Jump to content

hansford

Members
  • Posts

    562
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by hansford

  1. I can only direct you to other resources http://detectmobilebrowsers.com/ Maybe others can chime in on tested and reliable resources.
  2. If you're using an html form to upload files then why do you need to execute a shell command. You can upload the files and use the $_FILES array to upload the file from the temp dir to a perm dir. If you need to run a shell command then you can use shell_exec() for that.
  3. To elaborate on NotionCommon's comment: If your tables have common data then you can use INNER JOIN which will return the data that the selected tables have in common. If your tables have no common data or possibly some common data then you can use FULL OUTER JOIN which will return all rows from selected tables whether or not they share common data or not.
  4. Forget the loop to get the max value of all array values within the: $_SESSION["products"]["shipping1"] if this session variable is indeed an array of values, then all you need to do to get the highest value from all values is: echo max($_SESSION["products"]["shipping1"]); No loop required for this one.
  5. funderboltz - answer this question and then post: Are you attempting to post to the same page - or do you have an html page and then the form posts to a php page? Put the name of the file and the extension ..ie ".html" or ".php" and then post the code for that page. Tell us exactly the error you get or don't get. make sure to have error reporting on with any pages that contain php coding. <?php error_reporting(E_ALL); ini_set('display_errors', true); If you are getting database related errors - post the error and then post what version of php you're using. echo phpversion();
  6. Jacques1 is way on the mark here and it's serious business in our profession. I've put together registration and login systems, but I'm never sure if it's secure or even makes sense in a professional opinion. It's just one of those areas that we really need to research and get other's opinions on before we are set on any given system. If you look in the user's table you will find a human-readable username, but the password is some jacked up long hash. $2a$07$zUEQ7QtcEwO6NXSNQLpncOcDksTfykrtfhseVotDH4sEMxlfD9kJO When authenticating I grab the salt from the users table and the password supplied by the login form and pass it to a function. $pass = $_POST['password']; // authenticate password $row = $stm->fetch(PDO::FETCH_ASSOC); $salt = $row['salt']; $hashed_pass = generate_hash($pass, $salt); if ($hashed_pass === $row['password']) { // password is authentic } function generate_hash($password, $salt, $rounds = 7) { // crypt might not be the best approach for this anymore return crypt($password, sprintf('$2a$%02d$', $rounds) . $salt); }
  7. <?php session_start(); $error = ''; if ( ! isset($_POST['submit'])) { // redirect them back to the login page } if ( ! isset($_POST['username']) || ! isset($_POST['password'])) { // redirect them back to the login page } $username = trim($_POST['username']); $password = $_POST['password']; if ($username != '' && $password != '') { $con = new mysqli("localhost", $dbuser, $dbpass, $dbname); if ($con->connect_errno) { // debug mode - in production send the user some nice message like "try again later" echo 'Failed to make db connection: ' . $con->connect_error; exit(); } else { // Just need the count from the query unless you need other data from the login table $stmt = $con->prepare("SELECT COUNT(*) FROM login WHERE password=? AND username=?"); $stmt->bind_param($password, $username); $stmt->execute(); // check if anything was returned from query if (($stmt->fetchColumn()) > 0) { $_SESSION['login_user'] = $username; header("location: profile.php"); } else { $error = "Username or Password are invalid"; } } } else { $error = "Username or Password are invalid"; }
  8. <link rel="stylesheet" type="text/css" href="loginstyle.css"> The stylesheet link needs to go inside the head element.
  9. You state you want the highest shipping1 value from session, but then you attempt to get the highest value from a query. Not exactly clear as to what you want. If the query is what you are looking for then gingerjm gave you the solution and also noted to take the query out of the session loop. $query1 = "SELECT MAX(shipping1) as maxshipping1 FROM $table1 WHERE inventar='$inventor'"; $result1 = $link1->query($query1) or die ("Database Error!"); $row = mysqli_fetch_row($result1); echo $row['maxshipping1'] . "<br>"; However, if you want the highest value from the sessions array named: $_SESSION["products"]["shipping1"] you need something like this: $shippall = max($_SESSION["products"]["shipping1"]);
  10. If you're using the same database include file for all pages, then the code needs to use the same variable name of the database object created. So, if conn.php creates the object then: $requestLogin = $retreat->query("SELECT * FROM login WHERE username='$username' AND password='$password'"); The object created better be named $retreat if it's going to work on this page. Otherwise rename $retreat whatever variable name you used to create the object. conn.php should have this code or something similar. As you can see - the object created is named $retreat. $retreat = new mysqli($hostname, $username, $password, $database); if ($retreat->connect_errno) { echo $retreat->connect_errno . ' : ' . $retreat->connect_error; }
  11. Yeah sorry, because I'm trying to write code and keep track of your variable names at the same time. $requestLogin = $retreat->query("your query here"); while ($row = $requestLogin->fetch_assoc())
  12. Will need this too because you're using an object now..couple more changes. $getUser = $retreat->query("your query here"); while ($row = $retreat->fetch_assoc()) { // add your loop code here }
  13. $retreat = new mysqli($hostname, $username, $password, $database); if ($retreat->connect_errno) { echo $retreat->connect_errno . ' : ' . $retreat->connect_error; }
  14. It's not complex, just new to you. Wherever a user can go once they are logged in will require session_start() at the top of the page as CroNiX stated. Absolutely, post any questions, along with relevant code, that's what everyone is here for - to assist you in the journey.
  15. Strider64 and NotionCommotion both gave you sound advice - which if you take, will make your programming journey that much easier and more enjoyable.
  16. You would need something along the lines of: $con = new PDO("$this->db:host=$this->host;dbname=$this->dbname",$this->user,$this->pass); If you wanted to use this in a function then you need to make the function aware of your database connection (variable scope) An easy way of accomplishing this is through dependency injection - simply pass the variable to your function in the form of an argument. function referralCount($uid,$reflvl,$DB)
  17. You are using a relative url for the path. I don't where the file is relative to your script, but I would use __DIR__ or $_SERVER['DOCUMENT_ROOT'] Before I write external functions, class files, etc. I throw together a basic bare bones script and execute it. I do this just so I know I have the path correct, that I can use file_get_contents(), that my file permissions are correct etc. error_reporting(E_ALL); ini_set('display_errors',1); define('br', '<br />'); $cachePath = $_SERVER['DOCUMENT_ROOT'] . '/cache/nowcast-cache.txt'; $url = 'http://api.wunderground.com/api/XXXXXXXXXXXX/geolookup/conditions/q/TX/mesquite.json'; if(($data = @file_get_contents($url)) === false) { echo 'file_get_contents() failed as usual' . br; exit(); // no need to go any further until this is fixed } if((@file_put_contents($cachePath, $data)) === false) { echo 'file_put_contents() failed' . br; }
  18. I ran my code, fixed some issues. So, this example works on a live server. Need to remember to give write privileges to the file and directory. <?php $error = array(); if (isset($_POST['submit'])){ // create an array to input data in each csv row $row = array(); // assuming (from code presented) // you only need to check that location isset and not an empty string if (isset($_POST['location']) && $_POST['location'] != '') { //collect form data $row[] = $location = $_POST['location']; $row[] = $ID = $_POST['ID']; $row[] = $section = $_POST['section']; } else { $error[] = 'Name is required'; } // if you need to check more $_POST vars - do it here;same as above. // just edit the above code to not include that $_POST var in the $row[] array if ( ! empty($error) ) { // for dubugging this is fine, but think 'user friendly' when in production // display errors foreach ($error as $err) { echo "<p style='color:#ff0000;'>$err</p>"; } exit(); } // You create the path and filename // don't rely on stringing together user input to do it for you // fopen() could choke // You don't want spaces and bs chars in your path and filename //$my_file = 'whatever_path/' . 'whatever_file_name.csv'; $my_file = $_SERVER['DOCUMENT_ROOT'] . '/phpfreaks/' . 'test.csv'; // using 'a' since it won't overwrite an existing file name's content, but append to it // it will still create it if it doesn't exist. $handle = @fopen($my_file, "a"); if ( ! $handle) { // do error handling - file failed to create/open for appending // killing execution during debugging is fine, but // be more gentle on users in production echo 'failed to open file'; exit(); } // write line to csv file if ((fputcsv($handle, $row)) === false) { echo 'failed to write csv file.'; } // close file fclose($handle); } ?>
  19. There's a lot of in's and out's so I'm just going to illustrate basic handling. Don't think of this code as "production code" - I don't even know if it works lmao! <?php $error = array(); if (isset($_POST['submit'])){ // create an array to input data in each csv row $row = array(); // assuming (from code presented) // you only need to check that location isset and not an empty string if (isset($_POST['location']) && $_POST['location'] != '') { //collect form data $row[] = $location = $_POST['location']; $row[] = $ID = $_POST['ID']; // $row[] = $section = $_POST['section']; } else { $error[] = 'Name is required'; } // if you need to check more $_POST vars - do it here // just edit the above code to not include that $_POST var in the $fields[] array if (isset($_POST['ID']) && $_POST['ID'] != '') { $row[] = $ID = $_POST['ID']; } else { $error[] = 'ID is required'; } // if errors - display errors and stop the code here and now if ( ! empty($error) ) { // for dubugging this is fine, but think 'user friendly' when in production // display errors foreach ($error as $err) { echo "<p style='color:#ff0000;'>$err</p>"; exit(); } } // You create the path and filename // don't rely on stringing together user input to do it for you // fopen() could choke // You don't want spaces and bs chars in your path and filename $my_file = 'whatever_path/' . 'whatever_file_name.csv'; // watch it here - if file already exists, you could overwrite existing data $handle = @fopen($my_file, "w"); if ( ! $handle) { // do error handling - file failed to create // die() during debugging is fine, but be more gentle on users in production } // write data to csv file // you only have one line to write, but may have more later on - just loop it foreach ($list as $fields) { // need some delimter that tells the code - hey! we are starting a new column // look up fputcsv() as suggested by the senior member, Ch0cu3r. fputcsv($handle, $fields, $delimeter); } fclose($handle); }
  20. $sql = "UPDATE $tbl_name SET active=0 WHERE id={".mysqli_real_escape_string($con, $_GET['id'])."}"; Don't do this. It's unreadable, a pain to debug. Don't use raw $_GET or $_POST vars directly in queries - this will come back to bite you. Never trust a user's input - especially $_GET // prepared statements and none of this embedded php functions in queries
  21. Is this a pagination problem. Just read QuickOldCar's post. "lights just came on" if it is lol.
  22. Tell us this: Are we dealing with a single table and multiple columns or multiple tables with columns? Just to let you know (not trying to be a smart-ass, just not understanding where you are coming from) - the following code piece creates an array called "$row" if any results are returned by the query. Each array element will contain a new row of information. $row = mysql_fetch_assoc($query_result); If you wanted to loop through the result set you should be doing this: while($row = mysql_fetch_assoc($query_result)) { // do your if/else checks here // this array will continue until all rows returned from your query are exhausted }
  23. That is what the query statement is for. You only wanted, at max, 10 results, so that is all the rows you will have in your result set, unless there are actually less than 10 rows for that given query. What your code does is loop through the same result set, up to 10, and then you are grabbing different column values (from what you stated). This is highly inefficient. You should have one query or combined queries if needed, and then a single loop with all of your if/else statements to extract the data needed.
  24. I don't exactly understand the b1,2 thing, but whatever results you get should rely on the query. I also don't understand the $i variable loop. Not understanding the problem I'm just throwing code out there. //$query = "Select * FROM table WHERE column='stuff' AND parent='1,2' ORDER BY id DESC LIMIT 10"; $query = "Select * FROM table WHERE column='stuff' AND(parent=1 OR parent=2) ORDER BY id DESC LIMIT 10"; $query_result = mysql_query($query); $num_rows = mysql_num_rows($query_result); if ($num_rows > 0) { //mysql_close(); //for($i=0; $i< $num_rows; $i++){ //start a loop //$stuff = mysql_result($query_result, $i, "column"); $url = ''; while($row = mysql_fetch_assoc($query_result)) { if($row['parent'] == 1) { $url = 'http://google.com'; } elseif($row['parent'] == 2) { $url = 'http://www.bing.com'; } // if you get here and $url is == ''; // then it isn't equal to either of those values } }
  25. session_start(); This should to be called at the top of the page before any output to the browser. There is a default buffer size set in php.ini, but it's different depending on which version you're using. So you may get away with echoing output prior to session_start(), but why risk it and it's simply a poor practice. Also, error_reporting should be called before any other PHP code is executed as well. Get in the practice of putting all of that code at the top of the page and not strewn all over here and there.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.