jay7981
-
Posts
175 -
Joined
-
Last visited
Everything posted by jay7981
-
ok so with the code below how would i sanitize? a steamID/authid looks like this STEAM_0:1:16111244 roster.php <?php include './clan_new/config.php'; include './clan_new/access.php'; $db = mysql_connect ($hostname, $username, $password) or die ('Failed to connect to database: ' . mysql_error()); mysql_select_db($database); $query = "SELECT * FROM $member_table WHERE $member_table.rank = 7 ORDER BY $member_table.name ASC"; $result = mysql_query($query) or die ('Failed to query ' . mysql_error()); while ($row = mysql_fetch_assoc($result)) { $steamid = $row['authid']; $name = $row['name']; $email = $row['email']; $fid = $row['fid']; $avatar = $row['avatar']; echo "<tr>"; if ($avatar==""){ echo "<td> </td>"; } else{ echo "<td><img height='35' width='35' src='./clan_new/avatars/$avatar'></td>"; } ?> <td align="center"><a href="viewinfo.php?authid=<?php echo $steamid; ?>"><?php echo htmlentities($name); ?></a></td> <?php echo "<td align=\"center\"><a class=\"style2\" href=\"mailto:$email\" class=\"style2\">$email</a></td>"; if ($fid==""){ echo ""; } else{ echo "<td align=\"center\">+<a class=\"style2\" href=\"steam://friends/add/$fid\">Friend</a></td>"; } echo "</tr>"; } mysql_free_result($result); mysql_close($db); ?> viewinfo.php <?php //Thanks to behicthebuilder if (isset($_GET['authid'])){ $steamid = $_GET['authid']; } else{ $steamid = False; } // Now get the user info from the db if ($steamid){ include './config.php'; include './access.php'; $db = mysql_connect ($hostname, $username, $password) or die ('Failed to connect to database: ' . mysql_error()); mysql_select_db ($database); $query = "SELECT a.authid, a.avatar, a.rank, a.name, a.email, a.fid, b.auth, b.name AS amx_name, b.access, c.id AS sm_id, c.name AS sm_name, c.identity, d.id AS grp_id, d.name AS grp_name, d.flags, d.immunity_level, e.group_id, e.admin_id FROM $member_table a INNER JOIN $admin_table b ON a.authid = b.auth INNER JOIN $smadmin_table c ON a.authid = c.identity INNER JOIN $smadmgrp_table e ON c.id = e.admin_id INNER JOIN $smgroups_table d ON d.id = e.group_id WHERE a.authid= '$steamid'"; $result = mysql_query($query) or die ("Cannot query table " . mysql_error()); $row = mysql_fetch_assoc($result); //clan_members a $authid = $row['authid']; //steamid $rank = $ranks[$row['rank']]; $name = $row['name']; $email = $row['email']; $fid = $row['fid']; $rank_num = $row['rank']; $avatar = $row['avatar']; //admins b $auth = $row['auth']; //steamid $amx_name = $row['amx_name']; $access = $row['access']; //sm_admins c $sm_id = $row['sm_id']; $sm_name = $row['sm_name']; $identity = $row['identity']; $group = $groups[$row['group_id']]; //sm_groups d $grp_id = $row['grp_id']; $grp_name = $row['grp_name']; $flags = $row['flags']; $immunity_level = $row['immunity_level']; //sm_admins_groups e $admin_id = $row['admin_id']; $group_id = $row['group_id']; mysql_free_result($result); mysql_close($db); ?> <table width="100%" border="0" cellpadding="3" cellspacing="3"> <tr> <th scope="row" colspan="4">Member Details for: <?php echo "$name"; ?></th> </tr> <tr> <th width="25%" scope="row"><div align="left">SteamID:</div></th> <td width="75%"><div align="left"> <?php echo "$auth"; ?> </div></td> </tr> <tr> <th scope="row"><div align="left">Name:</div></th> <td><div align="left"> <?php echo "$name"; ?> </div></td> </tr> <tr> <th scope="row"><div align="left">Rank:</div></th> <td><div align="left"> <?php echo "$rank"; ?> </div></td> </tr> <tr> <th scope="row"><div align="left">Email:</div></th> <td><div align="left"> <a href="mailto://<?php echo "$email"; ?>"><?php echo "$email"; ?></a> Email Me </div></td> </tr> <tr> <th scope="row"><div align="left">FriendsID:</div></th> <td><div align="left"> <a href="steam://friends/add/<?php echo "$fid"; ?>"><?php echo "$fid"; ?></a> Add to Friends </div></td> </tr> <tr> <th scope="row"><div align="left">AMXX Flags:</div></th> <td><div align="left"> <?php echo "$access"; ?> </div></td> </tr> <tr> <th scope="row"><div align="left">SourceMod Group:</div></th> <td><div align="left"> <?php echo "$group"; ?> </div></td> </tr> <tr> <th scope="row"><div align="left">Immunity Level:</div></th> <td><div align="left"><?php echo "$immunity_level"; ?></div></td> </tr> <tr> <th scope="row"><div align="left">SourceMod Flags:</div></th> <td><div align="left"><?php echo "$flags"; ?></div></td> </tr> <tr> <th scope="row"> <?php if ($avatar==""){ echo " "; } else{ echo "Avatar"; } ?></th> <td align="left"> <?php if ($avatar==""){ echo " "; } else{ echo "<img height='35' width='35' src='./clan_new/avatars/$avatar'>"; } ?> <div align="left"></div></td> </tr> <tr> <th scope="row"><div align="left"> </div></th> <td> <input type="button" value="Back" onClick="history.go(-1);return true;"></td> </tr> </table> <?php } ?>
-
what do you mean by sanitize ? i know that is a really N00b question but i am that said N00b oh and i switched to the GET method and it works like a charm THANKS behicthebuilder!
-
thanks i will try that code as soon as i get home, the reason i am not using _GET method is i was told that it was unsafe against sql injections and that POST was safer ... is this true? if not then i could change to get.
-
ok this may not be able to be done .... but here goes nothing ... i have a roster that displays member names as a link to thier profile using a form and onclick submit() now what i didnt realize is that the form name will have to increment for each record returned from the query. i am by no means a guru with php so i need some help adding the foreach statement and setting the form name to increment each time what i need: I need this to automatically go +1 for each record returned <form name="view3" action="./viewinfo.php" method="post"> <a href="#" onclick="document['view3'].submit()"> and i need the correct way to use the foreach statement ... i have read the manual and it just confuzzeled me . here is what i have so far. <?php include './clan_new/config.php'; include './clan_new/access.php'; $db = mysql_connect ($hostname, $username, $password) or die ('Failed to connect to database: ' . mysql_error()); mysql_select_db($database); $query = "SELECT * FROM $member_table WHERE $member_table.rank = 6 ORDER BY $member_table.name ASC"; $result = mysql_query($query) or die ('Failed to query ' . mysql_error()); while ($row = mysql_fetch_assoc($result)) { $steamid = $row['authid']; $name = $row['name']; $email = $row['email']; $fid = $row['fid']; $avatar = $row['avatar']; echo "<tr>"; if ($avatar==""){ echo "<td> </td>"; } else{ echo "<td><img height='35' width='35' src='./clan_new/avatars/$avatar'></td>"; } ?> <form name="view3" action="./viewinfo.php" method="post"> <input type="hidden" id="authid" name="authid" value="<?php echo "$steamid" ; ?>" /> </form> <td align="center"><a href="#" onclick="document['view3'].submit()"> <?php echo "$name" ; ?></a></td> <?php echo "<td align=\"center\"><a class=\"style2\" href=\"mailto:$email\" class=\"style2\">$email</a></td>"; if ($fid==""){ echo ""; } else{ echo "<td align=\"center\">+<a class=\"style2\" href=\"steam://friends/add/$fid\">Friend</a></td>"; } echo "</tr>"; } mysql_free_result($result); mysql_close($db); ?>
-
and now i feel like a dummy ... thanks for the help that totally solved the issue now it works like a charm.
-
This should do you good SELECT * FROM name, job, notes WHERE name.id NOT IN (SELECT notes.employeeid FROM notes) AND name.id IN (SELECT job.employeeid FROM job) EDIT: I just built a table structure exactly as you built it and it functioned perfectly. the result was Dave
-
ok so as of now this script is only showing the first error "Wrong SteamID/Pin Please Try Again..." no matter what is passed to it ... so i tried defining a new var $verify = $row['authid']; and changed if (!$ava_result1) to if ($verify == ""), and still the same result ... so i am at a total loss here ... for anyone new to reading this .. here is the what its supposed to work ... 1 User puts info into form and submits (steam ID, pin, image file) 2a this script should check the db for the steamid and pin combo if they match then continue 2b if they dont match then stop and display an error and the form again. all its doing is 2b and i cannot for the life of me find where i messed up.
-
Displaying Image from a Multiple Tables Select Query.
jay7981 replied to drayarms's topic in PHP Coding Help
couldnt you use an INNER JOIN fuction to pull the images ... basically have 2 tables ... 1 the user info 2 the image info since you have the user table already add a field called image.id then in the second table design it like this ID (auto inc) USER (the ID of the user from table 1 would go here to link) IMAGE (the actual image so this would be set as blob) IMAGE.NAME (the file name) then join the 2 tables in your query using inner join where usertable.image_id is imagetable.id -
bumb ... any ideas ive looked at this code 500 times or more
-
ok so i fixed the issue with it not selecting the DB but it is still processing the rest of the script no matter what is submitted to it ... the script should halt when the information passed to t dont match what is in the DB, and if it does match then process the rest. here is the fixed code: <?php include './config.php'; include './access.php'; // Receiving variables $steamid = addslashes($_POST['steamid']); $pin = addslashes($_POST['pin']); $avatar_Name1 = $_FILES['avatar']['name']; $avatar_Size = $_FILES['avatar']['size']; $avatar_Temp = $_FILES['avatar']['tmp_name']; $avatar_Mime_Type = $_FILES['avatar']['type']; $ava_strQuery1 = "SELECT * FROM $member_table WHERE authid='$steamid' AND private_pin='$pin'"; $ava_host1 = "$hostname"; $ava_user1 = "$username"; $ava_pw1 = "$password"; $ava_db1 = "$database"; $ava_link1 = mysql_connect($ava_host1, $ava_user1, $ava_pw1); $ava_db_selected1 = mysql_select_db($ava_db1, $ava_link1); $ava_result1 = mysql_query($ava_strQuery1) or die(mysql_error() . " IN $ava_strQuery1"); if (!$ava_link1) { die('Could not connect: ' . mysql_error()); }elseif (!$ava_db_selected1) { die ('Can not use $ava_db1 : ' . mysql_error()); } //insert new record if ID and PIN match $ava_result1 = mysql_query($ava_strQuery1); if (!$ava_result1) { //if ID and PIN dont match display error and form echo "Wrong SteamID/Pin Please Try Again..."; echo "<br />"; include ('./includes/avatar_upload.php'); } else { function findexts ($avatar_Name1) { $filename = strtolower($avatar_Name1) ; $exts = split("[/\\.]", $avatar_Name1) ; $n = count($exts)-1; $exts = $exts[$n]; return $exts; } $ext = findexts ($_FILES['avatar']['name']) ; $ran = rand () ; $ran2 = $ran."."; $avatar_Name = $ran2.$ext; //Checking/Making Folder function RecursiveMkdir($path) { if (!file_exists($path)) { RecursiveMkdir(dirname($path)); mkdir($path, 0777); } } // Validation if (strlen($steamid) <15) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) >20) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) !=12) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if( $avatar_Size == 0) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Size >51200) { //delete file unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/pjpeg" AND $avatar_Mime_Type != "image/png" AND $avatar_Mime_Type != "image/x-png") { unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } $uploadFile = "avatars/".$avatar_Name ; if (!is_dir(dirname($uploadFile))) { RecursiveMkdir(dirname($uploadFile)); } else { chmod(dirname($uploadFile), 0777); } move_uploaded_file( $avatar_Temp , $uploadFile); chmod($uploadFile, 0644); $avatar_URL = "****************".$avatar_Name ; //saving record to MySQL database $ava_strQuery = "UPDATE $member_table SET avatar ='$avatar_Name' WHERE authid='$steamid' AND private_pin='$pin'"; $ava_host = "$hostname"; $ava_user = "$username"; $ava_pw = "$password"; $ava_db = "$database"; $ava_link = mysql_connect($ava_host, $ava_user, $ava_pw); if (!$ava_link) { die('Could not connect: ' . mysql_error()); } $ava_db_selected = mysql_select_db($ava_db, $ava_link); if (!$ava_db_selected) { die ('Can not use $ava_db : ' . mysql_error()); } //insert new record $ava_result = mysql_query($ava_strQuery); if (!$ava_result) { die('Invalid query: ' . mysql_error()); } mysql_close($ava_link); echo("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Image uploaded OK!</font></p><p align='center'></p>"); echo "<div align='center'>"; echo "<p><img src=$avatar_URL></p>"; include ('./includes/avatar_upload.php'); echo "</div>"; } mysql_close($ava_link1); ?>
-
huh?
-
well i did as you suggested and found that the first query is not selecting the database....... No database selected IN SELECT * FROM my table WHERE authid='xxxxxxxxxx' AND private_pin='xxxxxxxxx' i dont understand both querys are using the same connection info from the included ./config.php file ... the second one works but the first one does not. $ava_strQuery1 = "SELECT * FROM $member_table WHERE authid='$steamid' AND private_pin='$pin'"; $ava_host1 = "$hostname"; $ava_user1 = "$username"; $ava_pw1 = "$password"; $ava_db1 = "$database"; $ava_link1 = mysql_connect($ava_host1, $ava_user1, $ava_pw1); $ava_result1 = mysql_query($ava_strQuery1) or die(mysql_error() . " IN $ava_strQuery1"); if (!$ava_link1) { die('Could not connect: ' . mysql_error()); } $ava_db_selected1 = mysql_select_db($ava_db1, $ava_link1); if (!$ava_db_selected1) { die ('Can not use $ava_db1 : ' . mysql_error()); } //insert new record if ID and PIN match $ava_result1 = mysql_query($ava_strQuery1);
-
the sql statement is working fine its the IF statement that is having issues ... I indented the code as asked and have marked the IF statements that are having issues ... <?php include './config.php'; include './access.php'; // Receiving variables $steamid = addslashes($_POST['steamid']); $pin = addslashes($_POST['pin']); $avatar_Name1 = $_FILES['avatar']['name']; $avatar_Size = $_FILES['avatar']['size']; $avatar_Temp = $_FILES['avatar']['tmp_name']; $avatar_Mime_Type = $_FILES['avatar']['type']; $ava_strQuery1 = "SELECT * FROM $member_table WHERE authid='$steamid' AND private_pin='$pin'"; $ava_host1 = "$hostname"; $ava_user1 = "$username"; $ava_pw1 = "$password"; $ava_db1 = "$database"; $ava_link1 = mysql_connect($ava_host1, $ava_user1, $ava_pw1); if (!$ava_link1) { die('Could not connect: ' . mysql_error()); } $ava_db_selected1 = mysql_select_db($ava_db1, $ava_link1); if (!$ava_db_selected1) { die ('Can not use $ava_db1 : ' . mysql_error()); } //insert new record if ID and PIN match $ava_result1 = mysql_query($ava_strQuery1); //this is the first IF statement //If the result is true then continue if not goto else statement if (!$ava_result1) { // -- Function Name : findexts // -- Params : $avatar_Name1 // -- Purpose : pull the extension function findexts ($avatar_Name1) { $filename = strtolower($avatar_Name1) ; $exts = split("[/\\.]", $avatar_Name1) ; $n = count($exts)-1; $exts = $exts[$n]; return $exts; } $ext = findexts ($_FILES['avatar']['name']) ; $ran = rand () ; $ran2 = $ran."."; $avatar_Name = $ran2.$ext; //Checking/Making Folder function RecursiveMkdir($path) { if (!file_exists($path)) { RecursiveMkdir(dirname($path)); mkdir($path, 0777); } } // Validation if (strlen($steamid) <15) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) >20) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) !=12) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if( $avatar_Size == 0) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Size >51200) { //delete file unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/pjpeg" AND $avatar_Mime_Type != "image/png" AND $avatar_Mime_Type != "image/x-png") { unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } $uploadFile = "avatars/".$avatar_Name ; if (!is_dir(dirname($uploadFile))) { RecursiveMkdir(dirname($uploadFile)); } else { chmod(dirname($uploadFile), 0777); } move_uploaded_file( $avatar_Temp , $uploadFile); chmod($uploadFile, 0644); $avatar_URL = "*****************".$avatar_Name ; //saving record to MySQL database $ava_strQuery = "UPDATE $member_table SET avatar ='$avatar_Name' WHERE authid='$steamid' AND private_pin='$pin'"; $ava_host = "$hostname"; $ava_user = "$username"; $ava_pw = "$password"; $ava_db = "$database"; $ava_link = mysql_connect($ava_host, $ava_user, $ava_pw); if (!$ava_link) { die('Could not connect: ' . mysql_error()); } $ava_db_selected = mysql_select_db($ava_db, $ava_link); if (!$ava_db_selected) { die ('Can not use $ava_db : ' . mysql_error()); } //insert new record $ava_result = mysql_query($ava_strQuery); if (!$ava_result) { die('Invalid query: ' . mysql_error()); } mysql_close($ava_link); echo("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Image uploaded OK!</font></p><p align='center'></p>"); echo "<div align='center'>"; echo "<p><img src=$avatar_URL></p>"; include ('./includes/avatar_upload.php'); echo "</div>"; } //this is the else from the 1st IF statement else { //if ID and PIN dont match display error and form echo "Wrong SteamID/Pin Please Try Again..."; echo "<br />"; include ('./includes/avatar_upload.php'); } mysql_close($ava_link1); ?>
-
bump ... any ideas?
-
its very possible and you may want to think about using asp instead of php
-
don't feel bad we've all done it
-
Can PHP open a link without the user seeing anything?
jay7981 replied to Snot's topic in PHP Coding Help
create a function that does what you want and make the button call that function with onclick just make the anchor # and the target _blank ex: function .......code here $feed = function(); <a href="#" onclick="$function" target="_blank">Feed Em!</a> syntaxing for this example may be off ... im giving you and idea not the code as i am really tired and have 10000000s of lines of code in my head at the moment. -
ok did as suggested and got no syntax errors ... i tried to upload using false info again and it displayed the error "Wrong SteamID/Pin Please Try Again..." as it should have but then i tried to upload using correct info and it still gave me the error "Wrong SteamID/Pin Please Try Again...", very perplexing ....
-
Hello all, I wrote a script that will upload an avatar to a users profile and to do this the user has to get a randomly generated pin that is stored to thier profile info in a MySQL db what i am trying to accomplish with this code is once the form is submitted this code checks the database to see if the ID is there and that the pin matches if so then it continues to upload the file if not it stops displays an error and the upload form. For some reason the script continues to upload even when i input fake values that are not in the DB .... i know its something simple that im jsut over looking so perhaps a fresh set of eyes will help... <?php include './config.php'; include './access.php'; // Receiving variables @$steamid = addslashes($_POST['steamid']); @$pin = addslashes($_POST['pin']); @$avatar_Name1 = $_FILES['avatar']['name']; @$avatar_Size = $_FILES['avatar']['size']; @$avatar_Temp = $_FILES['avatar']['tmp_name']; @$avatar_Mime_Type = $_FILES['avatar']['type']; @$ava_strQuery1 = "SELECT * FROM $member_table WHERE authid='$steamid' AND private_pin='$pin'"; @$ava_host1 = "$hostname"; @$ava_user1 = "$username"; @$ava_pw1 = "$password"; @$ava_db1 = "$database"; $ava_link1 = mysql_connect($ava_host1, $ava_user1, $ava_pw1); if (!$ava_link1) { die('Could not connect: ' . mysql_error()); } $ava_db_selected1 = mysql_select_db($ava_db1, $ava_link1); if (!$ava_db_selected1) { die ('Can not use $ava_db1 : ' . mysql_error()); } //upload file and insert new record if ID and PIN match $ava_result1 = mysql_query($ava_strQuery1); if (!$ava_result1) { function findexts ($avatar_Name1) { $filename = strtolower($avatar_Name1) ; $exts = split("[/\\.]", $avatar_Name1) ; $n = count($exts)-1; $exts = $exts[$n]; return $exts; } $ext = findexts ($_FILES['avatar']['name']) ; $ran = rand () ; $ran2 = $ran."."; $avatar_Name = $ran2.$ext; //Checking/Making Folder function RecursiveMkdir($path) { if (!file_exists($path)) { RecursiveMkdir(dirname($path)); mkdir($path, 0777); } } // Validation if (strlen($steamid) <15) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) >20) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($steamid) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid steamid <br>(ex: STEAM_0:0:00000)</font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) !=12) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if (strlen($pin) == 0 ) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please enter a valid pin<br>Dont have a pin? click <a href='#'>here</a></font></p><p align='center'><a href='avatar.php'>BACK</a></p>"); } if( $avatar_Size == 0) { die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Size >51200) { //delete file unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } if( $avatar_Mime_Type != "image/gif" AND $avatar_Mime_Type != "image/jpeg" AND $avatar_Mime_Type != "image/pjpeg" AND $avatar_Mime_Type != "image/png" AND $avatar_Mime_Type != "image/x-png") { unlink($avatar_Temp); die("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Please select an image that is 50KB or less in size and its type is .jpg, .gif, or .png</font></p><p align='center'><a href='avatar_upload.php'>BACK</a></p>"); } $uploadFile = "avatars/".$avatar_Name ; if (!is_dir(dirname($uploadFile))) { @RecursiveMkdir(dirname($uploadFile)); } else { @chmod(dirname($uploadFile), 0777); } @move_uploaded_file( $avatar_Temp , $uploadFile); chmod($uploadFile, 0644); $avatar_URL = "*************/".$avatar_Name ; //saving record to MySQL database @$ava_strQuery = "UPDATE $member_table SET avatar ='$avatar_Name' WHERE authid='$steamid' AND private_pin='$pin'"; @$ava_host = "$hostname"; @$ava_user = "$username"; @$ava_pw = "$password"; @$ava_db = "$database"; $ava_link = mysql_connect($ava_host, $ava_user, $ava_pw); if (!$ava_link) { die('Could not connect: ' . mysql_error()); } $ava_db_selected = mysql_select_db($ava_db, $ava_link); if (!$ava_db_selected) { die ('Can not use $ava_db : ' . mysql_error()); } //insert new record $ava_result = mysql_query($ava_strQuery); if (!$ava_result) { die('Invalid query: ' . mysql_error()); } mysql_close($ava_link); echo("<p align='center'><font face='Arial' size='3' color='#66CCFF'>Image uploaded OK!</font></p><p align='center'></p>"); echo "<div align='center'>"; echo "<p><img src=$avatar_URL></p>"; include ('./includes/avatar_upload.php'); echo "</div>"; }else{ //if ID and PIN dont match display error and form echo "Wrong SteamID/Pin Please Try Again..."; echo "<br />"; include ('./includes/avatar_upload.php'); } mysql_close($ava_link1); ?>
-
ok then can you help me build this query to where it will work correctly? i have read 4 different pages dealing with triggers and i am still clueless
-
ok i changed my query to this <?php $query = "INSERT INTO bioclan.clan_members (authid,name,email,fid,rank) VALUES ($authid,$name,$email,$fid,$rank);"; $query .= "INSERT INTO bioclan.admins (auth,name,access) VALUES ($authid,$name,$access);"; $query .= "INSERT INTO bioclan.sm_admins (identity,name) VALUES ($authid,$name);"; ?> and it is still doing the same thing, so i echoed $query and copied it into MySQL Console and it worked, im not sure but i am positive there are more ways than just using triggers, atleast i hope so ... also i just read up on that link about triggers and i am already lost.. .. the echo looks like this btw ... INSERT INTO bioclan.clan_members (authid,name,email,fid,rank) VALUES ('STEAM_0:0:000000','BOB','bob@email.com','000000000000','9');INSERT INTO bioclan.admins (auth,name,access) VALUES ('STEAM_0:0:000000','BOB','abcdefghijklmnopqrstu');INSERT INTO bioclan.sm_admins (identity,name) VALUES ('STEAM_0:0:000000','BOB');INSERT INTO bioclan.sm_admins_groups (admin_id,group_id) VALUES ('65','6')
-
here are the table structures, i hope that i have provided enough information. MySQL 4.1.22 clan_members table (a) +-------------+--------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------------+--------------+------+-----+---------+-------+ | authid | varchar(36) | | PRI | | | | rank | varchar(33) | YES | | NULL | | | name | varchar(33) | YES | | NULL | | | email | varchar(255) | YES | | NULL | | | fid | varchar(255) | YES | | NULL | | | avatar | varchar(255) | YES | | NULL | | | private_pin | varchar(255) | | | | | +-------------+--------------+------+-----+---------+-------+ admins table (b) +----------+-------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +----------+-------------+------+-----+---------+-------+ | auth | varchar(32) | | PRI | | | | name | varchar(32) | | | | | | password | varchar(32) | | | | | | access | varchar(32) | | | | | | flags | varchar(32) | | | ce | | +----------+-------------+------+-----+---------+-------+ sm_admins table © +----------+---------------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +----------+---------------------------+------+-----+---------+----------------+ | id | int(10) unsigned | | PRI | NULL | auto_increment | | authtype | enum('steam','name','ip') | | | steam | | | identity | varchar(65) | | | | | | password | varchar(65) | YES | | NULL | | | flags | varchar(30) | | | | | | name | varchar(65) | | | | | | immunity | int(10) unsigned | | | 0 | | +----------+---------------------------+------+-----+---------+----------------+ sm_groups table (d) +----------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +----------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | | PRI | NULL | auto_increment | | flags | varchar(30) | | | | | | name | varchar(120) | | | | | | immunity_level | int(1) unsigned | | | 0 | | +----------------+------------------+------+-----+---------+----------------+ sm_admins_groups table (e) +---------------+------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +---------------+------------------+------+-----+---------+-------+ | admin_id | int(10) unsigned | | PRI | 0 | | | group_id | int(10) unsigned | | PRI | 0 | | | inherit_order | int(10) | | | 0 | | +---------------+------------------+------+-----+---------+-------+ the query <?php $query = "INSERT INTO bioclan.clan_members a INNER JOIN bioclan.admins b ON a.authid = b.auth INNER JOIN bioclan.sm_admins c ON a.authid = c.identity INNER JOIN bioclan.sm_groups d ON d.id = e.group_id INNER JOIN bioclan.sm_admins_groups e ON c.id = e.admin_id (a.authid,a.name,a.email,a.fid,a.rank,b.auth,b.name,b.access,c.identity,c.name,e.admin_id,e.group_id) VALUES ($authid,$name,$email,$fid,$rank,$authid,$name,$access,$authid,$name,$admin_id,$group_id)"; ?>
-
Hey all, i have a multi table instert i am trying to do and its not inserting and is only displaying blank could i get a second set of eyes to check the code and tell me where i went wrong? i am using MySQL 4.1.22 <?php include './config.php'; //(holds the actual database info and some variables for tables (that im not actually using)) //include './access.php'; //(Holds some array variables that i use in other pages.) $db3 = mysql_connect ($hostname, $username, $password) or die ('Failed to connect to database: ' . mysql_error()); mysql_select_db ($database); $authid = "'" . mysql_real_escape_string($_POST['authid']) . "'"; $name = "'" . mysql_real_escape_string($_POST['name']) . "'"; $email = "'" . mysql_real_escape_string($_POST['email']) . "'"; $fid = "'" . mysql_real_escape_string($_POST['fid']) . "'"; $rank = "'" . mysql_real_escape_string($_POST['rank']) . "'"; $access = "'" . mysql_real_escape_string($_POST['access']) . "'"; $admin_id = "'" . mysql_real_escape_string($_POST['admin_id']) . "'"; $group_id = "'" . mysql_real_escape_string($_POST['group_id']) . "'"; $query = "INSERT INTO bioclan.clan_members a INNER JOIN bioclan.admins b ON a.authid = b.auth INNER JOIN bioclan.sm_admins c ON a.authid = c.identity INNER JOIN bioclan.sm_groups d ON d.id = e.group_id INNER JOIN bioclan.sm_admins_groups e ON c.id = e.admin_id (a.authid,a.name,a.email,a.fid,a.rank,b.auth,b.name,b.access,c.identity,c.name,e.admin_id,e.group_id) VALUES ($authid,$name,$email,$fid,$rank,$authid,$name,$access,$authid,$name,$admin_id,$group_id)"; if ($result = mysql_query($query)) { if (mysql_affected_rows() == 1) { echo "<font size=\"+1\" color=\"red\">Update OK!</font>"; mysql_close($db3); include ('./includes/spry.php'); } else { echo "<font size=\"+1\" color=\"red\">Oops! Something went wrong</font>"; mysql_close($db3); include ('./includes/spry.php'); } } ?>
-
wow 71 views and now help .....
-
ok i fixed it, just chaged it to a simple update query instead of an insert.