captain_scarlet87

Any ideas?

Thanks for the reply, I tried using $row[0]['username'] in the edit_forum.php but it now displays ['username'] in the text box. Any further suggestions?

Hi, So far I have managed to display all the current usernames from a table with a link alongside each to edit it. The page it takes you next should display the current username in the text box that can be changed and then submitted, however the text box is empty. I have tried typing in a different username and then submitting it but it doesnt update this in the table. Please help me. edit.php (correctly displays username and edit link: <?php # Script 13.8 - edit.php // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Users'; include ('./includes/header.html'); ?> <table> <tr> <td align="center">Edit Users</td> </tr> <tr> <td> <table border="1"> <?php require_once ('../mysql_connect.php'); // Connect to the database. $order = "SELECT username FROM users"; $result = mysql_query($order); while ($row=mysql_fetch_array($result)){ echo ("<tr><td>$row[username]</td>"); echo ("<td><a href=\"edit_form.php?id=$row[username]\">Edit</a></td></tr>"); } ?> </table> </td> </tr> </table> <?php include ('./includes/footer.html'); ?> edit_form.php (current username not appearing in text box): <table border=1> <tr> <td align=center>Form Edit Employees Data</td> </tr> <tr> <td> <table> <?php require_once ('../mysql_connect.php'); // Connect to the database. $order = "SELECT username FROM users where username='$id'"; $result = mysql_query($order); $row = mysql_fetch_array($result); ?> <form method="post" action="edit_data.php"> <input type="hidden" name="id" value="<?php echo "$row[username]"?>"> <tr> <td>Username</td> <td> <input type="text" name="username" size="20" value="<?php echo "$row[username]"?>"> </td> </tr> <tr> <td align="right"> <input type="submit" name="submit value" value="Edit"> </td> </tr> </form> </table> </td> </tr> </table> edit_data.php (not editing the username in the users table): <?php //edit_data.php require_once ('../mysql_connect.php'); // Connect to the database. $order = "UPDATE users SET username='$username', WHERE username='$id'"; mysql_query($order); header("location:edit.php"); ?>

bump

Cheers that worked! Can't believe I missed that, copied and pasted the wrong line. However I have now moved on to another problem This time the text box appears from edit_form.php however the username is not already filled in as the value that can be changed. When I fill in the box with a changed username it takes me back to the edit.php with the list of usernames that haven't been altered. Any ideas why?

Hi, I'm having problems trying to edit data from a table in my database. This is the error that appears: An error occurred in script 'C:\wamp\www\html\edit_form.php' on line 12: mysql_query() [function.mysql-query]: Access denied for user 'ODBC'@'localhost' (using password: NO) This is therefore relating to this piece of code: <table border=1> <tr> <td align=center>Form Edit Employees Data</td> </tr> <tr> <td> <table> <?php $order = "SELECT username FROM users where username='$id'"; require_once ('./includes/config.inc.php'); $result = mysql_query($order); $row = mysql_fetch_array($result); ?> <form method="post" action="edit_data.php"> <input type="hidden" name="id" value="<?php echo "$row[username]"?>"> <tr> <td>Username</td> <td> <input type="text" name="username" size="20" value="<?php echo "$row[username]"?>"> </td> </tr> <tr> <td align="right"> <input type="submit" name="submit value" value="Edit"> </td> </tr> </form> </table> </td> </tr> </table> The weird thing is that this bit of the code connects correctly to the database using the same instruction require_once ('./includes/config.inc.php'); and displays all the usernames so there shouldn't be a problem with the config.inc.php file. <?php # Script 13.8 - edit.php // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Users'; include ('./includes/header.html'); ?> <table> <tr> <td align="center">Edit Users</td> </tr> <tr> <td> <table border="1"> <?php require_once ('../mysql_connect.php'); // Connect to the database. $order = "SELECT username FROM users"; $result = mysql_query($order); while ($row=mysql_fetch_array($result)){ echo ("<tr><td>$row[username]</td>"); echo ("<td><a href=\"edit_form.php?id=$row[username]\">Edit</a></td></tr>"); } ?> </table> </td> </tr> </table> <?php include ('./includes/footer.html'); ?> This the final apart of the code, just incase it is needed: <?php //edit_data.php require_once ('./includes/config.inc.php'); $order = "UPDATE users SET username='$username', WHERE username='$id'"; mysql_query($order); header("location:edit.php"); ?> Please help! Thanks.

Thanks aeroswat, I added in the acro php and it now it displays correctly.

Hey all, having a little trouble displaying usernames from a database and then having a link alongside each displayed username to edit it. I'm using this script: <?php # Script 13.8 - edit.php // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Users'; include ('./includes/header.html'); ?> <table> <tr> <td align="center">Edit Users</td> </tr> <tr> <td> <table border="1"> <? require_once ('../mysql_connect.php'); // Connect to the database. $order = "SELECT username FROM users"; $result = mysql_query($order); while ($row=mysql_fetch_array($result)){ echo ("<tr><td>$row[username]</td>"); echo ("<td><a href=\"edit_form.php?id=$row[username]\">Edit</a></td></tr>"); } ?> </table> </td> </tr> </table> <?php include ('./includes/footer.html'); ?> The page displays this: Edit Users "); echo (""); } ?> $row[username] Edit - this line being inside the table. Please help if you can. Thanks.

Hi, I have a simple code that sends form contents to a table in my database. However I keep getting this error: An error occurred in script 'C:\wamp\www\html\upload_instructions.php' on line 24: eregi() [function.eregi]: REG_BADBR Any ideas what is wrong, i'm sure it's something really simple that I have missed. <?php # Script 13.6 - register.php // This is the registration page for the site. // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Upload Instructions'; include ('./includes/header.html'); if (isset($_POST['submitted'])) { // Handle the form. require_once ('../mysql_connect.php'); // Connect to the database. // Check for a topic. if (eregi ('^[[:alpha:]\.\' \-]{2,30}$', stripslashes(trim($_POST['topic'])))) { $t = escape_data($_POST['topic']); } else { $t = FALSE; echo '<p><font color="red" size="+1">Please enter your topic.</font></p>'; } // Check for a instructions. if (eregi ('^[[:alpha:]\.\' \-]{2,1000}$', stripslashes(trim($_POST['instructions'])))) { $i = escape_data($_POST['instructions']); } else { $i = FALSE; echo '<p><font color="red" size="+1">Please enter your instructions.</font></p>'; } if ($t && $i) { // If everything's OK. // Add the user. $query = "INSERT INTO uploaded_instructions (topic, instructions) VALUES ('$t', $i' )"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if (mysql_affected_rows() == 1) { // If it ran OK. // Finish the page. echo '<h3>Thank you for submitting instructions!</h3>'; include ('./includes/footer.html'); // Include the HTML footer. exit(); } else { // If it did not run OK. echo '<p><font color="red" size="+1">You could not be registered due to a system error. We apologize for any inconvenience.</font></p>'; } } else { // If one of the data tests failed. echo '<p><font color="red" size="+1">Please try again.</font></p>'; } mysql_close(); // Close the database connection. } // End of the main Submit conditional. ?> <h1>Register</h1> <form action="upload_instructions.php" method="post"> <fieldset> <p><b>Topic:</b> <input type="text" name="topic" size="100" maxlength="100" value="<?php if (isset($_POST['topic'])) echo $_POST['topic']; ?>" /></p> <p><b>Instructions:</b><br><textarea name="instructions" maxlength="1000" rows="30" cols="120" value="<?php if (isset($_POST['instructions'])) echo $_POST['instructions']; ?>" /></textarea> </p> <div align="center"><input type="submit" name="submit" value="Upload Instructions" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php // Include the HTML footer. include ('./includes/footer.html'); ?>

Thanks everyone! Worked with the single quotes around the username and no quotes around SHA('$p). $query = "UPDATE users SET pass=SHA('$p') WHERE username='{$_SESSION['username']}'";

Hey guys, tried that out but now i'm getting a different error: An error occurred in script 'C:\wamp\www\html\change_password.php' on line 50: Query: UPDATE users SET pass='SHA('whatever')' WHERE username='jim.bob' MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'whatever')' WHERE username='jim.bob'' at line 1 Have I got a version that will not work with this code? I think I have version 5.0.45.

Hey, I keep on getting this error come up when trying to change the password of a logged in user: An error occurred in script 'C:\wamp\www\html\change_password.php' on line 50: Query: UPDATE users SET pass=SHA('whatever') WHERE username=jim.bob MySQL Error: Unknown column 'jim.bob' in 'where clause' This is the code i'm using: <?php # Script 13.11 - change_password.php // This page allows a logged-in user to change their password. // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Change Your Password'; include ('./includes/header.html'); // If no first_name variable exists, redirect the user. if (!isset($_SESSION['username'])) { // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/index.php'; ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { if (isset($_POST['submitted'])) { // Handle the form. require_once ('../mysql_connect.php'); // Connect to the database. // Check for a new password and match against the confirmed password. if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST['password1'])))) { if ($_POST['password1'] == $_POST['password2']) { $p = escape_data($_POST['password1']); } else { $p = FALSE; echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>'; } } else { $p = FALSE; echo '<p><font color="red" size="+1">Please enter a valid password!</font></p>'; } if ($p) { // If everything's OK. // Make the query. $query = "UPDATE users SET pass=SHA('$p') WHERE username={$_SESSION['username']}"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if (mysql_affected_rows() == 1) { // If it ran OK. // Send an email, if desired. echo '<h3>Your password has been changed.</h3>'; mysql_close(); // Close the database connection. include ('./includes/footer.html'); // Include the HTML footer. exit(); } else { // If it did not run OK. // Send a message to the error log, if desired. echo '<p><font color="red" size="+1">Your password could not be changed due to a system error. We apologize for any inconvenience.</font></p>'; } } else { // Failed the validation test. echo '<p><font color="red" size="+1">Please try again.</font></p>'; } mysql_close(); // Close the database connection. } // End of the main Submit conditional. ?> <h1>Change Your Password</h1> <form action="change_password.php" method="post"> <fieldset> <p><b>New Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters and numbers. Must be between 4 and 20 characters long.</small></p> <p><b>Confirm New Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="Change My Password" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php } // End of the !isset($_SESSION['username']) ELSE. include ('./includes/footer.html'); ?> Line 50 is this: $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); Anyone know where I am going wrong? My database fields are labelled correctly I think (username, email, pass).

bump

Sorry for the late reply i've had limited access to my computer over the last few days. Anyways i've tried to replace the username session with the admin session: if (isset($_SESSION['admin']) && ($_SESSION['admin'] === 1) AND (substr($_SERVER['PHP_SELF'], -10) != 'logout.php')) { echo '<a href="logout.php">Logout</a><br /> <a href="change_password.php">Change Password</a><br /> <a href="upload_instructions.php">Upload Instructions</a><br /> '; } else { // Not logged in. echo ' <a href="register.php">Create User</a><br /> <a href="login.php">Login</a><br /> <a href="forgot_password.php">Forgot Password</a><br /> '; } However when logging in with a user with admin set to 1 it displays the logged out links. Here is my login.php which i'm guessing is where the admin session is obtained from: <?php # Script 13.8 - login.php // This is the login page for the site. // Include the configuration file for error management and such. require_once ('./includes/config.inc.php'); // Set the page title and include the HTML header. $page_title = 'Login'; include ('./includes/header.html'); if (isset($_POST['submitted'])) { // Check if the form has been submitted. require_once ('../mysql_connect.php'); // Connect to the database. // Validate the username. if (!empty($_POST['username'])) { $fn = escape_data($_POST['username']); } else { echo '<p><font color="red" size="+1">You forgot to enter your username!</font></p>'; $fn = FALSE; } // Validate the password. if (!empty($_POST['pass'])) { $p = escape_data($_POST['pass']); } else { $p = FALSE; echo '<p><font color="red" size="+1">You forgot to enter your password!</font></p>'; } if ($fn && $p) { // If everything's OK. // Query the database. $query = "SELECT username, admin FROM users WHERE (username='$fn' AND pass=SHA('$p'))"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if (@mysql_num_rows($result) == 1) { // A match was made. // Register the values & redirect. $row = mysql_fetch_array ($result, MYSQL_NUM); mysql_free_result($result); mysql_close(); // Close the database connection. $_SESSION['admin'] = $row [1]; $_SESSION['username'] = $row[0]; // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/index.php'; ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p><font color="red" size="+1">The username and password entered do not match those on file.</font></p>'; } } else { // If everything wasn't OK. echo '<p><font color="red" size="+1">Please try again.</font></p>'; } mysql_close(); // Close the database connection. } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Username:</b> <input type="text" name="username" size="30" maxlength="30" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <?php // Include the HTML footer. include ('./includes/footer.html'); ?> I have a header file that starts the buffering of the sessions. Am I doing something wrong? Any suggestions are more than welcome, I am clueless! Thanks.

Hi, I need a bit of help with some code determining whether a user that logs in is an admin or just a normal user. The admin will need to have specific links in the menu related to just them and then obviously different links available when a normal user is logged in or when no one is logged in at all. So far I have a SQL table which has a field for the role of the user with the value of 1 = admin and 0 = normal user. Below is the code i've got so far, now just need to retrieve the role value from the table and display the appropriate links. Any help will be appreciated. Thanks. <!-- End of Content --> </div> <div id="Menu"> <a href="index.php">Home</a><br /> <?php # Script 13.2 - footer.html // This page completes the HTML template. // Display links based upon the login status. // Show LOGIN links if this is the LOGOUT page. if (isset($_SESSION['username']) AND (substr($_SERVER['PHP_SELF'], -10) != 'logout.php')) { echo '<a href="logout.php">Logout</a><br /> <a href="change_password.php">Change Password</a><br /> <a href="upload_instructions.php">Upload Instructions</a><br /> <a href="upload.html">Upload Video Tutorial</a><br /> '; } else { // Not logged in. echo ' <a href="register.php">Create User</a><br /> <a href="login.php">Login</a><br /> <a href="forgot_password.php">Forgot Password</a><br /> '; } ?> </div> </body> </html> <?php // Flush the buffered output. ob_flush(); ?>

Thanks importune, works exactly how I want it to now.

It's picking up the file names from correct folder (includes/videos/) however the file links are only pointing to the current directory and therefore the files cannot be found. What do I need to change to link to the sub folders (includes/videos/)? Thanks.

Hey, I've created a website whereby videos files (avi) are uploaded to a folder. I now need a php script to display all the video files in the folder to the user who can then click on and open the files. I've done a number of google searches and have got this script to display all the links to the files but currently can't open them: <?php $current_dir = "$DOCUMENT_ROOT"."includes/videos"; //Put in second part, the directory - without a leading slash but with a trailing slash! $dir = opendir($current_dir); // Open the sucker echo ("<p><h1>List of available files:</h1></p><hr><br />"); while ($file = readdir($dir)) // while loop { $parts = explode(".", $file); // pull apart the name and dissect by period if (is_array($parts) && count($parts) > 1) { // does the dissected array have more than one part $extension = end($parts); // set to we can see last file extension if ($extension == "avi" OR $extension == "zip") // is extension ext or EXT ? echo "<a href=\"$file\" target=\"_blank\"> $file </a><br />"; // If so, echo it out else do nothing cos it's not what we want } } echo "<hr><br />"; closedir($dir); // Close the directory after we are done ?> Any help would be great, although try to keep it simple as i'm no mastermind at this stuff!