-
Posts
439 -
Joined
-
Last visited
Posts posted by I-AM-OBODO
-
-
still wouldn't work. could it be cos the result value is not in the database? cos diff is d result of a datediff value.
I.e
$stmt=$pdo->query("select datediff(due, paid) as diff where name =:name"); $stmt->execute() while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) { $diff=$row['diff'] ; } switch ($diff) { case 0: case 1: case 2: case 3: case 4: case 5: $point = 6; break; case 6: case 7: case 8: case 9: case 10: $point = 4; break; default: $point = 1; } echo $point; $total_points = 0; // DEFINE the variable begin loop $points = $point; // get points value $total_points += $points; // accumulate points total endloop echo $total_points;
in the above code let's say I have 6 as $diff on the first row and on the second row I have $diff as 4, the $total_points ought be 10 but its giving me 6 -
still wouldn't work. could it be cos the result value is not in the database? cos diff is d result of a datediff value.
I.e
$stmt=$pdo->query("select datediff(due, paid) as diff where name =:name"); $stmt->execute() while ($row = $stmt->fetch (PDO::FETCH_ASSOC)) { $diff=$row['diff'] ; } switch ($diff) { case 0: case 1: case 2: case 3: case 4: case 5: $point = 6; break; case 6: case 7: case 8: case 9: case 10: $point = 4; break; default: $point = 1; } echo $point; $total_points = 0; // DEFINE the variable begin loop $points = $point; // get points value $total_points += $points; // accumulate points total endloop echo $total_points;
in the above code let's say I have 6 as $diff on the first row and on the second row I have $diff as 4, the $total_points ought be 10 but its giving me 6 -
I did so but It's saying undefined variable: total_point and yet brings the result of only one row without adding the column
-
but how can I sum all the values from $point?
-
Thanks @all
-
Hi, I have a point that is assigned to an individual based on their duration in the program. I used datediff to calculate the date difference and the result I assigned to a variable.
Now I want to do this: if day = 0-5, point =6
what I did was
if($diff == 0 OR 1 OR 2 OR 3 OR 4 OR 5){ $point =6; }elseif($diff == 6 OR 7 OR 8 OR 9 OR 10){ $point =4; } else $point =1; } echo $point;
-
Wow! after much playing around. Got it
<?php $stmt = $pdo->query("SELECT acct_num FROM table ORDER BY id DESC"); while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $acct_num = $row['acct_num']; echo "<option> $acct_num </option>"; } ?>
Thanks all
-
Hi all.
how can i make the values show like a list. I tried html line break "<br>" and php \n but all to no avail. It just show all the values in one straigth line.
example of what i want is for the values to appear like this:
1234567890
0987654345
4567890675
instead of :
1234567890 0987654345 4567890675
Thanks
<form data-abide method="post" action=""> <div> <select name=""> <option value="name"> <?php $stmt = $pdo->query("SELECT acct_num FROM table order by id desc"); while ( $row = $stmt->fetch(PDO::FETCH_ASSOC) ) { echo $row['acct_num']; } ?> </option> </select> </div> <div> <label>New Password <small>required</small></label> <input type="password" name="password" id="password" required> <small class="error">New password is required and must be a string.</small> </div> <div> <label>Confirm New Password <small>required</small></label> <input type="password" name="password2" id="password2" required> <small class="error">Password must match.</small> </div> <input name="submit" type="submit" class="button small" value="Change Password"> </form>
-
-
I could do this with a while but was thinking It's bad practice that why I need to know.
"select password from table where username = username and password = password";
while ($row = $stmt->fetch
(PDO::FETCH_ASSOC)) {
$hash =$row['password'] ;
}
-
The hashed password needs to be stored in the database.
You will run a query to return the hashed password for the username provided. You use password_verify to confirm the user has entered the correct password.
I know that the password ought be stored in database and I also know that the verify is used to check if the password is ok.
my question is how to retrieve the password and assign the value to $hash. I could do a while query to store result in $hash but I read somewhere that It's bad practice cos that would expose the hashed password thereby given the security a loophole.
-
Hi.
I've been trying to understand the concept of password_hash but so far it has eluded me!
registration
<?php if(isset($_POST['submit'])){ $name = $_POST['name']; $email = $_POST['email']; $password = $_POST['password']; //$pass_hash = PassHash::hash($_POST['password']); $hash = password_hash($password, PASSWORD_BCRYPT); $stmt = $pdo->prepare("INSERT INTO hash_test(name, email, password) VALUES(:name, :email, :password)"); $stmt->execute(array( ':name' => $name, ':email' => $email, ':password' => $hash )); if ($stmt->rowCount() ==1){ echo "Registration Successful"; }else{ echo "There was a problem taking your request"; } } ?>
The registration is working fine and all fields are inserted. The problem is when loggin in, its giving me an error : unknown variable which is the $hash. The verify parameter is thus:
password_verify($password, $hash)
I believe the $password is the users password for login, now how/when/where do assign a value to $hash? since in my db i have email(username) password. Do i need to store the hash separately on the db? Can someone please enlighten me more
my login code
<?php if(isset($_POST['login'])){ $password = $_POST['password']; $stmt = $pdo->prepare("SELECT email, password FROM hash_test WHERE email=:email AND password=:password"); $stmt->execute(array( ':email' => $_POST['email'], ':password' =>$password )); //if ($stmt->rowCount() ==1){ if (password_verify($password, $hash)) { /* Valid */ echo "Right"; } else { /* Invalid */ echo "wrong"; } //} } ?>
THANKS
-
Are you sure you posted the query that is giving that result?
mysql> SELECT name -> , date_paid -> , expiry_date -> , DATEDIFF(expiry_date, date_paid) as diff -> FROM test_chidi; +------+------------+-------------+------+ | name | date_paid | expiry_date | diff | +------+------------+-------------+------+ | John | 2014-11-07 | 2014-12-01 | 24 | | Doe | 2014-11-07 | 2014-11-10 | 3 | +------+------------+-------------+------+
edit: where does next_due come from - you don't mention that in your data?
I wonder what's wrong with me. I've seen the problem.
Thanks my head was beclouded
thank you very much
-
Your question is vague. What do you mane show "all the difference between two dates in a column"? Give an example of a small set of data and what the expected output would be.
sorry if you dont get me right.
i have a table that has a transaction date and expiry date. I want to create another column where i can see the intervals between the order date and expiry date. i want to see them without doing a where clause.
example
Name Date Paid Expiry Date Date Difference
John 2014-11-07 2014-12-01 24 days
Doe 2014-11-07 2014-11-10 3 days
This is what i did
$stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM ca_payment");
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo $row['diffdate'];
}
but its showing the total sum of date difference of all the column which is not what i want
-
Hi all.
How can i see all the difference between two dates in a column. I know to see a single date difference we can do:
$stmt = $pdo->query("SELECT DATEDIFF(date_paid, next_due) AS diffdate FROM table_name");
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo $row['diffdate'];
}
but i want all the difference to show in a table along with other details.
thanks -
Thanks all.
Been out of town for a while that's the reason i'm reply now.
I managed to get it to work. i changed a couple of things and i cannot really pin-point what made it work. I removed all the mysql_real_escape_string and changed the path.
Thank you so very much.
ps: still studying password_hash so that i can start implement.
-
It's a bad idea, one of the 3 mentioned above.
That would not make it more secure and increase the chance of a collision.
Is pdo even enabled on that server?
ensure the extension is uncommented in the php.ini file
extension=php_pdo_mysql.dll
Enable error reporting as mac_gyver suggested.Top of your script.
error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1');
You can wrap the pdo in a try/catch block and see any errors[cuode=auto:0]try {
$stmt = $pdo->prepare("SELECT * FROM confirm WHERE username=:username AND password=:password");
$stmt->bindValue(':username', $username, PDO::PARAM_STR);
$stmt->bindValue(':password', $pass, PDO::PARAM_STR);
$stmt->execute();
}
catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die();
}[/code]
yes I think pdo is enabled cos I could log in at the admin end and It's using pdo
-
your code has no apparent error checking logic in it and any of the pdo statements could be failing due to errors. after you make the pdo connection, you should set the error mode to exception and you should set emulated prepares to off/false. you should also have php's error_reporting set to E_ALL and display_errors set to ON when debugging any code problems to get php to help you.
you also need to use the same password hashing method in the login code that was used when the user's account was created. what exactly is your user registration password hashing code?
thanks for yours above. the password hashing is same both on logging.
I said I could login on my localhost but cant when live.
-
did you forget session_start(); ?
Nope. jus t didn't include it here
-
Oh I forgot to mention that even with path as is, it's logging into the intended area with mysql but when modified to pdo, it doesn't log in
-
Thanks all. I'm in transit. will try them out. I think the problem should be the path. and my password will change to sha1 or maybe after md5 then I sha1 again or what do u think?
my admin uses a different login totally from the users.
-
Hi all. I'm really having an awful time. Pls what could be the problem with this cos i can login into my local server but cant login when i go live.
thanks
<?php if(isset($_POST['login'])){ $username=$_POST['username']; $password=$_POST['password']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $pass = md5($password); $stmt = $pdo->prepare("SELECT * FROM confirm WHERE username=:username AND password=:password"); $stmt->execute(array( ':username' =>$username, ':password' => $pass )); if ($stmt->rowCount() ==1){ $_SESSION['username'] = $username; $_SESSION['password'] = $password; header("location: ./account/"); exit(); } else { echo 'Invalid Username or Password'; } } ?>
-
how do I go about implementing it using pdo. guess will need a crash course on pdo
-
I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time.
I'd like a pointer towards the right/best thing to do should my code not be worthy.
Thanks and heres my code:
<?php $user_ip = $_SERVER['REMOTE_ADDR']; $table_name = "loginattempts"; $query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($query) or die("Invalid Login"); while($row = mysql_fetch_array($result)){ $count = $row['attempts']; } if($count == 3){ echo("Your login attempt is completed"); }else{ $insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'"; $result = mysql_query($insert); $update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'"; $result = mysql_query($update); } $update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'"; $result = mysql_query($update); ?>
How to do this
in PHP Coding Help
Posted
It's all working now.
Thanks @QuickOldCar and @Barand