tamumech
Members-
Posts
21 -
Joined
-
Last visited
Never
Everything posted by tamumech
-
That worked! Thanks kirk!
-
Sorry about that. Here is a clearer version: table name = players player_idposition1position2 00352 00431 00523 table name = positions position_idposition 11B 22B 33B 4SS 5OF The result I want is: player_idposition1position2 003OF2B 0043B1B 0052B3B kirk112, Can you explain what p1, p2, and py represent? I have also tried to do two LEFT JOINs but have gotten an error message because you can't join the same table twice. I haven't used the AS statement yet though...
-
Well I guess what I'll have to do is just make another position table (a duplicate of the first) and just do a regular LEFT JOIN for the three tables. If anyone knows a better way to do it please post.
-
Hi I am making a database of baseball players and their positions. Each player usually has at least two positions. I have two tables like this (simplified): Players: position1position2 31 23 12 Positions: Position IDPosition 1First Base 2Second Base 3Third Base I need to do a joins so that I can print both positions and not the position IDs, but I don't know how to do that when there are 3 columns? I have had no luck so far. Thanks! -Tim
-
Ok, got it. SOLVED.
-
Hi php freaks. I am having a problem with passing values to my include files. Here's the deal. In one of my files I might write: (saving this as http://www.mysite.com/file.php) $variable = 'value'; include("http://www.mysite.com/include.php"); Where include.php is: echo "$variable"; And everything would work fine. However, if include.php was saved in a different location such as: http://www.mysite.com/subdirectory/include.php, nothing would echo. I would write: $variable = 'value'; include("http://www.mysite.com/subdirectory/include.php"); I don't understand this because I am writing out the full URL. Thanks in advance for your help!
-
Hi all. I am inserting a lot of data into a MySQL integer column via an html form. When a field in the form is left blank, I want the value in MySQL to be NULL, but it keeps inputting '0'. The default value for my column is NULL. I don't really think there is a simple way to do this on the php side (using a hidden form to set blank entries equal to NULL would require an extra page), so I was wondering if MySQL had some sort of capability. Here's a snippet. UPDATE table SET column1 = '$_POST[$value1]', column2 = '$_POST[$value2]' WHERE id = '$_POST[$id]'
-
When the user logs in, set $_SESSION['auth'] to TRUE or whatever. Then on each page check it like this: <?php session_start(); if ( @$_SESSION['auth'] != "TRUE" ) { header("Location: login.php"); die(); } ?>
-
whew! I didn't even think of data checking here. For some reason I thought I took care of all that during registration. Thanks for the heads up!
-
OK. So I'm assuming I handled the tokens correctly?
-
Hi all. I wanted to run this by you guys to make sure I'm not making any huge security mistakes. As suggested before, each page generates a random token that is required by the next page. My Login page: <?php // If it hasn't been submitted if ( !$_POST[login_submit] ) { include ("login_form.inc"); die(); } // Check for blanks foreach ($_POST as $input ) { if ( $input == "" ) { echo "You must enter a Username and Password."; include ("login_form.inc"); die(); } } // Encrypt password $crypt_pass = md5($_POST[password]); // Verify user include("today.inc"); $connect = mysql_connect($host, $user, $pass) or die('Failure to connect to Database. Please contact us at customer support'); $db_connect = mysql_select_db($db) or die ('Failure to select Database. Please contact us at customer support'); $select = "SELECT email FROM schools WHERE email = '$_POST[email]' AND password = '$crypt_pass'"; $result = mysql_query($select) or die('Could not execute query'); $num_rows = mysql_num_rows($result); // Start session and redirect if ( $num_rows > '0' ) { session_start(); session_regenerate_id(); $_SESSION['auth'] = TRUE; $token = md5(uniqid(rand(),TRUE)); $_SESSION['token'] = $token; header("Location: http://www.website.com?token=$token"); } // get outta my house else { echo "Invalid Username or Password."; include ("login_form.inc"); die(); } ?> And the includes file at the top of every restricted page: <?php session_start(); if ( $_SESSION['auth'] != "TRUE" || $_SESSION['token'] != $_GET['token'] ) { header('Location: login.php'); die(); } $token = md5(uniqid(rand(),TRUE)); $_SESSION['token'] = $token; ?> An example page: <?php include("top.inc"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <a href="player_counter.php<?php echo "?token=$token" ?>">Click Here</a> <p>Members Only</p> </body> </html>
-
Alright, do I have to do that on every hyper link on the page. Good times. Thanks fellas.
-
I understand how to store session data, but how do I use it in GET or POST requests? I am actually trying to store something in the URL, and something in a session cookie. Is there a way to do that without a form appearing on the page? Thanks
-
Hi, I am trying to implement a token identifier with a session. Can anyone explain to me how store it in the session data and use in get or post requests? Thanks -Tim
-
stoker- Would I just put the POST and GET data in a form to transfer it from page to page? Or is there another way? Why would I pass it in the URL if I can use POST? ie: <?php <form action = "$_SERVER['PHP_SELF']" method = "GET"> <input type = "hidden" value = "$_GET['key']"> </form> ?> Hypnos- Do you recommend a place to get SSL? Is the open source any good? Thanks for all your help.
-
Hi all, I am creating a login script that will use sessions. Since I am not dealing with very personal information or financial data, I think it is something a beginner (sort of) like myself can do. To prevent session hijacking I understand I should use a token with the session identifier. According to Chris Shiflett here http://shiflett.org/articles/session-hijacking , I should propagate the token differently then I do the session identifier. He recommends "propagating the session identifier as a cookie and the token as GET data". Can anyone explain to me how this might be done? What if the user has cookies turned off?
-
oh damn, ok nevermind I got it. thanks for your help teng84
-
Hello all, I'm still kind of new to php so bear with me. What I'm trying to do is combine two strings within the $_POST superglobal. I would like to add the variable '$id' and and a string of characters like 'GDP' in $_POST. If $id = 3, then the outcome should be $_POST[3GDP]. This value would then be inserted into MySQL. I don't know if this is at all possible... any help is appreciated!
-
Ok good. Well thanks for your help! Let me know if you come across those scripts. -Thanks Tim
-
Ok, I figured there was some other code out there better suited for the job but I guess not. But won't submitting so many elements one by one be a bit sluggish? btw thanks for your help.
-
Howdy, I am building a website that will create a massive database. I need to make a spreadsheet where a registered user can input data that will be stored in a MySQL database. Each spreadsheet submitted will be about 25 rows and 15 columns (375 elements). Should I basically make a form with each field a cell in the spreadsheet? Or is there an easier way?