I-AM-OBODO

Wow! after much playing around. Got it <?php $stmt = $pdo->query("SELECT acct_num FROM table ORDER BY id DESC"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $acct_num = $row['acct_num']; echo "<option> $acct_num </option>"; } ?> Thanks all

Hi all. how can i make the values show like a list. I tried html line break "<br>" and php \n but all to no avail. It just show all the values in one straigth line. example of what i want is for the values to appear like this: 1234567890 0987654345 4567890675 instead of : 1234567890 0987654345 4567890675 Thanks <form data-abide method="post" action=""> <div> <select name=""> <option value="name"> <?php $stmt = $pdo->query("SELECT acct_num FROM table order by id desc"); while ( $row = $stmt->fetch(PDO::FETCH_ASSOC) ) { echo $row['acct_num']; } ?> </option> </select> </div> <div> <label>New Password <small>required</small></label> <input type="password" name="password" id="password" required> <small class="error">New password is required and must be a string.</small> </div> <div> <label>Confirm New Password <small>required</small></label> <input type="password" name="password2" id="password2" required> <small class="error">Password must match.</small> </div> <input name="submit" type="submit" class="button small" value="Change Password"> </form>

Thanks.

I could do this with a while but was thinking It's bad practice that why I need to know. "select password from table where username = username and password = password"; while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) { $hash =$row['password'] ; }

I know that the password ought be stored in database and I also know that the verify is used to check if the password is ok. my question is how to retrieve the password and assign the value to $hash. I could do a while query to store result in $hash but I read somewhere that It's bad practice cos that would expose the hashed password thereby given the security a loophole.

Hi. I've been trying to understand the concept of password_hash but so far it has eluded me! registration <?php if(isset($_POST['submit'])){ $name = $_POST['name']; $email = $_POST['email']; $password = $_POST['password']; //$pass_hash = PassHash::hash($_POST['password']); $hash = password_hash($password, PASSWORD_BCRYPT); $stmt = $pdo->prepare("INSERT INTO hash_test(name, email, password) VALUES(:name, :email, :password)"); $stmt->execute(array( ':name' => $name, ':email' => $email, ':password' => $hash )); if ($stmt->rowCount() ==1){ echo "Registration Successful"; }else{ echo "There was a problem taking your request"; } } ?> The registration is working fine and all fields are inserted. The problem is when loggin in, its giving me an error : unknown variable which is the $hash. The verify parameter is thus: password_verify($password, $hash) I believe the $password is the users password for login, now how/when/where do assign a value to $hash? since in my db i have email(username) password. Do i need to store the hash separately on the db? Can someone please enlighten me more my login code <?php if(isset($_POST['login'])){ $password = $_POST['password']; $stmt = $pdo->prepare("SELECT email, password FROM hash_test WHERE email=:email AND password=:password"); $stmt->execute(array( ':email' => $_POST['email'], ':password' =>$password )); //if ($stmt->rowCount() ==1){ if (password_verify($password, $hash)) { /* Valid */ echo "Right"; } else { /* Invalid */ echo "wrong"; } //} } ?> THANKS

I wonder what's wrong with me. I've seen the problem. Thanks my head was beclouded thank you very much

sorry if you dont get me right. i have a table that has a transaction date and expiry date. I want to create another column where i can see the intervals between the order date and expiry date. i want to see them without doing a where clause. example Name Date Paid Expiry Date Date Difference John 2014-11-07 2014-12-01 24 days Doe 2014-11-07 2014-11-10 3 days This is what i did $stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM ca_payment"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo $row['diffdate']; } but its showing the total sum of date difference of all the column which is not what i want

Hi all. How can i see all the difference between two dates in a column. I know to see a single date difference we can do: $stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM table_name"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo $row['diffdate']; } but i want all the difference to show in a table along with other details. thanks

Thanks all. Been out of town for a while that's the reason i'm reply now. I managed to get it to work. i changed a couple of things and i cannot really pin-point what made it work. I removed all the mysql_real_escape_string and changed the path. Thank you so very much. ps: still studying password_hash so that i can start implement.

yes I think pdo is enabled cos I could log in at the admin end and It's using pdo

thanks for yours above. the password hashing is same both on logging. I said I could login on my localhost but cant when live.

Nope. jus t didn't include it here

Oh I forgot to mention that even with path as is, it's logging into the intended area with mysql but when modified to pdo, it doesn't log in

Thanks all. I'm in transit. will try them out. I think the problem should be the path. and my password will change to sha1 or maybe after md5 then I sha1 again or what do u think? my admin uses a different login totally from the users.

Hi all. I'm really having an awful time. Pls what could be the problem with this cos i can login into my local server but cant login when i go live. thanks <?php if(isset($_POST['login'])){ $username=$_POST['username']; $password=$_POST['password']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $pass = md5($password); $stmt = $pdo->prepare("SELECT * FROM confirm WHERE username=:username AND password=:password"); $stmt->execute(array( ':username' =>$username, ':password' => $pass )); if ($stmt->rowCount() ==1){ $_SESSION['username'] = $username; $_SESSION['password'] = $password; header("location: ./account/"); exit(); } else { echo 'Invalid Username or Password'; } } ?>

how do I go about implementing it using pdo. guess will need a crash course on pdo

I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time. I'd like a pointer towards the right/best thing to do should my code not be worthy. Thanks and heres my code: <?php $user_ip = $_SERVER['REMOTE_ADDR']; $table_name = "loginattempts"; $query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($query) or die("Invalid Login"); while($row = mysql_fetch_array($result)){ $count = $row['attempts']; } if($count == 3){ echo("Your login attempt is completed"); }else{ $insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($insert); $update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'"; $result = mysql_query($update); } $update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'"; $result = mysql_query($update); ?>

Thanks all. Sometimes clients just want to have it there way even when you try to discourage them of bad practices. Thanks very much. will keep your advise in mind.

Thanks and yes I do.

The reason to move to another table is for easy reference. so that I'll create a link that will contain only transaction to come up in 10 days time. that's what the client wants. thanks

Hi all. I have an issue and don't know how to go about it. I have a table that contains user orders. I want to move only orders that will be due in 10 days time to another table. How can I achieve that? thanks

Hi. how can I control a progress meter/bar to display errors when it failed to reach 100% or on getting to a point? thanks

when I try accessing my site, it just wont see it. I guess the .htaccess cant locate the .htpasswd. I also believe my directory structure is the problem but how do I fix it.

its not working