MargateSteve
-
Posts
240 -
Joined
-
Last visited
Posts posted by MargateSteve
-
-
Thanks Guys, that has given me a lot to consider and read up on.
I think I will try to free up some time tonight to get some basic test code together so I have something physical to work with.
Thanks again
Steve
-
Have you set the database up yet? The error is saying that it has failed to connect to the database and you said 'I know I need to setup a Database for it on my server'. If the database has not been set-up then this is the problem.
If the database has been set-up, assuming the code worked fine on the other host, it will simply be a case that you will need to change the parameters in the code (db name, username, p/w etc) to the ones that you created or where given when you set up the new database.
If it is a third party CMS, there should be a file where you can change all of these.
Steve
-
Thanks for that Barand.
One very important thing that I forgot to mention is as there are already over 100 folders, each containing between 10 and 30 images, I would like to be able to insert these images into the database and create the thumb and medium image. Would there be a simple way to do this or would it be best just to re-upload them with the new script?
Thanks
Steve
-
This is a bit of preliminary question and I have not started any coding yet, but want to make sure that I go about this all the right way.
The website I am currently working on uses Qdig (http://qdig.sourceforge.net/) for it's image gallery. I have replaced all the other third party scripts that were there and this will be my last challenge. I have already tested some basic image uploads and that part of it is fine. However there are a few things that I want to make sure are implemented before I go too far.
I have put below the way I think it should work but if there is anything that seems like a bad idea, please let me know!!
The basic functionality would be....
- Choose a folder, although it most cases this will be chosen for you
- Upload several images at a time
- Upon upload insert the details into the database with other predefined variables as well as image size and dimensions
- Create two resized images for each upload, medium and thumb
- Open a form to add a caption and tags to the image in the database
Although most of it would be fairly straightforward, there are a couple of bits that I am not sure of.
With creating the medium and thumbnail versions, tutorials I have read have suggested uploading the images then reading the directory and creating the extra images there. However, there might be occasions where images are uploaded to an already populated directory so I would not want the images that have already been processed to be done again.
My feeling would be to create the extra images as part of the upload process but as I have never seen that suggested, I am not sure if there would be any problems with that.
Also, would it be better to create a thumbs and medium folder inside the parent directory or append the filenames of the new images with med_ and thumb_?
I have exactly the same issue with adding the details to the database. The tutorials I have read suggest scanning the directory and then inserting, but I would assume it would be more foolproof to insert the details as part of the upload process.
The last situation I want to plan properly is being able to delete/move images. Obviously there will be three different images (original, medium, thumb) for each one plus a database entry. What would be the safest way to move/change/delete all in one go?
As things stand, there is only going to be myself and two others that will be using the image upload facility and the area will be restricted to admins only there is no immediate risk of unsafe uploads. However, with an eye on future proofing (and in case one of us accidentally does something stupid) I will want to have some form of sanitisation in place.
Would a straightforward regex searching for a correct file extension be enough for this or would it be recommended to implement other checks (image size etc) from the outset to make sure it does not need much re-writing should it get to a point where other people can upload.
For those of you still here, thank you for persevering! Absolutely any advice, pointers or suggestion would be gratefully received!
Thanks in advance
Steve
- Choose a folder, although it most cases this will be chosen for you
-
Code wise is the username definitely being unset via the log-in page?
Stupidity controlling my fingers...I meant log-out page/script not log in.
-
Far from being an expert on this, if it happened to me, my first three checks would be.....
1) Has anything been changed by the host? I once had a site where the host upgraded the version of php and virtually everything stopped working.
2) Have you changed anything to do with those scripts in the last few days were the old information was still held in a cookie or the cache up until last night?
and because it is me and I know what I am like
3) Have I played around with these or any related files and forgotten to undo the changes or accidently uploaded a dev version to the server?
Code wise is the username definitely being unset via the log-in page?
Steve
-
I think you may have been right. I ditched everything that was there and re-wrote the log-in form/css and everything works fine now.
Thanks
Steve
-
Sorry, I think I may have confused you with my first post.
The code I gave was to show that the formatting is correct if you use type="text" on the password field (which is incorrect usage) which is the image on the left.
If I use type="password" on the password field, this is when I get the image on the right.
Also, as I mentioned, I have tried to create duplicates of all 'input' styles and name those ones input[type=password].xxx but this gave the same result.
The initial styling is in a template my friend purchased. They all came as .html files and he asked me to convert them all to php and split the header/footer/navigation into their own files.
In the original .html file, the password field was also type="password" and formatted the same as the username field.
The strangest thing is, if you assign name="xxx" to only one of them everything works fine. If you assign the same name="xxx" to both of them everything works fine. It is only when you assign a different name="xxx" to each of them there is a problem!?!?
Thanks
Steve
-
As a quick update. If I remove the name attribute (name="Lpassword" ) from the password field it shows up correctly. However, I need this to process the form, unless there is another way around it?
Thanks
Steve
-
I have been trying to adapt a template to suit my needs and am struggling to get the 'username' and 'password' fields to match on the log-in.
If I choose type="text" for both it works fine but if I choose type="password" for the password field, both fields lose all formatting including the placeholder.
I have tried duplicating all styles for inputs, appending input[type=password] to the new ones but the results were the same.
I am sure this is something simple but since 6pm yesterday, I have been drawing a blank!
Any advice would be appreciated.
Thanks
Steve
<div id="mws-login"> <div id="mws-login-form"> <form class="mws-form" action="" method="post"> <div class="mws-form-row"> <div class="mws-form-item large"> <input id="name" type="text" name="Lname" class="mws-login-username mws-textinput" placeholder="username" /> </div> </div> <div class="mws-form-row"> <div class="mws-form-item large"> <input id="password" type="text" name="Lpassword" class="mws-login-password mws-textinput" placeholder="password" /> </div> </div> </div> <span class="fltrt"> <input type="submit" value="LOGIN" class="mws-button black" /> <input type="submit" name="cancel" value="CANCEL" class="mws-button black" /> </span> </form> <span class="loginprob"><a href="loginhelp.php">Login Problems ?</a></span> </div>
form.css
.mws-form { clear:both; display:block; } .mws-form .mws-form-row { padding:12px 24px; } .mws-form .mws-button-row.left { text-align:left; } .mws-form .mws-button-row { padding:16px 24px; border-top:1px solid #bcbcbc; text-align:right; background:url(/inc/images/core/mws-inset.png); } .mws-form .mws-form-item { min-height:34px; height:34px; height:auto !important } .mws-form fieldset { margin:0; } .mws-form ul.mws-form-list, .mws-form ul.mws-form-list li { margin:0; list-style:none; } .mws-form fieldset { border-top:1px dotted #bcbcbc; padding-top:16px; } .mws-form fieldset legend { margin-left:24px; padding:0 4px; border:1px dotted #bcbcbc; } .mws-form .mws-form-inline label { padding-top:7px; } .mws-form label { padding-bottom:7px; cursor:pointer; } .mws-form label span.required { color:#FF0000; } /* Input Styles */ .mws-form .mws-form-item select, .mws-form .mws-form-item textarea, .mws-form .mws-form-item .mws-textinput, .mws-form .mws-form-item.large select, .mws-form .mws-form-item.large textarea, .mws-form .mws-form-item.large .mws-textinput { width:100%; } .mws-form .mws-form-item.medium select, .mws-form .mws-form-item.medium textarea, .mws-form .mws-form-item.medium .mws-textinput { width:75%; } .mws-form .mws-form-item.small select, .mws-form .mws-form-item.small textarea, .mws-form .mws-form-item.small .mws-textinput { width:55%; } .mws-form select, .mws-form textarea, .mws-form .mws-textinput, .mws-form .file { border:1px solid #c5c5c5; padding:6px 7px; color:#323232; margin:0; background-color:#ffffff !important; outline:none; /* CSS 3 */ -moz-border-radius:4px; -webkit-border-radius:4px; -o-border-radius:4px; -khtml-border-radius:4px; border-radius:4px; box-sizing: border-box; -moz-box-sizing: border-box; -ms-box-sizing: border-box; -webkit-box-sizing: border-box; -khtml-box-sizing: border-box; -moz-box-shadow:inset 0px 1px 3px rgba(128, 128, 128, 0.1); -o-box-shadow:inset 0px 1px 3px rgba(128, 128, 128, 0.1); -webkit-box-shadow:inset 0px 1px 3px rgba(128, 128, 128, 0.1); -khtml-box-shadow:inset 0px 1px 3px rgba(128, 128, 128, 0.1); box-shadow:inset 0px 1px 3px rgba(128, 128, 128, 0.1); } .mws-form select:disabled, .mws-form textarea:disabled, .mws-form .mws-textinput:disabled { background:#f0f0f0; } .mws-form select.error, .mws-form textarea.error, .mws-form .mws-textinput.error { border-color:#eb979b; } /* Placeholder Text */ .mws-form .placeholder { color: #aaa; } /* Inline Form Elements */ .mws-form .mws-form-inline .mws-form-item { margin-left:136px; } .mws-form .mws-form-inline label { width:120px; display:block; float:left; margin-right:16px; } /* Block Form Elements */ .mws-form .mws-form-block label, .mws-form .mws-form-block .mws-form-item { display:block; width:100%; margin:0; float:none; } /* Form List */ .mws-form .mws-form-inline ul.mws-form-list { float:left; width:68%; margin-top:4px; } .mws-form .mws-form-inline .mws-form-item ul.mws-form-list { width:100%; } .mws-form ul.mws-form-list, .mws-form .mws-form-block ul.mws-form-list { display:block; width:100%; } .mws-form ul.mws-form-list.inline li { float:left; margin-right:10px; } .mws-form ul.mws-form-list li label { width:auto; float:none; margin:0; padding:0; display:inline; vertical-align:middle; } .mws-form ul.mws-form-list li input { vertical-align:middle; } /* Textarea */ .mws-form textarea { height:10em; resize:none; } /* Form Clearfix */ .mws-form .mws-form-row:before, .mws-form .mws-form-row:after { content: '.'; display: block; overflow: hidden; visibility: hidden; font-size: 0; line-height: 0; width: 0; height: 0; } .mws-form .mws-form-row:after { clear: both; } .mws-form .mws-form-row { zoom: 1; } /* Messages */ .mws-form-message { font-size:12px; border-bottom:1px solid #d2d2d2; padding:15px 8px 15px 45px; position:relative; vertical-align:middle; background:#f8f8f8; } .mws-form-message p, .mws-form-message ul, .mws-form-message ol { margin:0; } .mws-form-message ul li, .mws-form-message ol li { list-style-position:inside; list-style-type:inherit; margin:0; } .mws-form-message .mws-message-close { background:url(/inc/images/mws-close-btn.html) no-repeat left center; width:18px; height:18px; display:block; position:absolute; right:10px; top:11px; cursor:pointer; } .mws-form-message.error { background-color:#ffcbca; background-image:url(/inc/images/core/message-error.png); background-position:12px 12px; background-repeat:no-repeat; border-color:#eb979b; color:#9b4449; } .mws-form-message.success { background-color:#e1f1c0; background-image:url(/inc/images/core/message-success.png); background-position:12px 12px; background-repeat:no-repeat; border-color:#b5d56d; color:#62a426; } .mws-form-message.warning { background-color:#fef0b1; background-image:url(/inc/images/core/message-warning.png); background-position:12px 12px; background-repeat:no-repeat; border-color:#ddca76; color:#a98b15; } .mws-form-message.info { background-color:#bce5f7; background-image:url(/inc/images/core/message-info.png); background-position:12px 12px; background-repeat:no-repeat; border-color:#a6d3e8; color:#11689E; } .mws-form .mws-form-item .mws-error, .mws-form .mws-form-item label.error, .mws-form .mws-form-item span.error, .mws-form .mws-form-item div.error { font-size:11px; display:block; width:auto; float:none; margin:-4px 0 0 0; padding:10px 8px 6px 8px; cursor:default; background:#c83139; color:#ffffff; /* CSS 3 */ -moz-border-radius:0 0 4px 4px; -webkit-border-radius:0 0 4px 4px; -o-border-radius:0 0 4px 4px; -khtml-border-radius:0 0 4px 4px; border-radius:0 0 4px 4px; } /* File Style */ .mws-filestyle { padding-right:87px !important; } .feat { outline:none; cursor:pointer; background:#e0e0e0 url(/inc/images/core/mws-file-btn.png) no-repeat center center; color:#666666; height:28px; border:1px solid #ababab; margin-left:-80px; text-align:center; /* CSS 3 */ -webkit-border-radius:0 3px 3px 0; -moz-border-radius:0 3px 3px 0; -o-border-radius:0 3px 3px 0; -khtml-border-radius:0 3px 3px 0; border-radius:0 3px 3px 0; -webkit-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -moz-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -o-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -khtml-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); } .feat:active { -webkit-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -moz-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -o-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -khtml-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; } .feat .mws-filestyle { padding:2px 0 !important; } /* Color Picker */ .mws-colorpicker { background-image:url(/inc/images/core/cpicker.png); background-repeat:no-repeat; background-position:right center; width:150px !important; padding-right:32px !important; } /* Dual List Box */ div.mws-dualbox { position:relative; } div.mws-dualbox .countLabel { margin-top:4px; display:block; } div.mws-dualbox .mws-dualbox-col1, div.mws-dualbox .mws-dualbox-col2, div.mws-dualbox .mws-dualbox-col3 { width:40%; float:left; } div.mws-dualbox .mws-dualbox-col2 { width:20%; text-align:center; position:relative; margin-top:150px; } div.mws-dualbox .mws-dualbox-col2 button { width:32px; height:32px; } div.mws-dualbox .mws-dualbox-filter { margin-bottom:10px; } div.mws-dualbox .mws-dualbox-filter label { display:block; } div.mws-dualbox .mws-dualbox-filter .mws-textinput { float:left; margin-right:-32px; padding-right:36px; } div.mws-dualbox .mws-dualbox-filter button { float:left; margin:0; width:32px; /* CSS 3 */ -webkit-border-radius:0 3px 3px 0; -moz-border-radius:0 3px 3px 0; -o-border-radius:0 3px 3px 0; -khtml-border-radius:0 3px 3px 0; border-radius:0 3px 3px 0; } div.mws-dualbox button { outline:none; font-size:11px; margin:2px; height:30px; text-align:center; line-height:16px; cursor:pointer; background-color:#e0e0e0; color:#666666; border:1px solid #ababab; font-family:Tahoma, Arial, Helvetica, sans-serif; /* CSS 3 */ -webkit-border-radius:3px; -moz-border-radius:3px; -o-border-radius:3px; -khtml-border-radius:3px; border-radius:3px; -webkit-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -moz-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -o-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); -khtml-box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); box-shadow:inset 0px 1px 0px rgba(255, 255, 255, 0.3); } div.mws-dualbox button:active { -webkit-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -moz-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -o-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; -khtml-box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; box-shadow:0px 1px 0px rgba(255, 255, 255, 0.2), inset 0px 0px 4px rgba(0, 0, 0, 0.1) !important; } @media only screen and (max-width: 760px) { /* Inline Form Elements */ .mws-form .mws-form-inline label, .mws-form .mws-form-inline .mws-form-item { display:block; width:100%; margin:0; float:none; } .mws-form .mws-form-inline ul.mws-form-list { float:none; width:auto; display:block; } }login.css
div#mws-login { background:url(/inc/images/core/mws-dark-bg.png); height:218px; margin:auto 0; position:relative; padding:12px 16px; border-top:2px solid #535353; /* CSS 3 */ -webkit-border-radius:4px; -moz-border-radius:4px; -o-border-radius:4px; -khtml-border-radius:4px; border-radius:4px; } div#mws-login h1 { color:#ffffff; padding:0 8px 8px 8px; font-size:18px; margin:0; position:relative; background:url(/inc/images/core/mws-login-stitch.png) repeat-x left bottom; } div#mws-login .mws-login-lock { background:url(/inc/images/core/mws-login-circle.png) no-repeat center center; position:absolute; padding:8px; right:-10px; top:-10px; } div#mws-login form { background:url(/inc/images/core/mws-login-stitch.png) repeat-x left bottom; } div#mws-login .mws-form-row { padding-left:0; padding-right:0; } div#mws-login input.mws-login-username { background-image:url(/inc/css/icons/16/user.png); background-repeat:no-repeat; background-position:8px center; } div#mws-login input.mws-login-password { background-image:url(/inc/css/icons/16/key.png); background-repeat:no-repeat; background-position:8px center; } div#mws-login input.mws-login-username, div#mws-login input.mws-login-password { padding:8px 8px 8px 32px; border:1px solid #323232; } div#mws-login input.mws-login-button { width:100%; } -
To be honest I had not thought of it that way and was perhaps overcomplicating it.
That would certainly work for the way things are at the moment but my only concern (and the reason I was looking at it in the way I was) is that as time goes on, I might want to mix and match permissions. Using your example, there maybe a time when I have a forum that only guests and admins could post in (in theory forcing logged in regular members to only post in one of the members forums) so the accepted levels would be 0, 30, 40. This is the bit I was getting stuck with setting up.
However, I will set it up the way you mentioned because that will do the job for now.
Thanks for the help.
Steve
-
I have set up a small forum on a project I am working on and have hit a brick wall on the permissions side of things.
Basically I want to assign rights for certain levels on each board/category. I thought I would be able to hold these in the same table as the forum details with each level with permission comma separated, but I am struggling to find a way to get php to run a statement similar to MySQL's 'IN'. I have tried using 'IN' in the actual query but that did not work, as well as exploding the fields in question but all I ever ended up with was the word 'ARRAY' on the screen so got that completely wrong!
For example, the sample data I have placed below, the 'Site News' forum `post` field contains '8,9' which are the user levels for Administrators and Super Administrators.
On the actual page I am trying to get it to check if $_SESSION['level'] is in that field and only show the post button if it is. Thinking ahead, from a backend point of view, I would want to set up an easy way to manage permissions for each forum in a datagrid such as forums and CMS's do (something like this https://forums.zoho.com/viewImage.do?fileId=2266000002940888&forumGroupId=2266000000002001).
I had considered a separate permissions table with a separate row for each category/user combination but my feeling was that the code to manage that in the back end would be complex due to some times changing permissions and adding/removing categories, forums and user levels.
Any suggestions on the best way to set this up would be greatfully appreciated.
Thanks in advance
Steve
Table structure for table `forums` -- CREATE TABLE IF NOT EXISTS `forums` ( `id` tinyint(4) NOT NULL AUTO_INCREMENT, `cat_id` tinyint(4) NOT NULL, `name` varchar(30) COLLATE utf8_unicode_ci NOT NULL, `description` varchar(255) COLLATE utf8_unicode_ci NOT NULL, `view` varchar(244) COLLATE utf8_unicode_ci NOT NULL, `post` varchar(244) COLLATE utf8_unicode_ci NOT NULL, `reply` varchar(244) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=6 ; -- -- Dumping data for table `forums` -- INSERT INTO `forums` (`id`, `cat_id`, `name`, `description`, `view`, `post`, `reply`) VALUES (1, 1, 'Bugs & Errors', 'Any mistakes that you have found', '', '', ''), (2, 1, 'Suggestions', 'Anything you think could work well or do not like', '2,9', '1,2', '1,2'), (3, 2, 'General Chat', 'For Non-Members and people having problems logging in.', '1,8,9', '2', '2'), (4, 3, 'Site News', 'News about the site', '1,2,8,9', '8,9', '1,2,3'), (5, 3, 'Competition News', 'News about competitions', '', '', ''); -- -------------------------------------------------------- -- -- Table structure for table `user_levels` -- CREATE TABLE IF NOT EXISTS `user_levels` ( `id` tinyint(4) NOT NULL AUTO_INCREMENT, `level` tinyint(4) NOT NULL, `level_name` varchar(50) COLLATE latin1_german2_ci NOT NULL, `shortname` varchar(20) COLLATE latin1_german2_ci DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_german2_ci AUTO_INCREMENT=30 ; -- -- Dumping data for table `user_levels` -- INSERT INTO `user_levels` (`id`, `level`, `level_name`, `shortname`) VALUES (28, 8, 'Administrator', 'Admin'), (2, 1, 'Regular Member', 'Reg Mem'), (15, 0, 'Banned', 'Ban'), (14, 9, 'Super Administrator', 'Super Admin'), (29, 2, 'Guest', 'Guest');
-
I have switched register_globals OFF and removed the extra ='s - I misunderstood what you meant by
2) Your code is assigning a value to $_SESSION['id'], using one = equal sign, instead of comparing a value using two == signs.
- and everything seems to be working fine at the moment.
I was previously using the script happily on another host which is why I was puzzled at it not working.
Thanks
Steve
-
It is $_SESSION['id'] that gets changed but it gets assigned the value that should be assigned to $_SESSION['level'].
Register Globals is on but no other variables are named 'id'. I have checked all other scripts just in case any others caused a conflict but nothing sets 'id'.
I tried setting the variable using == but the problem is still there. As I said, I am going to rewrite it anyway to try to remove some of the duplication but I have put my current full script below in case I am missing something obvious!!
Thanks
Steve
#CHECK IF COOKIES ARE SET if(isset($_COOKIE['username']) AND isset($_COOKIE['password'])) {// Cookies are set so check if they are still active $username = mysql_real_escape_string($_COOKIE['username']); $password = mysql_real_escape_string($_COOKIE['password']); $search = mysql_query(" SELECT userid, username, password, active, level FROM users WHERE username='".$username."' AND password='".$password."' AND active='1' ") or die(mysql_error()); $match = mysql_num_rows($search); $level = mysql_fetch_assoc($search); if($match > 0) //There are valid cookies so use that to log the user in {//START AUTO LOGIN & SET SESSION VARIABLES $_SESSION['user'] = $username; $_SESSION['level'] = $level['level']; $_SESSION['pass'] = $level['password']; $_SESSION['loggedin'] = '1'; $_SESSION['id'] == $level['userid']; }//END AUTO LOGIN } #END CHECK IF COOKIES ARE SET #CHECK IF USER IS LOGGED IN if( $_SESSION['loggedin'] !== 1 ) {//User is not logged in #CHECK IF A LOGIN HAS BEEN ATTEMPTED if(!isset($_POST['Lname']) AND !isset($_POST['Lpassword']) OR isset($_POST['cancel'])) {//No Login attempted so see if the form has been requested if(isset($_POST['log']))//Check if login form has been requested {//User has clicked LOGIN so show form $form = 1; } } else {//Login attempted so check details #CHECK BOTH USERNAME AND PASSWORD FIELDS HAVE BEEN ENTERED if(!empty($_POST['Lname']) AND !empty($_POST['Lpassword'])) {//Username and password have both been entered so check against dbase $username = mysql_real_escape_string($_POST['Lname']); $password = mysql_real_escape_string(md5($_POST['Lpassword'])); $search = mysql_query("SELECT userid, username, password, active, level FROM users WHERE username like binary '".$username."' AND password='".$password."' AND active='1'") or die(mysql_error()); $match = mysql_num_rows($search); $level = mysql_fetch_assoc($search); if($match > 0) //The username and password is correct {//START MANUAL LOGIN & SET SESSION VARIABLES $_SESSION['user'] = $username; $_SESSION['level'] = $level['level']; $_SESSION['loggedin'] = '1'; $_SESSION['id'] == $level['userid']; $_SESSION['pass'] = $level['password']; #CHECK IF USER HAS CHECKED 'REMEMBER ME' if(isset($_POST['remember'])) {//'Remember me' was checked so store cookies to autologin next time setcookie('username', $username, time()+60*60*24*365, "/"); setcookie('password', $password, time()+60*60*24*365, "/"); } header( 'Location: '. $thispage.'' ) ; } else {//No Match found so show error message and login form $form = 1; $error = 1; }//END MANUAL LOGIN } else {//Username or password were incorrect so show error message and login form $form = 1; $error = 1; } }//End log in attempted };//End log in -
I have something strange going on with sessions set after a user logs in.
After posting the form, the following code (only part of the log in script) correctly assigns the users ID to $_SESSION['id'] but after a while it starts showing up as the users level ($_SESSION['level']). I have rechecked all of my code to see if something mistakenly assigns the level to $_SESSION['id'] but everything seems fine.
I am going to rewrite the log in script today, as I am sure that I can streamline it but wondered if anyone can give any advice on what it happening here to make sure I do not fall into the same trap!
Thanks
Steve
$username = mysql_escape_string($_POST['Lname']); $password = mysql_escape_string(md5($_POST['Lpassword'])); $search = mysql_query("SELECT userid, username, password, active, level FROM users WHERE username like binary '".$username."' AND password='".$password."' AND active='1'") or die(mysql_error()); $match = mysql_num_rows($search); $level = mysql_fetch_assoc($search); if($match > 0) //The username and password is correct {//START MANUAL LOGIN & SET SESSION VARIABLES $_SESSION['user'] = $username; $_SESSION['level'] = $level['level']; $_SESSION['loggedin'] = '1'; $_SESSION['id'] = $level['userid']; -
I never actually though of holding just the scores in a separate table. I will have a look into that.
Thanks
Steve
-
Edit: I just tested and if strict mode is off for your mysql server and your query has single-quotes around the numerical value -
$query = "UPDATE your_table SET your_column = '$hgoals' WHERE some_where_condition";, then the update trying to set it to the a null will result in setting the field to a zero value.That was the key, removing the single quotes worked perfectly.
With regard to the design, the reason all matches are in the same table was on advice of others to make it simple to pull out some of the required statistics such as %of games played against %of games not played as well as showing a particular team or competitions matches, whether played or not, in one list.
Presumably I could have unioned the two tables to query these?
The other thing that put me off doing that way was the fact that eventually there may be dozens of people updating at the same time (eventually the site will be giving live updates on 100+ games at a time) and coding something that will delete something out of one table and insert it into the other, without any risk is a bit daunting for me. Also, as well as played or not played, there is a third state for a match - in play. Would you recommend a third table for that? So when a match starts it moves from the fixtures table to the live table and then when it ends it moves from the live table to the played table?
Steve
-
Before the match is played the field is empty.
^^^ You shouldn't have records in a table until the actual data exists and has been inserted. If someone did insert a record incorrectly (i.e. a score got entered for a match that hasn't been played yet), you would either delete the record entirely to remove it or if the actual data for the wrongly inserted record now exits, update the record to hold its actual value.
The only problem with that is that the matches are all added at the start of the season show all of the matches to be played. The current version of one of the pages using this is http://www.margate-fc.com/content/1st_team/fixtures_results/fixturelist.php?season_id=105. It shows a list of a particular teams matches, regardless of whether they have been played or not.
They are then updated with the goals once the game is played. It would be a bad idea to give the people who update the site access to phpMyAdmin to rectify any mistakes like this so I need to find a way for them to blank that fields, through a simple edit screen, if they make a mistake.
Steve
-
Thinking about it, my alternative solution would not work to NULL a field if data has been put in there in error.
Steve
-
These are a couple of the ways I have tried to assign $hgoals to update a field to be blank if the form field is empty. Both of these and all of the variants I have included in the comments cause 0 to be put in the field.
if (!empty($_POST['home_goals'])) { $hgoals = $_POST['home_goals']; } else { $hgoals = NULL;// or $hgoals = 'NULL' or $hgoals = '' }$hgoals = ($_POST['home_goals'] == 0 ? 'NULL' : $_POST['home_goals']); //Also tried variants of == '0', == '', ? NULL, ? ''
The only other way I can think of is to run a conditional statement in php that only includes that field in the update script if the form field is not empty. However, as this will occur quite often in a soccer statistics site, I would rather not have to do that.
Steve
-
The field is to part the score of a soccer match.
Before the match is played the field is empty. Once the match is played it will contain a value, which could be zero. There may also be an occasion where someone updates the wrong match so it would need to be re-edited and the db field set to Null again.
The field is currently INT set to default to Null but everything I have tried (I am using my phone to write this but can post examples later) along the lines of 'if that form field is empty make db field empty' always puts in a zero.
-
Are there any complications using VARCHAR on a field that will only contain numbers?
I have a situation where I have a field which needs to accept actual numbers, 0 OR be left blank. I have tried all sorts of methods via php to leave the field blank if the form field is empty but it always enters a 0 in the database. I have come to the conclusion that on an update, there is no way to leave an INT field empty after an update.
I would prefer to leave the field as INT as that is the data it will hold, but as long as changing the field to VARCHAR would not be detrimental, I would happily go down that route.
Thanks
Steve
-
I am trying to implement a multi level dropdown menu that will work the same way on iPhone and other touchscreen devices as it does in normal browsers.
An example of what I am after can be found at http://www.margate-fc.com/welcome.php. That has been created using Spry and pulls the menu from my database into an unordered list. However, if there is a better way to do this with CSS or even jQuery, I am happy to go down that route. If have look at a few suggestions around the web but never got any to work. The main problem I have had is not being able to make the item containers all flexible width.
This works fine but the problem I am having is that I am trying to get the top level items to also link to a page. Basically if someone does not like using drop down navigation, they can click to go to a category page. There is no problem with this on a standard desktop browser as it can differentiate between a hover and a click. However, I have found no way to do this on a touch screen device.
My theory is that if I can set up the script to treat a single tap as a hover and a double tap as a click this would work fine but whether this can be done via the javascript in spry, or if there is a way of completely coding it separately, I have no clue!
Any suggestion would be greatly appreciated.
Thanks in advance
Steve
The code to pull the menu from the database
// create build menu function function build_menu($data, $id=0, $pre=' '){ // for every bit of data, call it $row foreach ($data[$id] as $row){ // if $data[$row['menu_id']] exists... if (isset($data[$row['id']])){ // then do this... // display hyperlink/s in a list echo "$pre<li class=\"MenuBarItemSubmenu\"><a href=\"/$row[link]\">".$row['label']."</a>\n"; // build the menu echo "$pre <ul>\n"; build_menu($data, $row['id'], $pre.' '); echo "$pre </ul>\n$pre</li>\n"; // if $data[$row['menu_id']] doesn't exist... // just show the rest of the hyperlinks in a list } else echo "$pre<li><a href=\"/$row[link]\">$row[label]</a></li>\n"; } } // select menu items from the `menus` table $res = mysql_query('SELECT id, label, link , parent FROM menu ORDER BY parent, sort DESC, label') or die(mysql_error()); // pull table records until there is none and assign them to arrays while ($row = mysql_fetch_assoc($res)) $data[$row['parent']][] = $row; //print_r($data); // build the multi layer menu echo '<ul id="MenuBar">',"\n"; build_menu($data); echo '</ul>';The spry menu js is at
http://www.margate-fc.com/inc/spry/Spry-UI-1.7/includes/SpryMenu.js
-
I think David might have it spot on with the PHP version. There is a way of doing it through PHP4 (putenv I think) but before anyone puts makes any suggestions They really need to know exactly what version of PHP you are running.
Planning an image gallery
in PHP Coding Help
Posted
I have hit a bit of a snag in the initial process code. I am trying to get some basic bits in place before I get onto the thumbnailling and sanitization and everything works fine, if there are no invalid files. However, as soon as a file gives an error, the same error is assigned to all remaining uploads, even if they follow all the rules, so they all fail.
I am sure I must have just misplace a brace or something silly but cannot find the problem. All of the error checks where initial grouped with and if...elseif...else but I separated them when I thought that was the problem.
If anyone can spot what it is I am overlooking, I will be very grateful!
Thanks
Steve
<?php $root='/home/mfcsteve/public_html/gallerytest/'; $upload_path = 'gallery/test1'; $maxsize = 5242880; if (isset($_FILES['upload'])) { //Convert the files into an info array $files=array(); $filedata=$_FILES['upload']; if(is_array($filedata['name'])){ $files[]=array( 'name' =>$filedata['name'][$i], 'type' => $filedata['type'][$i], 'tmp_name'=>$filedata['tmp_name'][$i], 'error' => $filedata['error'][$i], 'size' => $filedata['size'][$i] ); foreach ($filedata['tmp_name'] as $key => $file){ $errormsg = ''; list($width, $height, $type, $attr) = getimagesize($_FILES['upload']['tmp_name'][$key]); //Check that it is an image...will add file specific checks later if(!getimagesize($_FILES['upload']['tmp_name'][$key])) {$fail=1;$errormsg .= 'Invalid File Type. Only images allowed.<br />';} //Check file does not exceed maximum size if($_FILES["upload"]["size"][$key] > $maxsize) {$fail=1;$errormsg .= 'Image is too large. Maximum size 5mb.<br />';} //Check dimensions if ($width > 300 || $height > 800 ) {$fail=1;$errormsg .= 'Dimensions too large. Max size 300 x 800px.<br />';} //Start the output echo "<div class=\"wrapper\">\n"; //Check if anything has failed if ($fail < 1 ) {//Nothing has failed so move the image move_uploaded_file($file, $upload_path."/{$_FILES['upload']['name'][$key]}"); echo "Upload status: SUCCESS!<br />"; } else {//There was an error so show it echo "Upload status: FAILED!<br />"; echo $errormsg."<br />"; } //Show file details echo "<b>Filename: </b>".$_FILES['upload']['name'][$key]."<br>"; echo "<b>Temp Filename: </b>".$_FILES['upload']['type'][$key]."<br>"; echo "<b>File Type: </b>".$_FILES['upload']['tmp_name'][$key]."<br>"; echo "<b>Size: </b>".($_FILES['upload']['size'][$key]/ 1048576)."<br>"; echo "<b>Dimensions: </b>".$width." x ".$height."px<br><br /><br />"; echo "</div>\n"; }//End foreach }//End array }//End upload ?>