litebearer
Members-
Posts
2,356 -
Joined
-
Last visited
Everything posted by litebearer
-
for question 1. remove the var_dump line for question 2. read this http://developer.loftdigital.com/blog/php-utf-8-cheatsheet
-
Just a pre-coffee thought update indicates the existence of a record to which one wants to add/modify. it is good practice to populate an update form with any preexisting data perhaps create a hidden field in the form with the id of the existing record when processing the form, check for the value of the hidden form field, if=0 new record, if >0 update
-
having never used prepared statement, how would you simply loop thru a result set displaying one particular field from each returned row? You answer may lie there.
-
IMHO 1) store the image names, image titles and image description in a db 2) set the path to the images relative to the calling script 3) create unique names for your images using the timestamp
-
this (not tested a pure guess ) ... $nextDate = strtotime("{$startDate} +{$weekOffset} weeks"); echo "<td width = '100'>" . date('d/m/y', $nextDate) . "</td>\n"; $startDate = date('d/m/y', $nextDate);
-
Loop through Three Variables but Make them Always = 1
litebearer replied to unemployment's topic in PHP Coding Help
Truth be told, I 'cheated'. used excel to create a csv of the combinations. then read the csv into an array -
Loop through Three Variables but Make them Always = 1
litebearer replied to unemployment's topic in PHP Coding Help
perhaps an array like this? http://nstoia.com/bigarray.php -
hint: 1. put your query in a variable 2. echo the above variable
-
Loop through Three Variables but Make them Always = 1
litebearer replied to unemployment's topic in PHP Coding Help
the starting point is to determine how many possible combinations there are. -
This may help - <?PHP $w_file = "NAME_OF_YOUR_CSV_FILE"; /* put the contents into an array */ /* presumes the file does NOT contain Long,Lat,id,gName,fId,fName,fldId,fldName,fldAcers,featureID,objID,fInsu,fFSA,fBid */ $lines = file($w_file); /* loop thru the array capturing the desired info into a new array */ $x = count($lines); for($i=0; $i<$x; $i++) { $temp_data = explode(",", $lines[$i]); $data = $data . $temp_data[2] . ", " . $temp_data[3] . ", " . $temp_data[5] . "\n"; } $new_array = explode("\n", $data); echo "<PRE>"; print_r($new_array); echo "</pre>"; ?>
-
Print this out on a piece of paper and look it over carefully. <?PHP include ('db.php'); /* set some validation variables */ $error_message = ""; /* =============================================== */ /* this section of code will set up an error message for the username if ANY of the conditions occur 1) checks to see if $_POST['username'] is NOT set 2) if length of username is less than 5 3) if username has anything other than letter, numbers or underscores */ if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) { /* if username is bad start building the error message */ $error_message = "You must enter a valid username<br>"; $error_message = $error_message . "Valid names are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>"; }else{ $username = mysql_real_escape_string(trim($_POST['username'])); } /* END validating username */ /* =============================================== */ /* =============================================== */ /* this section of code will set up an error message for the password if ANY of the conditions occur 1) checks to see if $_POST['password'] is NOT set 2) if length of password is less than 5 3) if password has anything other than letter, numbers or underscores */ if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) { /* if it is NOT set, then set the error variable and start building the error message */ $error_message = $error_message . "You must enter a valid password<br>"; $error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>"; $error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>"; }else{ $password = trim($_POST['password']); } /* END validating password */ /* =============================================== */ /* =============================================== */ /* if any of the post variables are invalid */ /* set the session variable and send back to the form page */ if(strlen(trim($error_message))>0) { $_SESSION['error_message'] =$error_message; header("Location: login.php"); exit(); } /* =============================================== */ /* =============================================== */ /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } /* check to see if username is in the table if not send back to login */ $query01 = "SELECT id, salt FROM companies WHERE username = '$username'"; $result01 = mysql_query($query01) or die(mysql_error()); if(mysql_num_rows($result1 != 1)) { header("Location: login.php"); exit(); } $row = mysq_fetch_array($result01); $salt = $row['salt']; $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $query02 = "SELECT id FROM companies WHERE username = '$username' AND password = '$hash'"; $result02 = mysql_query($query02) or die(mysql_error()); if(mysql_num_rows($result2) !=1){ /* not found send back to login */ header("Location: login.php"); exit(); } /* =============================================== */ /* success!!! send them where you want */ ?>
-
Since you have hashed the password using a salt when inserting, you also NEED to use the same hash/salt technique when checking the password on login. ie. 1. get the salt from the table for the appropriate user 2. hash/salt the login password just like you did for the insert BUT use the salt recovered in step 1 above. 3. NOW query the table to make sure the newly hashed/salted password matches the password in the table clear as mud? (look at the password in the table using phpadmin. you will see what the hash/salted passwords look like. That is 'abcd' as a password will NOT be 'abcd; in the table)
-
How critical is this information to you? How detailed do you want the information to be? How intrusive to a user's "private" information do you feel is appropriate? Might take at look here http://roshanbh.com.np/2008/07/getting-country-city-name-from-ip-address-in-php.html
-
perhaps seeing the code that creates the array may help
-
Not all of us do.
-
Can not get entry to appear on page (writes to SQL)
litebearer replied to kristiankeith's topic in PHP Coding Help
you execute the query BUT you aren't retrieving the row ie mysql_fetch_array -
easier to use mysql's date formating function http://www.electrictoolbox.com/article/mysql/format-date-time-mysql/
-
get user details from mysql database using php?
litebearer replied to ckerr27's topic in PHP Coding Help
use single quotes not backticks for your variables in you query -
Also seriously need to validate/sanitize your post values BEFORE you attempt to use them