uninitialized...?
-
I realized that i forgot to put session_destroy() if the user wasn't activated yet.
-
I wrote a script to authorize users upon entry to my website. It works perfectly, but i was wondering if you guys could take a look at my code to see if there are any security holes. Code: <?php session_start(); header("Cache-control: private"); include("connect.php"); if(!$_SESSION["username"] && !$_POST["loginsubmit"]) { echo "Please log in"; ?> <form class="memberform" name="login_form" method="post" action="<?php $_SERVER['PHP_SELF']; ?>"> Username: <input id="stextBox" type="text" name="username" /> <br /> Password: <input id="stextBox" type="password" name="password" /> <br /> <input type="submit" name="loginsubmit" value="Submit" /> </form> <?php exit; } if($_POST["loginsubmit"]) { $username = $_POST["username"]; $password = md5($_POST["password"]); $sql = "SELECT * FROM users WHERE username='". $username ."' AND password='". $password ."'"; $result = mysql_query($sql); $num = mysql_num_rows($result); if($num < 1) { session_destroy(); echo "Invalid username and/or password."; exit; } else { session_register("username"); session_register("password"); $records = mysql_fetch_array($result); if($records["active"] != 1) { session_destroy(); echo "Sorry ". $records["fname"]. " you're account hasn't been activated yet."; exit; } } } // if form submitted ?>
-
Problem solved. The unique id in the database table wasn't set to auto_increment.
-
I made this simple app that lets users add information on a person, then review it. User enters info in a form, presses submit, then the info is put into the database. It was working perfectly then i made some small changes to things that shouldn't have affected this function in any way... But now it doesn't work.... Here's the code. The form page: <?php //addmem.php //-------------------------------------------- // by ----- // 04 Mar 2008 // This file will handle the adding of members //-------------------------------------------- include("include/header.php"); include("include/classy.php"); ?> <a href="addmem.php"> Add family member </a> | <a href="viewfamily.php">View family members</a><br /><hr /> <?php // If form was submitted execute the following code. if($_POST['submit']) { // This statement checks to make sure the required information was entered into the form. if(!$_POST['fname'] || !$_POST['lname'] || !$_POST['birthmonth'] || !$_POST['birthday'] || !$_POST['birthyear']) { $error = "You didn't enter the required information, please try again."; echo "<div id='alertBox' >".$error."</div>"; } else // Executes if all the required information was, in fact, entered by the user. { // Calls file which connects us to the DB. include("connect.php"); // Turns the information that was entered by the user into variables that mysql and php can work with $fname = mysql_real_escape_string($_POST['fname']); $mname = mysql_real_escape_string($_POST['mname']); $lname = mysql_real_escape_string($_POST['lname']); $suffix = mysql_real_escape_string($_POST['suffix']); $birthmonth = mysql_real_escape_string($_POST['birthmonth']); $birthday = mysql_real_escape_string($_POST['birthday']); $birthyear = mysql_real_escape_string($_POST['birthyear']); $deathmonth = mysql_real_escape_string($_POST['deathmonth']); $deathday = mysql_real_escape_string($_POST['deathday']); $deathyear = mysql_real_escape_string($_POST['deathyear']); $about = mysql_real_escape_string($_POST['about']); // The following code will convert the dates into a specific format which I chose to use for the mysql database. // yyyy-mm-dd // The code for the function used here can be found in: classy.php $birthdate = convertDate($birthmonth, $birthday, $birthyear); $deathate = convertDate($deathmonth, $deathday, $deathyear); addMember($fname,$mname,$lname,$suffix,$birthdate,$deathdate,$about); } // End if(!formelements) { ... } } // End if(Post) { ... } ?> <form action="addmem.php" method="post" name="addmember" class="memberform"> First Name: <input id="stextBox" name="fname" type="text" size="30" maxlength="30"> <br> Middle Name: <input id="stextBox" name="mname" type="text" size="30" maxlength="30"> <br> Last Name: <input id="stextBox" name="lname" type="text" size="30" maxlength="30"> <br> Suffix: <input id="stextBox" name="suffix" type="text" size="10" maxlength="30"> <font class="comment"> (i.e. Jr., Sr., II.)</font> <br> Birth Date: <select id="stextBox" name="birthmonth" > <option></option> <option>Jan.</option> <option>Feb.</option> <option>Mar.</option> <option>Apr.</option> <option>May</option> <option>Jun.</option> <option>Jul.</option> <option>Aug.</option> <option>Sep.</option> <option>Oct.</option> <option>Nov.</option> <option>Dec.</option> </select> <select id="stextBox" name="birthday" > <option></option> <option>01</option> <option>02</option> <option>03</option> <option>04</option> <option>05</option> <option>06</option> <option>07</option> <option>08</option> <option>09</option> <option>10</option> <option>11</option> <option>12</option> <option>13</option> <option>14</option> <option>15</option> <option>16</option> <option>17</option> <option>18</option> <option>19</option> <option>20</option> <option>21</option> <option>22</option> <option>23</option> <option>24</option> <option>25</option> <option>26</option> <option>27</option> <option>28</option> <option>29</option> <option>30</option> <option>31</option> </select> <select id="stextBox" name="birthyear" > <option></option> <option>1801</option> <option>1802</option> <option>1803</option> <option>1804</option> <option>1805</option> <option>1806</option> <option>1807</option> <option>1808</option> <option>1809</option> <option>1810</option> <option>1811</option> <option>1812</option> <option>1813</option> <option>1814</option> <option>1815</option> <option>1816</option> <option>1817</option> <option>1818</option> <option>1819</option> <option>1820</option> <option>1821</option> <option>1822</option> <option>1823</option> <option>1824</option> <option>1825</option> <option>1826</option> <option>1827</option> <option>1828</option> <option>1829</option> <option>1830</option> <option>1831</option> <option>1832</option> <option>1833</option> <option>1834</option> <option>1835</option> <option>1836</option> <option>1837</option> <option>1838</option> <option>1839</option> <option>1840</option> <option>1841</option> <option>1842</option> <option>1843</option> <option>1844</option> <option>1845</option> <option>1846</option> <option>1847</option> <option>1848</option> <option>1849</option> <option>1850</option> <option>1851</option> <option>1852</option> <option>1853</option> <option>1854</option> <option>1855</option> <option>1856</option> <option>1857</option> <option>1858</option> <option>1859</option> <option>1860</option> <option>1861</option> <option>1862</option> <option>1863</option> <option>1864</option> <option>1865</option> <option>1866</option> <option>1867</option> <option>1868</option> <option>1869</option> <option>1870</option> <option>1871</option> <option>1872</option> <option>1873</option> <option>1874</option> <option>1875</option> <option>1876</option> <option>1877</option> <option>1878</option> <option>1879</option> <option>1880</option> <option>1881</option> <option>1882</option> <option>1883</option> <option>1884</option> <option>1885</option> <option>1886</option> <option>1887</option> <option>1888</option> <option>1889</option> <option>1890</option> <option>1891</option> <option>1892</option> <option>1893</option> <option>1894</option> <option>1895</option> <option>1896</option> <option>1897</option> <option>1898</option> <option>1899</option> <option>1901</option> <option>1902</option> <option>1903</option> <option>1904</option> <option>1905</option> <option>1906</option> <option>1907</option> <option>1908</option> <option>1909</option> <option>1910</option> <option>1911</option> <option>1912</option> <option>1913</option> <option>1914</option> <option>1915</option> <option>1916</option> <option>1917</option> <option>1918</option> <option>1919</option> <option>1920</option> <option>1921</option> <option>1922</option> <option>1923</option> <option>1924</option> <option>1925</option> <option>1926</option> <option>1927</option> <option>1928</option> <option>1929</option> <option>1930</option> <option>1931</option> <option>1932</option> <option>1933</option> <option>1934</option> <option>1935</option> <option>1936</option> <option>1937</option> <option>1938</option> <option>1939</option> <option>1940</option> <option>1941</option> <option>1942</option> <option>1943</option> <option>1944</option> <option>1945</option> <option>1946</option> <option>1947</option> <option>1948</option> <option>1949</option> <option>1950</option> <option>1951</option> <option>1952</option> <option>1953</option> <option>1954</option> <option>1955</option> <option>1956</option> <option>1957</option> <option>1958</option> <option>1959</option> <option>1960</option> <option>1961</option> <option>1962</option> <option>1963</option> <option>1964</option> <option>1965</option> <option>1966</option> <option>1967</option> <option>1968</option> <option>1969</option> <option>1970</option> <option>1971</option> <option>1972</option> <option>1973</option> <option>1974</option> <option>1975</option> <option>1976</option> <option>1977</option> <option>1978</option> <option>1979</option> <option>1980</option> <option>1981</option> <option>1982</option> <option>1983</option> <option>1984</option> <option>1985</option> <option>1986</option> <option>1987</option> <option>1988</option> <option>1989</option> <option>1990</option> <option>1991</option> <option>1992</option> <option>1993</option> <option>1994</option> <option>1995</option> <option>1996</option> <option>1997</option> <option>1998</option> <option>1999</option> <option>2000</option> <option>2001</option> <option>2002</option> <option>2003</option> <option>2004</option> <option>2005</option> <option>2006</option> <option>2007</option> <option>2008</option> </select> <br> Date of Death: <select id="stextBox" name="deathmonth" > <option></option> <option>Jan.</option> <option>Feb.</option> <option>Mar.</option> <option>Apr.</option> <option>May</option> <option>Jun.</option> <option>Jul.</option> <option>Aug.</option> <option>Sep.</option> <option>Oct.</option> <option>Nov.</option> <option>Dec.</option> </select> <select id="stextBox" name="deathday" > <option></option> <option>1</option> <option>2</option> <option>3</option> <option>4</option> <option>5</option> <option>6</option> <option>7</option> <option>8</option> <option>9</option> <option>10</option> <option>11</option> <option>12</option> <option>13</option> <option>14</option> <option>15</option> <option>16</option> <option>17</option> <option>18</option> <option>19</option> <option>20</option> <option>21</option> <option>22</option> <option>23</option> <option>24</option> <option>25</option> <option>26</option> <option>27</option> <option>28</option> <option>29</option> <option>30</option> <option>31</option> </select> <select id="stextBox" name="deathyear" > <option selected></option> <option>1801</option> <option>1802</option> <option>1803</option> <option>1804</option> <option>1805</option> <option>1806</option> <option>1807</option> <option>1808</option> <option>1809</option> <option>1810</option> <option>1811</option> <option>1812</option> <option>1813</option> <option>1814</option> <option>1815</option> <option>1816</option> <option>1817</option> <option>1818</option> <option>1819</option> <option>1820</option> <option>1821</option> <option>1822</option> <option>1823</option> <option>1824</option> <option>1825</option> <option>1826</option> <option>1827</option> <option>1828</option> <option>1829</option> <option>1830</option> <option>1831</option> <option>1832</option> <option>1833</option> <option>1834</option> <option>1835</option> <option>1836</option> <option>1837</option> <option>1838</option> <option>1839</option> <option>1840</option> <option>1841</option> <option>1842</option> <option>1843</option> <option>1844</option> <option>1845</option> <option>1846</option> <option>1847</option> <option>1848</option> <option>1849</option> <option>1850</option> <option>1851</option> <option>1852</option> <option>1853</option> <option>1854</option> <option>1855</option> <option>1856</option> <option>1857</option> <option>1858</option> <option>1859</option> <option>1860</option> <option>1861</option> <option>1862</option> <option>1863</option> <option>1864</option> <option>1865</option> <option>1866</option> <option>1867</option> <option>1868</option> <option>1869</option> <option>1870</option> <option>1871</option> <option>1872</option> <option>1873</option> <option>1874</option> <option>1875</option> <option>1876</option> <option>1877</option> <option>1878</option> <option>1879</option> <option>1880</option> <option>1881</option> <option>1882</option> <option>1883</option> <option>1884</option> <option>1885</option> <option>1886</option> <option>1887</option> <option>1888</option> <option>1889</option> <option>1890</option> <option>1891</option> <option>1892</option> <option>1893</option> <option>1894</option> <option>1895</option> <option>1896</option> <option>1897</option> <option>1898</option> <option>1899</option> <option>1901</option> <option>1902</option> <option>1903</option> <option>1904</option> <option>1905</option> <option>1906</option> <option>1907</option> <option>1908</option> <option>1909</option> <option>1910</option> <option>1911</option> <option>1912</option> <option>1913</option> <option>1914</option> <option>1915</option> <option>1916</option> <option>1917</option> <option>1918</option> <option>1919</option> <option>1920</option> <option>1921</option> <option>1922</option> <option>1923</option> <option>1924</option> <option>1925</option> <option>1926</option> <option>1927</option> <option>1928</option> <option>1929</option> <option>1930</option> <option>1931</option> <option>1932</option> <option>1933</option> <option>1934</option> <option>1935</option> <option>1936</option> <option>1937</option> <option>1938</option> <option>1939</option> <option>1940</option> <option>1941</option> <option>1942</option> <option>1943</option> <option>1944</option> <option>1945</option> <option>1946</option> <option>1947</option> <option>1948</option> <option>1949</option> <option>1950</option> <option>1951</option> <option>1952</option> <option>1953</option> <option>1954</option> <option>1955</option> <option>1956</option> <option>1957</option> <option>1958</option> <option>1959</option> <option>1960</option> <option>1961</option> <option>1962</option> <option>1963</option> <option>1964</option> <option>1965</option> <option>1966</option> <option>1967</option> <option>1968</option> <option>1969</option> <option>1970</option> <option>1971</option> <option>1972</option> <option>1973</option> <option>1974</option> <option>1975</option> <option>1976</option> <option>1977</option> <option>1978</option> <option>1979</option> <option>1980</option> <option>1981</option> <option>1982</option> <option>1983</option> <option>1984</option> <option>1985</option> <option>1986</option> <option>1987</option> <option>1988</option> <option>1989</option> <option>1990</option> <option>1991</option> <option>1992</option> <option>1993</option> <option>1994</option> <option>1995</option> <option>1996</option> <option>1997</option> <option>1998</option> <option>1999</option> <option>2000</option> <option>2001</option> <option>2002</option> <option>2003</option> <option>2004</option> <option>2005</option> <option>2006</option> <option>2007</option> <option>2008</option> </select> <font class="comment"> (Note: Leave blank if they are still alive.)</font><br> <br> Tell us a little about Him/Her: <br> <textarea id="stextBox" name="about" cols="65" rows="10"></textarea> <br> <input name="submit" type="submit" value="Submit"> <input name="reset" type="reset" value="Reset"> </form> <?php include("include/footer.php"); ?> The Functions include file: <?php // classy.php // Author: ------ // Date: 02 March 2008 // = Description ============================= // This file houses several classes/functions // that will run ------ // =========================================== // Convertes dates for the mysql database. // $bm = birthmonth, $bd = birthday, $by = birthyear function convertDate($bm, $bd, $by) { switch ($bm) { case "Jan.": $bm = "01"; $birthdate = $by."-".$bm."-".$bd; break; case "Feb.": $bm = "02"; $birthdate = $by."-".$bm."-".$bd; break; case "Mar.": $bm = "03"; $birthdate = $by."-".$bm."-".$bd; break; case "Apr.": $bm = "04"; $birthdate = $by."-".$bm."-".$bd; break; case "May": $bm = "05"; $birthdate = $by."-".$bm."-".$bd; break; case "Jun.": $bm = "06"; $birthdate = $by."-".$bm."-".$bd; break; case "Jul.": $bm = "07"; $birthdate = $by."-".$bm."-".$bd; break; case "Aug.": $bm = "08"; $birthdate = $by."-".$bm."-".$bd; break; case "Sep.": $bm = "09"; $birthdate = $by."-".$bm."-".$bd; break; case "Oct.": $bm = "10"; $birthdate = $by."-".$bm."-".$bd; break; case "Nov.": $bm = "11"; $birthdate = $by."-".$bm."-".$bd; break; case "Dec.": $bm = "12"; $birthdate = $by."-".$bm."-".$bd; break; } // End Switch statement return $birthdate; } // End function convertDate // This function adds members....... function addMember($fn, $mn, $ln, $su, $bd, $dd, $ab) { $query = mysql_query("INSERT INTO members (fname, mname, lname, suffix, birth, death, about) VALUES ('$fn','$mn','$ln','$su','$bd','$dd','$ab')"); echo "<div id='alertBox' > Family Member has been added! </div>"; } ?> When i try it out i know it calls the function cause it prints "Family Member has been added!", but it doesn't get added to the database. I'm thinking that for this reason it must be a problem in the SQL however, i haven't changed it a bit since i got it working the first time.... Thanks
-
That fixed it, thanks allot! Really appreciate the help.