dlouis95

:D :D :D :D :D :D THANK YOU SOO SOOOO SOOOOOOOO MUCH. lol I wish my friends knewmysql more. Thanks you. =)

Hello all. Im making a new site and I've been doing good up until this one part that i never learned how to do. What i need to do is select posts (posts table) where the person that made the post is friends with me (friend table) and I would like it in order of it being made. So far the closest ive gotten in getting this is the code below SELECT * FROM `posts` WHERE `user_id`=(SELECT `friend_id` FROM `friend` WHERE user_id = ' #my id ') But this gave the error that I'm selecting more than one row, which I need to do. Is there any other way I can do this? Any help at all would be greatly appreciated. I'm using Mysql client version 5.1.50.

Ive tryed a new method: "SELECT * FROM `posts` WHERE `user_id`=(SELECT `friend_id` FROM `friend` WHERE user_id = '$user_id')" But this gave me the error that I was selecting more than one row, which I was and need to do. Can anyone help me in trying to make this work? Not just this script but can any one help me in trying to accomplish my goal?

Youve been a huge help but im still haveing alittle problem with this. Can you help me make the following script work? SELECT p.user_id, p.post, p.time FROM posts as p, friend as f WHERE f.user_id = '$user_id' AND p.user_id = 'f.friend_id' ORDER BY p.time DESC LIMIT 10 It all works up until the p.user_id = 'f.friend_id' part. Know how to solve this problem? Thanks for the help in advance.

I'm using MySQL client version: 5.1.48

Hello. I have two tables in a databse, friends and posts. Im trying to select all the posts by my unique number of friends and display them in order all in one mysql query. Is this posible? I know this wouldnt work, but i was thinking it could be something like: SELECT * FROM posts WHERE id ='(SELECT id FROM friends WHERE friend = $me)' How can i make something like this?

As of right now, yes. As of tonight, it will get alittle more complicated.

I found a way around it. The program now saves your ip to the server at account creation. When you get to the page with accounts, it checks if your email is the same as the account as well as if your ip is the same as the accounts. If your ip isn't the same, but the email is, it logs you off and sends you to the login page. When you relog in, your ip in the database is changed to what your new ip is. NOw you need to change the cookie as well as know the users ip.

The script is the following.... <? if(isset($_COOKIE['dan'])) { $sPattern = '/\s*/m'; $sReplace = ''; $string = $_COOKIE['dan']; $email=preg_replace( $sPattern, $sReplace, $string ); $host = ""; $username = ""; $password = ""; $db_name = ""; $tbl_name = ""; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $user=mysql_real_escape_string($_GET['username']); if(mysql_num_rows(mysql_query("SELECT username FROM $tbl_name WHERE username = '$user'"))) { $sql="SELECT * FROM $tbl_name WHERE username='$user'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); $email2=$rows['email']; if($email == $email2) { ?>...html if the account is yours...<? } else { ?>...html if the account isnt yours...<? die(); } } else { ?>...html for account that deosnt exist...<? die(); } } else { $host = ""; $username = ""; $password = ""; $db_name = ""; $tbl_name = ""; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $name = $_GET['username']; $sql="SELECT * FROM $tbl_name WHERE username='$name'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); if($rows['password']==null) { ?>...hmtl for account if your not logged in<? } else { ?>...html for account that deosnt exist if your not logged in...<? } } ?>

Last Friday I sat down to make users on my site. With in one hour I had a working prototype. I have refined it since then to make it a very good working script, but I am doubting my system of user login. In the script, when you login, you get a cookie that is named 'dan' and that has your email as its value. When you go to a page, it checks if the cookie exists, and displays all the information that should be their for the user whos email is the same as the cookie's value. Is it possible for a person to edit a cookie on their computer as a way to hack into someone elses account using this system? If it is, does any one have a suggestion as to make this more secure? Thanks!

Thanks man! Turns out my problem was nothing(space before $email)! Thanks for telling me to sanitize the url value. I haven't gotten to that yet, but have done it for forum entry's.

That's to check if a record exists. I googled a way to do this, this is what it gave me, and it works.

In the script provided, at if($email==$email2), it says it is false when I know it's true. I know that the cookie is the same as the email in the database, yet it sill wont work. I have even echoed the two to see myself if they were the same, and they were, yet it still is saying it's false. Anyone know whats up? Thanks! if(isset($_COOKIE['dan'])) { $email=$_COOKIE['dan']; $host = ...; $username = ...; $password = ...; $db_name = ...; $tbl_name = ...; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $user=$_GET['username']; if(mysql_num_rows(mysql_query("SELECT username FROM $tbl_name WHERE username = '$user'"))) { $sql="SELECT * FROM $tbl_name WHERE username='$user'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); $email2=$rows['email']; if($email == $email2) { ?><html>...</html><? } else { ...

The script runs fine. I'm just trying to get some additional code so it will resize the image and save it to another directory. Ive tried several different things and have failed each time so I decided to get some personal help.

First I would like to say hello because Im new here and new to php. I would like to take an image I've uploaded and save it as well as a thumbnail in two directory. Can you guys give the MOST basic code out there for this? Ill give the script I have already and the script that's working for me right now. My sites name is http://www.daniellsmith.com. The script I would like to add this code to is this: <?php // ============== // Configuration // ============== srand ((double) microtime( )*1000000); $random_number = rand(0,100000000); $uploaddir = "uploaded_files"; $uploadFilename=time().'_'.$random_number.".gif"; if (($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg") or ($_FILES["file"]["type"] == "image/png")) { if ($_FILES["file"]["error"] > 0) { die("Error: " . $_FILES["file"]["error"] . "<br />"); } else { if(is_uploaded_file($_FILES['file']['tmp_name'])) { move_uploaded_file($_FILES['file']['tmp_name'],$uploaddir.'/'.$uploadFilename); } } } else { die("Invalid file. Only Png Jpg and gif images are allowe to be posted on this site at this time."); } $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // get data that sent from form $topic=$_POST['topic']; $detail=$_POST['detail']; $name2=$_POST['name2']; $email=$_POST['email']; $fileName=$uploadFilename; $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; $datetime=date("m/d/y"); //create date time if($topic==null) { echo die("You did not put the pictures name!"); } if($name2==null) { echo die("You did not put your name!"); } if($email==null) { die("You didnt put your email! To get emails saying that you have gotton a comment, you need to put your real emial address."); } $sql="INSERT INTO $tbl_name(topic, detail, name2, email, datetime, file, ip)VALUES('$topic', '$detail', '$name2', '$email', '$datetime', '$fileName', '$ip')"; $result=mysql_query($sql); if($result){ header( 'Location: http://www.daniellsmith.com/index.php' ) ; } else { echo "ERROR"; } mysql_close(); ?> Thanks in advanced if you can help or can't.