Snatch
-
Posts
48 -
Joined
-
Last visited
Never
Everything posted by Snatch
-
Ok I see what you mean - but that's just sticking it on top of the navbar? Is there a way of actually making it a part of the navbar?
-
Ok thanks. I'm planning on designing the navbar in photoshop. Does anyone know any tutorials that will show me how to put the form in the navbar?
-
I'm not sure if we've got out wires crossed? I'm not looking to make an auto complete search box, just how to implement a normal search box into a navigation bar? All the auto completion tutorials i'm looking at don't explain this.
-
I've tried seaching google, but mentioning ajax and search boxes just seems to bring up auto completion tutorials....
-
Hi, I am able to create a search box using PHP that references a mysql database. I am wondering though, how would I integrate it into a navigation bar? Like the one on apples site for example? Could anyone point me in the direction of a good tutorial please? Apologies if this hasn't been posted in the correct thread. Thanks in advance!
-
Hi, using the code below how would i display $xml and $xml2 in one page? <?php $xsl=simplexml_load_file ("fragment.xslt"); $xml=simplexml_load_file ("http://www.nytimes.com/services/xml/rss/nyt/HomePage.xml"); $xml2=simplexml_load_file ("http://newsrss.bbc.co.uk/rss/sportonline_uk_edition/front_page/rss.xml"); /* create the processor and import the stylesheet */ $proc = new XsltProcessor(); $xsl = $proc->importStylesheet($xsl); /* transform and output the xml document */ $newDoc = $proc->transformToDoc($xml); print $newDoc->saveXML(); ?>
-
Hi i'm using the following XSL to display an XML page: <?xml version="1.0"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:output method="xml" encoding="ISO-8859-1" version="1.0" omit-xml-declaration="yes" media-type="text/html" indent="yes" /> <xsl:template match="/"> <html> <head> <title>Shaw News</title> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <style type="text/css"> body {background-image: url(images/main-bg.gif); } </style> </head> <body> <p> <a href="index.php">Home</a> </p> <xsl:for-each select="catagory/news [importance='High']"> <p> <xsl:value-of select="@id" /><br /> Title: <xsl:value-of select="title" /><br /> Author: <i><xsl:value-of select="author/firstname"/>:<xsl:value-of select="author/lastname"/></i><br /> Story: <xsl:value-of select="content"/> </p> </xsl:for-each> </body> </html> </xsl:template> </xsl:stylesheet> It works fine in IE but not in FireFox (displays as one long string). Can anyone tell me why this is please?
-
Do you mean the ?> I tried taking out the question mark but it still gives the same error.
-
Hi, i'm trying to create a dynamic RSS feed for my site but i'm getting the following error: Parse error: syntax error, unexpected T_DNUMBER in C:\xampp\htdocs\website\rss.php on line 11 The code i'm using is: <?php $connection = mysql_connect("localhost", "root", ""); mysql_select_db("shaw", $connection); $select = "SELECT * FROM news ORDER BY id DESC LIMIT 5"; $query = mysql_query($select) or die(mysql_error()); $file = fopen("rss.xml", "w"); fwrite($file, "<?xml version="1.0"?> <rss version="2.0"> <channel> <title>The Shadow Fox Feed</title> <link>http://www.shadow-fox.net</link> <description>Feed Description</description> <language>en-us</language>"); while($array = mysql_fetch_array($query)){ extract($array); $content = htmlentities($content); fwrite($file, "<item> <title>$title</title> <link>http://www.shadow-fox.net/index.php?blog=post&id=$id</link> <description>$content</description> </item>"); } //end of while loop fwrite($file, "</channel></rss>"); fclose($file); ?> Can anyone tell me whats going wrong please?
-
Thanks Ken!
-
if(isset($_SESSION['user_id'])) { header("Location: ".$afterlogin); }else{ if(isset($_COOKIE['user_id'])) { // Read cookie, make session $sql = "SELECT id,state,password,active FROM `".$db_tbl."` WHERE id='".$_COOKIE['user_id']."'"; $query = mysql_query($sql); $row = mysql_fetch_object($query); $id = htmlspecialchars($row->id); $status = htmlspecialchars($row->state); $dbpass = htmlspecialchars($row->password); $actief = htmlspecialchars($row->active); if($dbpass == $_COOKIE['user_password'] AND $actief == 1) { $_SESSION['user_id'] = $id; $_SESSION['user_status'] = $status; ?> <script language="Javascript" type="text/javascript"> location.href='<?= $afterlogin ?>'; </script> <? }else{ echo $login_cookiefalse; setcookie("user_id", "", time() - 3600); setcookie("user_password", "", time() - 3600); } }else{ if(isset($_POST['submit'])) { // Login $sql = "SELECT id,name,password,state,active,cookie_pass FROM `".$db_tbl."` WHERE name='".$_POST['user']."'"; $query = mysql_query($sql); $count = mysql_num_rows($query); if($count == 1) { $row = mysql_fetch_object($query); $dbpass = htmlspecialchars($row->password); $userpass = md5($_POST['pass']); $cookiepass = htmlspecialchars($row->cookie_pass); $userid = htmlspecialchars($row->id); $userstatus = htmlspecialchars($row->state); $useractief = htmlspecialchars($row->active); if($dbpass == $userpass) { if($useractief == 1) { $_SESSION['user_id'] = $userid; $_SESSION['user_status'] = $userstatus; if($_POST['cookie'] == "do") { if($cookiepass == "") { $cookiecode = mt_srand((double)microtime()*100000); while(strlen($cookiecode) <= 10) { $i = chr(mt_rand (0,255)); if(eregi("^[a-z0-9]$", $i)) { $cookiecode = $cookiecode.$i; } } $sql = "UPDATE `".$db_tbl."` SET cookie_pass = '".$cookiecode."' WHERE name = '".$_POST['user']."' LIMIT 1"; mysql_query($sql); $cookiepass = $cookiecode; } setcookie("cookie_id", $userid, time() + 365 * 86400); setcookie("cookie_pass", $cookiepass, time() + 365 * 86400); } echo $loginsucces;
-
Hi, i'm using the below code for my search wrapper. It works but instead of showing the users id how would i show the users name? I had a stab in the dark at using user_name but as I expected it didn't work. <?php if(!isset($_SESSION['user_id'])){ // check if the user is logged in // the user is not logged in // just display the search box ?> <script type="text/javascript" src="./js/cleardefault.js"></script> <form method="get" action="search.php"> <input name="search" type="text" size="35" value="click here to search" class="cleardefault" /> </form> <?php } else { // the user is logged in // display the search box, name of user and logout ?> <script type="text/javascript" src="./js/cleardefault.js"></script> <form method="get" action="search.php"> <table width="755" border="0"> <tr> <td width="331" height="24"><input name="search" type="text" size="35" value="click here to search" class="cleardefault" /></td> <td width="350">You are currently logged in as: <?php echo "$_SESSION[user_id]"; ?></td> <td width="60"><a class="one" href='logout.php'>Logout</a></td> </tr> </table> </form> <?php } ?>
-
Thanks redarrow, my code now looks like this: //Get the word submitted by the form $searchTitle = $_GET["search"]; $searchTitle = strip_tags($searchTitle); //strip tags $searchTitle = preg_replace("/[^a-zA-Z0-9\s]+/", "", $searchTitle); // Regex, only allow alphanumeric Again, it seems to be working. Any other suggestions, or is there a more efficient way to write the code?
-
Ok I think I've sussed strip tags, I did this and it seems to be working: //Get the word submitted by the form $searchTitle = $_GET["search"]; $searchTitle = strip_tags($searchTitle); // strip tags if (!empty($searchTitle)) { print " Looking for products containing $searchTitle <br><br/>"; //Get the order method if one has been passed to this page $order = $_GET["order"]; // create query - This query combines data from the film table and the director table $query = "SELECT * FROM products WHERE name like '%$searchTitle%' or brand like '%$searchTitle%'"; //Use the ordering if an order has been passed if (!$order=="") { $query = $query." order by $order "; } //print $query; // execute query $result = mysql_query($query) or die ("Error in query"); // see if any rows were returned if (mysql_num_rows($result)>0) { echo "<div id=sortactions>". Is there anything else I should do to make it secure?
-
Hi, I've implemented a search box in my site for users to search for products using the following code: //Get the word submitted by the form $searchTitle = $_GET["search"]; if (!empty($searchTitle)) { print " Looking for products containing $searchTitle <br><br/>"; //Get the order method if one has been passed to this page $order = $_GET["order"]; // create query - This query combines data from the film table and the director table $query = "SELECT * FROM products WHERE name like '%$searchTitle%' or brand like '%$searchTitle%'"; //Use the ordering if an order has been passed if (!$order=="") { $query = $query." order by $order "; } //print $query; // execute query $result = mysql_query($query) or die ("Error in query"); // see if any rows were returned if (mysql_num_rows($result)>0) { echo "<div id=sortactions>". "Order results by: ". "<a href='search.php?search=$searchTitle&order=name'>Name / </a>". "<a href='search.php?search=$searchTitle&order=price'>Price</a></div>"; while ($row = @ mysql_fetch_array($result)) { //while($row = mysql_fetch_row($result)) { echo "<div id=browsestyle><table width=80% border=0>" . "<tr>" . "<td width=10% valign=top rowspan=9><span id=imgpad><img src=".$row["image"]." height=50 width=50 /></span></td></tr>" . "<tr><td width=25% valign=top><strong>Brand: </strong></td><td width=75% valign=top>". $row["brand"] ."</td></tr>" . "<tr><td width=25% valign=top><strong>Name: </strong></td><td width=75% valign=top><a href = 'getprod.php?prodid=" . $row["id"] ."'>". $row["name"] ."</a></td></tr>" . "<tr><td width=25% valign=top><strong>Price: </strong></td><td width=65% valign=top>" . $row["price"] . "</td></tr>" . "</table></div>" ; } } else { // print status message echo "No Results Found!"; } // free result set memory mysql_free_result($result); // close connection mysql_close($conn); } I've been told this isn't secure. I'm guessing I need something like strip tags in the code? Please could someone suggest what needs to be done to make it secure an if possible point me to an example? Mucho gracias!
-
I've tried google but it seems hard top find one that isn't too simple or overly complex. Was just wondering if anyone knew of some good ones?
-
Ok, as you can no doubt tell i'm pretty new to PHP. It seems as though this book isn't going to be much good then (I always thought wrox were fairly good!). Can anyone direct me to a good login system tutorial (preferably with admin features) that uses md5 please?
-
Hi, i'm creating a user login system using the exact code from beginning PHP5, apache, MySQL web development. It all seems to work fine apart from the update details page, I get the following error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 3 The code for the page is: <?php session_start(); include "auth_user.inc.php"; include "conn.inc.php"; ?> <html> <head> <title>Beginning PHP, Apache, MySQL Web Development</title> </head> <body> <h1>Update Account Information</h1> Here you can update your account information for viewing in your profile.<br><br> <?php if ($_POST['submit'] == "Update") { $query_update = "UPDATE user_info SET email = '" . $_POST['email'] . "', city = '" . $_POST['city'] . "', state = '" . $_POST['state'] . "', hobbies = '" . implode(", ", $_POST['hobbies']) . "' WHERE username = '" . $_SESSION['user_logged']. "' AND password = (password('" . $_SESSION['user_password'] . "';"; $result_update = mysql_query($query_update) or die(mysql_error()); $query = "SELECT * FROM user_info WHERE username = '" . $_SESSION['user_logged']. "' AND password = (password('" . $_SESSION['user_password'] . "'));"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); $hobbies = explode(", ", $row['hobbies']) ?> <b>Your account information has been updated.</b><br> <a href="user_personal.php">Click here</a> to return to your account. <form action="update_account.php" method="post"> Email: <input type="text" name="email" value="<?php echo $row['email']; ?>"><br> City: <input type="text" name="city" value="<?php echo $row['city']; ?>"><br> State: <input type="text" name="state" value="<?php echo $row['state']; ?>"><br> Hobbies/Interests: (choose at least one)<br> <select name="hobbies[]" size="10" multiple> <option value="Golfing"<?php if (in_array("Golfing", $hobbies)) echo " selected"; ?>>Golfing</option> <option value="Hunting"<?php if (in_array("Hunting", $hobbies)) echo " selected"; ?>>Hunting</option> <option value="Reading"<?php if (in_array("Reading", $hobbies)) echo " selected"; ?>>Reading</option> <option value="Dancing"<?php if (in_array("Dancing", $hobbies)) echo " selected"; ?>>Dancing</option> <option value="Internet"<?php if (in_array("Internet", $hobbies)) echo " selected"; ?>>Internet</option> <option value="Flying"<?php if (in_array("Flying", $hobbies)) echo " selected"; ?>>Flying</option> <option value="Traveling"<?php if (in_array("Traveling", $hobbies)) echo " selected"; ?>>Traveling</option> <option value="Exercising"<?php if (in_array("Exercising", $hobbies)) echo " selected"; ?>>Exercising</option> <option value="Computers"<?php if (in_array("Computers", $hobbies)) echo " selected"; ?>>Computers</option> <option value="Other Than Listed"<?php if (in_array("Other Than Listed", $hobbies)) echo " selected"; ?>>Other Than Listed</option> </select><br><br> <input type="submit" name="submit" value="Update"> <input type="button" value="Cancel" onClick="history.go(-1);"> </form> <?php } else { $query = "SELECT * FROM user_info WHERE username = '" . $_SESSION['user_logged']. "' AND password = (password('" . $_SESSION['user_password'] . "'));"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); $hobbies = explode(", ", $row['hobbies']) ?> <form action="update_account.php" method="post"> Email: <input type="text" name="email" value="<?php echo $row['email']; ?>"><br> City: <input type="text" name="city" value="<?php echo $row['city']; ?>"><br> State: <input type="text" name="state" value="<?php echo $row['state']; ?>"><br> Hobbies/Interests: (choose at least one)<br> <select name="hobbies[]" size="10" multiple> <option value="Golfing"<?php if (in_array("Golfing", $hobbies)) echo " selected"; ?>>Golfing</option> <option value="Hunting"<?php if (in_array("Hunting", $hobbies)) echo " selected"; ?>>Hunting</option> <option value="Reading"<?php if (in_array("Reading", $hobbies)) echo " selected"; ?>>Reading</option> <option value="Dancing"<?php if (in_array("Dancing", $hobbies)) echo " selected"; ?>>Dancing</option> <option value="Internet"<?php if (in_array("Internet", $hobbies)) echo " selected"; ?>>Internet</option> <option value="Flying"<?php if (in_array("Flying", $hobbies)) echo " selected"; ?>>Flying</option> <option value="Traveling"<?php if (in_array("Traveling", $hobbies)) echo " selected"; ?>>Traveling</option> <option value="Exercising"<?php if (in_array("Exercising", $hobbies)) echo " selected"; ?>>Exercising</option> <option value="Computers"<?php if (in_array("Computers", $hobbies)) echo " selected"; ?>>Computers</option> <option value="Other Than Listed"<?php if (in_array("Other Than Listed" , $hobbies)) echo " selected"; ?>>Other Than Listed</option> </select><br><br> <input type="submit" name="submit" value="Update"> <input type="button" value="Cancel" onClick="history.go(-1);"> </form> <?php } ?> </body> </html> If anyone could shed any light on this i'd be most grateful, thanks!
-
Hi! I was just wondering, is it possible to use both JavaScript and PHP validation on a form? I.e JavaScript checks the form in the page, then when it is ok it's sent to the server and checked again via PHP. If it is possible would this really be practical or necessary?
-
Does anyone think ebuyer could be developed in PHP?
-
Thanks Daniel, i'm aware of Facebook but didn't realise Yahoo and Digg use PHP. Does anyone know of any large e-commerce sites using PHP though? For example an amazon type site.
-
Hello! I'm writting a dissertation on PHP I was just wondering if anyone knew of any large companies that use PHP web sites? Preferrably e-commerce sites. Thanks for any input!
-
Good Evening Gents! I'm having problems. When I add certain quantitys of products to my shopping basket they appear present and correct. However, when I get to the last stage of my checkout all the quantitys of products in the basket are changed to the same. eg: 2 x test 4 x test2 becomes: 4 x test 4 x test2 I've spent all day playing with it to no avail. It's frustraiting because once this is sorted my site should be finished - touch wood! Any suggestions would be gladfully recieved! checkout2.php The user is asked to confirm products here, the quantitys appear correct. <?php $sessid = session_id(); $query = "SELECT * FROM baskettemp WHERE sess = '$sessid'"; $results = mysql_query($query) or die (mysql_query()); while ($row = mysql_fetch_array($results)) { extract ($row); $prod = "SELECT * FROM products WHERE id = '$prodnum'"; $prod2 = mysql_query($prod); $prod3 = mysql_fetch_array($prod2); extract ($prod3); echo "<td>"; echo $quan; echo "</td>"; echo "<td>"; echo $type; echo "</td>"; echo "<td>"; echo $name; echo "</td>"; echo "<td align='right'>"; echo $price; echo "</td>"; echo "<td align='right'>"; //get extended price $extprice = $price * $quan; echo number_format($extprice, 2); echo "</td>"; echo "<td>"; echo "</td>"; echo "<td>"; echo "<a href='basket.php'>Make Changes to basket</a>"; echo "</td>"; echo "</tr>"; //add extended price to total $total = $extprice + $total; } ?> checkout3.php This is the receipt. The quantitys appear all the same... <?php //3) Insert Info into orderdet //find the correct basket information being temporarily stored $query = "SELECT * from baskettemp WHERE sess='$sessid'"; $results = mysql_query($query) or (mysql_error()); //put the data into the database one row at a time while ($row = mysql_fetch_array($results)) { extract ($row); $query4 = "INSERT INTO orderdet (ordernum, qty, prodnum) VALUES ( '$orderid', '$quan', '$prodnum')"; $insert4 = mysql_query($query4) or (mysql_error()); } ?> <?php $query = "SELECT * from orderdet WHERE ordernum = '$orderid'"; $results = mysql_query($query) or die (mysql_query()); while ($row = mysql_fetch_array($results)) { extract ($row); $prod = "SELECT * FROM products WHERE id = '$prodnum'"; $prod2 = mysql_query($prod); $prod3 = mysql_fetch_array($prod2); extract ($prod3); echo "<tr>"; echo "<td>"; echo $quan; echo "</td>"; echo "<td>"; echo $type; echo "</td>"; echo "<td>"; echo $name; echo "</td>"; echo "<td>"; echo $quote_no; echo "</td>"; echo "<td>"; echo $price; echo "</td>"; echo "<td>"; //get extended price $extprice = $price * $quan; echo number_format($extprice, 2); echo "</td>"; } ?>
-
I've tried playing around with those ideas but now get this error message - Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\website\basket.php on line 158 You have products in your basket. Any more suggestions? <?php $sessid = session_id(); //display number of products in cart $query = "SELECT SUM (quan) as total from baskettemp WHERE sess = '$sessid'"; $rowx = mysql_fetch_array($query); echo "You have " . $rowx['total'] . "products in your basket."; ?> <br /><br /> <table border="1" align="center" cellpadding="5"> <tr> <td>Quantity</td> <td>Type</td> <td>Name</td> <td>Price Each</td> <td>Extended Price</td> <td></td> <tr> <?php $query = "SELECT * from baskettemp WHERE sess = '$sessid'"; $results = mysql_query($query) or die (mysql_query()); while ($row = mysql_fetch_array($results)) { extract ($row); $prod = "SELECT * FROM products WHERE id = '$prodnum'"; $prod2 = mysql_query($prod); $prod3 = mysql_fetch_array($prod2); extract ($prod3); echo "<td><form method = 'POST' action='change.php'> <input type='hidden' name='prodnum' value='$prodnum'> <input type='hidden' name='sessid' value='$sessid'> <input type='hidden' name='hidden' value='$hidden'> <input type='text' name='qty' size='2' value='$quan'>"; echo "</td>"; echo "<td>"; echo $type; echo "</td>"; echo "<td>"; echo $name; echo "</td></a>"; echo "<td align='right'>"; echo $price; echo "</td>"; echo "<td align='right'>"; //get extended price $extprice = $price * $quan; echo number_format($extprice, 2); echo "</td>"; echo "<td>"; echo "<input type='submit' name='Submit' value='Change Qty'> </form></td>"; echo "<td>"; echo "<form method = 'POST' action='delete.php'> <input type='hidden' name='prodnum' value='$prodnum'> <input type='hidden' name='qty' value='$quan'> <input type='hidden' name='hidden' value='$hidden'> <input type='hidden' name='sessid' value='$sessid'>"; echo "<input type='submit' name='Submit' value='Delete Item'> </form></td>"; echo "</tr>"; //add extended price to total $total = $extprice + $total; } ?>
-
Sorry to bump this but, just wondering if any one has any thoughts before I turn in for the night?