Search the Community

I need to convert the following select statement to a pdo->query but have no idea how to get it working: SELECT t.id FROM ( SELECT g.* FROM location AS g WHERE g.start <= 16785408 ORDER BY g.start DESC, g.end DESC LIMIT 1 ) AS t WHERE t.end >= 16785408; Here's the code I'm trying: <?php $php_scripts = '../../php/'; require $php_scripts . 'PDO_Connection_Select.php'; require $php_scripts . 'GetUserIpAddr.php'; function mydloader($l_filename=NULL) { $ip = GetUserIpAddr(); if (!$pdo = PDOConnect("foxclone_data")) { exit; } if( isset( $l_filename ) ) { $ext = pathinfo($l_filename, PATHINFO_EXTENSION); $stmt = $pdo->prepare("INSERT INTO download (address, filename,ip_address) VALUES (?, ?, inet_aton('$ip'))"); $stmt->execute([$ip, $ext]) ; $test = $pdo->prepare("SELECT t.id FROM ( SELECT g.id FROM lookup AS g WHERE g.start <= inet_aton($ip) ORDER BY g.start DESC, g.end DESC ) AS t WHERE t.end >=inet_aton($ip)"); $test ->execute() ; $ref = $test->fetchColumn(); $ref = intval($ref); $stmt = $pdo->prepare("UPDATE download SET ref = '$ref' WHERE address = '$ip'"); $stmt->execute() ; header('Content-Type: octet-stream'); header("Content-Disposition: attachment; filename={$l_filename}"); header('Pragma: no-cache'); header('Expires: 0'); readfile($l_filename); } else { echo "isset failed"; } } mydloader($_GET["f"]); exit; It gives the following error: How do I fix this?

As I am VERY new to PDO, can someone help me in converting the below 2 codes so that I can setup the testing site knowing at least this part works. Below is the old SQL that I need to convert but don't have to foggiest on where to start. If I can get some help with this I can slowly work through the rest of my site with a bit more ease. LOGIN CODE: <?php if($_POST['submit']){ $Username = protect($_POST['Username']); $Password = protect(sha1($_POST['Password'])); if(!$Username || !$Password){ echo "<center>Please enter your <b>Username</b> and <b>Password</b>!</center>"; }else{ $res = mysql_query("SELECT * FROM `eusers` WHERE `Username` = '".$Username."'"); $num = mysql_num_rows($res); if($num == 0){ echo "<center>The <b>Username</b> or <b>Password</b> you supplied is incorrect!</center>"; }else{ $res = mysql_query("SELECT * FROM `eusers` WHERE `Username` = '".$Username."' AND Password = '".$Password."'"); $num = mysql_num_rows($res); if($num == 0){ echo "<center>The <b>Password</b> you supplied is incorrect!</center>"; }else{ $row = mysql_fetch_assoc($res); if($row['Active'] != 1){ echo "<center>Your login has been <b>deactivated</b>, Please contact your Manager for assistance.</center>"; }else{ header('Location: secure.php'); $time = date('U')+7200; //2 Hours mysql_query("UPDATE `eusers` SET `Online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'"); $_SESSION['uid'] = $row['id']; }}}}} ?> ACCESS GRANTED (Each Page): <?php if(strcmp($_SESSION['uid'],"") == 0){ printf("<script>location.href='index.php'</script>"); }else{ $time = date('U')+7200; //2 Hours $update = mysql_query("UPDATE `eusers` SET `Online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'"); } ?>

I am still working on learning pdo slowly trying to migrate into the newest most secure operations and have an issue with the count and no idea where to look for it i have spent countless hours searching and am no further along so i thought id ask the people here if this is even possible What i have is a count total number of entries per person which i have working perfectly but the issue is i need to only count them when the total is greater then 5 $dbh = new PDO("mysql:host=$hostname;dbname=$db", $username, $password); foreach($dbh->query('SELECT username,COUNT(*), WHERE COUNT(*)<5 FROM games GROUP BY username') as $row) { echo "<tr>"; echo "<td>" . $row['username'] . "</td>"; echo "<td>" . $row['COUNT(*)'] . "</td>"; echo "</tr>"; } ?> so if a user only has 4 entries it will skip his name I hope this makes sense and hope someone can help me

Hey, I am trying to output a row from my database using PDO where the username is the same as one that I have pulled from the URL, my URL reads: "http://localhost/view_profile.php?username=test\" On the view profile_page.php I am storing the username in $username by using $username = $_GET["username"]; now I want to use a SELECT to retrieve and save the data relating to the username found in the URL. I am struggling to get this to work, the page is already linked to the database any help would be appreciated. Thanks. <?php if(isset($_POST['$row'])) { // check if the username has been set } // First we execute our common code to connection to the database and start the session require("common.php"); // At the top of the page we check to see whether the user is logged in or not if(empty($_SESSION['user'])) { // If they are not, we redirect them to the login page. header("Location: login.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to login.php"); } // Everything below this point in the file is secured by the login system // We can display the user's username to them by reading it from the session array. Remember that because // a username is user submitted content we must use htmlentities on it before displaying it to the user. $username = $_GET["username"]; $query = " SELECT id, username, firstname, lastname, password, salt, email, access_level FROM users WHERE username = $username "; try { // These two statements run the query against your database table. $stmt = $db->prepare($query); $stmt->execute(); } catch(PDOException $ex) { // Note: On a production website, you should not output $ex->getMessage(). // It may provide an attacker with helpful information about your code. die("Failed to run query: " . $ex->getMessage()); } // Finally, we can retrieve all of the found rows into an array using fetchAll $rows = $stmt->fetchAll(); ?>

$dbh = new PDO("mysql:host=$hostname;dbname=$db", $username, $password); foreach($dbh->query('SELECT username,COUNT(*) FROM ballot GROUP BY username') as $row) { echo "<tr>"; echo "<td>" . $row['username'] . "</td>"; echo "<td>" . $row['COUNT(*)'] . "</td>"; echo "</tr>"; } the result is coming like this habs4stanley1 demo2 Habsfan4life2 ​I need it to put it like this ​habs4stanley 1 ​demo 2 ​habsfan4life 2 ​any help is greatly appreciated