mfleming

Hi. I currently have php java to get my database results and limit the amount of data shown by a given value. The js includes buttons to go forward or backward in the database. Everything is all fine and dandy except I'm trying to add a very simple search for the user as well. I want the user to be able to select either "firstname" or "lastname" to search through the database and display the resulting rows based of the first three characters entered into the search criteria. I'm not sure where to start on this... Do I have to add something the js (I'm not very familiar with js), or should I add mysql_query's in the php linked file? Current Page Code: Link To Current Page Test <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <div id="container2"> <!-- Header Secion edit header.php if needed--> <?php require("../header.php"); ?> <div id="BasCon"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" > </input> </div> <table id="tbl_search"> <tr> <td colspan="5"><b>MEMBER LIST</b></td> </tr> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> <div class="formdiv"> <label for="searchby">Search By:</label> <?php //get databast access file require "../dbConfigtest.php"; $query = "SELECT firstname,lastname FROM $usertable"; $result = mysql_query($query) or die(mysql_error()); ?> <select size="1" name="searchby" class="searchby"> <?php $i = 0; while ($i < mysql_num_fields($result)){ $fieldname = mysql_field_name($result, $i); echo '<option value="'.$fieldname.'">'.$fieldname.'</option>'; $i++; } ?> </select> <label for="newsearch">Search Value:</label> <input name='newsearch' type='text' value='' maxlength="32" /> <p> </p> <input class="button" type="submit" value="Search" name="search" /> </div><!--End Div formdiv--> <p> </p> <p> </p> </form> </div> <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" /> <div id="footer_abv_2"></div> <!-- end #footer abv --> <!-- Footer Secion edit footer.php if needed--> <?php require("../footer.php"); ?> </div> <!-- end #container2 --> </body> </html> PHP Code from "pagelisting.php" which is called from the java. <? //get databast access file include "../dbConfigtest.php"; //////////////////////////////// Main Code sarts ///////////////////////////////////////////// $endrecord=$_GET['endrecord'];// To take care global variable if OFF if(strlen($endrecord) > 0 and !is_numeric($endrecord)){ echo "Data Error"; exit; } $limit=25;// Number of records per page $nume=mysql_num_rows(mysql_query("select * from $usertable")); //echo "endrecord=$endrecord limit=$limit "; if($endrecord < $limit) {$endrecord = 0;} switch($_GET['direction']) { case "fw": $eu = $endrecord ; break; case "bk": $eu = $endrecord - 2*$limit; break; default: echo "Data Error"; exit; break; } if($eu < 0){$eu=0;} $endrecord =$eu+$limit; $t=mysql_query("select * from $usertable limit $eu,$limit"); $str= "{ \"data\" : ["; while($nt=mysql_fetch_array($t)){ $str=$str."{\"id\" : \"$nt[id]\", \"firstname\" : \"$nt[firstname]\", \"lastname\" : \"$nt[lastname]\", \"email\" : \"$nt[email]\", \"enewsletter\" : \"$nt[enewsletter]\"},"; //$str=$str."{\"myclass\" : \"$nt[class]\"},"; } $str=substr($str,0,(strLen($str)-1)); if(($endrecord) < $nume ){$end="yes";} else{$end="no";} if(($endrecord) > $limit ){$startrecord="yes";} else{$startrecord="no";} $str=$str."],\"value\" : [{\"endrecord\" : $endrecord,\"limit\" : $limit,\"end\" : \"$end\",\"startrecord\" : \"$startrecord\"}]}"; echo $str; //echo json_encode($str); ///////////////////////////////////////////////////////////////////////////////////////////// ?> Current js Code: function ajaxFunction(val) { //document.writeln(val) var httpxml; try { // Firefox, Opera 8.0+, Safari httpxml=new XMLHttpRequest(); } catch (e) { // Internet Explorer try { httpxml=new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { httpxml=new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { alert("Your browser does not support AJAX!"); return false; } } } function stateChanged() { if(httpxml.readyState==4) { var myObject = eval('(' + httpxml.responseText + ')'); var str="<table><tr><th>LINK</th><th>ID</th><th>FirstName</th><th>LastName</th><th>Email</th></tr>"; for(i=0;i<myObject.data.length;i++) { //var sPath = window.location.pathname; //var sPath = sPath.substring(sPath.lastIndexOf('/') + 1); var sPath = "testing/member_update_test.php"; var site_link = "www.nessphysiotherapy.com/"; var urlLink = site_link + sPath + "?id=" + myObject.data[i].id; var site_title = "EDIT"; str = str + "<tr><td>" + "<a href=\"http:\/\/" + urlLink + "\" title=\"site_title\">" +site_title + "<\/a>" + "<td>" + myObject.data[i].id + "</td><td>" + myObject.data[i].firstname + "</td><td>" + myObject.data[i].lastname + "</td><td>" + myObject.data[i].email + "</td></tr>" } var endrecord=myObject.value[0].endrecord document.forms.myForm.st.value=endrecord; if(myObject.value[0].end =="yes"){ document.getElementById("fwd").style.display='inline'; }else{document.getElementById("fwd").style.display='none';} if(myObject.value[0].startrecord =="yes"){ document.getElementById("back").style.display='inline'; }else{document.getElementById("back").style.display='none';} str = str + "</table>" document.getElementById("txtHint").innerHTML=str; } } var url="../scripts/pagelisting.php"; var myendrecord=document.forms.myForm.st.value; url=url+"?endrecord="+myendrecord; url=url+"&direction="+val; url=url+"&sid="+Math.random(); //alert(url) httpxml.onreadystatechange=stateChanged; httpxml.open("GET",url,true); httpxml.send(null); document.getElementById("txtHint").innerHTML="Please Wait...."; }

Fixed. I needed to modify the javascript file in regards to names/ID for forms. In formajax.js, change both occurrences of myForm.st.value to document.forms.myForm.st.value Since this is really a JS question, I'll move this thread. from Kravvitz

Hi. I have a simple page that uses ajax, php, mysql to get database entries and displays them in a table by a limited number of results. ie. it only shows 10 entries at a time. Anyways, as soon as I had ANY DOCTYPE to the document, the table no longer shows up in Firefox. It will how ever show up in IE8 or if I remove the DOCTYPE. http://www.nessphysiotherapy.com/testing/apaging_new.php http://www.nessphysiotherapy.com/testing/apaging_new_nodoctype.php DOCTYPE SET: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" ></input> </div> <table> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> </form> </body> </html> DOCTYPE REMOVED: <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" ></input> </div> <table> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> </form> </body> </html> What on earth would be causing this? I have validated the page with W3C with VALID markup. Any suggestions on this one? If I can't find any solutions I guess I will just leave off the DOCTYPE and hope for the best....

would adding the cookie create a crap load of extra work in regards to security or is this something most people use on their sites?

The only thing I could think of is if the user has a bookmark of a page inside the members section, they wouldn't necessarily have to login again. Other than that I don't know what else I could use it for.

Hello. I currently have a site that registered members can login in to and view the member only pages. Eventually I will be adding paypal code to purchase products. I use Session with an IF statement for all my members pages. Would it be beneficial at all to have cookies created for the users with setcookie? Or is this just a security risk waiting to happen?

Switched the returns True false and it works fine. Is the following the proper format to remove special characters and unwanted characters by using [specialchar1] | [specialchar2]... (preg_match("/[0-9]|[#]|[@]|[$]/",$str)) Or is there an easier way to do this?

Ok, now I'm right confused. I updated my code and now if I enter "aa" it returns FALSE. According to the code shouldn't it return TRUE because the letters aa are there? New Code: <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax $str = trim($str); // Strips HTML Tags $str = strip_tags($str); if(preg_match("/aa/",$str)) { return true; } else { return false; } } ?>

I want to return TRUE if the letters a to z are entered. But it's still always returning true. What is wrong with the code? <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides // /^[0-9]+:[X-Z]+$/D $str = trim($str); // Strips HTML Tags $str = strip_tags($str); if(preg_match("[a-z]",$str)) { return true; } else { return false; } } ?>

I found the error. My while loop was set to stop if $errorstop="stop" which is fine.... but I kept resetting the $errorstop="go" which causes an infinite loop which caused the out of memory error as it would have gone on forever.. Whoops Thanks

What is wrong with my code? (The memory errors started happening when I added more IF statements inside the WHILE loop) My Code: <? phpinfo(); ?> <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $firstname = strip_tags($_POST['firstname']); $lastname = strip_tags($_POST['lastname']); $address = strip_tags($_POST['address']); $email = strip_tags($_POST['email']); $repeatemail = strip_tags($_POST['repeatemail']); $phone = strip_tags($_POST['phone']); $salonname = strip_tags($_POST['salonname']); $salonaddress = strip_tags($_POST['salonaddress']); $salonprov = strip_tags($_POST['salonprov']); $salonpostal = strip_tags($_POST['salonpostal']); $salonconfirm = strip_tags($_POST['salonconfirm']); $enewsletter = strip_tags($_POST['enewsletter']); $saloncountry = strip_tags($_POST['saloncountry']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $username = strip_tags($_POST['username']); $date = date("Y-m-d"); // Set e-mail recipient $myemail = "info@fusionfashionhair.com"; $errormsg['MissAll'] = "Please Enter in ALL Fields!"; $errormsg['ErrFirstName'] = "Please Enter Valid First Name"; $errormsg['ErrLastName'] = "Please Enter Valid Last Name"; $errormsg['ErrAdd'] = "Please Enter Valid Address"; $errormsg['ErrEmail'] = "Please Enter Valid Email"; $errormsg['ErrEmailMatch'] = "Your Email address do not match!"; $errormsg['ErrPhone'] = "Please Enter Valid Phone Number"; $errormsg['ErrPassLngt'] = "Password must be between 6 and 32 characters"; $errormsg['ErrPassMatch'] = "Password do not match!"; $errormsg['ErrSalNam'] = "Please Enter Valid Salon Name"; $errormsg['ErrSalAdd'] = "Please Enter Valid Salon Address"; $errormsg['ErrProv'] = "Please Select Province/State"; $errormsg['ErrPstl'] = "Please Enter Valid Postal/Zip Code"; $errormsg['ErrCntry'] = "Please Select Country"; $errormsg['ErrSalPro'] = "Please Confirm Salon Professional"; $errormsg['ErrSecCode'] = "Please Enter Security Code"; $errormsg['ErrEmailUsed'] = "Email Address already being used. Please us an alternate Email"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; //echo $_SESSION[key].' - '.$_POST[user_code].'<br>'; if ($_POST[submit]){ if ($errorstop = "go") { // loop through if statements until forms completed $errorstop="go"; while ($errorstop<>"stop") { if ($_SESSION[key]==$_POST[user_code]){ $_SESSION[key]=''; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSecCode']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($firstname)>1||strlen($firstname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrFirstName']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($lastname)>1||strlen($lastname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrLastName']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($address)>1||strlen($address)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrAdd']; $errorcount=$errorcount+1; $errorstop="stop"; } // Call it with the code below $email = trim($_POST['email']); if(!checkEmail($email)) { // echo 'Invalid email address!'; $errortrack[] = $errormsg['ErrEmail']; $errorstop="stop"; } else { // echo "Email is Valid"; $errorstop="stop"; //Get out of while loop } // checks email input match if ($email<>$repeatemail) { // echo "<p>Emails do not match!</p>"; $errortrack[] = $errormsg['ErrEmailMatch']; $errorstop="stop"; } else { $errorstop="go"; } // check phone input match if ($phone) { $errortrack[] = $errormsg['ErrPhone']; $errorstop="stop"; } else { $errorstop="go"; } //check password length if (strlen($password)>32||strlen($password)<6) { // echo '<p class="formecho">Password must be between 6 and 32 characters</p>'; $errortrack[] = $errormsg['ErrPassLngt']; $errorstop="stop"; } else { $errorstop="go"; } //end of password length check // check password input match if ($password<>$repeatpassword) { // echo "<p>Passwords do not match!</p>"; $errortrack[] = $errormsg['ErrPassMatch']; $errorstop="stop"; } else { $errorstop="go"; // checks email input match } if (strlen($salonname)>1||strlen($salonname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSalNam']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($salonaddress)>1||strlen($salonaddress)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSalAdd']; $errorcount=$errorcount+1; $errorstop="stop"; } // Checks Proper input of Province/State if ($salonprov=="Please Select" || $salonprov=="------------") { // echo '<p class="formecho">Please Select a Valid Province/State!</p>'; $errortrack[] = $errormsg['ErrProv']; $errorstop="stop"; } else { $errorstop="go"; } if ($salonpostal) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrPstl']; $errorcount=$errorcount+1; $errorstop="stop"; } // Checks Proper input of Country if ($saloncountry=="Please Select") { // echo '<p class="formecho">Please Select a Valid Country!</p>'; $errortrack[] = $errormsg['ErrCntry']; $errorstop="stop"; } else { $errorstop="go"; }// End checks Country input // Checks Proper input Salon Confirmation if (isset($_POST['$salonconfirm'])=="1") { // echo '<p class="formecho">Please Confirm You are your Salon</p>'; $errortrack[] = $errormsg['ErrSalPro']; $errorstop="stop"; } else { $errorstop="go"; } // End checks Salon Confirm input }//End While Loop $errorstop="go"; include "dbConfig.php"; // table is mysql table, WHERE FIELD_NAME ='text'" OR =>='10'"; or VAR = '.$variable.') // SQL grabs records // * means "ALL RECORDS" or use FIELD_NAME, FIELD_NAME2 instead of * // $usertable = user where user is the TABLE // use WHERE FIELD_NAME = '$email' variable $SQL = "SELECT email FROM {$usertable} WHERE email = '{$email}' "; // mysql_query() is used to send a SQL query to database and returns TRUE or FALSE, or FILE HANDLE if using SELECT // $result = mysql_query($SQL); only POINTS to results $result = mysql_query($SQL); // mysql_fetch_assoc($result) GETS RESULTS from $result // assoc or associative array brings keys as text Array['One'] =, Array['Two']= and NOT Array[1]= // Place results into $db_field Array $db_field = mysql_fetch_assoc($result); if ($result) { $db_field = mysql_fetch_assoc($result); //echo $db_field['email'] .' '.'has already been used!'; $errortrack[] = $errormsg['ErrEmailUsed']; $errorstop="stop"; } else { $errorstop="go"; // Thank you Page $insertGoTo = "thankyou.php"; header(sprintf("Location: %s", $insertGoTo)); // encrypt password $temppass = $password; $password = md5($password); $repeatpassword = md5($repeatpassword); // dBase file include "dbConfig.php"; //open database //generate random number for activation process $random = md5(rand(23456789,987654321)); // register the user! // Set default username $username = $email; // INSERT INTO user... replace user with table name // make sure you have the same number and order of values as the database has $queryreg = mysql_query(" INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password','$date','$email','$phone','$address','$salonname','$salonaddress','$salonprov','$salonpostal','$saloncountry','$salonconfirm','$enewsletter','$random','0')"); //Insert ID based on last ID in database $lastid = mysql_insert_id(); //send activation email $to = $email; //Change to $myemail to send activation to webmaster $subject = "Activate Salon Member Acctount at Fusion Fashion Hair"; $headers = "From: webmaster@fusionfashionhair.com"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " $firstname $lastname from $salonname is wanting a membership, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Username = $username \n Thank you, Customer Service "; //function to send email mail($to, $subject, $body, $headers); } //End if Result // End check for existance } else { // echo '<p class="formecho">Please fill in <b>ALL</b> fields!</p>'; $errortrack[] = $errormsg['MissAll']; $errorstop="stop"; } //End if GO check }// End if Sumbit ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides trim($str); // Strips HTML Tags strip_tags($str); if(preg_match('^[0-9]+:/[\s|\n|\t|*|@|&|/',$str)) { echo "special char found!"; } } ?>

Hi. I tried to add some more if statements to check for validation and I'm now getting this error. The "on line ###" changes depending how many fields are FALSE. Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 35 bytes) in /home/content/f/u/s/fusionfashion/html/registration.php on line 133 I think it has to do with the php.ini file. So I added the memory_limit in the php.ini file. register_globals = off allow_url_fopen = off expose_php = Off max_input_time = 60 variables_order = "EGPCS" extension_dir = ./ upload_tmp_dir = /tmp precision = 12 memory_limit = 128M post_max_size = 128M SMTP = relay-hosting.secureserver.net url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" [Zend] zend_extension=/usr/local/zo/ZendExtensionManager.so zend_extension=/usr/local/zo/4_3/ZendOptimizer.so But I'm still getting the error. How to I check my php version and this value within a browser? <?php phpinfo() ?> Found this. Its showing 64M in LOCAL and MASTER. But I just updated the local?

Hi. I'm trying to create a simple function that checks my text strings (ie. firstname & lastnames ect) for illigal characters. I'm using: trim() strip_tags() as well as preg_match I keep getting an echo of True if if I put in valid values. ie. Joe From my understanding the below statement will check for the following characters: / ^ Numbers 0 TO 9 + : Uppercase X TO Z letters $/D if(preg_match("/^[0-9]+:[X-Z]+$/D",$str)) Is my understanding correct or am I way off. Not really sure about the "+$/D" or the "+:" values?? My PHP Code: <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides trim($str); // Strips HTML Tags strip_tags($str); if(preg_match("/^[0-9]+:[X-Z]+$/D",$str)) { echo "special char found!"; } } ?>

Found it. If I remove the comment from either of these two echos, the Internal Server Error is gone. I'm assuming this has something to do the the Header? //echo "True - Continue 6 GO TO HEADER PAGE"; //echo "<p>----------</p>"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); Also, How do I make the code stop? Currently even if I enter zero info in the form it says says: No recipient addresses found in header Which is part of the php mail function. I should be exiting out before I get here correct? My Code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; // Edit anything inbetween the " " for the display error message $errormsg['sErrEmail'] = "Email Entered is not in our database"; $errormsg['sErrOldPass'] = "Old Password Entered is Incorrect. Please check your Email"; $errormsg['sErrNewPass'] = "New Password must be between 6 and 32 characters"; $errormsg['sErrNewPassCon'] = "New Passwords do not match."; $errormsg['sErrSecCode'] = "Security Code is Invalid"; $errormsg['sErrdbPass'] = "Invalide Email or Old Password, Check your Email. If You Still Have Problems Please Contact <a href='mailto:webmaster@fusionfashionhair.com?subject=Fusion Fashion Hair - Member Activation Error%20Request'>Admin</a>"; $errormsg['NoErr'] = "No Errors, Continue"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { //Check for security code if ($_SESSION[key]==$_POST[user_code]){ //echo "True - Continue 0"; //echo "<p>----------</p>"; $_SESSION[key]=''; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['sErrSecCode']; $errorcount++; $errorstop="stop"; } // check email verification if (!checkEmail($email)) { //echo "False - Stop 1"; $errortrack[] = $errormsg['sErrEmail']; $errorcount++; $errorstop="stop"; } else { //echo "True - Continue 1"; //echo "<p>----------</p>"; } // check for existance if (strlen($password_old)>5) { //echo "True - Continue 2"; //echo "<p>----------</p>"; } else { //echo "False - Stop 2"; $errortrack[] = $errormsg['sErrOldPass']; $errorcount++; $errorstop="stop"; } // check for existance if (strlen($password_new)>32||strlen($password_new)<6) { //echo "False - Stop 3"; $errortrack[] = $errormsg['sErrNewPass']; $errorcount++; $errorstop="stop"; } else { //echo "True - Continue 3"; //echo "<p>----------</p>"; } // check for existance if ($password_new_con==$password_new) { //echo "True - Continue 4"; //echo "<p>----------</p>"; } else { //echo "False - Stop 4"; $errortrack[] = $errormsg['sErrNewPassCon']; $errorcount++; $errorstop="stop"; } $errorstop="stop";//Get Out of loop }//End While Loop // Check database require('dbConfig.php'); // Encrypts old password to check with Database Encryped Password $password_old = md5($password_old); $check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'"); $checknum = mysql_num_rows($check); if ($checknum==1) { //echo "True - Continue 5 Set password"; //echo "<p>----------</p>"; // Encrypts new password $password = md5($password_new); //run a query to update the account $acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'"); } else { //echo "False - Stop 5"; $errortrack[] = $errormsg['sErrdbPass']; $errorcount++; $errorstop="stop"; }//End if checknum //echo "True - Continue 6 GO TO HEADER PAGE"; echo "<p>----------</p>"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); //send confirmation email $to = $email; $subject = "Password Changed for Fusion Fashion Hair"; $headers = "From: webmaster@fusionfashionhair.com"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " Password Successfuly changed for $email, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Thank you, Customer Service Contact webmaster for any concerns regarding this email. <a href='mailto:webmaster@fusionfashionhair.com?subject=Fusion Fashion Hair - Password Change Error%20Request'>Admin</a>. "; //function to send email mail($to, $subject, $body, $headers); } else { while($errorcount>=0) { // Test display all error messages echo "<p>----------</p>"; echo "<p>Error Count = '$errorcount'</p>"; } $errormsg['MissAll'] = "Please Enter in ALL Fields!"; die ("PLEASE FILL IN ALL FIELDS"); }// End If Error Go }// End if Submit ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?>

Is it because if I comment out the echo's the else statements will not have anything to do in them, resulting in nothing?