phant0m
-
Posts
164 -
Joined
-
Last visited
Never
Posts posted by phant0m
-
-
Thanks for the input but it doesn't help.
The error still occurs.
!is_object($this->user) is always validated true, so $this->user is always assigned to $_SESSION['user'].
I have searched my entire project to find occurrences of $_SESSION['user']
There are 3. And only in one of these occurrences, something is being assigned to it: $_SESSION['user'] = $this->user;
As I had already tested before, $this->user never contains an object when trying to assign it to $_SESSION['users']
But inexplicably, $_SESSION['user'] contains an object when I resume the session on a 2nd request.
This is driving me crazy...
//edit: Another idea I've had(which was rather unlikely though): Perhaps I assigned something directly to $_SESSION... namely an array containing a key called 'user' which was a reference to that object. I searched for: SESSION\s*= - but it did not return any results
-
Ok, I have uploaded my site to a different server(Same hosting company)
Results:
===Server #1(Remote)
Running: PHP 5.2.6
Errors: Fatal Error upon 2nd request due to some SESSION problem, explained above
===Server #2(Remote)
Running: PHP 5.2.6
Errors: None - Everything works flawlessly
===Server #3(localhost)
Running: PHP 5.2.5
Errors: None - Everything works flawlessly
-
This should work:
<?php $sql = "SELECT name_id FROM names WHERE surname='$surname'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $name_id = $row[0]; //$temp = mysql_num_rows($result); //echo "rows:- $temp<br>"; if ( mysql_num_rows($result) == 0) { $sql = "INSERT INTO names (surname) VALUES('$surname')"; //add record to names mysql_query($sql); $name_id = mysql_insert_id(); } $newcontent[$i] = $parts[0].",".$name_id.",".$parts[1].",".$parts[2].",".$parts[3].",".$parts[4]; echo "New content:- $newcontent[$i]<br>"; }//what's this doing here? I assume that belong to some other unposted code ?>mysql_insert_id() fetches the last automatically inserted id from the database for you.
This only works if an attribute in the database is set to auto_increment!
-
Have a look at require_once() resp. include_once()
-
$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
As for this, have a look here:
http://ch.php.net/manual/sv/language.operators.comparison.php#language.operators.comparison.ternary
-
http://www.hairbykirbyblythe.co.uk/enquiries.php
this is the form where you can enter a message mail etc.... When you click submit, it'll go to sendmail.php in order to actually send the email, right? Ok, that being so, we don't need any mail() commands(or any other of the php you posted) on enquiries.php.
As for sendmail.php:
The name attributes of the input fields have been set incorrectly!
<label>Name:</label><p><input name="Name:" type="text" size="50" maxlength="50" /></p> <label>Telephone Number:</label> <p><input name="telephone" type="text" size="50" maxlength="20" /></p> <label>Email:</label><p><input name="email" type="text" size="50" maxlength="25" /></p> <label>Enquiry:</label><p><textarea name="enquiry" cols="90" rows="12"></textarea></p>
should rather be:
<label>Name:</label><p><input name="name" type="text" size="50" maxlength="50" /></p> <label>Telephone Number:</label> <p><input name="telephone" type="text" size="50" maxlength="20" /></p> <label>Email:</label><p><input name="email" type="text" size="50" maxlength="25" /></p> <label>Enquiry:</label><p><textarea name="message" cols="90" rows="12"></textarea></p>
When you submit a form using the post method(that's what you do: <form action="sendmail.php" method="post">) - all the data from the form is collected in the array $_POST
You can access the values again by using $_POST['nameOfTheFieldGoesHere']
This is how you tried to access the data:
<?php $name =$_POST['Name']; $email_from =$_POST['email']; $email_subject = "Enquiry"; $comments = $_POST['message']; ?>
As you can see, only 'email' matches the name specified in enquiries.php(name="email")
I recommend you to name the input fields always in the same manner. This reduces the error rate.
If you use this instead, it should work:
<?php error_reporting(E_ALL ^ E_NOTICE); $email_to = "kirby@hairbykirbyblythe.co.uk"; $name = $_POST['name']; $email_from = $_POST['email']; $comments = $_POST['message']; $telephone = $_POST['telephone']; $email_subject = "Enquiry"; $headers = "From: $email_from\r\nReply-To: $email_from\r\n"; $message = "Name: " .$name ."\ntelephone: ".$telephone ."\nemail: " .$email ."\nenquiry: " .$comments; $sent = mail($email_to, $email_subject, $message, $headers); if ($sent) { header( "Location: http://www.hairbykirbyblythe.co.uk/thanks.html" ); } else { /* If there is an error display an error message */ echo 'There has been an error sending your enquiry. Please try later.'; } ?> -
Assuming you have to fetch information dependent on the user's language multiple times, I think it'd be wiser to store it in a variable, or even in the session and insert this in each query. Should put less stress on the database, also your queries will be shorter
-
I don't get this with XAMPP(PHP 5.2.5) but I get it on my remote host(PHP5.2.6)
-
But I don't want to store the object in the session
I wanted it to contain an array, but for some strange reasons, the next time I check the array is gone and an object is there. - But on XAMPP - it doesn't happen. No object whatsoever, the array is always there. ???
-
Hello there...
My name's Christian and I'm 17 years old. I think I started programming when I was like 11 years old(Turbo Pascal). Later I moved on to Delphi. Around the same time, I started creating Homepages with WYSIWYG editors, then I moved on to HTML/CSS/JS. After a while I discovered PHP, which fascinated me. I think I've been doing PHP for about 4 or 5 years now.
I also know some C(++), Python, Assembly and ActionScript
I live in Switzerland.
cya
Christian
-
-
<?php $field[] = 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_01.jpg'; 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_02.jpg'; 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_03.jpg'; ?>
should probably be:
<?php $field[] = 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_01.jpg'; $field[] = 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_02.jpg'; $field[] = 'http://www.websitename.com/Images/' . $carInfo['stock_num'] . '_03.jpg'; ?>
-
you're welcome!
well - learning from books doesn't have to be easier
It's common to make such mistakes at the beginning. also, keep in mind that php.net is an excellent resource!
-
oops - I forgot to add that to the url
sorrythanks for the correction, premiso!
-
What about this?
RewriteRule ^([^/]+)/([^/]+)$ index.php?$1=$2 [QSA]
-
if you're content with a very basic editor, PSPad is very nice. It's lite and customizable with scripts, it also has good syntax highlighting.
Very good but not free: phpEd
-
eclipse is free and it supports PHP. Yet I do not know how well the code insight and refactoring are.
-
I'm not sure if this is what you meant, but from what I've got, this could be what you are looking for:
<?php $id = (int) $_GET['id']; if($id == 0) $id = 24; //or any other default value that you want to set if($_GET['english']=='on'){ $result = mysql_query("SELECT English FROM $table WHERE id = $id LIMIT 1"); /*while($pr_row = mysql_fetch_row($result)){ // print ""; // why print an empty string? no use for this! foreach ( $pr_row as $data ) print "\t $data"; --->You don't need the foreach, because there is only one key in the array. print "\n"; }*/ // you don't need the while either, because there can only be one row returned at most if($data = mysql_fetch_row($result)){ $next_id = $id + 1; print($data[0].'<br /><a href="file.php?id='.$next_id.'">Next</a>'); //you might also want to escape the data with htmlentities() } else{ //no row has been found! } } ?> -
well...
you've got quite some mistakes
1st) I advise you to use sessions to keep track of a user on the webpage.
2nd) NEVER store a password in a cookie! It's "dangerous"!
3rd) You cannot set a cookie, and then read from it instantly. When you execute your code, you tell the client to SET a cookie. Next time you access some page of yours, your browsers SENDS a cookie to the server, which puts it in $_COOKIE. Even though you don't do this, it's important to know
So much for the cookies...
As for the sessions:
On every page, put session_start() first. This creates or resumes a previous session. A session is some kind of array, which is persistent for ONE(well, hopefully just one
) user during a certain amount of time. You can store values to it, and fetch them again on an other page. So what do we do? We remember the username in the session, when he is logged in.so, on your login.php - or whatever your login script is called, do something like this:
<?php session_start(); $valid_input = true; if(!(isset($_POST['username']) && isset($_POST['password']))){ $valid_input = false; } else{ $valid_input &= $_POST['username'] != ''; $valid_input &= $_POST['password'] != ''; if($valid_input){ if(get_magic_quotes_gpc()){ $username = stripcslashes($_POST['username']); $password = stripcslashes($_POST['password']); } else{ $username = $_POST['username']; $password = $_POST['password']; } $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql = "SELECT * FROM Admin Where userName = '".$username."' AND password = '".$password."' LIMIT 1"; if($res = mysql_query($sql)){ if(mysql_num_rows($res) == 1){ //login was valid $_SESSION['username'] = $username; } } else{ //something with the mysqlquery has gone wrong } } } if(!$valid_input){ //username and/or password ahven't been set } ?>create a function to check whether the user is logged in:
<?php function is_user_logged_in(){ return isset($_SESSION['username'] && $_SESSION['username'] != ''; } ?>Also, you try to access $UN and $PW even though they have never been set.
-
This code just always create a new row instead of update the user table :S
well, that's because of this code:
<?php $query = sprintf("INSERT INTO users(user_id,user_name) VALUES ('$userID','$username')"); $result = mysql_query($query); ?>With the registration also something goes wrong :s
It just add a user when there is no password filled in and it doesn't fill in a password...
that's because the else only refers to the preceding "if", which would be if($userbane=='')
In other words: A new user is always created when $username != '' - no matter what $password is set to.
You could do it like this:
<?php $input_is_valid = true; if($password == '') { $input_is_valid = false; $color = 'red'; $echo = 'You haven\'t fill in a password'; } if($username == '') { $input_is_valid = false; $color = 'red'; $echo = 'You haven\'t fill in a username'; } if($input_is_valid){ /*DATABASE SETTINGS */ ?>sidenote: why are you using sprintf when it's not needed?? If you put in any conversion specifications(%x) it's pretty useless.
-
mysql_fetch_row($resulting_categories)==0
with this statement, you throw your first category out into nothingness
use mysql_num_rows instead
<?php function retrieve_forums(){ // Lets start by starting the first level of display with the category $get_category = "SELECT * FROM `category` ORDER BY `ID`"; $resulting_categories = mysql_query($get_category) or die("wtfx: <br />".mysql_error()); // build an array of category and create sub-categories under if (mysql_num_rows()==0){ die("You need to create main categories...."); } else { while($category_row = mysql_fetch_array($resulting_categories)){ echo $category_row['category_title'] . "<br />"; } } } ?> -
and always put the key in quotes: $_SESSION['usuario'] and NOT $_SESSION[usuario]!
Without the quotes, it might be considered a constant, but PHP in that case, php is mostly tolerant. However, I don't know whether it still is in 6.0
-
1st) Read about mysql injection!
I woulnd't just check for the submit button. I'd check all fields on whether they're valid or not.
just check whether $_POST[title], $_POST['title'] etc etc are set and not empty
sidenote: you don't have to set news_ID to NULL, and you could use NOW() for the date, instead of passing it per post, if this is wanted. However, this makes you unable to set a date manually.
-
did you upload a file when testing?
Also, if yes, please post the html from the upload from as well.
if(!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); }You shouldn't do that...
if magic_quotes is enabled, you shoul duse strip slashes on all variables that you received from post.
After that, you should run mysql_real_escape_string on al strings you want to put inside your query.
//edit: nothing is displayed because this evaluates false:
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
[SOLVED] Noob - Problem with insert
in PHP Coding Help
Posted
you're welcome
but make sure to read something about mysql injections - because your code looks like it's prone to that