Jump to content

Archived

This topic is now archived and is closed to further replies.

stefpretty

NEED hellp this is a private convo!

Recommended Posts

I am new to the php, i am making a site i really need some almost professional advice talking on msn wopuld be perfect pm me!! cheers

Share this post


Link to post
Share on other sites
I'd post this in the Freelancing section &/OR ask the mods to move this for you.

Share this post


Link to post
Share on other sites
well im a newbie lol btw how do u intergrate ure html and php together and use a html template and the php script just prints content onto main section and keeps rest same?

Share this post


Link to post
Share on other sites
[!--quoteo(post=362048:date=Apr 5 2006, 11:17 PM:name=stefpretty)--][div class=\'quotetop\']QUOTE(stefpretty @ Apr 5 2006, 11:17 PM) [snapback]362048[/snapback][/div][div class=\'quotemain\'][!--quotec--]
well im a newbie lol btw how do u intergrate ure html and php together and use a html template and the php script just prints content onto main section and keeps rest same?
[/quote]

you can use html in .php files if thats what your asking. And the middle section in php can be genarated from a database to keep the content dynamic...

maybe you should buy a book for the basics of php? or do some online tutorials

Share this post


Link to post
Share on other sites
cheers ye i knew u cud put html in but i wanna make snipits of html files and give them names like header etc can i just unclude them where appropriate and use css to give backgrounds to where the php prints?
ALSO

i have a problem with my php scripts......

i get this message when i try to register.... [!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 4[/quote] silly thing is there is nothing on line 4 in registerun.php

Share this post


Link to post
Share on other sites
Another issue i just discovered is this when i try to login.....[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Parse error: parse error, unexpected $ in /home/fsuk/public_html/bla/login.php on line 47[/quote]

the thing is on line 47 i have [!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]?>[/quote]

Share this post


Link to post
Share on other sites
[!--quoteo(post=362176:date=Apr 6 2006, 12:56 PM:name=stefpretty)--][div class=\'quotetop\']QUOTE(stefpretty @ Apr 6 2006, 12:56 PM) [snapback]362176[/snapback][/div][div class=\'quotemain\'][!--quotec--]
cheers ye i knew u cud put html in but i wanna make snipits of html files and give them names like header etc can i just unclude them where appropriate and use css to give backgrounds to where the php prints?
ALSO

i have a problem with my php scripts......

i get this message when i try to register.... silly thing is there is nothing on line 4 in registerun.php
[/quote]

you can include php files ( with your html in it ) at a location which you decide with the function:
include(); .. so like include('include/info.php');

in the main file you can include your CSS will will style all other included php files.

for the SQL, can you post it? probally your missing a } somewhere or your not ending your SQL the rigjt way.. SQL="SELECT * FROM lol";


[!--quoteo(post=362178:date=Apr 6 2006, 01:09 PM:name=stefpretty)--][div class=\'quotetop\']QUOTE(stefpretty @ Apr 6 2006, 01:09 PM) [snapback]362178[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Another issue i just discovered is this when i try to login.....

the thing is on line 47 i have
[/quote]

also seems you didn;t close a loop or variable good.

$test; alsways end with ;

Share this post


Link to post
Share on other sites
yup this is a buig section of code hold on........ this is from my register script!

right snipt 1 reffering to sql [code]// Enter info into the Database.

$sql = mysql_query("INSERT INTO band (username,
        password, email,  name, country, style, hist, infl, open, webs )
        VALUES('$username', '$db_password', '$email_address', '$Band_name',
        '$nationality', '$style', '$history', '$influences', '$comments','$website' ")
        or die (mysql_error());

if(!$sql){[/code]

snippet 2 this is checking to see if email or username alredy exists....
[code]$sql_email_check = mysql_query("SELECT email FROM band
             WHERE email='$email_address'");
$sql_username_check = mysql_query("SELECT username FROM band
             WHERE username='$username'");

$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);[/code]

ONly other thing i cud think this is erroring about is [code]include ("db.php");[/code] this file....? hmmm

oh also after registerring it has an aut email.... heres the code i cud have missed something on tht?
[code]if(!$sql){
    echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
    $userid = mysql_insert_id();
  
    $subject = "Your Membership at MyWebsite!";
    $message = "Dear $name,
    Thank you for registering at our website, http://www.thebandcentral.com!
    

    Username: $username
    Password: $random_password
    <b>PLEASE LOG IN AND CHANGE YOUR PASSWORD</b>
    Thanks!
    The Webmaster
    
    This is an automated response, please do not reply!";
    
    mail($email_address, $subject, $message,
        "From: The Band Central Webmaster<s.pretty1@btinternet.com>;
    echo 'Your membership information has been mailed to your email address!
     Please check it and follow the directions!';
}

?> [/code]
thts the full last section!!

Share this post


Link to post
Share on other sites
well, first of all, the include("db.php"); should be


[code]include('db.php'); [/code]

and your SQL satement is incorrect, just do it like this, easier:

[code]$sql = mysql_query("INSERT INTO band SET username='$username', password='$db_password'");[/code]

and add rest of the fields and values :)
try it again with these changes

and for the Email.
remember that gives "enters" in de code will not give "enters" in parsed html. Always use <br> or <P>

[code]Thank you for registering at our website, http://www.thebandcentral.com!<br><br>
    

    Username: $username<br>
    Password: $random_password<br>[/code]

and so on

Share this post


Link to post
Share on other sites
right thankyou for all your help but its still doing the [!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Parse error: parse error, unexpected $ in /home/fsuk/public_html/bla/registerun.php on line 132[/quote]
with this code...
[code]<?
$username = $_POST['user'];
$nationality = $_POST['prov'];
$email_address = $_POST['email'];
$Band_name = $_POST['bname'];
$style = $_POST['style'];
$History = $_POST['hist'];
$Influences = $_POST['infl'];
$comments = $_POST['open'];
$website = $_POST['webs'];
include ('db.php');

// Define post fields into simple variables

/* Let's strip some slashes in case the user entered
any escaped characters. */

$username = stripslashes($username);
$nationality = stripslashes($nationality);
$email_address = stripslashes($email_address);
$Band_name = stripslashes($Band_name);
$style = stripslashes($style);
$History = stripslashes($hsitory);
$influences = stripslashes($influences);
$comments = stripslashes($comments);
$website = stripslashes($website);
/* Do some error checking on the form posted fields */

if((!$username) || (!$email_address)){
    echo 'You did not submit the following required information! <br />';
    if(!$username){
        echo "Username is a required field. Please enter it below.(must be unique)<br />";
    }
  
    if(!$email_address){
        echo "Email Address is a required field. Please enter it below.";
    }
    
   // if(!$Band_name){
   //     echo "Desired Band Name is a required field. Please enter it below.<br />";      || (!$Band_name)
   // }
    include 'register.php'; // Show the form again!
    /* End the error checking and if everything is ok, we'll move on to
     creating the user account */
    exit(); // if the error checking has failed, we'll exit the script!
}
    
/* Let's do some checking and ensure that the user's email address or username
does not exist in the database */

$sql_email_check = mysql_query("SELECT email FROM band
             WHERE email='$email_address'");
$sql_username_check = mysql_query("SELECT username FROM band
             WHERE username='$username'");

$sql = mysql_query("INSERT INTO band SET username='$username', password='$db_password'");

$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);

if(($email_check > 0) || ($username_check > 0)){
     echo "Please fix the following errors: <br />";
     if($email_check > 0){
         echo "<strong>Your email address has already been used by another member
         in our database. Please submit a different Email address!<br />";
         unset($email_address);
     }
     if($username_check > 0){
         echo "The username you have selected has already been used by another member
          in our database. Please choose a different Username!<br />";
         unset($username);
     }
     include 'register.php'; // Show the form again!
     exit();  // exit the script so that we do not create this account!
}

/* Everything has passed both error checks that we have done.
It's time to create the account! */

/* Random Password generator.
http://www.phpfreaks.com/quickcode/Random_Password_Generator/56.php

We'll generate a random password for the
user and encrypt it, email it and then enter it into the db.
*/

function makeRandomPassword() {
  $salt = "abchefghjkmnpqrstuvwxyz0123456789";
  srand((double)microtime()*1000000);
      $i = 0;
      while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($salt, $num, 1);
            $pass = $pass . $tmp;
            $i++;
      }
      return $pass;
}

$random_password = makeRandomPassword();

$db_password = md5($random_password);

// Enter info into the Database.

$sql = mysql_query("INSERT INTO band SET username='$username', password='$db_password', name='$Band_Name', country='$nationality', email='$email_address', style='$style', hist='$history', infl='$influences', open='$comments', webs='$website'");

if(!$sql){
    echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
    $userid = mysql_insert_id();
  
    $subject = "Your Membership at MyWebsite!";
    $message = "Dear $name,
    Thank you for registering at our website, http://www.thebandcentral.com!<br><br>
    

    Username: $username<br>
    Password: $random_password<br>
    <b>PLEASE LOG IN AND CHANGE YOUR PASSWORD</b>
    Thanks!<br>
    The Webmaster<br>
    
    This is an automated response, please do not reply!";
    
    mail($email_address, $subject, $message,
        "From: The Band Central Webmaster<s.pretty1@btinternet.com>;
    echo 'Your membership information has been mailed to your email address!
     Please check it and follow the directions!';
}

?> [/code]

also can you check this script..... for login its giving sam message for last line too....[code]<?php
session_start();
header("Cache-control: private");
$user = $_POST['user'];
$pass = $_POST['pass'];
include('db.php');
// checkin if the user exists
$sql_user_check = "SELECT * FROM users WHERE username='$user'";
$result_name_check = mysql_query($sql_user_check);
$usersfound = mysql_num_rows($result_name_check);
// if user not found, note that and end
if ($usersfound < 1) {
    $error = "User $user not found.";
// if user does exist, continue with processing
} else {
    // checking if passwords match
    $sql_pass_get = "SELECT * FROM users WHERE username='$user'";
    $user_info = mysql_fetch_array(mysql_query($sql_pass_get));
    $encryptpass = $user_info['encryptpass'];
    // if doesn't match, note that and end
    if ($encryptpass != md5($pass)) {
        $error = "Invalid password.  Try again.";
    // if do match, let in and pass on info to session variables
    } else {
        $_SESSION['userid'] = $user_info['id'];
        $_SESSION['username'] = $user_info['username'];
        $_SESSION['email'] = $user_info['email'];
        $_SESSION['prov'] = $user_info['prov'];
        $_SESSION['name'] = $user_info['name'];
        $_SESSION['style'] = $user_info['style'];
        $_SESSION['hist'] = $user_info['hist'];
        $_SESSION['infl'] = $user_info['infl'];
        $_SESSION['open'] = $user_info['open'];
        $_SESSION['photo'] = $user_info['photo'];
        $_SESSION['webs'] = $user_info['webs'];
    
    }
}
if (!$_SESSION['username']) {
    if ($error) {
        echo $error;
        include("login.html");
    
} else {
    echo "<html><head><title>Welcome Back</title></head><body>Welcome back ".$_SESSION['name']."  <a href=\"settings.php\">Click here</a> to view your current settings.</body></html>";
}
?>[/code]

Share this post


Link to post
Share on other sites
Please review your code for missing brackets like this

[code]if (!$_SESSION['username']) {
    if ($error) {
        echo $error;
        include("login.html");
    
} else {
    echo "<html><head><title>Welcome Back</title></head><body>Welcome back ".$_SESSION['name']."  <a href=\"settings.php\">Click here</a> to view your current settings.</body></html>";
}[/code]

in this code, your second IF statement hasn;t got a closing bracket

[code]if (!$_SESSION['username']) {
    if ($error) {
        echo $error;
        include("login.html");
   }
} else {
    echo "<html><head><title>Welcome Back</title></head><body>Welcome back ".$_SESSION['name']."  <a href=\"settings.php\">Click here</a> to view your current settings.</body></html>";
}[/code]

Share this post


Link to post
Share on other sites
right thank you hmm i sorted some other problems on login.php now tht works fine! woohoo but still getting parse error on unexpected$ on registerun.php hmm im still looking for missing ; and }

Share this post


Link to post
Share on other sites
ohye ALMOST THERE! i sorted the problem now except it registered but still came up with error message ill check itout tjankyou for all your help!

Share this post


Link to post
Share on other sites
[!--quoteo(post=362212:date=Apr 6 2006, 03:48 PM:name=stefpretty)--][div class=\'quotetop\']QUOTE(stefpretty @ Apr 6 2006, 03:48 PM) [snapback]362212[/snapback][/div][div class=\'quotemain\'][!--quotec--]
ohye ALMOST THERE! i sorted the problem now except it registered but still came up with error message ill check itout tjankyou for all your help!
[/quote]

hehe okidokie no problem :)

Share this post


Link to post
Share on other sites
haha another glitch..... meh, the registration in works fine but... wht ive done is on registration u can see tht it makes arandom password then makes an encrypted password, it sends the random passwor to the user for login but puts the encryptd password on the database yes it does work... but on loging in, wht ive done is made it so once the user inputs the password it encrypts also using md5 then compares with database encrypted password but it doesnt work!!
[code] $sql_pass_get = "SELECT * FROM band WHERE username='$user'";
    $user_info = mysql_fetch_array(mysql_query($sql_pass_get));
    $password = $user_info['password'];
    // if doesn't match, note that and end
    if (md5($pass) != $password) {
        $error = "Invalid password.  Try again.";[/code]

Share this post


Link to post
Share on other sites
What does doesn't work meen? Please describe your problem.

Share this post


Link to post
Share on other sites
doesnt work as in always returns password is invlaid please try again! is there something wrong with my code?

Share this post


Link to post
Share on other sites
Where do you define $pass ?

Share this post


Link to post
Share on other sites
Well really, the only thing wrong with your code is there is no error checking. Try...
[code]
$sql = "SELECT * FROM band WHERE username='$user'";
if ($result = mysql_query($sql)) {
  $user = mysql_fetch_assoc($result);
  if (md5($pass) != $user['password']) {
    $error = "Invalid password.  Try again.";
  } else {
    echo "success";
  }
} else {
  echo mysql_error();
}
[/code]

Share this post


Link to post
Share on other sites
taht would make my sessions invalid look.. [code]<?php
session_start();
header("Cache-control: private");
$user = $_POST['user'];
$pass = $_POST['pass'];
include('db.php');
// checkin if the user exists
$sql_user_check = "SELECT * FROM band WHERE username='$user'";
$result_name_check = mysql_query($sql_user_check);
$usersfound = mysql_num_rows($result_name_check);
// if user not found, note that and end
if ($usersfound < 1) {
    $error = "User $user not found.";
// if user does exist, continue with processing
} else {
    // checking if passwords match
$sql = "SELECT * FROM band WHERE username='$user'";
if ($result = mysql_query($sql)) {
  $user = mysql_fetch_assoc($result);
  if (md5($pass) != $user['password']) {
    $error = "Invalid password.  Try again.";
  } else {
    echo "success";
  }

    // if do match, let in and pass on info to session variables
    } else {
        $_SESSION['userid'] = $user_info['id'];
        $_SESSION['username'] = $user_info['username'];
        $_SESSION['email'] = $user_info['email'];
        $_SESSION['prov'] = $user_info['prov'];
        $_SESSION['name'] = $user_info['name'];
        $_SESSION['style'] = $user_info['style'];
        $_SESSION['hist'] = $user_info['hist'];
        $_SESSION['infl'] = $user_info['infl'];
        $_SESSION['open'] = $user_info['open'];
        $_SESSION['photo'] = $user_info['photo'];
        $_SESSION['webs'] = $user_info['webs'];
    
    }
}
if (!$_SESSION['username']) {
    if ($error) {
        echo $error;
        include("login.html");[/code] thats what i got at the top half

Share this post


Link to post
Share on other sites
You probably shouldn't let a user know which of there username or password failed, this can open up security holes. Without it, we can also get this all done in one query and therefore less work on the database.
[code]
<?php

  session_start();
  include 'db.php';

  if (!empty($POST['username']) && !empty($_POST['userpass'])) {
    $user = trim($_POST['username']);
    $pass = md5(trim($_POST['password']));
  } else {
    $error = "Invalid Username or Password combo!";
    include 'login.html';exit();
  }

  $sql = "SELECT * FROM band WHERE username = '$user' AND `password` = '$pass'";
  $result = mysql_query($sql) or die(mysql_error());
  if ($result) {
    $user = mysql_fetch_assoc($result);
    
    $_SESSION['userid'] = $user['id'];
    $_SESSION['username'] = $user['username'];
    $_SESSION['email']= $user['email'];
    $_SESSION['prov'] = $user['prov'];
    $_SESSION['name'] = $user['name'];
    $_SESSION['style'] = $user['style'];
    $_SESSION['hist'] = $user['hist'];
    $_SESSION['infl'] = $user['infl'];
    $_SESSION['open'] = $user['open'];
    $_SESSION['photo'] = $user['photo'];
    $_SESSION['webs'] = $user['webs'];
  
  } else {
    $error = "Invalid Username or Password combo!";
    include 'login.html';exit();
  }

?>
[/code]
Also... do you really need all that stuff in a session?

Share this post


Link to post
Share on other sites
thanks i'll just go test that ye i do cos its for the next thing it does when i add it which is displays profile
cheers man

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.