funkyapache

something else you could try is to echo your insert statement to see if any values are being passed.

I would apply some validation to ensure that the email address is really an email address and that the name is not null etc. Also change your code on your insert to this $sql = "INSERT INTO $table(name,email) VALUES('$name','$email')"; I placed single quotes around your values as they will be strings.

Hi, I have some php that loops through a folder structure and it inserts the files locations into a mysql table. What I wanted to find out is whether there was a way that I could point it to a user selected folder? What I mean is that I would be working on my server and I would run the function form the server. I was hoping of some sort of pop-up which would allow me to select a specific folder and only insert values from that folder. Any ideas how this could be done? Would file browse html element work?

Thanks for the quick reply, I do like your suggested option #3. At least then I would have all bases covered. With retrieving the next href value text in the table. What is the best way of doing this? I've heard that using an id is a good option but it can also break if your id is removed from the table. This is the sql I have at the moment which is returning all images for the selected category I was wanting to show 1 at a time.. Select * from tbl_pictures where cat_id= {$cat_id} This returns my id and href value.

The reason you getting ".4." is because you have two many "." in your string try echo '<option value="please pick" > ' . $_POST['month'] . ' </option>';

Hi, I've got a rough page that I'm hoping to improve. At the moment I have a form. This form has a select list which is populated with a list of categories from a mysql table. It has a submit button which when pressed posts the selected category back to the page. This is fine for the moment. I have another mysql table that stores the href's of images stored on my server. Once the user presses the submit button the page then outputs all images for that category. Now what I would like to do is create a "Next" and "Previous" button which would display the next image for that category. These are some options that I was thinking of but I'm not sure which method would be better. 1. When Next or previous is pressed to submit the page but pass an id to it to connect to the database and fetch the next image. I think this would be quiet bandwidth/intensive option. 2. Connect once to the server when the select list value has changed and retrive a list of images and store them in an array. When Next/Previous button is pressed to retrive the next href in the array. This seems more sensibly. I am hoping to have a next/previous button that will not need any page submits to get the image so was hoping to maybe use javascript or if need be ajax. Some fade in/out effects would be good as well. Also not to display the "Next" button if its the last image and not to display the "Previous" button if its the first image. Which method would you recommend or perhaps another method that would be better? Any assistance is most appreciated.

I thought maybe I should try $_SESSION['user_id'] instead of $_SESSION['username'] I set both at the same time and strangely that seemed to work on the change password page. However if I typed in an incorrect current password it does not return any of the session values. Any ideas?

This might help you http://www.phpfreaks.com/forums/index.php/topic,247856.0.html look at my post at the bottom. Just an example of looping through your folders and getting filename/paths

I can also see the PHP Session cookie in my cookies list.

This is my login page <?php require_once("includes/session.php"); ?> <?php require_once("includes/connection.php"); ?> <?php require_once("includes/functions.php"); ?> <?php //if (logged_in()) { // redirect_to("staff.php"); //} include_once("includes/form_functions.php"); // START FORM PROCESSING if (isset($_POST['submit'])) { // Form has been submitted. $errors = array(); // perform validations on the form data $required_fields = array('username', 'password'); $errors = array_merge($errors, check_required_fields($required_fields, $_POST)); $fields_with_lengths = array('username' => 30, 'password' => 30); $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST)); $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if ( empty($errors) ) { // Check database to see if username and the hashed password exist there. $query = "SELECT user_id, username, name,is_admin "; $query .= "FROM dudes "; $query .= "WHERE username = '{$username}' "; $query .= "AND hashed_password = '{$hashed_password}' "; $query .= "AND in_use=1 "; $query .= "LIMIT 1"; $result_set = mysql_query($query); confirm_query($result_set); if (mysql_num_rows($result_set) == 1) { // username/password authenticated // and only 1 match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['user_id']; $_SESSION['username'] = $found_user['username']; $_SESSION['name'] = $found_user['name']; if ($found_user['is_admin'] == 'Y') { $_SESSION['admin'] = $found_user['is_admin']; } $query = "UPDATE dudes set last_login_date = sysdate() "; $query .= "WHERE username = '{$username}' "; $query .= "AND hashed_password = '{$hashed_password}' "; $query .= "AND in_use=1 "; $query .= "LIMIT 1"; $result_set = mysql_query($query); redirect_to("change_pwd.php"); } else { // username/password combo was not found in the database $message = "Username/password combination incorrect.<br /> Please make sure your caps lock key is off and try again."; } } else { if (count($errors) == 1) { $message = "There was 1 error in the form."; } else { $message = "There were " . count($errors) . " errors in the form."; } } } else { // Form has not been submitted. if (isset($_GET['logout']) && $_GET['logout'] == 1) { $message = "You are now logged out."; } if (isset($_GET['restricted']) && $_GET['restricted'] == 1) { $message = "You have tried to access a restricted area and have been logged out. <br />Please login again."; } $username = ""; $password = ""; } ?> <?php include("includes/header.php"); ?> <table id="structure"> <tr> <td id="navigation"> <a href="index.php">Return to public site</a> </td> <td id="page"> <h2>Staff Login</h2> <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?> <?php if (!empty($errors)) { display_errors($errors); } ?> <form action="login.php" method="post"> <table> <tr> <td>Username:</td> <td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /></td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="Login" /></td> </tr> </table> </form> </td> </tr> </table> <?php include("includes/footer.php"); ?> This is my redirect_to function function redirect_to( $location = NULL ) { if ($location != NULL) { header("Location: {$location}"); exit; } } I have also tried by directly changing the address in the address bar after logging in.

first off to get a unique id login into phpmyadmin and amend your table edit the id column you should see an option like "A_I" or it might say "Auto Increment" tick it and apply changes. now your table will auto increment your id. As a test php create a php file called list_files.php then paste the following <?php $dir = "C:/CV"; //This is your directory you want to scan $files= scandir($dir); //This will scann the directory and store directories and files into an array //Time to loop through them foreach ($files as $fileobject){ //this will identify any folders in your directory if (is_dir($dir . "/" . $fileobject) && ($fileobject != "." $fileobject != "..")){ echo $dir . "/" . $fileobject . " is a directory"; }else echo $dir . "/" . $fileobject . " is a file"; } } ?> If you run that itshould output any folder and files your have in your specified folders. If I was you would do the insert if the file is a file. Hopefully this can be some sort of help to you.

Not sure how to enable error reporting but this is my code This is my session.php code <?php session_start(); function logged_in() { return isset($_SESSION['user_id']); } function admin_user(){ //Checks if the user is an admin user. return (isset($_SESSION['admin']) && $_SESSION['admin'] =="Y"); } function confirm_logged_in() { if (!logged_in()) { redirect_to("login.php"); } } function confirm_admin(){ if (!admin_user()){ logout(true); //redirect_to("login.php"); } } ?> change_pwd.php <?php require_once("includes/session.php"); ?> <?php require_once("includes/connection.php"); ?> <?php require_once("includes/functions.php"); ?> <?php confirm_logged_in(); confirm_admin(); ?> <?php //if (logged_in()) { // redirect_to("staff.php"); //} include_once("includes/form_functions.php"); // START FORM PROCESSING if (isset($_POST['submit'])) { // Form has been submitted. $errors = array(); // perform validations on the form data $required_fields = array('current_password', 'new_password', 'repeat_password'); $errors = array_merge($errors, check_required_fields($required_fields, $_POST)); $fields_with_lengths = array('current_password' => 30, 'new_password' => 30, 'repeat_password' => 30); $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST)); $current_password = trim(mysql_prep($_POST['current_password'])); $new_password = trim(mysql_prep($_POST['new_password'])); $repeat_password = trim(mysql_prep($_POST['repeat_password'])); $hashed_current_password = sha1($current_password); $hashed_new_password = sha1($new_password); $username = $_SESSION['username']; // Check the two new password fields match if ($new_password != $repeat_password){ $errors[] = "Your new password does not match your confirmed password."; } //Check if Current password match existing password $query = "SELECT count(*) "; $query .= "FROM dudes "; $query .= "WHERE username = '{$username}' "; $query .= "AND hashed_password = '{$hashed_current_password}' "; $query .= "AND in_use=1 "; $query .= "LIMIT 1"; $result_set = mysql_query($query); confirm_query($result_set); if (mysql_num_rows($result_set) != 1){ $errors[] = "Your entered in an incorrect current password that does not match your current password."; } if ( empty($errors) ) { //if not errors then update password // Check database to see if username and the hashed password exist there. $query = "UPDATE dudes "; $query .= "set hashed_password = '{$hashed_new_password}', last_password_changed = sysdate() "; $query .= "WHERE username = '{$username}' "; $query .= "AND hashed_password = '{$hashed_current_password}' "; $query .= "AND in_use=1 "; $result_set = mysql_query($query); //confirm_query($result_set); if (mysql_affected_rows() == 1) { $message = "Password Changed"; //redirect_to("login.php"); } else { // username/password combo was not found in the database $message = "Username/password combination incorrect.<br /> Please make sure your caps lock key is off and try again." . $username . $hashed_current_password.$_SESSION['username']; } } else { if (count($errors) == 1) { $message = "There was 1 error in the form."; } else { $message = "There were " . count($errors) . " errors in the form."; } } } else { // Form has not been submitted. if (isset($_GET['logout']) && $_GET['logout'] == 1) { $message = "You are now logged out."; } if (isset($_GET['restricted']) && $_GET['restricted'] == 1) { $message = "You have tried to access a restricted area and have been logged out. <br />Please login again."; } $username = ""; $password = ""; } ?> <?php include("includes/header.php"); ?> <table id="structure"> <tr> <td id="navigation"> <a href="index.php">Return to public site</a> <?php echo "Logged in as ". $_SESSION['username']; ?> </td> <td id="page"> <h2>Staff Login</h2> <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?> <?php if (!empty($errors)) { display_errors($errors); } ?> <form action="change_pwd.php" method="post"> <table> <tr> <td>Current Password:</td> <td><input type="password" name="current_password" maxlength="30" value="<?php echo htmlentities($current_password); ?>" /></td> </tr> <tr> <td>New Password:</td> <td><input type="password" name="new_password" maxlength="30" value="<?php echo htmlentities($new_password); ?>" /></td> </tr> <tr> <td>Confirm New Password:</td> <td><input type="password" name="repeat_password" maxlength="30" value="<?php echo htmlentities($repeat_password); ?>" /></td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="Change Password" /></td> </tr> </table> </form> </td> </tr> </table> <?php include("includes/footer.php"); ?>

sridhar, Do you have phpmyadmin? If you have a xamp or wamp installation then you should have it already setup. There is an option to auto increment a column id which is what you looking for. Basically it will add the next unique available id when you do an insert into your table. Could you post some of your code that you got to work with the single file upload? I still suggest you use a string to point to your file on your windows file structure. Am I right in thinking that you are already doing this and not actually storing the uploaded files in your db as blobs?

I do have it on the top of my page but it is in a separate php file called sessions.php. I am requiring the file once at the top of my change password php file.This session file has other functions that check that the user is admin rights etc which is working as I do a check to see if the user has admin rights before they can access it. this function is based on $_SESSION['is_admin'].

Hi, I have a login page which works perfectly. I am trying to create a change password page. As part of my validation on my page I what to check the the current hashed password and logged in user is correct. My problem seems to be with my session varible that store my username. On my login page I have the following which sets it $_SESSION['username'] = $found_user['username'] I tried echoing the $_SESSION['username'] on the login page and it returns the expected result though on my change password page it does not echo any value. The change password does seem to be using my other session variables as I check to see if the user has admin rights by checking my $_SESSION['is_admin'] and it does work it just seems to not find the username variable. Any ideas?

Hi, I'm also a newbie but hopefully my experiences can help you. I also wanted to upload multiple images to a mysql table but after many hours of reading forumns and bloggs I realised that it would be better to store a string with the path to my files on my server rather than store it in the mysql db as it can be a performance hit when trying to retrieve the files. In my case loads of images. do you have phpmyadmin? if not I would suggest you get it as its quiet a user friendly front end to a mysql db. Then you need to create your tables and then you can code your php. In my example which I'm still busy with. I point to a particular folder on my server and get php to loop through each directory and insert a row for each file in each folder. it might be worth checking out php.net and searching the functions list for scandir($dir) functions. Could you example to us your current setup? ie os system php version, mysql and anything else that we could help you with.

Thanks thats working brillantly.

I remember MS Frontpage used to do it. I'm not sure if it works php but you used to be able choice more or less the speed that your visits connection would be. This was some tie age as some options i remember was 56k modem 128k etc.

Hi, I have the following bit of PHP. I'm trying to truncate a table called tbl_demo in my demo db. <?php //This will be used to drop and create the image table //and reload the images into the table echo "Truncating Demo table..."; $query = "TRUNCATE TABLE ".DB_NAME . ".tbl_demo"; $result = mysql_query ($query, $connection); confirm_query($result); if(mysql_fetch_array($result)){ echo "Table Truncated"; } ?> This is my confirm query function which is in another file that I include. function confirm_query($result_set) { if (!$result_set) { die("Database query failed: " . mysql_error()); } } I keep getting this error message How can I truncate my table and check that it was successful. I am new to php so really appreciate your help.

Hi Mark, Thanks for the reply. Tried that instead of the way that I was calling mysql_prep. I still get returned nothing at all.

Hi I have the following php function function mysql_prep($value){ $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); //used for newer php >= 4.3.0 if($new_enough_php){ //undo magic quotes if ($magic_quotes_active){$value = stripslashes($value);} $value = mysql_real_escape_string($value); }else{//before php 4.3 //if magic quotes not on then addslashes manually if (!$magic_quotes_active) {$value=addslashes($value);} //if magic quotes is active then the slashes already exists } return $value; } I tried the following <?php mysql_prep('Hello'); ?> I do not get back anything I tried echoing the $value as the function starts and that return nothing so my thoughts are that no value is being passed to it. I did a echo on $magic_quotes_active and $new_enough_php and both returned 1. I have no problems with any of my other functions. I am hoping to use this function to escape any special characters before inserting into a mysql table.