timecatcher Posted December 6, 2008 Share Posted December 6, 2008 Hey im having an issue with the layout, I keep getting glitches whereby the layout mucks up yet im not sure why as my other pages work fine. Well heres the code. <? require("includes/connect.inc.php") ; require("includes/navbar.inc.php") ; $sql = "SELECT * FROM user WHERE username='".addslashes(htmlspecialchars($_COOKIE['kurukouser']))."'" ; $query = mysql_query($sql); if(mysql_num_rows($query) == 1){ $username = $_COOKIE['kurukouser'] ; $userpermissioncheck = mysql_query("SELECT * FROM user") ; $fetchpm = mysql_fetch_array($userpermissioncheck) ; echo '<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'><div id=\'content\'>' ; if($fetchpm['username'] == $username && $fetchpm['permission'] >= 5 && $_POST['submit'] != 'Post') { echo'<form method="post" action="newsadmin.php"><br />Title: <input type="text" name="title"><br />Message: <textarea rows="7" cols="55" name="message">Enter message here.</textarea><br /><input type="submit" name="submit" value="Post">'; } elseif($fetchpm['username'] == $username && $fetchpm['permission'] < 5) { echo'You are not autherised to visit this page.' ; } if($_POST['submit'] == 'Post'){ $message = $_POST['message'] ; $title = $_POST['title'] ; mysql_query("INSERT INTO news (title, message) VALUES ('$title','$message')") ; echo'News successfully posted.' ; } }else{ echo'Error: You must be logged in to view this page.' ; } echo'</div>' ; ?> Thanks, Timecatcher. Quote Link to comment Share on other sites More sharing options...
gevans Posted December 6, 2008 Share Posted December 6, 2008 I think the problem will be a html/css one, not php! Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 Alright well I will post my navbar.css then now xD. Im looking through it myself and it puzzles me why some pages work fine but not others. Timecatcher. <?php require("connect.inc.php") ; $sql = "SELECT * FROM user WHERE username='".addslashes(htmlspecialchars($_COOKIE['kurukouser']))."'" ; $query = mysql_query($sql); if(mysql_num_rows($query) == 1){ $username = $_COOKIE['kurukouser'] ; } if(!isset($username)) { echo'<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'> <b> <div id=\'nav\'> <center> <br /> <h3>Navigation</h3> </center> <b><a href="http://kurukolands.co.uk/register.php">Join</a></b> <br /> <a href="http://kurukolands.co.uk/login.php">Login</a> <br /> <br /> </div> </b>' ; } else { $query1 = mysql_query("SELECT * FROM user WHERE username = '".$username."'") ; $fetch = mysql_fetch_array($query1) ; $points = $fetch['points'] ; echo'<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'><div id=\'nav\'><center><br /><h3>Navigation</h3><font color="black">' ; echo'<br />' ; echo'<a href="http://kurukolands.co.uk/news.php">News</a>'; echo'<br /><br /><br /><br /><br /><br /><br /><br />' ; echo'<a href="http://kurukolands.co.uk/logout.php">Logout</a></div>' ; echo'<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'><div id=\'profile\'> ' ; echo'Welcome, <a href="http://kurukolands.co.uk/profiles.php?userid='.$username.'>'.$username.'</a>.' ; echo'<br />' ; echo $points.' Ks' ; echo'</font></center>' ; echo'</div>' ; } ?> Quote Link to comment Share on other sites More sharing options...
waynew Posted December 6, 2008 Share Posted December 6, 2008 Try <?php require("connect.inc.php") ; //You weren't cleaning input properly. ALWAYS USE mysql_real_escape_string instead of addslashes. //$sql = "SELECT * FROM user WHERE username='".addslashes(htmlspecialchars($_COOKIE['kurukouser']))."'" ; //using mysql function count() instead $sql = "SELECT COUNT(*) FROM user WHERE username='".mysql_real_escape_string($_COOKIE['kurukouser']))."'"; $query = mysql_query($sql) or die(mysql_error()); $r = mysql_fetch_row($query); if($r[0] == 1){ $username = htmlentities($_COOKIE['kurukouser'],ENT_QUOTES,"utf-8"); } mysql_free_result($query); //free up memory //old code /*if(mysql_num_rows($query) == 1){ $username = $_COOKIE['kurukouser'] ; }*/ //Use indentation!!! //Learn the key differences between double quotes and single quotes! if(!isset($username)) { echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"> <b> <div id="nav"> <center> <br /> <h3>Navigation</h3> </center> <b><a href="http://kurukolands.co.uk/register.php">Join</a></b> <br /> <a href="http://kurukolands.co.uk/login.php">Login</a> <br /> <br /></div></b>' ; } //use indentation else { $query1 = mysql_query("SELECT * FROM user WHERE username = '".$username."'") ; $fetch = mysql_fetch_array($query1) ; $points = $fetch['points'] ; echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"><div id="nav"><center><br /><h3>Navigation</h3><font color="black">' ; echo'<br />' ; echo'<a href="http://kurukolands.co.uk/news.php">News</a>'; echo'<br /><br /><br /><br /><br /><br /><br /><br />' ; echo'<a href="http://kurukolands.co.uk/logout.php">Logout</a></div>' ; echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"><div id="profile"> ' ; echo'Welcome, <a href="http://kurukolands.co.uk/profiles.php?userid='.$username.'>'.$username.'</a>.' ; echo'<br />' ; echo $points.' Ks' ; echo'</font></center>' ; echo'</div>' ; } ?> Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 Still glitchy however I liked the way you set up my navbar for me! Don't suppose you have an windows live messenger account do you? It would be great to be able to leanr with a real person who obviously knows what there doing behind me . Your choice ofcourse no pressure. Thanks, Timecatcher. Quote Link to comment Share on other sites More sharing options...
waynew Posted December 6, 2008 Share Posted December 6, 2008 I can't go on MSN at the moment. If you have questions, just post them here. I'm sure others will help too. Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 Ok no problem mate! Well I still have the error, so if you want me to make your a quick account on my site so you can see what I mean on the page or wait a second... This is a screenshot of what I see, just so you know, and the reason I think its mainly to do with the actual newsadmin file is because it only does this to that page and its perfectly fine on all the other pages. More help appreciated thanks. Timecatcher. Quote Link to comment Share on other sites More sharing options...
waynew Posted December 6, 2008 Share Posted December 6, 2008 Try <?php require("connect.inc.php") ; //You weren't cleaning input properly. ALWAYS USE mysql_real_escape_string instead of addslashes. //$sql = "SELECT * FROM user WHERE username='".addslashes(htmlspecialchars($_COOKIE['kurukouser']))."'" ; //using mysql function count() instead $sql = "SELECT COUNT(*) FROM user WHERE username='".mysql_real_escape_string($_COOKIE['kurukouser']))."'"; $query = mysql_query($sql) or die(mysql_error()); $r = mysql_fetch_row($query); if($r[0] == 1){ $username = htmlentities($_COOKIE['kurukouser'],ENT_QUOTES,"utf-8"); } mysql_free_result($query); //free up memory //old code /*if(mysql_num_rows($query) == 1){ $username = $_COOKIE['kurukouser'] ; }*/ //Use indentation!!! //Learn the key differences between double quotes and single quotes! if(!isset($username)) { echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"> <b> <div id="nav"> <center> <br /> <h3>Navigation</h3> </center> <b><a href="http://kurukolands.co.uk/register.php">Join</a></b> <br /> <a href="http://kurukolands.co.uk/login.php">Login</a> <br /> <br /></div></b>' ; } //use indentation else { $query1 = mysql_query("SELECT * FROM user WHERE username = '".$username."'") ; $fetch = mysql_fetch_array($query1) ; $points = $fetch['points'] ; echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"><div id="nav"><center><br /><h3>Navigation</h3><font color="black">' ; echo'<br />' ; echo'<a href="http://kurukolands.co.uk/news.php">News</a>'; echo'<br /><br /><br /><br /><br /><br /><br /><br />' ; echo'<a href="http://kurukolands.co.uk/logout.php">Logout</a></div>' ; echo'<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"><div id="profile"> ' ; echo'Welcome, <a href="http://kurukolands.co.uk/profiles.php?userid='.$username.'">'.$username.'</a>.' ; echo'<br />' ; echo $points.' Ks' ; echo'</font></center>' ; echo'</div>' ; } ?> Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 I think you've just posted that and it didn't work sorry. . Stupid glitch. Timecatcher. Quote Link to comment Share on other sites More sharing options...
waynew Posted December 6, 2008 Share Posted December 6, 2008 Did you forget to include the navigation bar? Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 No the one you edited is the Navigation bar, so its still included. Would you be able to see if theres anything wrong with the newsadmin one? Thanks. Timecatcher. Quote Link to comment Share on other sites More sharing options...
waynew Posted December 6, 2008 Share Posted December 6, 2008 echo '<link rel=\'stylesheet\' href=\'includes/layoutstylesheet.css\' type=\'text/css\'><div id=\'content\'>' ; Can you see what is wrong with the above piece of code? echo '<link rel="stylesheet" href="includes/layoutstylesheet.css" type="text/css"><div id="content">' ; See the difference? Quote Link to comment Share on other sites More sharing options...
timecatcher Posted December 6, 2008 Author Share Posted December 6, 2008 Yeah I see the difference xD. I know but that shouldn't make any difference to my code surely... Timecatcher. EDIT: Ok well finally I managed to work out it was a simple missing ' so it made the echo continue. Stupid me! Oh well practise makes perfect eh! Thanks for your help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.