ManOnScooter
Members-
Posts
32 -
Joined
-
Last visited
Never
Everything posted by ManOnScooter
-
Ok lemme just break down your question into 2 parts 1. Hashing 2. scripts 3. mysite.com/images with my knowledge, 1. Hashing would mean, saving ur password(or any other field) in an hashed format. Where anybody reading ur database cant find the password. I would suggest sha1 - easy to implement 2. scripts, typically for login pages when you dont have captcha, its easy to make scripts to create repeated inserts into ur database for say username & password so 1 recommended way to prevent this and ensure humans r operating your site, try implementing captcha or sound validations 3. To ensure that no random user gets to view any link - such as - mysite.com/images, i recommend a session tracking to ensure every page is viewed only when certain steps/process is followed. guess its answers ur queries
-
anybody having any suggestions on this one?
-
steps to be followed 1. Fix the number of pictures to be displayed on each page. $perPage - Hardcode this value into all the code pages 2. Read total number of pictures in an array - find the total number of pictures. $totalPictures 3. use some simple math functions i.e. mod & div to find how many times this iteration would be required 4. Display the number of pictures as per $perPage simple isnt it ? lemme know if you have questions
-
I would suggest an if statement for every condition.. a simple function for selection of the database doing this segregation.. lemme know if i got this question right.. I see this as a straight forward code
-
I Need a suggestion on page reload & page refresh, Here i have a condition where on back click of wrong_password.php/welcome.php the page goes to login.php, My login.php page has a CAPTCHA image. So want to make sure on click back click of wrong_password.php/welcome.php page it goes to login.php but login.php is refreshed i.e. it shows a new captcha image. So i need to implement refresh of login.php when it comes from back-click of wrong_password.php/welcome.php I thought abt it and concluded the following steps.. 1. Have a new session parameter page_name so session makes page_no = wrongpassword for wrong_password.php and page_no=welcome for welcome.php 2. On load of login.php it checks this parameter page_no if page_no = wrongpassword or page_no = welcome then the page is redirected to login.php(which works as a refresh) I want to know is there a direct way to refresh the php page? This is adding complications to the process, isnt there a better way to execute this ?? and maybe throw an error message in other cases??
-
I knew i was no good for PHP - u reconfirmed it !! Thanx once again !! ... lemme try this now..
-
Hi All, I know this is dumb & stupid... but, all i want to do is put an "HTML form" from a PHP code, how do i do this ?? is there a way to do it? if ($password1 == $password2) { echo "<form method="post" action="action.php"> <fieldset> <legend>Login</legend> <label for="username">Username:</label><input type="text" name="username" id="username" value="" /> <label for="password">Password:</label><input type="password" name="password" id="password" value="" /> <div id="security"><img src="security-image.php?width=144" width="144" height="30" alt="Security Image" /></div> <label for="code">Security Image:</label><input type="text" name="code" id="code" value="" /> <input type="submit" name="login" id="login" value="Login" /> </fieldset> </form>" } thanx in advance.. Scooter
-
[SOLVED] Several WHERE statements not returning data
ManOnScooter replied to drranch's topic in MySQL Help
I suggest if u mail the table structure-it would be easier to know wots wrong where -
[SOLVED] login and password hashing help
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Thanx MJ that did work, but how do I know where i need to try username='".$_POST['username']."' and where to try $result = mysql_query("SELECT * FROM userlogin WHERE username='$_POST['username']' and passwordHash='$password'") or die(mysql_error()); or was it the magic done with putting the query seperately..?? ManOnScooter Thanx MJDamo.. -
I know this dumb, but just cant get thru.. can anybody see any mistake in the code here?? <?php mysql_connect("localhost", "root", "administrator") or die(mysql_error()); mysql_select_db("test") or die(mysql_error()); $password = sha1($_POST['password']); $result = mysql_query("SELECT * FROM userlogin WHERE username='$_POST['username']' and passwordHash='$password'") or die(mysql_error()); $row = mysql_fetch_array( $result ); echo $row['username']; ?> name of my table-userlogin my table is as follows username passwordHash test1 b444ac06613fc8d63795be9ad0beaf55011936ac test 9bc34549d565d9505b287de0cd20ac77be1d3f2c <html> <body> <form action="2.php" method="post"> username: <input type="text" name="username" /> password: <input type="password" name="password" /> <input type="submit" /> </form> </body> </html> what is interesting is that the IE gives error as http 500 internal server error & firefox says Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\2.php on line 7 Ok i know this is really a dumb question-anybody can give any help?
-
i realised that-and thats the reason - i put it in another hidden HTML variable... <html> <body> <form method="POST"> <input type="text" name="search" value="<?php print $testsearch ?>"> </form> </body> </html> i again lose it - what do u suggest - how do i resolve this?? thanks again Scooter
-
the code goes as follows- anybody got any clues how it should be resolved?? $pageNumber=(isset($_POST["page"]) && is_numeric($_POST["page"])) ? $_POST["page"] :1; $perPage = 10; $padding = 5; $startIndex = ($pageNumber * $perPage) - $perPage; $testsearch = $_POST['search']; $totalCount = "select * from student_adv where name like '%$_POST[search]%'"; $rsCount = mysql_query($totalCount, $conn) or die(mysql_error()); $rowCount = mysql_num_rows($rsCount); print "<div align=\"center\">"; $numOfPages= ceil( $rowCount / $perPage); print "<a href=\"result.php?page=1\">FIRST</a>"; print "</div>"; $sql = "select id, name from student_adv where name like '%$_POST[search]%' order by id limit $startIndex, $perPage"; $rs = mysql_query($sql, $conn) or die(mysql_error()); if ( mysql_num_rows($rs) > 0 ) { while ($row = mysql_fetch_object($rs)) { print "<div>"; print $row->id; print ": "; print $row->name; print "</div>"; } } else { print "sorry!! no rows"; }
-
I am taking input from a form and getting result into the pagination(result.php) so the search i give is $totalCount = "select * from student_adv where name like '%$_POST[search]%'"; my pagination works fine when i hard code the valie of $_POST[search] as John or similar.. but when i go to the next page i get the error as "Notice: Undefined index: search in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\result.php on line 56" i tried putting the value of $_POST[search] in hidden variable-it did not work. I know there is a way out-but wots it- any body got any idea??? is the problem because of $_POST[search] or there could be some other problem? Thanks for help in advance... Scooter!!
-
[SOLVED] New to PHP.. Where am I going wrong here?
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Thanks guys, Thanks ginger & night!! Guess its am doing fine now- should move to the next chapter and more queries.. Thanks again !! Scooter -
[SOLVED] New to PHP.. Where am I going wrong here?
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Ginger, If you were refering to it being done this way.. <?php $con = mysql_connect("localhost","root","administrator"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $result = mysql_query("SELECT details FROM test WHERE first_name = 'scooter'"); echo htmlentities($row["details"]); mysql_close($con); ?> It isnt giving me any value, but the while loop is giving... did i go wrong anywhere? -
[SOLVED] New to PHP.. Where am I going wrong here?
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Thanks Ginger, if i want to do this witout the while loop.. is it possible?? <?php $con = mysql_connect("localhost","root","administrator"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $result = mysql_query("SELECT details FROM test WHERE first_name = 'scooter'"); while($row = mysql_fetch_array($result)) { echo $row['details']; } mysql_close($con); ?> -
[SOLVED] New to PHP.. Where am I going wrong here?
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Thanks, It worked... Ok need a favour, got any online tutorials for doing this kinda stuff? is there a way I can do the above witout using the while loop?? Thanks again... Scooter -
I want to show the result of the database query into the textbox(its a unique result). I am able to show it in the label but not in the text box- any suggestions?? <html> <body> <?php $con = mysql_connect("localhost","root","administrator"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $result = mysql_query("SELECT details FROM test WHERE first_name = 'scooter'"); echo "<table border='1'> <tr> <th>Details</th> </tr>"; echo "</table>"; while($row = mysql_fetch_array($result)) { echo $row['details']; } mysql_close($con); ?> <input type="text" name="q" size="16" value="<?php echo $row["details"]?>"/> </body> </html> Thanks Scooter
-
I think i have got some stuff, google search. Lemme see if it works-will keep you posted. Thanks
-
Thanks, Need some tutorials for filling forms(textbox/textarea from database). eg.filling getting data from database and filling in textbox. Man On Scooter
-
Anybody got any tutorial on the following 1. return value to textbox from database 2. returning single value from Database to browser Thanks Man On Scooter
-
[SOLVED] where did i go wrong? New to PHP
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
ok, I guess i got it.. Thanks anyways... -
[SOLVED] where did i go wrong? New to PHP
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
adam, that dint work.. This one worked <?php $con = mysql_connect("localhost","root","administrator"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $result = mysql_query("SELECT details FROM test WHERE first_name LIKE '%scooter'"); while($row = mysql_fetch_array($result)) { echo $row['details']; } mysql_close($con); ?> is there a way to do it without the while loop?? -
[SOLVED] where did i go wrong? New to PHP
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
adam, all i need to display is the data in the "details" column. The query returns only one row and I want to display only data from "details" column. -
[SOLVED] where did i go wrong? New to PHP
ManOnScooter replied to ManOnScooter's topic in PHP Coding Help
Rajiv, did that.. same error Could you give me a sample code, to try it?