btr2007

I have a webpage which has the following: WEBPAGE <form method="post" action="http://www.xxxx.nz/Scripts/xxxxemail.php" enctype="multipart/form-data"> <div> <input type="hidden" name="redirect" value="http://xxxxxxx.net.nz/xxxxyou.php" /></div> <form> <table border="1"> <tr><td>Company Name (required)</td><td><input type="text" name="Business" /></td></tr> <tr><td>Email Address (required)</td><td><input type="text" name="Email" /></td></tr> <tr><td>Wish To Sign Up For ?</td><td><select size="1" name="xxxxxxx"> <option value="No">No</option> <option value="Yes">Yes</option> xxxxxx xxxxxx xxxxxx <input type="submit" value="Submit for Quote" /></td></tr> xxxxemail.php <?php require '/home/xxxxxz/Includes/connect.php'; /* Assign all variables passed from the form */ $business = mysql_real_escape_string($_POST['Business']); xxxxxx xxxxxx /* Sending email with information to us */ $to = "kerryxxxxx"; $subject = "xxxxx"; $random_hash = md5(date('r', time())); $headers = 'From: xxxxxxx'; $headers .= "\r\nContent-Type: multipart/alternative; boundary=\"PHP-alt-".$random_hash."\""; ob_start(); ?> --PHP-alt-<?php echo $random_hash; ?> Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 7bit <!-- Email Content --> <? include '/home/xxxxxx/Includes/laqcquote.inc'; ?> <!-- End of Email Content --> --PHP-alt-<?php echo $random_hash; ?>-- <?php $html = ob_get_contents(); ob_end_clean(); $body = $html; mail($to, $subject, $body, $headers); /* Once Complete return to............*/ header("Location: https://xxxxxxxxxxxxxxxxxxx/qxxxxxyou.php"); ?> if I want to add the recaptcha and have it verify what do i need to do? I have code via recaptcha and it says used a verify.php. If I do that i do not have the web page going through to where I can get the data via email and it does not give me an error message. Can anyone help? This is all new to me and I am struggling to see where I put the recaptcha and to make it work if right and not work if wrong

Yes the users directory is within the root directory. When i included your error check things none of them come up when i test it

Unfortunately that isn't the problem the leadon that i pass to it already has the slash on the end of it. I pass the leadon as /users/username/ uploader being in the base folder wanting it to upload the file to subdirectories of the directory the uploader is in.

<div id="upload"> <div id="uploadtitle"><strong>File Upload</strong> (Max Filesize: <?=$phpmaxsize;?>KB)</div> <div id="uploadcontent"> <? if($phpallowuploads) { $action = "../uploader.php?leadon=" . $leadon . "&client=" . $client; ?> <form method="post" action="<?=$action; ?>" enctype="multipart/form-data"> <input type="file" name="file" /> <input type="submit" value="Upload" /> </form> <? } else { ?> File uploads are disabled in your php.ini file. Please enable them. <? } ?> </div> </div> <? } ?> </div> It is code that came with a directory listing script that i found online. The file I use to test the upload isn't already in the directory. At the moment in the uploader script i have got it so when there is an error it prints the directory on screen and it is always correct. When i was grabbed the form code for you, I was thinking the page that has that on it is located in the restricted directory and calls the uploader from the root directory, do you think this would have any impact?

The upload script is located just in the root directory. I just changed the user directories to permission 777 and it still tells me the upload failed.

I am trying to have an uploader so visitors can upload files to some directories that I don't want people to have direct access to. I am using .htaccess to redirect people to the homepage if they type in the directory name, but apparently this is stopping my uploader working because it redirects the uploader before it has a chance to upload the file. The following is the uploader code: <?php // Where the file is going to be placed $var1 = $_GET["leadon"]; $var2 = $_GET["user"]; //$path = mysql_real_escape_string('leadon'); $target_path = $var1; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The file " . basename( $_FILES['uploadedfile']['name']) . " has been uploaded"; $to = "email@address"; $subject = "A File has been uploaded by " . $var2; $body = ""; $headers = 'From: email@address'; mail($to, $subject, $body, $headers); }else{ echo $target_path; echo "There was an error uploading the file, please try again!"; } ?> My .htaccess file has the following code in it: redirect /user/username http://www.website.com redirect /user/username/ http://www.website.com RedirectMatch (.*)\index.php http://www.website.com <Files ~ "\.(inc|sql|pdf)$"> order allow,deny deny from all </Files>

Ok I've decided to use some php code to send the email instead. The script i was using is in a pl file and gets stored in the bin. If i can get the php email code to work i will mark this topic as solved but if i don't i will use this topic for questions.

Will that still work when I'm using that Formmail script to send the email? <?php // Where the file is going to be placed $var1 = $_GET["leadon"]; //$path = mysql_real_escape_string('leadon'); $target_path = $var1; /* Add the original filename to our target path. Result is "uploads/filename.extension" */ $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { echo "The file " . basename( $_FILES['uploadedfile']['name']) . " has been uploaded"; /*Add email code here? - can it be a call to formmail or could i use some other script?*/ } else{ echo $target_path; echo "There was an error uploading the file, please try again!"; } ?>

Is there anyway for a form to have two actions? Example: Visitor selects a file to upload and when they click upload it calls the upload script and also sends an email to a recipient using a form-to-mail script. Or is there some code that can be included in the upload script to send an email?

We have just worked out that the logout button works if you are at http://oursite.com but doesnt work when you are at http://www.oursite.com I just tried this code: setcookie('user', $client, time()-(60*60*24*7),'/','.oursite.com'); setcookie('pass', $pass, time()-(60*60*24*7),'/','.oursite.com'); But this doesnt appear to have changed anything.

I am having a problem with my logout. Can someone have a look and tell me what is wrong with the following <?php setcookie('user', $client, time()-(60*60),'/','http://mysite'); // Setting The Cookie setcookie('pass', $pass, time()-(60*60),'/','http://mysite'); // Setting The Cookie header("Location: http://mysite/index.php"); // Redirect To index.php ?>

So where is it best to set the cookies? In the check-user.php file nothing is outputted to the browser. Is it because in index.php check-user.php isn't called until further down the page, in the middle of all the html. I'm getting this error in another place as well, but I think once one is sorted i'll be able to sort the other one

that may have done it, it comes up saying you are logged in and everything but once the cookies are set it has errors along the lines of Warning: Cannot modify header information - headers already sent by (output started at /index.php:7) in /check-user.php on line 18 and also one for line 19 line 18 and 19 are the lines of code that set the cookies

Me again, my problem has now moved on to the cookies and the setting of them. The login is working and that is great but I have code which is meant to change the login area to say 'you are now logged in' and of course have a logout button. But the problem is my cookies don't seem to be setting correctly. setcookie('user', $client, time()+60*60*24*30, "/", ".mydomain.com/", 1); setcookie('pass', $pass, time()+60*60*24*30, "/", ".mydomain.com/", 1); header("Location: http://www.brickcollection.com/btr/test.php"); Then whenever any other page loads it executes this code: if (isset($_COOKIE['user']) && isset($_COOKIE['pass'])) { $client = mysql_real_escape_string($_COOKIE['user']); $pass = mysql_real_escape_string($_COOKIE['pass']); It then checks what type of user you are etc. At the end of the above if stmt I added an else saying 'print 'No Cookies Set';' When I then test the page even after logging it still says the that you are not logged in, but I know that i am because it has redirected to the logged in page.

They are encrypted. It appears to be working now. Well everything except the cookie stuff! We will have a play around with that to try and get that working now though. Thanks for the help!

We got the invalid username and password combination Just a thought what collaboration should the table have

Just tried the Thorpe solution and it said not finding records. Will try the next solution. Feel like we are close to getting it done but something not quite right

mgallforever solution said login failed also. Will try solution from Thorpe now

The solution from revraz comes up login failed. Will try the next solution now

Yes they are

Help - I am having difficulty with the following. For the mysql_query if I set the user and pass to what is actually in the table it works. But if I leave it as shown I get an error message. Can someone tell me what is wrong mysql_connect($sqlhost, $sqluser, $sqlpass); // Connecting To MySql mysql_select_db($sqldb); // Selecting MySql Database $client = $_POST['username']; // Setting The Variable (Always User Different Variable Names Than What Is In Your HTML Forms) $pass = md5($_POST['password']); // Setting The Variable (Always User Different Variable Names Than What Is In Your HTML Forms - Password Should Also Always Be MD5 Encrypted) $clientcheck2 = mysql_query("SELECT * FROM users WHERE user= $client AND pass= $pass"); // Check If Any Users Match Username & Password Entered $clientcheck = mysql_num_rows($clientcheck2); // Number Of Results Of The Query if ($clientcheck > '0') { // If One Or More Users Were Found