viperjts10

aghhhh, I've been up way too long. I didn't think it was that simple. :-\ thx

I have a page in my admin control panel which allows for adding and editing an existing entry on the same page. At the moment, it displays the entries on the page in a table like format. After I edit an entry and hit Submit, I display a message on that page that says "Link updated successfully!", but the table on the page doesn't load the new entry until I refresh again - obviously since the data isn't entered into the database until I hit the submit button to process the form. But I'm wondering if it's possible to update the table on the page and display that new updated table all after hitting the submit button??

Thank you so much. I didn't think any white space would be added if I didn't add any in the txt document, but I guess I was wrong. I appreciate the help here, thanks!

I'm testing out small bits of code for myself, and I'm trying to understand why this isn't coming out how I would imagine it to... I have my function which stores colors in an array from a text file, then I return back a random color from my array like so... function getColor() { $ball_color = explode("\n", file_get_contents('colors.txt')); // Takes file contents and stores them into an array. return $ball_color[array_rand($ball_color)]; } And now in the main program, I simply have this: $color = getColor(); switch($color) { Case "blue": // echo stuff break; Case "red": // echo stuff break; etc... } For some reason though, my switch statement always reads the default case, making me assume that the words "blue" "red" "green" etc... aren't matching up to what I have set the cases at. When I output what color is actually being read, it displays exactly as it should, so I don't understand why the case "red" isn't opening up when that color is chosen, or same with any of the other colors. Is there some small conflict I'm unaware of in this tiny practice code? Any help is appreciated, thanks.

Then you should should also (in addition to the other recommendations in this thread) consider any white-space or any other html prior to the output of the session_start().. thanks for all the help everyone. I didn't realize I needed session_start() at the top of every page. I added that to my included header file (before all the html) and that seemed to resolve the problem. Awesome

Yea, here's my login page and the session class: <?php if(isset($_POST['submit'])) { $username = trim($_POST['username']); $password = trim($_POST['password']); if(empty($username) || empty($password)) $e_msg = "One or more fields was not filled out"; else { $found_user = User::authenticate($username, $password); if($found_user) { $session->login($found_user); if($session->is_logged_in()) redirect_to('process.php?action=login'); } else $e_msg = "The username or password is incorrect. Please try again."; } } ?> <?php // It is inadvisable to store database related items in sessions. class Session { private $logged_in; public $user_id; function __construct() { session_start(); // Not working when uploaded to host. Says headers already sent $this->check_login(); } public function is_logged_in() { return $this->logged_in; } public function login($user) { // Database should find the user based on username/password if($user) { $this->user_id = $_SESSION['user_id'] = $user->id; $this->logged_in = true; } } public function logout() { unset($_SESSION['user_id']); unset($this->user_id); $this->logged_in = false; } private function check_login() { if(isset($_SESSION['user_id'])) { $this->user_id = $_SESSION['user_id']; $this->logged_in = true; } else { unset($this->user_id); $this->logged_in = false; } } } $session = new Session(); ?> My authenticate function in the User class: public static function authenticate($user="", $pass="") { global $db; //$user = $db->escape_value($user); // Not working?? //$pass = $db->escape_value($pass); // Not working?? $result = self::find_by_sql("SELECT * FROM " .self::$table_name. " WHERE username='{$user}' AND password='{$pass}' LIMIT 1"); return !empty($result) ? array_shift($result) : false; }

Is there a reason why on my local machine with php, my login system works, but then when I upload my files and test it on my web host, the login system doesn't work properly. I'm using the same php version on my local machine and on my webhost, so I don't understand why it wouldn't work the same. When I try logging in on my webhost, everything processes as normal when a correct user/pass combo is found in the database, however, my session just doesn't seem to be saved, and therefore I won't be logged in. It'll end up refreshing to the home page (as I have it setup), but it won't show me as logged in. Is there something special I need to do in order for the session to be stored correctly? (I realize I haven't pasted any code, but I'm not sure exactly how much code would be needed for me to show in order to resolve the issue).

I've always never understood the use of headers. All I know is that it has to be the first thing output using php, and there must be no white space etc.. But how can that be if I use the header in an 'if' statement or whatnot. Here's what I'm trying to do...I'm using a simple 'if' statement to see if the user logged out: if($session->is_logged_in()) { /* Kill session variables */ $session->logout(); //$_SESSION = array(); // reset session array redirect_to('index.php'); //echo "<meta http-equiv=\"Refresh\" content=\"0;url=index.php\">"; } My redirect function is below: function redirect_to($location = NULL) { if ($location != NULL) { header("Location: {$location}"); exit; } } How can I possibly use a header without having any whitespace before hand if I need to test a condition first?

Thank you very much. I don't know how I can forget about these easy things. I have all these global constants defined in one of my files as it is now, and I seem to always forget about using them. Well, this is why I'm practicing now because I'll learn from trial and error. I appreciate the help! TY

So, if I have my main site in the root directory (public_html), and then I have my admin section in (public_html/admin). Is there a special way to go about using the included files on both my admin area and the homepage area, such as the style sheets, headers, footer etc.. I have my header, footer, and stylesheet included on my main index page using the regular php include function. However, if I use that SAME include function on my admin page, I have to use the double dot notation to go down a directory in order to find the correct file... require_once('../includes/header.php'); This works in that the header is included, however, my stylesheet doesn't load because in my header, I have the location for the stylesheet as <link href="styles/global.css" rel="stylesheet" type="text/css" /> -> Thus it's looking in the same directory to find the "styles" folder. How would I go about including the same stylesheet that the root directory is using while still using the header page on both my homepage and in the admin area. I want to do this without needing to alter anything in the included files for my website. If this makes sense, hopefully someone can help me, if not I'll try and explain better what I'm trying to accomplish.

Ok, thanks for the info. I suppose once I upload my files to the actual host, this won't be accessible because yes I'm testing on the same machine that I'm currently using, so it makes sense then.

Is it possible for users to view files which are not in the main public root directory which I've created? On my test server, if I type in the url with the ".." notation to go down a directory, I am able to go into my directories which are outside of the public directory. Is there a way to prevent this, or is there no better way to secure the files in the outside directories to prevent users from accessing them?

Thank you very very much for the above comments. I did indeed have to pass my connection variable to the function. I didn't realize this was necessary, thanks.

This is why I had a problem with this because I read the error and had everything setup as I assume it should be. I have my $conn made in a config file which is included in the main index page. It is setup in mysqli. /** Connect to the mysql database **/ $conn = mysqli_connect(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_DATABASE) or die("Unable to connect to mysql!"); I use the store_form() function here.... if($form_filled) { if(store_form($news, 'news')) echo "<p>News item added!</p>"; else { echo "<p>Unable to add entry</p>"; echo mysql_error(); } } And at last, the store_form() function is below as I listed above function store_form($formData, $tableName) { // Check to make sure there are no empty fields if(!is_array($formData)) { return FALSE; exit(); } foreach($formData as $field => $value) //$value is user input { $_POST[$field] = trim($_POST[$field]); // Trim white space //$_POST[$field] = strip_tags($_POST[$field]); // Strip special tags/characters $field_array[] = $field; // Creates a new array with the $field values in $formData $value_array[] = $_POST[$field]; // The array that holds the users' inputted data } // Separate each word with a comma $fields = implode(", ", $field_array); // $fields is now a string equal to "field1, field2, field3, etc." $values = implode('\',\'', $value_array); // Surround each with with single quotes, and separate words with comma /* DEBUGGING COMMENTS BELOW */ //$values = mysqli_real_escape_string($conn, $values); //echo $fields. "<br />"; //echo $values. "<br />"; $query = "INSERT INTO $tableName ($fields) VALUES ('$values')"; echo $query. "<br />"; if($result = mysqli_query($conn, $query)) return TRUE; else return FALSE; }

I searched the forums and found similar errors, but none of what I found helped solve my problem. I do not understand what is wrong. The error says " Warning: mysqli_query() expects parameter 1 to be mysqli, null given in I:\wamp\www etc... on line 45 This is coming up as a "warning" and not an error, but it still doesn't let me insert items into my database. The problematic line is this: if($result = mysqli_query($conn, $query)) I echoed my "query" as it would look if it was submitted by the form, and it seems to look ok. Here is an example of what it would look like Here's the function that the line is in: function store_form($formData, $tableName) { // Check to make sure there are no empty fields if(!is_array($formData)) { return FALSE; exit(); } foreach($formData as $field => $value) //$value is user input { $_POST[$field] = trim($_POST[$field]); // Trim white space //$_POST[$field] = strip_tags($_POST[$field]); // Strip special tags/characters $field_array[] = $field; // Creates a new array with the $field values in $formData $value_array[] = $_POST[$field]; // The array that holds the users' inputted data } // Separate each word with a comma $fields = implode(", ", $field_array); // $fields is now a string equal to "field1, field2, field3, etc.") $values = implode('\',\'', $value_array); // Surround each with with single quotes, and separate words with comma /* DEBUGGING COMMENTS BELOW */ //$values = mysqli_real_escape_string($conn, $values); //echo $fields. "<br />"; //echo $values. "<br />"; $query = "INSERT INTO $tableName ($fields) VALUES ('$values')"; echo $query. "<br />"; if($result = mysqli_query($conn, $query)) return TRUE; else return FALSE; }