mfleming

Hi. I currently have php java to get my database results and limit the amount of data shown by a given value. The js includes buttons to go forward or backward in the database. Everything is all fine and dandy except I'm trying to add a very simple search for the user as well. I want the user to be able to select either "firstname" or "lastname" to search through the database and display the resulting rows based of the first three characters entered into the search criteria. I'm not sure where to start on this... Do I have to add something the js (I'm not very familiar with js), or should I add mysql_query's in the php linked file? Current Page Code: Link To Current Page Test <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <div id="container2"> <!-- Header Secion edit header.php if needed--> <?php require("../header.php"); ?> <div id="BasCon"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" > </input> </div> <table id="tbl_search"> <tr> <td colspan="5"><b>MEMBER LIST</b></td> </tr> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> <div class="formdiv"> <label for="searchby">Search By:</label> <?php //get databast access file require "../dbConfigtest.php"; $query = "SELECT firstname,lastname FROM $usertable"; $result = mysql_query($query) or die(mysql_error()); ?> <select size="1" name="searchby" class="searchby"> <?php $i = 0; while ($i < mysql_num_fields($result)){ $fieldname = mysql_field_name($result, $i); echo '<option value="'.$fieldname.'">'.$fieldname.'</option>'; $i++; } ?> </select> <label for="newsearch">Search Value:</label> <input name='newsearch' type='text' value='' maxlength="32" /> <p> </p> <input class="button" type="submit" value="Search" name="search" /> </div><!--End Div formdiv--> <p> </p> <p> </p> </form> </div> <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" /> <div id="footer_abv_2"></div> <!-- end #footer abv --> <!-- Footer Secion edit footer.php if needed--> <?php require("../footer.php"); ?> </div> <!-- end #container2 --> </body> </html> PHP Code from "pagelisting.php" which is called from the java. <? //get databast access file include "../dbConfigtest.php"; //////////////////////////////// Main Code sarts ///////////////////////////////////////////// $endrecord=$_GET['endrecord'];// To take care global variable if OFF if(strlen($endrecord) > 0 and !is_numeric($endrecord)){ echo "Data Error"; exit; } $limit=25;// Number of records per page $nume=mysql_num_rows(mysql_query("select * from $usertable")); //echo "endrecord=$endrecord limit=$limit "; if($endrecord < $limit) {$endrecord = 0;} switch($_GET['direction']) { case "fw": $eu = $endrecord ; break; case "bk": $eu = $endrecord - 2*$limit; break; default: echo "Data Error"; exit; break; } if($eu < 0){$eu=0;} $endrecord =$eu+$limit; $t=mysql_query("select * from $usertable limit $eu,$limit"); $str= "{ \"data\" : ["; while($nt=mysql_fetch_array($t)){ $str=$str."{\"id\" : \"$nt[id]\", \"firstname\" : \"$nt[firstname]\", \"lastname\" : \"$nt[lastname]\", \"email\" : \"$nt[email]\", \"enewsletter\" : \"$nt[enewsletter]\"},"; //$str=$str."{\"myclass\" : \"$nt[class]\"},"; } $str=substr($str,0,(strLen($str)-1)); if(($endrecord) < $nume ){$end="yes";} else{$end="no";} if(($endrecord) > $limit ){$startrecord="yes";} else{$startrecord="no";} $str=$str."],\"value\" : [{\"endrecord\" : $endrecord,\"limit\" : $limit,\"end\" : \"$end\",\"startrecord\" : \"$startrecord\"}]}"; echo $str; //echo json_encode($str); ///////////////////////////////////////////////////////////////////////////////////////////// ?> Current js Code: function ajaxFunction(val) { //document.writeln(val) var httpxml; try { // Firefox, Opera 8.0+, Safari httpxml=new XMLHttpRequest(); } catch (e) { // Internet Explorer try { httpxml=new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { httpxml=new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { alert("Your browser does not support AJAX!"); return false; } } } function stateChanged() { if(httpxml.readyState==4) { var myObject = eval('(' + httpxml.responseText + ')'); var str="<table><tr><th>LINK</th><th>ID</th><th>FirstName</th><th>LastName</th><th>Email</th></tr>"; for(i=0;i<myObject.data.length;i++) { //var sPath = window.location.pathname; //var sPath = sPath.substring(sPath.lastIndexOf('/') + 1); var sPath = "testing/member_update_test.php"; var site_link = "www.nessphysiotherapy.com/"; var urlLink = site_link + sPath + "?id=" + myObject.data[i].id; var site_title = "EDIT"; str = str + "<tr><td>" + "<a href=\"http:\/\/" + urlLink + "\" title=\"site_title\">" +site_title + "<\/a>" + "<td>" + myObject.data[i].id + "</td><td>" + myObject.data[i].firstname + "</td><td>" + myObject.data[i].lastname + "</td><td>" + myObject.data[i].email + "</td></tr>" } var endrecord=myObject.value[0].endrecord document.forms.myForm.st.value=endrecord; if(myObject.value[0].end =="yes"){ document.getElementById("fwd").style.display='inline'; }else{document.getElementById("fwd").style.display='none';} if(myObject.value[0].startrecord =="yes"){ document.getElementById("back").style.display='inline'; }else{document.getElementById("back").style.display='none';} str = str + "</table>" document.getElementById("txtHint").innerHTML=str; } } var url="../scripts/pagelisting.php"; var myendrecord=document.forms.myForm.st.value; url=url+"?endrecord="+myendrecord; url=url+"&direction="+val; url=url+"&sid="+Math.random(); //alert(url) httpxml.onreadystatechange=stateChanged; httpxml.open("GET",url,true); httpxml.send(null); document.getElementById("txtHint").innerHTML="Please Wait...."; }

Fixed. I needed to modify the javascript file in regards to names/ID for forms. In formajax.js, change both occurrences of myForm.st.value to document.forms.myForm.st.value Since this is really a JS question, I'll move this thread. from Kravvitz

Hi. I have a simple page that uses ajax, php, mysql to get database entries and displays them in a table by a limited number of results. ie. it only shows 10 entries at a time. Anyways, as soon as I had ANY DOCTYPE to the document, the table no longer shows up in Firefox. It will how ever show up in IE8 or if I remove the DOCTYPE. http://www.nessphysiotherapy.com/testing/apaging_new.php http://www.nessphysiotherapy.com/testing/apaging_new_nodoctype.php DOCTYPE SET: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" ></input> </div> <table> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> </form> </body> </html> DOCTYPE REMOVED: <head> <title>Ness Physiotherapy and Sports Injury Clinic Web site - Site Map</title> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <meta name="description" content="Ness Physiotherapy and Sports Injury Clinic Our mission is to provide quality, evidenced based service in a safe, friendly, professional environment." /> <meta name="keywords" content="pain,rehabilitation,rehab,exercise,manipulation,musculoskeletal,pain,management,massage therapy,physiotherapy,sports injury,injury,injured,chronic pain,quality care,quality life,muscle balance,spinal fitness assessment, BMR PT, CAFCI, RMT" /> <!--Ness Physiotherapy and Sports Injury Clinic is owned by Sean Springer, Tamara Silvari and Charles Dirks. --> <meta name="language" content="EN" /> <meta name="copyright" content="Ness Physiotherapy and Sports Injury Clinic" /> <meta name="robots" content="ALL" /> <meta name="document-classification" content="Health" /> <meta name="document-classification" content="Health" /> <meta name="document-rights" content="Copyrighted Work" /> <meta name="document-type" content="Public" /> <meta name="document-rating" content="General" /> <meta name="document-distribution" content="Global" /> <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" /> <script type="text/javascript" src="../scripts/preloadimages.js"></script> <script type="text/javascript" src="../scripts/p7exp.js"></script> <script type="text/javascript" src="../scripts/formajax.js"></script> <!--[if lte IE 7]> <style> #menuwrapper, #p7menubar ul a {height: 1%;} a:active {width: auto;} </style> <![endif]--> <!--[if IE 5]> <style type="text/css"> /* place css box model fixes for IE 5* in this conditional comment */ .twoColFixRtHdr #sidebar1 { width: 220px; } </style> <![endif][if IE]> <style type="text/css"> /* place css fixes for all versions of IE in this conditional comment */ .twoColFixRtHdr #sidebar1 { padding-top: 30px; } .twoColFixRtHdr #mainContent { zoom: 1; } /* the above proprietary zoom property gives IE the hasLayout it needs to avoid several bugs */ </style> <![endif]--> <link href="../css/p7exp.css" rel="stylesheet" type="text/css" /> <link href="../css/basiclayout.css" rel="stylesheet" type="text/css" /> <link href="../css/general.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="../css/form_member_admin.css"/> </head> <body class="twoColFixRtHdr" onload="ajaxFunction('fw')"> <form id="myForm" action="ajaxFunction(this.form); return false"> <div> <input type="hidden" name="st" value="0" ></input> </div> <table> <tr> <td><input type="button" id="back" value="Prev" onclick="ajaxFunction('bk'); return false" /></td> <td align="right"><input type="button" value="Next" id="fwd" onclick="ajaxFunction('fw'); return false" /></td> </tr> <tr> <td colspan="2"><div id="txtHint"><b>Records will be displayed here</b></div></td> </tr> </table> </form> </body> </html> What on earth would be causing this? I have validated the page with W3C with VALID markup. Any suggestions on this one? If I can't find any solutions I guess I will just leave off the DOCTYPE and hope for the best....

would adding the cookie create a crap load of extra work in regards to security or is this something most people use on their sites?

The only thing I could think of is if the user has a bookmark of a page inside the members section, they wouldn't necessarily have to login again. Other than that I don't know what else I could use it for.

Hello. I currently have a site that registered members can login in to and view the member only pages. Eventually I will be adding paypal code to purchase products. I use Session with an IF statement for all my members pages. Would it be beneficial at all to have cookies created for the users with setcookie? Or is this just a security risk waiting to happen?

Switched the returns True false and it works fine. Is the following the proper format to remove special characters and unwanted characters by using [specialchar1] | [specialchar2]... (preg_match("/[0-9]|[#]|[@]|[$]/",$str)) Or is there an easier way to do this?

Ok, now I'm right confused. I updated my code and now if I enter "aa" it returns FALSE. According to the code shouldn't it return TRUE because the letters aa are there? New Code: <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax $str = trim($str); // Strips HTML Tags $str = strip_tags($str); if(preg_match("/aa/",$str)) { return true; } else { return false; } } ?>

I want to return TRUE if the letters a to z are entered. But it's still always returning true. What is wrong with the code? <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides // /^[0-9]+:[X-Z]+$/D $str = trim($str); // Strips HTML Tags $str = strip_tags($str); if(preg_match("[a-z]",$str)) { return true; } else { return false; } } ?>

I found the error. My while loop was set to stop if $errorstop="stop" which is fine.... but I kept resetting the $errorstop="go" which causes an infinite loop which caused the out of memory error as it would have gone on forever.. Whoops Thanks

What is wrong with my code? (The memory errors started happening when I added more IF statements inside the WHILE loop) My Code: <? phpinfo(); ?> <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $firstname = strip_tags($_POST['firstname']); $lastname = strip_tags($_POST['lastname']); $address = strip_tags($_POST['address']); $email = strip_tags($_POST['email']); $repeatemail = strip_tags($_POST['repeatemail']); $phone = strip_tags($_POST['phone']); $salonname = strip_tags($_POST['salonname']); $salonaddress = strip_tags($_POST['salonaddress']); $salonprov = strip_tags($_POST['salonprov']); $salonpostal = strip_tags($_POST['salonpostal']); $salonconfirm = strip_tags($_POST['salonconfirm']); $enewsletter = strip_tags($_POST['enewsletter']); $saloncountry = strip_tags($_POST['saloncountry']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $username = strip_tags($_POST['username']); $date = date("Y-m-d"); // Set e-mail recipient $myemail = "[email protected]"; $errormsg['MissAll'] = "Please Enter in ALL Fields!"; $errormsg['ErrFirstName'] = "Please Enter Valid First Name"; $errormsg['ErrLastName'] = "Please Enter Valid Last Name"; $errormsg['ErrAdd'] = "Please Enter Valid Address"; $errormsg['ErrEmail'] = "Please Enter Valid Email"; $errormsg['ErrEmailMatch'] = "Your Email address do not match!"; $errormsg['ErrPhone'] = "Please Enter Valid Phone Number"; $errormsg['ErrPassLngt'] = "Password must be between 6 and 32 characters"; $errormsg['ErrPassMatch'] = "Password do not match!"; $errormsg['ErrSalNam'] = "Please Enter Valid Salon Name"; $errormsg['ErrSalAdd'] = "Please Enter Valid Salon Address"; $errormsg['ErrProv'] = "Please Select Province/State"; $errormsg['ErrPstl'] = "Please Enter Valid Postal/Zip Code"; $errormsg['ErrCntry'] = "Please Select Country"; $errormsg['ErrSalPro'] = "Please Confirm Salon Professional"; $errormsg['ErrSecCode'] = "Please Enter Security Code"; $errormsg['ErrEmailUsed'] = "Email Address already being used. Please us an alternate Email"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; //echo $_SESSION[key].' - '.$_POST[user_code].'<br>'; if ($_POST[submit]){ if ($errorstop = "go") { // loop through if statements until forms completed $errorstop="go"; while ($errorstop<>"stop") { if ($_SESSION[key]==$_POST[user_code]){ $_SESSION[key]=''; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSecCode']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($firstname)>1||strlen($firstname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrFirstName']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($lastname)>1||strlen($lastname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrLastName']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($address)>1||strlen($address)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrAdd']; $errorcount=$errorcount+1; $errorstop="stop"; } // Call it with the code below $email = trim($_POST['email']); if(!checkEmail($email)) { // echo 'Invalid email address!'; $errortrack[] = $errormsg['ErrEmail']; $errorstop="stop"; } else { // echo "Email is Valid"; $errorstop="stop"; //Get out of while loop } // checks email input match if ($email<>$repeatemail) { // echo "<p>Emails do not match!</p>"; $errortrack[] = $errormsg['ErrEmailMatch']; $errorstop="stop"; } else { $errorstop="go"; } // check phone input match if ($phone) { $errortrack[] = $errormsg['ErrPhone']; $errorstop="stop"; } else { $errorstop="go"; } //check password length if (strlen($password)>32||strlen($password)<6) { // echo '<p class="formecho">Password must be between 6 and 32 characters</p>'; $errortrack[] = $errormsg['ErrPassLngt']; $errorstop="stop"; } else { $errorstop="go"; } //end of password length check // check password input match if ($password<>$repeatpassword) { // echo "<p>Passwords do not match!</p>"; $errortrack[] = $errormsg['ErrPassMatch']; $errorstop="stop"; } else { $errorstop="go"; // checks email input match } if (strlen($salonname)>1||strlen($salonname)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSalNam']; $errorcount=$errorcount+1; $errorstop="stop"; } if (strlen($salonaddress)>1||strlen($salonaddress)<26) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrSalAdd']; $errorcount=$errorcount+1; $errorstop="stop"; } // Checks Proper input of Province/State if ($salonprov=="Please Select" || $salonprov=="------------") { // echo '<p class="formecho">Please Select a Valid Province/State!</p>'; $errortrack[] = $errormsg['ErrProv']; $errorstop="stop"; } else { $errorstop="go"; } if ($salonpostal) { $errorstop="go"; //echo "TRUE"; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['ErrPstl']; $errorcount=$errorcount+1; $errorstop="stop"; } // Checks Proper input of Country if ($saloncountry=="Please Select") { // echo '<p class="formecho">Please Select a Valid Country!</p>'; $errortrack[] = $errormsg['ErrCntry']; $errorstop="stop"; } else { $errorstop="go"; }// End checks Country input // Checks Proper input Salon Confirmation if (isset($_POST['$salonconfirm'])=="1") { // echo '<p class="formecho">Please Confirm You are your Salon</p>'; $errortrack[] = $errormsg['ErrSalPro']; $errorstop="stop"; } else { $errorstop="go"; } // End checks Salon Confirm input }//End While Loop $errorstop="go"; include "dbConfig.php"; // table is mysql table, WHERE FIELD_NAME ='text'" OR =>='10'"; or VAR = '.$variable.') // SQL grabs records // * means "ALL RECORDS" or use FIELD_NAME, FIELD_NAME2 instead of * // $usertable = user where user is the TABLE // use WHERE FIELD_NAME = '$email' variable $SQL = "SELECT email FROM {$usertable} WHERE email = '{$email}' "; // mysql_query() is used to send a SQL query to database and returns TRUE or FALSE, or FILE HANDLE if using SELECT // $result = mysql_query($SQL); only POINTS to results $result = mysql_query($SQL); // mysql_fetch_assoc($result) GETS RESULTS from $result // assoc or associative array brings keys as text Array['One'] =, Array['Two']= and NOT Array[1]= // Place results into $db_field Array $db_field = mysql_fetch_assoc($result); if ($result) { $db_field = mysql_fetch_assoc($result); //echo $db_field['email'] .' '.'has already been used!'; $errortrack[] = $errormsg['ErrEmailUsed']; $errorstop="stop"; } else { $errorstop="go"; // Thank you Page $insertGoTo = "thankyou.php"; header(sprintf("Location: %s", $insertGoTo)); // encrypt password $temppass = $password; $password = md5($password); $repeatpassword = md5($repeatpassword); // dBase file include "dbConfig.php"; //open database //generate random number for activation process $random = md5(rand(23456789,987654321)); // register the user! // Set default username $username = $email; // INSERT INTO user... replace user with table name // make sure you have the same number and order of values as the database has $queryreg = mysql_query(" INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password','$date','$email','$phone','$address','$salonname','$salonaddress','$salonprov','$salonpostal','$saloncountry','$salonconfirm','$enewsletter','$random','0')"); //Insert ID based on last ID in database $lastid = mysql_insert_id(); //send activation email $to = $email; //Change to $myemail to send activation to webmaster $subject = "Activate Salon Member Acctount at Fusion Fashion Hair"; $headers = "From: [email protected]"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " $firstname $lastname from $salonname is wanting a membership, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Username = $username \n Thank you, Customer Service "; //function to send email mail($to, $subject, $body, $headers); } //End if Result // End check for existance } else { // echo '<p class="formecho">Please fill in <b>ALL</b> fields!</p>'; $errortrack[] = $errormsg['MissAll']; $errorstop="stop"; } //End if GO check }// End if Sumbit ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides trim($str); // Strips HTML Tags strip_tags($str); if(preg_match('^[0-9]+:/[\s|\n|\t|*|@|&|/',$str)) { echo "special char found!"; } } ?>

Hi. I tried to add some more if statements to check for validation and I'm now getting this error. The "on line ###" changes depending how many fields are FALSE. Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 35 bytes) in /home/content/f/u/s/fusionfashion/html/registration.php on line 133 I think it has to do with the php.ini file. So I added the memory_limit in the php.ini file. register_globals = off allow_url_fopen = off expose_php = Off max_input_time = 60 variables_order = "EGPCS" extension_dir = ./ upload_tmp_dir = /tmp precision = 12 memory_limit = 128M post_max_size = 128M SMTP = relay-hosting.secureserver.net url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" [Zend] zend_extension=/usr/local/zo/ZendExtensionManager.so zend_extension=/usr/local/zo/4_3/ZendOptimizer.so But I'm still getting the error. How to I check my php version and this value within a browser? <?php phpinfo() ?> Found this. Its showing 64M in LOCAL and MASTER. But I just updated the local?

Hi. I'm trying to create a simple function that checks my text strings (ie. firstname & lastnames ect) for illigal characters. I'm using: trim() strip_tags() as well as preg_match I keep getting an echo of True if if I put in valid values. ie. Joe From my understanding the below statement will check for the following characters: / ^ Numbers 0 TO 9 + : Uppercase X TO Z letters $/D if(preg_match("/^[0-9]+:[X-Z]+$/D",$str)) Is my understanding correct or am I way off. Not really sure about the "+$/D" or the "+:" values?? My PHP Code: <?php $submit = $_POST['submit']; $firstname = strip_tags($_POST['firstname']); if ($_POST[submit]){ if(!checkStringText($firstname)) { echo "TRUE"; } else { echo "FALSE"; } } ?> <?php function checkStringText($str) { // checks proper syntax //if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) { //Removes white space, null, tabs, new lines from both sides trim($str); // Strips HTML Tags strip_tags($str); if(preg_match("/^[0-9]+:[X-Z]+$/D",$str)) { echo "special char found!"; } } ?>

Found it. If I remove the comment from either of these two echos, the Internal Server Error is gone. I'm assuming this has something to do the the Header? //echo "True - Continue 6 GO TO HEADER PAGE"; //echo "<p>----------</p>"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); Also, How do I make the code stop? Currently even if I enter zero info in the form it says says: No recipient addresses found in header Which is part of the php mail function. I should be exiting out before I get here correct? My Code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; // Edit anything inbetween the " " for the display error message $errormsg['sErrEmail'] = "Email Entered is not in our database"; $errormsg['sErrOldPass'] = "Old Password Entered is Incorrect. Please check your Email"; $errormsg['sErrNewPass'] = "New Password must be between 6 and 32 characters"; $errormsg['sErrNewPassCon'] = "New Passwords do not match."; $errormsg['sErrSecCode'] = "Security Code is Invalid"; $errormsg['sErrdbPass'] = "Invalide Email or Old Password, Check your Email. If You Still Have Problems Please Contact <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Member Activation Error%20Request'>Admin</a>"; $errormsg['NoErr'] = "No Errors, Continue"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { //Check for security code if ($_SESSION[key]==$_POST[user_code]){ //echo "True - Continue 0"; //echo "<p>----------</p>"; $_SESSION[key]=''; } else { //echo "False - Stop 0"; $errortrack[] = $errormsg['sErrSecCode']; $errorcount++; $errorstop="stop"; } // check email verification if (!checkEmail($email)) { //echo "False - Stop 1"; $errortrack[] = $errormsg['sErrEmail']; $errorcount++; $errorstop="stop"; } else { //echo "True - Continue 1"; //echo "<p>----------</p>"; } // check for existance if (strlen($password_old)>5) { //echo "True - Continue 2"; //echo "<p>----------</p>"; } else { //echo "False - Stop 2"; $errortrack[] = $errormsg['sErrOldPass']; $errorcount++; $errorstop="stop"; } // check for existance if (strlen($password_new)>32||strlen($password_new)<6) { //echo "False - Stop 3"; $errortrack[] = $errormsg['sErrNewPass']; $errorcount++; $errorstop="stop"; } else { //echo "True - Continue 3"; //echo "<p>----------</p>"; } // check for existance if ($password_new_con==$password_new) { //echo "True - Continue 4"; //echo "<p>----------</p>"; } else { //echo "False - Stop 4"; $errortrack[] = $errormsg['sErrNewPassCon']; $errorcount++; $errorstop="stop"; } $errorstop="stop";//Get Out of loop }//End While Loop // Check database require('dbConfig.php'); // Encrypts old password to check with Database Encryped Password $password_old = md5($password_old); $check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'"); $checknum = mysql_num_rows($check); if ($checknum==1) { //echo "True - Continue 5 Set password"; //echo "<p>----------</p>"; // Encrypts new password $password = md5($password_new); //run a query to update the account $acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'"); } else { //echo "False - Stop 5"; $errortrack[] = $errormsg['sErrdbPass']; $errorcount++; $errorstop="stop"; }//End if checknum //echo "True - Continue 6 GO TO HEADER PAGE"; echo "<p>----------</p>"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); //send confirmation email $to = $email; $subject = "Password Changed for Fusion Fashion Hair"; $headers = "From: [email protected]"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " Password Successfuly changed for $email, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Thank you, Customer Service Contact webmaster for any concerns regarding this email. <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Password Change Error%20Request'>Admin</a>. "; //function to send email mail($to, $subject, $body, $headers); } else { while($errorcount>=0) { // Test display all error messages echo "<p>----------</p>"; echo "<p>Error Count = '$errorcount'</p>"; } $errormsg['MissAll'] = "Please Enter in ALL Fields!"; die ("PLEASE FILL IN ALL FIELDS"); }// End If Error Go }// End if Submit ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?>

Is it because if I comment out the echo's the else statements will not have anything to do in them, resulting in nothing?

I removed the // comments from my echos. ie. "// echo...." is now "echo" and it works without the error. WTF?

Hi. I had this form all working, but then I commented out some echo's and changed the name of my custom error variables now all of a sudden when I hit submit without all fields I get an INTERNAL SERVER ERROR PAGE. Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Apache/1.3.33 Server at www.fusionfashionhair.com Port 80 I don't know what else would have causes this as I had it working yesterday? My code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; // Edit anything inbetween the " " for the display error message $errormsg['sErrEmail'] = "Email Entered is not in our database"; $errormsg['sErrOldPass'] = "Old Password Entered is Incorrect. Please check your Email"; $errormsg['sErrNewPass'] = "New Password must be between 6 and 32 characters"; $errormsg['sErrNewPassCon'] = "New Passwords do not match."; $errormsg['sErrSecCode'] = "Security Code is Invalid"; $errormsg['sErrdbPass'] = "Invalide Email or activation code. Please Contact <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Member Activation Error%20Request'>Admin</a>"; $errormsg['NoErr'] = "No Errors, Continue"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { //Check for security code if ($_SESSION[key]==$_POST[user_code]){ // echo "True - Continue 0"; // echo "<p>----------</p>"; $_SESSION[key]=''; } else { // echo "False - Stop 0"; $errortrack[] = $errormsg['sErrSecCode']; $errorcount++; $errorstop="stop"; } // check email verification if (!checkEmail($email)) { // echo "False - Stop 1"; $errortrack[] = $errormsg['sErrEmail']; $errorcount++; $errorstop="stop"; } else { // echo "True - Continue 1"; // echo "<p>----------</p>"; } // check for existance if (strlen($password_old)>5) { // echo "True - Continue 2"; // echo "<p>----------</p>"; } else { // echo "False - Stop 2"; $errortrack[] = $errormsg['sErrOldPass']; $errorcount++; $errorstop="stop"; } // check for existance if (strlen($password_new)>32||strlen($password_new)<6) { // echo "False - Stop 3"; $errortrack[] = $errormsg['sErrNewPass']; $errorcount++; $errorstop="stop"; } else { // echo "True - Continue 3"; // echo "<p>----------</p>"; } // check for existance if ($password_new_con==$password_new) { // echo "True - Continue 4"; // echo "<p>----------</p>"; $errorstop="stop";//Get Out of loop } else { // echo "False - Stop 4"; $errortrack[] = $errormsg['sErrNewPassCon']; $errorcount++; $errorstop="stop"; } }//End While Loop // Check database require('dbConfig.php'); // Encrypts old password to check with Database Encryped Password $password_old = md5($password_old); $check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'"); $checknum = mysql_num_rows($check); if ($checknum==1) { // echo "True - Continue 5 Set password"; // echo "<p>----------</p>"; // Encrypts new password $password = md5($password_new); //run a query to update the account $acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'"); } else { // echo "False - Stop 5"; $errortrack[] = $errormsg['sErrdbPass']; $errorcount++; $errorstop="stop"; }//End if checknum // echo "True - Continue 6 GO TO HEADER PAGE"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); //send confirmation email $to = $email; $subject = "Password Changed for Fusion Fashion Hair"; $headers = "From: [email protected]"; $server = "mail.fusionfashionhair.com"; //change php.ini and set SMTP to $server ini_set("SMTP",$server); $body = " Password Successfuly changed for $email, \n\n Please click on the link provided below to activate the account with Fusion Fashion Hair http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n Thank you, Customer Service Contact webmaster for any concerns regarding this email. <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Password Change Error%20Request'>Admin</a>. "; //function to send email mail($to, $subject, $body, $headers); } else { while($errorcount>=0) { // Test display all error messages // echo "<p>----------</p>"; // echo "<p>Error Count = '$errorcount'</p>"; } $errormsg['MissAll'] = "Please Enter in ALL Fields!"; die ("PLEASE FILL IN ALL FIELDS"); }// End If Error Go }// End if Submit ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Fusion Fashion Hair, Loop Hair Extensions Winnipeg, MB </title> <link href="css/thrColLiqHdr.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="css/p7exp.css"/> <link rel="stylesheet" type="text/css" href="css/loginforms.css"/> <!--[if lte IE 7]> <style> .content { margin-right: -1px; } /* this 1px negative margin can be placed on any of the columns in this layout with the same corrective effect. */ ul.nav a { zoom: 1; } /* the zoom property gives IE the hasLayout trigger it needs to correct extra whiltespace between the links */ </style> <![endif]--> </head> <body onLoad="document.getElementById('user_code').focus();"> <body> <div class="container"> <div class="header"><img src="mainlogo3.gif" width="824" height="353" alt="Fusion Fashion Hair" /> </div> <!-- end .header --> <div id="menuwrapper"> <ul id="p7menubar"> <li><a href="#">Home</a></li> <li><a href="#">Products</a></li> <li><a href="#">Shipping</a></li> <li><a href="#">Instructions</a></li> <li id="LastItem"><a href="#">Contact Us</a></li> </ul> </div> <!-- end menuwrapper --> <div class="sidebar1_login"> <h1 class="left">Welcome to Fusion Fashion Hair</h1> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <!-- end .sidebar1 --></div> <div class="content_login"> <p> </p> <div class="divider"><!--Page From Divider Line--> <p> </p> </div> <!--End of Divider--> <p> </p> <form action='newpassform.php' method='post' id="regform"> <fieldset> <legend>Change Password</legend> <p><?php foreach ( $errortrack as $value) { //( $errortrack as $key => $value) echo "<span class='errorcode'>$value</span>";}?> </p> <p> <label for='email'>Email:</label> <input name='email' type='text' maxlength="25" value='<?php echo $email; ?>'/> </p> <p> <label for='password_old'>Old Password:</label> <input name='password_old' type='password' maxlength="32" /> </p> <p> <label for='password_new'>New Password:</label> <input name='password_new' type='password' maxlength="32"/> </p> <p> <label for='password_new_con'>Confirm Password:</label> <input name='password_new_con' type='password' maxlength="32"/> </p> <p><span class="required">*</span> Note, username and password are case sensitive</p> <p>Forgot your password? <a href="forgot_password.php">Click Here</a></p> <p>Login <a href="login.php">Here</a></p> <h2>Security Check</h2> <p>Enter letters below exactly how they are displayed. Letter are case sensitive. </p> <br /> <img src="captcha.class.php?usefile=1" /> <!--OR--> <!--<img src="image.php" />--> <input id='user_code' name='user_code' type='text' size='10' > <p> </p> <input class="reset" type='reset' value='Cancel' name='reset'> <input class="submit" type='submit' value='Continue' name='submit'> </fieldset> </form> <!--End of Form--> <!-- end .content --> </div> <div class="sidebar2_login"> <p> </p> <p> </p> <p> </p> <p> </p> <!-- end .sidebar2 --></div> <div class="footer"> <!-- end .footer --></div> <!-- end .container --></div> </body> </html>

Perfect, Thanks!

Sorry. How do I add variable to the SESSION array? And how do I retrieve these in a new web page?

based on my code, how would I add $email and $password_new. This way I can send an email to the user with EMAIL & PASSWORD changed and if email sent successfully using GET from my Confirmation page, would display email sent or email not sent?

Hi. Me next question, is how to I send variable from one page to another page. Example: Form Page checks user inputed values, updates database then uses // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); to redirect users to Confirmation page. Confirmation page: Checks to make sure values where properly stored in datebase and says "YES IT WORKED" OR "NO, SOMETHING WENT WRONG" Current Code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; // Edit anything inbetween the " " for the display error message $errormsg['Email'] = "Email Entered is not in our database"; $errormsg['OldPass'] = "Old Password Entered is Incorrect. Please check your Email"; $errormsg['NewPass'] = "New Password must be between 6 and 32 characters"; $errormsg['NewPassCon'] = "New Passwords do not match."; $errormsg['SecCode'] = "Security Code is Invalid"; $errormsg['dbPass'] = "Invalide Email or activation code. Please Contact <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Member Activation Error%20Request'>Admin</a>"; $errormsg['NoErr'] = "No Errors, Continue"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { //Check for security code if ($_SESSION[key]==$_POST[user_code]){ // echo "True - Continue 0"; // echo "<p>----------</p>"; $_SESSION[key]=''; } else { // echo "False - Stop 0"; $errortrack[] = $errormsg['SecCode']; $errorcount++; $errorstop="stop"; } // check for existance if (!checkEmail($email)) { // echo "False - Stop 1"; $errortrack[] = $errormsg['Email']; $errorcount++; $errorstop="stop"; } else { // echo "True - Continue 1"; // echo "<p>----------</p>"; } // check for existance if (strlen($password_old)>5) { // echo "True - Continue 2"; // echo "<p>----------</p>"; } else { // echo "False - Stop 2"; $errortrack[] = $errormsg['OldPass']; $errorcount++; $errorstop="stop"; } // check for existance if (strlen($password_new)>32||strlen($password_new)<6) { // echo "False - Stop 3"; $errortrack[] = $errormsg['NewPass']; $errorcount++; $errorstop="stop"; } else { // echo "True - Continue 3"; // echo "<p>----------</p>"; } // check for existance if ($password_new_con==$password_new) { // echo "True - Continue 4"; // echo "<p>----------</p>"; $errorstop="stop";//Get Out of loop } else { // echo "False - Stop 4"; $errortrack[] = $errormsg['NewPassCon']; $errorcount++; $errorstop="stop"; } }//End While Loop // Check database require('dbConfig.php'); // Encrypts old password to check with Database Encryped Password $password_old = md5($password_old); $check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'"); $checknum = mysql_num_rows($check); if ($checknum==1) { // echo "True - Continue 5 Set password"; // echo "<p>----------</p>"; // Encrypts new password $password = md5($password_new); //run a query to update the account $acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'"); } else { // echo "False - Stop 5"; $errortrack[] = $errormsg['dbPass']; $errorcount++; $errorstop="stop"; }//End if checknum // echo "True - Continue 6 GO TO HEADER PAGE"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); } else { while($errorcount>=0) { // Test display all error messages // echo "<p>----------</p>"; // echo "<p>Error Count = '$errorcount'</p>"; } die ("PLEASE FILL IN ALL FIELDS"); } } ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?>

ok I just finished reading teh HEADER ERRORS - READ HERE prior to this and I guess I didn't understand it completely. Removing the echo's worked! Thanks

I was echo for error testing only. I'll remove them and see what happens. (I'm not getting any Header errors so I assumed no white space was entered )

Hi. I have a simple change password form, when checked and verified and submitted the user is directed to a different web page. I'm getting all the true statements echoed out, but it doesn't go to the go to the next web page. // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); My thought was ounce you get through the while statement without errors you should be able to move to the next check of the actual database... which it does, and it updates the database with the new values. It also echos out Continue 6.... echo "True - Continue 6 GO TO HEADER PAGE"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); What am I missing here? Code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; // Edit anything inbetween the " " for the display error message $errormsg['Email'] = "Email Entered is not in our database"; $errormsg['OldPass'] = "Old Password Entered is Incorrect. Please check your Email"; $errormsg['NewPass'] = "New Password must be between 6 and 32 characters"; $errormsg['NewPassCon'] = "New Passwords do not match."; $errormsg['SecCode'] = "Security Code is Invalid"; $errormsg['dbPass'] = "Invalide Email or activation code. Please Contact <a href='mailto:[email protected]?subject=Fusion Fashion Hair - Member Activation Error%20Request'>Admin</a>"; $errormsg['NoErr'] = "No Errors, Continue"; $errormsg['PlaceHold'] = ""; $errortrack[] = $errormsg['PlaceHold']; if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { //Check for security code if ($_SESSION[key]==$_POST[user_code]){ echo "True - Continue 0"; echo "<p>----------</p>"; $_SESSION[key]=''; } else { echo "False - Stop 0"; $errortrack[] = $errormsg['SecCode']; $errorcount++; $errorstop="stop"; } // check for existance if (!checkEmail($email)) { echo "False - Stop 1"; $errortrack[] = $errormsg['Email']; $errorcount++; $errorstop="stop"; } else { echo "True - Continue 1"; echo "<p>----------</p>"; } // check for existance if (strlen($password_old)>5) { echo "True - Continue 2"; echo "<p>----------</p>"; } else { echo "False - Stop 2"; $errortrack[] = $errormsg['OldPass']; $errorcount++; $errorstop="stop"; } // check for existance if (strlen($password_new)>32||strlen($password_new)<6) { echo "False - Stop 3"; $errortrack[] = $errormsg['NewPass']; $errorcount++; $errorstop="stop"; } else { echo "True - Continue 3"; echo "<p>----------</p>"; } // check for existance if ($password_new_con==$password_new) { echo "True - Continue 4"; echo "<p>----------</p>"; $errorstop="stop";//Get Out of loop } else { echo "False - Stop 4"; $errortrack[] = $errormsg['NewPassCon']; $errorcount++; $errorstop="stop"; } }//End While Loop // Check database require('dbConfig.php'); // Encrypts old password to check with Database Encryped Password $password_old = md5($password_old); $check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'"); $checknum = mysql_num_rows($check); if ($checknum==1) { echo "True - Continue 5 Set password"; echo "<p>----------</p>"; // Encrypts new password $password = md5($password_new); //run a query to update the account $acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'"); } else { echo "False - Stop 5"; $errortrack[] = $errormsg['dbPass']; $errorcount++; $errorstop="stop"; }//End if checknum echo "True - Continue 6 GO TO HEADER PAGE"; // Thank you Page $insertGoTo = "changepass.php"; header(sprintf("Location: %s", $insertGoTo)); } else { while($errorcount>=0) { // Test display all error messages echo "<p>----------</p>"; echo "<p>Error Count = '$errorcount'</p>"; } die ("PLEASE FILL IN ALL FIELDS"); } } ?> <?php // LINUX PLATFORM OPTION 3 // checkEmail function checks standard email format same as preg_match() // checkEmail function checks DSN records using checkdnsrr Use list() to seperate name and domain using split function // checkdnsrr ONLY WORKS on LINUX PLATFORM // Check to see if domain and username is active // uses fsockopen() to check if its in use using port 25 function checkEmail($email) { // checks proper syntax if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) { // gets domain name list($username,$domain)=split('@',$email); // checks for if MX records in the DNS if(!checkdnsrr($domain, 'MX')) { return false; } return true; } return false; } ?>

Hi. I'm trying to display all the missing fields (errors) when the user hits SUBMIT. My logic: IF there is NO EMAIL THAN add $errortrack array = $errormsg IF there is NO OLDPASSWORD THAN add $errortrack array = $errormsg[OLDPASS] and so on. At the end, Print ALL the Error messages on the form using <?php foreach ( $errortrack as $key => $value) { echo "<dt>$key:</dt>"; } ?> The only thing it prints out is "0:" ever though there should be other errors. What am I missing? Site Link http://www.fusionfashionhair.com/newpassform.php My PHP Code: <?php session_start(); ?> <?php $submit = $_POST['submit']; // Form Data $email = $_POST['email']; $password_old = $_POST['password_old']; $password_new = $_POST['password_new']; $password_new_con = $_POST['password_new_con']; $errorcount = 0; $errormsg['Email'] = "Email Entered is Invalid"; $errormsg['OldPass'] = "Old Password Entered is Incorrect"; $errormsg['NewPass'] = "New Password Entered is Incorrect"; $errormsg['NewPassCon'] = "New Confirmed Password Entered is Incorrect"; $errormsg['SecCode'] = "Security Code is Incorrect"; $errormsg['NoErr'] = "No Errors, Continue"; $errortrack = array ($errormsg['NoErr']); if ($_POST[submit]){ if ($errorstop = "go") { $errorstop="go"; while ($errorstop<>"stop") { // check for existance if ($email) { echo "True - Continue 1"; echo "<p>----------</p>"; } else { $errortrack = array ($errormsg['Email']); $errorcount++; $errorstop="stop"; } // check for existance if ($password_old) { echo "True - Continue 2"; echo "<p>----------</p>"; } else { $errortrack = array ($errormsg['OldPass']); $errorcount++; $errorstop="stop"; } // check for existance if ($password_new) { echo "True - Continue 3"; echo "<p>----------</p>"; } else { $errortrack = array ($errormsg['NewPass']); $errorcount++; $errorstop="stop"; } // check for existance if ($password_new_con) { echo "True - Continue 4"; echo "<p>----------</p>"; } else { $errortrack = array ($errormsg['NewPassCon']); $errorcount++; $errorstop="stop"; } $errortrack = array ($errormsg="EVERYTHING IS OK"); $errorstop="stop"; }//End While Loop } else { while($errorcount>=0) { // Test display all error messages echo "<p>----------</p>"; echo "<p>Error Count = '$errorcount'</p>"; } die ("PLEASE FILL IN ALL FIELDS"); } } ?> My Form Code with the PRINT ERROR: <form action='newpassform.php' method='post' id="regform"> <fieldset> <legend>Change Password</legend> <p><?php foreach ( $errortrack as $key => $value) { echo "<dt>$key:</dt>"; } ?></p> <p> <label for='email'>Email:</label> <input name='email' type='text' maxlength="25" value='<?php echo $email; ?>'/> </p> <p> <label for='password_old'>Old Password:</label> <input name='password_old' type='password' maxlength="32" /> </p> <p> <label for='password_new'>New Password:</label> <input name='password_new' type='password' maxlength="32"/> </p> <p> <label for='password_new_con'>Confirm Password:</label> <input name='password_new_con' type='password' maxlength="32"/> </p> <p><span class="required">*</span> Note, username and password are case sensitive</p> <p>Forgot your password? <a href="forgot_password.php">Click Here</a></p> <p>Login <a href="login.php">Here</a></p> <h2>Security Check</h2> <p>Enter letters below exactly how they are displayed. Letter are case sensitive. </p> <br /> <img src="captcha.class.php?usefile=1" /> <!--OR--> <!--<img src="image.php" />--> <input id='user_code' name='user_code' type='text' size='10' > <p> </p> <input class="reset" type='reset' value='Cancel' name='reset'> <input class="submit" type='submit' value='Continue' name='submit'> </fieldset> </form> <!--End of Form-->