chrispos

This is now resolved by using a different approach the code is as follows should it be of interest include 'config.php'; include 'date.class.php'; $start = new Date(false ,$d, $m, $y); $end = new Date(false ,$d1, $m1, $y1); $query = "SELECT * FROM `hotel`ORDER BY RAND()"; $result = mysql_query ($query); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) if (mysql_num_rows($result)>0){ $hid = $row['hid']; $result1 = mysql_query ("SELECT * FROM rooms WHERE (hid = '$hid') AND rid NOT IN (SELECT rid FROM bookings WHERE (hid = '$hid') AND ((startdate >= ".$start->getTime()." OR enddate > ".$start->getTime().") AND (startdate < ".$end->getTime().")))"); $num_rows = mysql_num_rows($result1); echo $row['name']."<br>"; echo $row['hid']."<br>"; echo "$num_rows Rows<br><br>"; } mysql_free_result ($result); // Free up the resources. mysql_close(); Thank you for looking and helping

The hotel names are coming up fine. Thank you I have tried it but no it does not work. I think I am going to have to try a different way

The reason I am trying to include a page is because it started out as an SQL issue but I had an issue with that. The code I used is below include 'config.php'; include 'date.class.php'; $start = new Date(false ,$d, $m, $y); $end = new Date(false ,$d1, $m1, $y1); $query = "SELECT * FROM `hotel`ORDER BY RAND()"; $result = mysql_query ($query); // Run the query. while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ' <h2>' . $row['name'] . '</h2> '; } ; $result = mysql_query ("SELECT * FROM rooms WHERE (hid = '$hid') AND rid NOT IN (SELECT rid FROM bookings WHERE (hid = '$hid') AND ((startdate >= ".$start->getTime()." OR enddate > ".$start->getTime().") AND (startdate < ".$end->getTime().")))"); $num_rows = mysql_num_rows($result); echo "$num_rows Rows\n"; mysql_free_result ($result); // Free up the resources. mysql_close(); d m y and d1 m1 y1 are start dates and end dates and what happens when the form is posted is it comes up with the hotel name as it should but it does not come up with the number of rows for each hotel. I had better explain this more so you get the picture. Three tables hotel rooms and bookings. Hotel has hid as do the rooms and bookings tables. (Hotel I D) Rooms have room id and booking have booking id. The rows show but only for one hotel so that tells me that the hotel id is not being picked up on the count query so if anyone has any ideas there that could be the answer to the question but as much as I have tried i am stumped.

If I explain exactly then this might help and by the way thanks for your help it is great OK when I am including the config.php page (database connection I am using include 'config.php'; The hotels pages are stored in the same directory so I am using the code above include 'config.php'; $query = "SELECT * FROM `hotel`ORDER BY RAND()"; $result = mysql_query ($query); // Run the query. while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ' <h2>' . $row['name'] . '</h2> <p>'. include $row['page'].'</p> '; } ; mysql_free_result ($result); // Free up the resources. mysql_close(); I have set up a page to test if the pages are shown just by putting in include page etc and that works so it is not a directory issue. I tried the code as you wrote it and in theory it should work. I have set them up to show images and links in the past but it does not want to include the pages very strange. In the database I am storing the include pages as 'dhot.php'

Tried these but still it will not show the pages very strange to be honest

Hi All Thanks for looking. I am trying to include individual pages to appear on a page with each page name in a database. When I put the include page it shows it exact but what I would like to do is have the pages included in the main page. Here is the code i have used include 'config.php'; $query = "SELECT * FROM `hotel`ORDER BY RAND()"; $result = mysql_query ($query); // Run the query. while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ' <h2>' . $row['name'] . '</h2> <p> '. $row['page'] . '</p> '; } ; mysql_free_result ($result); // Free up the resources. mysql_close(); row page being each subjects individual page. Thanks for looking

Thanks for taking a look OK I don't think I explained this very well but here goes for round two. If you go into say booking.com or laterooms.com you have the option of selecting the dates for your holiday then it brings up hotels with the rooms that they have full or empty. The script above just shows rooms available and works fine. What i am trying to do is get each hotel to show with available rooms. As I have said the script above works fine no problems with showing available rooms. It is the bit of showing the Hotel name and under that the available rooms. This is the script for the hotel search and i have included the PHP as I think it will make more sense <?php include_once 'config.php'; $display = 20; // Determine how many pages there are. if (isset($_GET['np'])) { // Already been determined. $num_pages = $_GET['np']; } else { // Need to determine. // Count the number of records $query = "SELECT COUNT(*) FROM `hotels`"; $result = mysql_query ($query); $row = mysql_fetch_array ($result, MYSQL_NUM); $num_records = $row[0]; // Calculate the number of pages. if ($num_records > $display) { // More than 1 page. $num_pages = ceil ($num_records/$display); } else { $num_pages = 1; } } // End of np IF. // Determine where in the database to start returning results. if (isset($_GET['s'])) { $start = $_GET['s']; } else { $start = 0; } // Make the query. $query = "SELECT * FROM `hotels`ORDER BY RAND() LIMIT $start, $display"; $result = mysql_query ($query); // Run the query. // Table header. echo '<table align="center" cellspacing="0" cellpadding="5"> <tr> <td align="left"><p class="text1"><b>Image</b></p></td> <td align="left"><p class="text1"><b>Name</b></p></td> <td align="left"><p class="text1"><b>Description</b></p></td> </tr> '; // Fetch and print all the records. $bg = '#eeeeee'; // Set the background color. while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $bg = ($bg=='#CCCCCC' ? '#9B9B9B' : '#CCCCCC'); // Switch the background color. echo '<tr bgcolor="' . $bg . '"> <td align="left"><img src="' . $row['image'] . '"></td> <td align="left"><p class="text1"><b>' . $row['name'] . '</b></p></td> <td align="left"><p class="text1">' . $row['facilities'] . '</p></td> </tr> '; } echo '</table>'; mysql_free_result ($result); // Free up the resources. mysql_close(); // Close the database connection. // Make the links to other pages, if necessary. if ($num_pages > 1) { echo '<br /><p>'; // Determine what page the script is on. $current_page = ($start/$display) + 1; // If it's not the first page, make a Previous button. if ($current_page != 1) { echo '<a href="index.php?s=' . ($start - $display) . '&np=' . $num_pages . '">Previous</a> '; } // Make all the numbered pages. for ($i = 1; $i <= $num_pages; $i++) { if ($i != $current_page) { echo '<a href="index.php?s=' . (($display * ($i - 1))) . '&np=' . $num_pages . '">' . $i . '</a> '; } else { echo $i . ' '; } } // If it's not the last page, make a Next button. if ($current_page != $num_pages) { echo '<a href="index.php?s=' . ($start + $display) . '&np=' . $num_pages . '">Next</a>'; } echo '</p>'; } // End of links section. ?> This is a pagination script and the hotels come out in a random order. But what I would like to do is as the Hotel name comes out show the available rooms by using the first script. hid is the hotel id and rid is the room id. There is a php script called date class and works by posting arrival day date month departure day date month. As you have asked to see the full script for the room search here it is include 'config.php'; include 'date.class.php'; $start = new Date(false ,$d, $m, $y); $end = new Date(false ,$d1, $m1, $y1); $query = "SELECT * FROM rooms WHERE (hid = '$hid') AND rid NOT IN (SELECT rid FROM bookings WHERE (hid = '$hid') AND ((startdate >= ".$start->getTime()." OR enddate > ".$start->getTime().") AND (startdate < ".$end->getTime().")))"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while ($row = mysql_fetch_assoc($result)) { $prices = array(); $q = "SELECT * FROM price WHERE (hid = '$hid') AND rid = ".$row['rid']." AND ((year = $y) OR (year = $y1))"; $r1 = mysql_query($q) or die (mysql_error()); while ($rowa = mysql_fetch_assoc($r1)) { $prices[$rowa['year'].$rowa['month']] = $rowa['price']; } $days = $start->daysToPay($end); $total = 0; foreach($days as $d=>$t){ //$w = str_split($d, 4); //echo $w[0].' '.$w[1].' '.$t.'<br>'; $total = $total + ($t * $prices[$d]); } $ridr=$row['rid']; $hid=$row['hid']; $number=$row['number']; $description=$row['description']; $sleeps=$row['sleeps']; $booking ='<form id="form1" name="form1" method="post" action="/checktobook1b.php"> <input name="stdate" type="hidden" id="stdate" value="' . $stdate . '" /> <input name="dpdate" type="hidden" id="dpdate" value="' . $dpdate . '" /> <input name="ridr" type="hidden" id="id" value="' . $ridr . '" /> <input name="hid" type="hidden" id="hid" value="' . $hid . '" /> <input name="number" type="hidden" id="number" value="' . $number . '" /> <input name="total" type="hidden" id="total" value="' . $total . '" /> <input name="startdate" type="hidden" id="startdate" value="' . $start->getTime() . '" /> <input name="enddate" type="hidden" id="enddate" value="' . $end->getTime() . '" />'; $booking1 = '<label> <input type="submit" name="Submit" value="Book This Room" /> </label> </form>'; echo "$booking"; echo'Room Number'."\n\n"."$number<br>"; echo "$description<br>"; echo'The Price Is GBP'."\n\n".'£'."\n"."$total<br>"; echo "$booking1<br><br>"; } } } ?> d m y are day month year sorry if that sounds silly but you never know. Any help would be goo but if not thanks for looking

Hi All hope you are all having a good day. I am building a hotel booking site and it shows only rooms that are available. All this works fine and the tables are set up in such a way. The hotel name and description are in one table with hid identifying each hotel. I then have a table for rooms in each hotel with hid used to link the rooms with each hotel. I have another table called bookings and when someone books a room it goes in there. So when someone runs a query only available rooms show up. What I would like to do is show all the hotels, each hotel name and then the available rooms in that hotel. I am using MySQL 5 and PHP 5 This is the query that works to show the available rooms $query = "SELECT * FROM rooms WHERE (hid = '$hid') AND rid NOT IN (SELECT rid FROM bookings WHERE (hid = '$hid') AND ((startdate >= ".$start->getTime()." OR enddate > ".$start->getTime().") AND (startdate < ".$end->getTime().")))"; rid is in the rooms table and is used to identify what room is what.

You would need to use: <?php if (isset($_COOKIE['cookie'])) { echo $_COOKIE['cookie']['user']; } ?> to access that value. Thank you so much that is a great help. I have looked all over the net and nothing came back with this. It works great and once again many thanks

Hi does this not make the cookie? <?php setcookie("cookie[user]", "$encrypt_user"); ?> I understand about the user and password issue I can set any cookie that is not the issue. But if you say a cookie is named user is not there then I guess it is not there but thank you for taking a look :'(

I am using php 5 and I am having issues with cookies. I have looked at the help pages here but still stuck. A site had been hacked via a database and I am making it more secure with the use of session control ip address and cookies. The issue is this I need to run a database query to test if the two cookies set match that with the data in the database. I am using the following code in the head section. <?php session_start(); $session = session_id(); $ip = $_SERVER['REMOTE_ADDR']; $user = stripslashes(trim($_POST['user'])); $pass = stripslashes(trim($_POST['pass'])); $username="$user"; $encrypt_user=md5($username); $password="$pass"; $encrypt_password=md5($password); include 'config.php'; $query = "SELECT * FROM `users`WHERE `username` = '$encrypt_user' AND `userpass` = '$encrypt_password'"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while($row = mysql_fetch_row($result)){ // set the cookies setcookie("cookie[pas]", "$encrypt_password"); setcookie("cookie[user]", "$encrypt_user"); $query = ("UPDATE`users`SET`sid`='$session', `ip` = '$ip'WHERE `username` = '$encrypt_user' AND `userpass` = '$encrypt_password'"); $result = mysql_query($query) or die (mysql_error()); } } else { echo 'No rows found'; } ?> This works fine now when I add this bit of code I can see the cookie name and value. <?php echo "$ip<br>"; if (isset($_COOKIE['cookie'])) { foreach ($_COOKIE['cookie'] as $name => $value) { $name = htmlspecialchars($name); $value = htmlspecialchars($value); echo "$name : $value <br />\n"; } } ?> I can see the ip address and the two cookies named user and pass but when I try to get the individual cookie details nothing comes out and this is the issue as I need to test each of the two individual cookies against the info in the database so I can include pages to make it all secure. I have tried <?php if (isset($_COOKIE['user'])) { echo "$encrypt_user"; } ?> encrypt_user being the username from the form. I have also tried <?php if (isset($_COOKIE['user'])) { echo "$_COOKIE['user']"; } ?> These are not showing. I do not need to see it just run a query to test that each cookie matches the encrypt data in the MySQL. Any ideas would be great if you can help and if not have a great weekend

I have solved this using the code below if it helps someone. $d = $_POST['d']; $d1 = $_POST['d1']; include 'config.php'; for ($i = $d; $i <= $d1; $i++) { $query = "INSERT INTO `test`(`day`) VALUES ('$i')"; $result = mysql_query($query) or die (mysql_error()); echo "$i"; }

Using MySQL 5 I am trying to use a loop to insert data The tables are day, day1, month, year and price. I have used a loop using day and day1 using php for the days and I know the months and year using a drop down menu. The idea is the user selects day then day1 and then the price and all that data is added. days being 1 2 3 4 5 6 7 etc using php for the loop. I can do a normal insert but is it posable to do this in sql using a loop? Any help would be great many thanks

I have solved this using a loop the code is below if anyone needs it. <?php $d = $_POST['d']; $d1 = $_POST['d1']; $num = $d; while ($num <= $d1) { echo $num."<br />"; $num++; } ?> Many thanks for looking

I have a page with 3 drop down lists one for day of the month, one for month and one for year. what I am trying to do is use something that will enable me to make each day from the selected dates to appear as individual days. So if someone selected 1st of September and then 23rd of September it would show 1 2 3 4 5 up to 23. I need to be able to put this in a database. The make date is easy and I think I need to use explode but when I have seen this it comes out with 1, 2, 3, 4, and I do not want to use the comer. This is what I am using for the dates. <?php $d = $_POST['d']; $m = $_POST['m']; $y = $_POST['y']; $d1 = $_POST['d1']; $m1 = $_POST['m1']; $y1 = $_POST['y1']; $date = date ("M-d-Y", mktime(0, 0, 0, $m, $d, $y)); $date1 = date ("M-d-Y", mktime(0, 0, 0, $m1, $d1, $y1)); ?> It will also have prices with these dates so if the user puts in 20.00 for day 1 it would need to go in for the dates selected. ie 1st 20.00 2nd 20.00 and so on. Any ideas or help would be appreciated Many Thanks

Hi All Again I am building a job site with a CV match system. Part of the match is education. I have a number of select boxes in a form for the number of qualifications for each individual applicant. What I would like to know is what is the correct way to put this into a MySQL database and I do not mean the insert code! i.e. English Grade 3. Maths Grade 2. I am getting them to put in total number of grades over 1, then 2 etc. When the query is made I would like the recruiter have the option of not just selecting the grades but subject with it. Should I put English then a , then the grade? It needs to be set up so I can run the query. Thanks for looking and as per last request thanks for your time and help

Hi All I Am confused I would like to put info into a database but need it to be secure. I have some code shown below. The problem is I would like to put in ' but keep the data secure. When it comes back I do not want to show \' I think you might know what I am trying to do. Here is the code but would like to know how to stop the \' showing. $password = mysql_real_escape_string(stripslashes(trim($_POST['password']))); Any help would be great thank you.

Thank you its the loop I am after. The box link was great but it is getting the number of boxes then loop through then the insert and that is the bit I have no idea with. I hope that makes sense. I normally use $something = $_POST['something'] But in this case I would not know how many boxes and what they were called.

Just put the image name in the database ie beach.jpg under a table called image run the query and do the image source as echo "<img src='$image'>";

The way I would do this is use if and else and call it using title. if { bio.php $title = 'Bio ETC'; { else { $title = 'Home Page' } echo "$title"; I hope this is what you are looking for

Hi All, and thanks for your help on my last problem now solved. What i am doing is building a job site and it needs info put in from job seekers regarding their qualifications. Some will have 2 some may have 10 and so on. I need to set up a system that I can put say 10 text boxes in a form that can then go in a MySQL. I only want the filled out boxes to go into the database and not the ones left blank. I have no idea as to where to start with but I think I need to loop through until it comes to the last filled out box but not enter the blank text boxes. i have no idea where to start on this one so if any one has thoughts on this it would be great. Thank you all for your help in the past.

Thanks for your help I have just been working on the escape strings tonight so i will be implementing them into the system

Hi you asked for the code so here it is. The first is the login.php page with capatcha. You store the capatcha info in the database. In this case it is 10 different images with numbers and letters but called 1.jpg etc. <?php $pictures = array ('1','2','3','4','5','6','7','8','9'); shuffle($pictures); for ( $i = 0; $i < 1; $i++ ) { $image = "<img src='$pictures[$i].jpg'>"; $pic = "$pictures[$i]"; } ?> The next is 2 standard form boxes username and password then put this. <?php echo "$image<br>"; ?> next add this <input name="capatcha1" type="text" id="capatcha1" size="10" /> <input name="capatcha" type="hidden" id="capatcha" value="<?php echo$pic;?>" /> This is the login page. Next is the login1.php page and this checks for username and password and checks to see if the capatcha is correct session_start(); $session = session_id(); $capatcha = $_POST['capatcha']; $capatcha1 = $_POST['capatcha1']; $username = $_POST['username']; $password = $_POST['password']; include 'config.php'; $query = "SELECT * FROM `code`Where `code` = '$capatcha1'"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while($row = mysql_fetch_row($result)){ $capid = $row[0]; $code = $row[1]; } } $query = "SELECT * FROM `admin` WHERE `username` = '$username' AND `password` = '$password'"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while ($row = mysql_fetch_row($result)) { $sid=$row[0]; $username1=$row[1]; $password1=$row[2]; } } The table called code has the capatcha info ie id image id this is the .jpg name ie 1.jpg 2.jpg etc. The tarcking insert takes the session id with the username and password and puts it into a table called tracking. This will be used on the edit insert pages etc. if ($code == $capatcha1 && $username == $username1 && $password == $password1) { include 'config.php'; $query = "INSERT INTO `tracking`(`sid`,`username`,`password`,`date`) VALUES ('$session','$username','$password',NOW())"; $result = mysql_query($query) or die (mysql_error()); include("./control.php"); } elseif($code != $capatcha1) { echo'<a href="login.php">The sum you entered was wrong click here to return to your login page</a>'; } else { echo'<a href="login.php">The username and passwords did not match click here to return to your login page</a>'; } control is a page that has links to say edit a section or insert a new bit of info etc. each one has a link with the id as follows. echo'<a href="insert-excursion.php?id=' . "$session" . '">Click here to insert a new excursion theatre trip</a>'; At the top of each next page put this session_start(); $session = session_id(); $id = $_GET['id']; include 'config.php'; $query = "SELECT * FROM `tracking` WHERE `sid` = '$id'"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while ($row = mysql_fetch_row($result)) { $trid=$row[0]; $sid=$row[1]; $username=$row[2]; $password=$row[3]; $tdate=$row[4]; } } $query = "SELECT * FROM `admin` WHERE `username` = '$username'AND `password` = '$password'"; $result = mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result)>0){ while ($row = mysql_fetch_row($result)) { $aid=$row[0]; $user=$row[1]; $pass=$row[2]; } } You can then run the code to see if they are real or not put it in div or tables as you require if ($username == $user && $password == $pass) { include("./control.php"); } else { echo'<a href="login.php">Your id is not matched in the database click here to return to your login page</a>'; } ?></td> <td width="580" class="Text"><?php if ($username == $user && $password == $pass) { include("./edit-breaks.php"); } else { echo'<a href="login.php">Your id is not matched in the database click here to return to your login page</a>'; } The edit page has the edit details and control is the links page as shown above. If you need to do a form for the edit page put a hidden field in this with id = $session That is it to be honest you are checking username password capatcha and sess id and if they do not match they can not have access to each page.

Hi no problem I will put the code up later with the capatcha. It works but I was looking for the most secure system available.

Hi All, I have a simple question. I have built log in control panels and have always used session id to follow through getting the username and password from the database and then checking each page that the user and password match using session using the sessio id held in a temp database. I have been informed that this is not as secure as I once thought. I am looking at using cookies and have found the code for how to set up and delete a cookie. The simple question is this how to you pass the cookie to another page once you are loged in and retain it until you have loged out. If the user clicks on a button once loged in to a page where they need to insert new details or update some information and then return to the main control panel. Any help would be great and if not have a great day even if it is raining as it is in England