Jump to content

premiso

Members
  • Posts

    6,951
  • Joined

  • Last visited

  • Days Won

    2

Everything posted by premiso

  1. Ummmmmm All I did was add it two places. And now thinking about it there is a 3rd place that needs it too: if ( file_exists($_SERVER['DOCUMENT_ROOT'] . "/" . $file) ) { Place one header("Content-Length: ".@filesize($_SERVER['DOCUMENT_ROOT'] . "/" . $file)); Place two @readfile($_SERVER['DOCUMENT_ROOT'] . "/" . $file) OR die("<html><body OnLoad=\"javascript: alert('Unable to read file!');history.back();\" bgcolor=\"#F0F0F0\"></body></html>"); Reason being, that is where you access the file etc, and since you want the full path that is how it works. The string contained in $_SERVER['DOCUMENT_ROOT'] is something like "/path/to/your/root". Hope that makes a bit more sense.
  2. $_SERVER['DOCUMENT_ROOT'] Should give you that information. <?php $mp3 = $_GET['mp3']; $file = '/home/mp3/'.$mp3; if(ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } if ( file_exists($file) ) { header("Pragma: public"); header('Expires: '.gmdate('D, d M Y H:i:s').' GMT'); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private",false); header("Content-Type: application/mp3"); header('Content-Disposition: attachment; filename="'.$mp3.'"'); header("Content-Transfer-Encoding: binary"); header("Content-Length: ".@filesize($_SERVER['DOCUMENT_ROOT'] . "/" . $file)); set_time_limit(0); @readfile($_SERVER['DOCUMENT_ROOT'] . "/" . $file) OR die("<html><body OnLoad=\"javascript: alert('Unable to read file!');history.back();\" bgcolor=\"#F0F0F0\"></body></html>"); exit; } else { die("<html><body OnLoad=\"javascript: alert('File not found!');history.back();\" bgcolor=\"#F0F0F0\"></body></html>"); } ?> Is how you would use it.
  3. $cnt = count($peices); foreach($pieces as $piece){ $data = explode(" ",$piece); if ($i == 1) { } else if ($i == 2) { } elseif ($i == $cnt) { echo 'Last loop!'; }else { echo "<pre>"; print_r($data); echo "</pre>"; } $i++; }
  4. You can always use a counter like $i++ and count to test.
  5. Umm did you look at my post, I escaped the single quotes so you should not get the error. This is really basic php syntax as Thorpe said.
  6. You have to use chmod and change the permissions of the new folder to be the 777. As it gets created with default permissions.
  7. The single quotes are causing the issue, they need escaped: echo '<form name="form1" method="post" action="login.php"> <input name="username" type="text" id="username" value="User ID" onfocus="this.value=\'\';" /> <input name="password" type="password" id="password" value="Password" onfocus="this.value=\'\';" /> <input type="submit" name="submit" id="submit" value="Login"> <br /> Not registered? <a href="register.php">Register Now!</a> </form>';
  8. echo ' <form name="form1" method="post" action="login.php"> <input name="username" type="text" id="username" value="User ID" onfocus="this.value='';" /> <input name="password" type="password" id="password" value="Password" onfocus="this.value='';" /> <input type="submit" name="submit" id="submit" value="Login"> <br /> Not registered? <a href="register.php">Register Now!</a> </form>'; // this was causing an issue?> You had unessarcy <?php tag inside the echo tag. Remove that. Also note you need to remove the ?> The echo statement can be echoed and must be echoed inside php tags and since you are already in php, that was causing an issue.
  9. Edit: Removed, noticed that checking isset on $_GET does not work. Here is code that will work for the OP. <?php session_start(); if (isset($_POST['login'])) { $server = "*****"; $db_username = "*****"; $db_password = "*****"; $db_name = "*****"; $db = mysql_connect($server, $db_username, $db_password) or die("Connection to database failed, perhaps the service is down !!"); mysql_select_db($db_name,$db) or die("Database name not available !!"); // lets filter the post data: array_walk_recursive($_POST, 'mysql_real_escape_string'); $username=$_POST['username']; $md5_password=md5($_POST['password']); // Encrypt password with md5() function. // Construct and run query. $result=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$md5_password' LIMIT 1"); $result=mysql_num_rows($result); if($result > 0){ $_SESSION['username'] = $_POST['userame']; // session_register is depreciated header("location: index.php"); // Re-direct to main.php }else { // else is just fine here $message="--- Incorrect Username or Password ---"; echo"$message"; } } ?> That version should work as expected.
  10. Echo is not inside the php tags. The second code should not work. Try this: <?php echo '<form name="form1" method="post" action="login.php"> <input name="username" type="text" id="username" value="User ID" onfocus="this.value='';" /> <input name="password" type="password" id="password" value="Password" onfocus="this.value='';" /> <input type="submit" name="submit" id="submit" value="Login"> <br /> Not registered? <a href="register.php">Register Now!</a> </form>'; ?> This would also work: <?php echo <<<FORM <form name="form1" method="post" action="login.php"> <input name="username" type="text" id="username" value="User ID" onfocus="this.value='';" /> <input name="password" type="password" id="password" value="Password" onfocus="this.value='';" /> <input type="submit" name="submit" id="submit" value="Login"> <br /> Not registered? <a href="register.php">Register Now!</a> </form> FORM; ?> The 2nd is using HEREDOC syntax.
  11. lol dude this is not a pissing a match. Mine works just fine, the $_POST['login'] is grand, I added my check further up in the script, see the "isset($_POST)" if statement. Also notice how I indented the code to go along with it.
  12. Yep. <?php session_start(); if (isset($_POST)) { $server = "*****"; $db_username = "*****"; $db_password = ""*****; $db_name = "*****"; $db = mysql_connect($server, $db_username, $db_password) or die("Connection to database failed, perhaps the service is down !!"); mysql_select_db($db_name,$db) or die("Database name not available !!"); // lets filter the post data: array_walk_recursive($_POST, 'mysql_real_escape_string'); //// Login Section. if($_POST['Login']){ // If clicked on Login button. $username=$_POST['username']; $md5_password=md5($_POST['password']); // Encrypt password with md5() function. } // Construct and run query. $result=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$md5_password' LIMIT 1"); $result=mysql_num_rows($result); if($result > 0){ $_SESSION['username'] = $_POST['userame']; // session_register is depreciated header("location: index.php"); // Re-direct to main.php }else { // else is just fine here $message="--- Incorrect Username or Password ---"; echo"$message"; } } ?> That way the data is only checked if the user actually submitted the form.
  13. To see the error do this: <?php error_reporting(E_ALL); ini_set("display_errors", 1); $userip = array("123.456.789.10","10.123.456.*"); if (in_array($_SERVER['REMOTE_ADDR'], $userip)) { ?> Report back what it says.
  14. I do not see session_start in your code, that is necessary on any page that uses session. $target = "/home/alport/public_html/".$_SESSION['s_username']."/"; full_copy($source, $target); Missing semi-colons.
  15. , silly question, but how do I do this? Kudos (the newbie ) So you have no data in the DB? If not then that is why it returns false. If you do not post any data to the form, that is also the same reason why. You need actual test data to test it, or else it will always return false like it should.
  16. You are better off posting this in the 3rd party section or at the vbulletin forums.
  17. Then your answer is simple. I would recreate the user data and verify that you are inputting it properly and do that check. The username and password are not matching in the DB. The logic above is fine, at this point it is your data in mysql that is messing up. Check your password field that it is at least a varchar(32), also check that you are using the mysql_real_escape_string on both the password and username when inserting as that will throw it off and that you are using trim on that data also.
  18. You created a cartesian join. The code below should fix that. "SELECT lu.listings_id,lu.thumb_url,li.title,li.image FROM listings_urls lu,listings li WHERE lu.listings_id = li.listings_id AND lu.listings_id = $id AND listings.live = 1" The above is assuming both have a field called "listings_id" that you can relate the two tables together.
  19. Nope, not unless some other part of your code does it.
  20. You do not need mysql_close as an fyi. <?php $connection = mysql_connect("mysql","madjack87","polosport1"); if (!$connection){ die("Could not connect: ") . mysql_error()); } mysql_select_db("madjacknews") or die("Unable to select database: " . mysql_error()); $sql="INSERT INTO members (email) VALUES ('{$_POST['email']}')"; // notice the use of { and }, doing that will allow the array index to display without error. if(!is_resource(mysql_query($sql))){ die("Error: " . mysql_error()); } echo "1 record added"; ?> Also the $connection is not required for mysql unless you are using multiple databases. Try the above and see what happens...I also added to your if the is_resource definition. If the SQL had a syntax error it will not return a valid resource, so that is a decent check to do.
  21. if($row['memcount'] < 20){ Change all instances of that to: if($row['memcount'] < 21){ 20 is not less than 20, so therefore the results were acting like you coded it. Change that it will update to 20, but once it goes to 21 it will hit the else.
  22. Please use the [.code] [./code] tags around your code (no initial period). As far as why it does not work, well here is a cleaned up version of the code: <?php /* This is bad code, remove please. Not to mention this is before the mysql_db is connected mysql_real_escape_string($_GET); mysql_real_escape_string($_POST); */ session_start(); $server = "*****"; $db_username = "*****"; $db_password = ""*****; $db_name = "*****"; $db = mysql_connect($server, $db_username, $db_password) or die("Connection to database failed, perhaps the service is down !!"); mysql_select_db($db_name,$db) or die("Database name not available !!"); // lets filter the post data: array_walk_recursive($_POST, 'mysql_real_escape_string'); //// Login Section. if($_POST['Login']){ // If clicked on Login button. $username=trim($_POST['username']); $md5_password=md5(trim($_POST['password'])); // Encrypt password with md5() function. } // Construct and run query. $result=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$md5_password' LIMIT 1"); $result=mysql_num_rows($result); if($result > 0){ $_SESSION['username'] = $_POST['userame']; // session_register is depreciated header("location: index.php"); // Re-direct to main.php }else { // else is just fine here $message="--- Incorrect Username or Password ---"; echo"$message"; } ?> Now, if the password that is md5 was inserted without mysql_real_escape_string you could have a problem implementing that if it contained any characters that were escaped. I also added trim to trim the data, incase that is throwing it off. Also session_register is depreciated now, use the $_SESSION['username'] format instead. The form looks fine. no need to post that part again. Run the code I posted above and see how it works.
  23. Must be a setting on your machine. When I run it: For the code: <?php mysql_connect("localhost", "", ""); mysql_real_escape_string($_GET); var_dump($_GET); die(); ?> Just because it "works" for you, does not mean that is the standard/work for everyone else. It sounds like you have some custom php or extension/mod in there or something else that handles it. EDIT: I would do a var_dump on your array, my bet is you have display_errors turned off and none of your data is getting escaped, but you think it is. And if it is getting escaped, perhaps you have magic_quotes on. If neither than yea the custom code statement is the most likely reason.
  24. What exactly are you asking? How to add pos=dm to the pagination links? If so let me know, if not be more specific with examples on what you are asking.
  25. PHP Forums Tutorials
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.