Search the Community
Showing results for tags 'pdo php'.
-
It give an the link like http://localhost/aps/undefined Object not found! The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error. If you think this is a server error, please contact the webmaster. Error 404 localhost Apache/2.4.35 (Win32) OpenSSL/1.1.0i PHP/7.2.11 //The php code to fetch data //The php code to fetch data <?php include('db.php'); $query = ''; $output = array(); $query .= "SELECT * FROM users "; if(isset($_POST["search"]["value"])) { $query .= 'WHERE first_name LIKE "%'.$_POST["search"]["value"].'%" '; $query .= 'OR last_name LIKE "%'.$_POST["search"]["value"].'%" '; } if(isset($_POST["order"])) { $query .= 'ORDER BY '.$_POST['order']['0']['column'].' '.$_POST['order']['0']['dir'].' '; } else { $query .= 'ORDER BY id DESC '; } if($_POST["length"] != -1) { $query .= 'LIMIT ' . $_POST['start'] . ', ' . $_POST['length']; } $statement = $connection->prepare($query); $statement->execute(); $result = $statement->fetchAll(); $data = array(); $filtered_rows = $statement->rowCount(); foreach($result as $row) { $sub_array = array(); $sub_array[] = $row["first_name"]; $sub_array[] = $row["last_name"]; $sub_array[] = '<button type="button" name="update" id="'.$row["id"].'" class="btn btn-warning btn-xs update">Update</button>'; $sub_array[] = '<button type="button" name="delete" id="'.$row["id"].'" class="btn btn-danger btn-xs delete">Delete</button>'; $data[] = $sub_array; } $output = array( "draw" => intval($_POST["draw"]), "recordsTotal" => $filtered_rows, "recordsFiltered" => get_total_all_records(), "data" => $data ); echo json_encode($output); ?> //javasrcipt jquery var dataTable = $('#user_data').DataTable({ "processing":true, "serverSide":true, "order":[], "ajax":{ url:"fetch.php", type:"POST" }, "columnDefs":[ { "targets":[0, 3, 4], "orderable":false, }, ] });
-
I need to convert the following select statement to a pdo->query but have no idea how to get it working: SELECT t.id FROM ( SELECT g.* FROM location AS g WHERE g.start <= 16785408 ORDER BY g.start DESC, g.end DESC LIMIT 1 ) AS t WHERE t.end >= 16785408; Here's the code I'm trying: <?php $php_scripts = '../../php/'; require $php_scripts . 'PDO_Connection_Select.php'; require $php_scripts . 'GetUserIpAddr.php'; function mydloader($l_filename=NULL) { $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone_data")) { exit; } if( isset( $l_filename ) ) { $ext = pathinfo($l_filename, PATHINFO_EXTENSION); $stmt = $pdo->prepare("INSERT INTO download (address, filename,ip_address) VALUES (?, ?, inet_aton('$ip'))"); $stmt->execute([$ip, $ext]) ; $test = $pdo->prepare("SELECT t.id FROM ( SELECT g.id FROM lookup AS g WHERE g.start <= inet_aton($ip) ORDER BY g.start DESC, g.end DESC ) AS t WHERE t.end >=inet_aton($ip)"); $test ->execute() ; $ref = $test->fetchColumn(); $ref = intval($ref); $stmt = $pdo->prepare("UPDATE download SET ref = '$ref' WHERE address = '$ip'"); $stmt->execute() ; header('Content-Type: octet-stream'); header("Content-Disposition: attachment; filename={$l_filename}"); header('Pragma: no-cache'); header('Expires: 0'); readfile($l_filename); } else { echo "isset failed"; } } mydloader($_GET["f"]); exit; It gives the following error: How do I fix this?
-
As I am VERY new to PDO, can someone help me in converting the below 2 codes so that I can setup the testing site knowing at least this part works. Below is the old SQL that I need to convert but don't have to foggiest on where to start. If I can get some help with this I can slowly work through the rest of my site with a bit more ease. LOGIN CODE: <?php if($_POST['submit']){ $Username = protect($_POST['Username']); $Password = protect(sha1($_POST['Password'])); if(!$Username || !$Password){ echo "<center>Please enter your <b>Username</b> and <b>Password</b>!</center>"; }else{ $res = mysql_query("SELECT * FROM `eusers` WHERE `Username` = '".$Username."'"); $num = mysql_num_rows($res); if($num == 0){ echo "<center>The <b>Username</b> or <b>Password</b> you supplied is incorrect!</center>"; }else{ $res = mysql_query("SELECT * FROM `eusers` WHERE `Username` = '".$Username."' AND Password = '".$Password."'"); $num = mysql_num_rows($res); if($num == 0){ echo "<center>The <b>Password</b> you supplied is incorrect!</center>"; }else{ $row = mysql_fetch_assoc($res); if($row['Active'] != 1){ echo "<center>Your login has been <b>deactivated</b>, Please contact your Manager for assistance.</center>"; }else{ header('Location: secure.php'); $time = date('U')+7200; //2 Hours mysql_query("UPDATE `eusers` SET `Online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'"); $_SESSION['uid'] = $row['id']; }}}}} ?> ACCESS GRANTED (Each Page): <?php if(strcmp($_SESSION['uid'],"") == 0){ printf("<script>location.href='index.php'</script>"); }else{ $time = date('U')+7200; //2 Hours $update = mysql_query("UPDATE `eusers` SET `Online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'"); } ?>
-
I am still working on learning pdo slowly trying to migrate into the newest most secure operations and have an issue with the count and no idea where to look for it i have spent countless hours searching and am no further along so i thought id ask the people here if this is even possible What i have is a count total number of entries per person which i have working perfectly but the issue is i need to only count them when the total is greater then 5 $dbh = new PDO("mysql:host=$hostname;dbname=$db", $username, $password); foreach($dbh->query('SELECT username,COUNT(*), WHERE COUNT(*)<5 FROM games GROUP BY username') as $row) { echo "<tr>"; echo "<td>" . $row['username'] . "</td>"; echo "<td>" . $row['COUNT(*)'] . "</td>"; echo "</tr>"; } ?> so if a user only has 4 entries it will skip his name I hope this makes sense and hope someone can help me
-
$dbh = new PDO("mysql:host=$hostname;dbname=$db", $username, $password); foreach($dbh->query('SELECT username,COUNT(*) FROM ballot GROUP BY username') as $row) { echo "<tr>"; echo "<td>" . $row['username'] . "</td>"; echo "<td>" . $row['COUNT(*)'] . "</td>"; echo "</tr>"; } the result is coming like this habs4stanley1 demo2 Habsfan4life2 I need it to put it like this habs4stanley 1 demo 2 habsfan4life 2 any help is greatly appreciated
-
Hey, I am trying to output a row from my database using PDO where the username is the same as one that I have pulled from the URL, my URL reads: "http://localhost/view_profile.php?username=test\" On the view profile_page.php I am storing the username in $username by using $username = $_GET["username"]; now I want to use a SELECT to retrieve and save the data relating to the username found in the URL. I am struggling to get this to work, the page is already linked to the database any help would be appreciated. Thanks. <?php if(isset($_POST['$row'])) { // check if the username has been set } // First we execute our common code to connection to the database and start the session require("common.php"); // At the top of the page we check to see whether the user is logged in or not if(empty($_SESSION['user'])) { // If they are not, we redirect them to the login page. header("Location: login.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to login.php"); } // Everything below this point in the file is secured by the login system // We can display the user's username to them by reading it from the session array. Remember that because // a username is user submitted content we must use htmlentities on it before displaying it to the user. $username = $_GET["username"]; $query = " SELECT id, username, firstname, lastname, password, salt, email, access_level FROM users WHERE username = $username "; try { // These two statements run the query against your database table. $stmt = $db->prepare($query); $stmt->execute(); } catch(PDOException $ex) { // Note: On a production website, you should not output $ex->getMessage(). // It may provide an attacker with helpful information about your code. die("Failed to run query: " . $ex->getMessage()); } // Finally, we can retrieve all of the found rows into an array using fetchAll $rows = $stmt->fetchAll(); ?>
-
hello. i got this error and i have no idea why or what is going on. could someone explain in layman's term please and help me out. code being referred to, line 36 is $guests->execute() : if(isset($_SESSION['sess_user_id'])) { if(isset($_POST['save'])) { require "connection.php"; $name = $_POST['guest-name']; $event = $_POST['event']; $session = $_SESSION['sess_user_id']; $status = ""; $status .= "0"; $guests = $dbh->prepare("INSERT INTO guest(guser_id,guest_name,event_id,status) VALUES (?,?,?,?)"); for($i = 0; $i < count($_POST['guest-name']); $i++) { if(trim($_POST['guest-name'][$i]) !== '') { $guests->bindParam(1, $session, PDO::PARAM_INT); $guests->bindParam(2, $name[$i], PDO::PARAM_STR); $guests->bindParam(3, $event, PDO::PARAM_INT); $guests->bindParam(4, $status, PDO::PARAM_INT); $guests->execute(); if($guests->rowCount() > 0) { echo "<script>window.location.href = 'guest_list.php';</script>"; } } } } } <div class="dropdown"> <label>Event : <label/> <select name="event" id="dd-event" required> <option value="0" selected>Event</option> <?php foreach($retrieve as $r): ?> <option value="<?=$r['event_id']?>"><?=$r['event_name']?></option> <?php endforeach ?> </select> </div> in db event_id column is int, not null, not auto incremented. TIA!
-
<?php if ($_GET['do'] != "promocode") { header('Location: index.php?do=promocode'); exit(); } if (!isset($_SESSION['loggedin'])) { header('Location: index.php?do=login'); exit(); } $errors = array(); if (!empty($_POST['submit'])) { $promocode = $_POST['promocode']; $username = $userinfo['username']; $expire = time(); $query_1 = "SELECT * FROM promocodes_used WHERE username = :username AND promocode = :promocode"; $used_stmt = $dbh->prepare($query_1); $used_stmt->bindParam(':username', $username); $used_stmt->bindParam(':promocode', $promocode); $used_stmt->execute(); $used = $used_stmt->fetch(PDO::FETCH_COLUMN); $query_2 = "SELECT * FROM promocodes WHERE code = :promocode"; $notvalid_stmt = $dbh->prepare($query_2); $notvalid_stmt->bindParam(':promocode', $promocode); $notvalid_stmt->execute(); $notvalid = $notvalid_stmt->fetch(PDO::FETCH_COLUMN); $query_3 = "SELECT * FROM promocodes WHERE code = :promocode AND expire < :expire"; $expire_stmt = $dbh->prepare($query_3); $expire_stmt->bindParam(':promocode', $promocode); $expire_stmt->bindParam(':expire', $expire); $expire_stmt->execute(); $expire = $expire_stmt->fetch(PDO::FETCH_COLUMN); if (empty($promocode)) { $errors[] = "You did not enter a Promo Code!"; } elseif ($used) { $errors[] = "You have already used this Promo Code!"; } elseif (!$notvalid) { $errors[] = "The promo code entered is not valid!"; } elseif ($expire) { $errors[] = "Promo Code is expired!"; } } if (!empty($_POST['submit']) && empty($errors)) { $query_4 = "SELECT cash, points FROM promocodes WHERE code = :promocode"; $value_stmt = $dbh->prepare($query_4); $value_stmt->bindParam(':promocode', $promocode); $value_stmt->execute(); $value = $value_stmt->fetch(PDO::FETCH_ASSOC); $query_5 = "UPDATE users SET total_cash = total_cash +{$value['cash']}, current_cash = current_cash +{$value['cash']} //is this line safe// WHERE username = :username"; $UPDATE_1_stmt = $dbh->prepare($query_5); $UPDATE_1_stmt->bindParam(':username', $username); $UPDATE_1_stmt->execute(); print "You have just received ${$value['cash']}"; } ?> <?php if ($configs['ShowPageTitle']): ?> <div id="pagetitle">Promo Code</div> <?php endif; ?> <?php if ($errors): ?> <?php foreach ($errors as $error): ?> <div id="small_error_msg"><?php echo $error; ?></div> <?php endforeach; ?> <br /> <?php endif; ?> <form method="POST"> <table cellpadding="4" cellspacing="0" style="width:100%" class=""> <tr> <td style="width:35%"><b>Promo Code</b></td> <td style="width:65%"><input type="text" name="promocode" maxlength="50" style="width:200px" value="<?php echo isset($promocode) ? htmlspecialchars($promocode, ENT_QUOTES) : ''; ?>" /></td> // do this prevent XSS and Undefined variable // </tr> <tr> <td colspan="2" align="center" style="padding:5px 0 5px"><input type="submit" name="submit" value="Submit" /></td> </tr> </table> </form>