Deanznet Posted November 3, 2007 Share Posted November 3, 2007 Hey i have created a Image Upload. and i want to add a search... to it I made it so when users upload they have to enter keywords inside it gose into a table called images and than into the keywords row.. Also i have another row inside table that called basename witch has the url to the image.. So what i wanted to do is make a php form to search for images that searchs for keywords... And displays the picture as a thumbnail... in a neat way on the page.. Anyone can help? Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 3, 2007 Share Posted November 3, 2007 Let me get this clear: A table column `keywords` will contain keywords relating to the image in this format: anime cartoons sailor moon A table coumn `basename` that contains the url to the image in this format: http://yoursite.com/path_to_image/image.gif //or path_to_image/image.gif //or image.gif Such that if you placed in a url on the page that has the search form, they should be able to access it. You want to search `keywords` for a certain keyword and return all images that contain this keyword? Note: Check out tutorials for making thumbnails really... The following code will take user input and apply it to a search, create a while() loop that you can use to output the data in a "neat way on the page". $keyword_query = mysql_real_escape_string($_POST['keyword_query']);//we need to sanitize ANY and ALL user input, to prevent sql injection and yada-yada $query = @mysql_query("SELECT basename,keywords FROM images WHERE keywords LIKE '%$keyword_query%' ") or die(mysql_error()); if(!mysql_num_rows($query)){//0 = false, 1 or more = true die("I'm sorry, no results were found for $keyword_query."); } //if it gets to here, that means there were some matches... while($row = mysql_fetch_array($query)){ $basename = $row['basename']; $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... echo "<img src='$basename' alt='$keywords' /><br>Keywords: $keyworks<br>"; } mysql_free_result($query);//clear off memory of all data from this query, just in case it returns a lot of results and takes up memory on the sever, helps w/ server load This would most likely be what you want o_o and of course, I assume you know how to create a simple form method='post' and etc... Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Dude Wow! That worked real good... Haha echo "<img src='$basename' alt='$keywords' /><br>Keywords: $keyworks<br>"; You put keyworks instead of keywords lol... Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Qucik Question Right when it displays it gose down in a straigh line.. Is their anyway i can make it display 3 images and than per line so like this - represents and image - - - - - - - - - and so on... Also is their a way to make the images all 100 px by 100 px Quote Link to comment Share on other sites More sharing options...
rajivgonsalves Posted November 3, 2007 Share Posted November 3, 2007 try this echo "<table><tr>"; $intCounter = 1; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... echo "<td><img src='$basename' alt='$keywords' /><br>Keywords: $keywords</td>"; $intCounter++ if ($intCounter%3==0) { echo "</tr><tr>";} } echo "</tr></table>"; Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Hey that worked I have one more question back about the image search code.. When you go the the page it will display all of the images, and thats okay But some images dont have basenames and keywords so you have a whole bunch of images that are blank and have the broken image display on them... Is their a way to only display images with that the basename is not null or something similar if you understand me. Quote Link to comment Share on other sites More sharing options...
rajivgonsalves Posted November 3, 2007 Share Posted November 3, 2007 here you go echo "<table><tr>"; $intCounter = 1; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... if ($basename) { echo "<td><img src='$basename' alt='$keywords' /><br>Keywords: $keywords</td>"; $intCounter++ } if ($intCounter%3==0) { echo "</tr><tr>";} } echo "</tr></table>"; Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Alright! that worked! Now one last question lol! I followed a Tutorial for a rating system.. Now it uses ids to keep track of what has what rating... <? $rater_id=1; $rater_item_name='Item 1'; include("rater.php"); ?> Now the image table has id and a file name field.. so how can i call it so it gose on the raiting system.. If you understand the rows in the images are called id and filename <? $rater_id=$id; $rater_item_name='$filename; include("rater.php"); ?> Quote Link to comment Share on other sites More sharing options...
rajivgonsalves Posted November 3, 2007 Share Posted November 3, 2007 you will have to select it and assign it to the code and include("rater.php") for each iteration of the while loop Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 3, 2007 Share Posted November 3, 2007 Thanks Raji for taking over :-D Anyway, can you show me how the rating code works and an example of an entry in the database of how the rating code is formatted? IE: columns and values. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Sure.. it's a single file called rater.php <? // User settings $rater_ip_voting_restriction = true; // restrict ip address voting (true or false) $rater_ip_vote_qty=1; // how many times an ip address can vote $rater_already_rated_msg="You have already rated this item. You were allowed ".$rater_ip_vote_qty." vote(s)."; $rater_not_selected_msg="You have not selected a rating value."; $rater_thankyou_msg="Thankyou for voting."; $rater_generic_text="this item"; // generic item text $rater_end_of_line_char="n"; // may want to change for different operating systems if(!isset($rater_id)) $rater_id=1; if(!isset($rater_item_name)) $rater_item_name=$rater_generic_text; // DO NOT MODIFY BELOW THIS LINE $rater_filename='item_'.$rater_id.".rating"; $rater_rating=0; $rater_stars=""; $rater_stars_txt=""; $rater_rating=0; $rater_votes=0; $rater_msg=""; // Rating action if(isset($_REQUEST["rate".$rater_id])){ if(isset($_REQUEST["rating_".$rater_id])){ while(list($key,$val)=each($_REQUEST["rating_".$rater_id])){ $rater_rating=$val; } $rater_ip = getenv("REMOTE_ADDR"); $rater_file=fopen($rater_filename,"a+"); $rater_str=""; $rater_str = rtrim(fread($rater_file, 1024*,$rater_end_of_line_char); if($rater_str!=""){ if($rater_ip_voting_restriction){ $rater_data=explode($rater_end_of_line_char,$rater_str); $rater_ip_vote_count=0; foreach($rater_data as $d){ $rater_tmp=explode("|",$d); $rater_oldip=str_replace($rater_end_of_line_char,"",$rater_tmp[1]); if($rater_ip==$rater_oldip){ $rater_ip_vote_count++; } } if($rater_ip_vote_count > ($rater_ip_vote_qty - 1)){ $rater_msg=$rater_already_rated_msg; }else{ fwrite($rater_file,$rater_rating."|".$rater_ip.$rater_end_of_line_char); $rater_msg=$rater_thankyou_msg; } }else{ fwrite($rater_file,$rater_rating."|".$rater_ip.$rater_end_of_line_char); $rater_msg=$rater_thankyou_msg; } }else{ fwrite($rater_file,$rater_rating."|".$rater_ip.$rater_end_of_line_char); $rater_msg=$rater_thankyou_msg; } fclose($rater_file); }else{ $rater_msg=$rater_not_selected_msg; } } // Get current rating if(is_file($rater_filename)){ $rater_file=fopen($rater_filename,"r"); $rater_str=""; $rater_str = fread($rater_file, 1024*; if($rater_str!=""){ $rater_data=explode($rater_end_of_line_char,$rater_str); $rater_votes=count($rater_data)-1; $rater_sum=0; foreach($rater_data as $d){ $d=explode("|",$d); $rater_sum+=$d[0]; } $rater_rating=number_format(($rater_sum/$rater_votes), 2, '.', ''); } fclose($rater_file); }else{ $rater_file=fopen($rater_filename,"w"); fclose($rater_file); } // Assign star image if ($rater_rating <= 0 ){$rater_stars = "./img/00star.gif";$rater_stars_txt="Not Rated";} if ($rater_rating >= 0.5){$rater_stars = "./img/05star.gif";$rater_stars_txt="0.5";} if ($rater_rating >= 1 ){$rater_stars = "./img/1star.gif";$rater_stars_txt="1";} if ($rater_rating >= 1.5){$rater_stars = "./img/15star.gif";$rater_stars_txt="1.5";} if ($rater_rating >= 2 ){$rater_stars = "./img/2star.gif";$rater_stars_txt="2";} if ($rater_rating >= 2.5){$rater_stars = "./img/25star.gif";$rater_stars_txt="2.5";} if ($rater_rating >= 3 ){$rater_stars = "./img/3star.gif";$rater_stars_txt="3";} if ($rater_rating >= 3.5){$rater_stars = "./img/35star.gif";$rater_stars_txt="3.5";} if ($rater_rating >= 4 ){$rater_stars = "./img/4star.gif";$rater_stars_txt="4";} if ($rater_rating >= 4.5){$rater_stars = "./img/45star.gif";$rater_stars_txt="4.5";} if ($rater_rating >= 5 ){$rater_stars = "./img/5star.gif";$rater_stars_txt="5";} // Output echo '<div class="hreview">'; echo '<form method="post" action="'.$_SERVER["PHP_SELF"].'">'; echo '<h3 class="item">Rate <span class="fn">'.$rater_item_name.'</span></h3>'; echo '<div>'; echo '<span class="rating"><img src="'.$rater_stars.'?x='.uniqid((double)microtime()*1000000,1).'" alt="'.$rater_stars_txt.' stars" /> Ave. rating: '.$rater_stars_txt.'</span> from <span class="reviewcount"> '.$rater_votes.' votes</span>.'; echo '</div>'; echo '<div>'; echo '<label for="rate5_'.$rater_id.'"><input type="radio" value="5" name="rating_'.$rater_id.'[]" id="rate5_'.$rater_id.'" />Excellent</label>'; echo '<label for="rate4_'.$rater_id.'"><input type="radio" value="4" name="rating_'.$rater_id.'[]" id="rate4_'.$rater_id.'" />Very Good</label>'; echo '<label for="rate3_'.$rater_id.'"><input type="radio" value="3" name="rating_'.$rater_id.'[]" id="rate3_'.$rater_id.'" />Good</label>'; echo '<label for="rate2_'.$rater_id.'"><input type="radio" value="2" name="rating_'.$rater_id.'[]" id="rate2_'.$rater_id.'" />Fair</label>'; echo '<label for="rate1_'.$rater_id.'"><input type="radio" value="1" name="rating_'.$rater_id.'[]" id="rate1_'.$rater_id.'" />Poor</label>'; echo '<input type="hidden" name="rs_id" value="'.$rater_id.'" />'; echo '<input type="submit" name="rate'.$rater_id.'" value="Rate" />'; echo '</div>'; if($rater_msg!="") echo "<div>".$rater_msg."</div>"; echo '</form>'; echo '</div>'; ?> Than you put <? $rater_id=1; $rater_item_name='Item 1'; include("rater.php"); ?> It makes a file called rater_1.rank that stores the ranking. and you can change the rater number.. so you can use more the one ranker. so i thought all i have to do is pull the id from the image column. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Hey also on my html form where i search for the images... I can use Xss in it... Any idea how to fix it? Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 3, 2007 Share Posted November 3, 2007 Ok, I assume the database columns are formatted like this: id = an autoincrement integer of the image basename = filename.extension (IE: someimage.gif, another.jpeg, heylook.png) keywords = keyword1 keyword2 keyword3 (separated by spaces) XSS fix (I have not tested it, just did a simple google search): http://quickwired.com/smallprojects/php_xss_filter_function.php Well, it seems like you have to use the include() alot, so here's my suggestion. On the page that echos out the arrays, a while/foreach loop (or however I did it above), add this to the top of the page, before ANYTHING. <?php//start of file ob_start();//output buffering That's all you need to filter out your outputs so you can use more than 1 include() safely w/o any errors. This is considered a dirty fix, which is good enough in this situation. Then, you need this code for the loop: $keyword_query = mysql_real_escape_string($_POST['keyword_query']);//we need to sanitize ANY and ALL user input, to prevent sql injection and yada-yada $query = @mysql_query("SELECT id,basename,keywords FROM images WHERE keywords LIKE '%$keyword_query%' ") or die(mysql_error()); if(!mysql_num_rows($query)){//0 = false, 1 or more = true die("I'm sorry, no results were found for $keyword_query."); } //if it gets to here, that means there were some matches... echo "<table><tr>"; $intCounter = 1; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; list($filename,$extension) = explode(".",$basename);//something.ext to something & ext $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... if ($basename) { echo "<td><img src='$basename' alt='$keywords' /><br>Keywords: $keywords<br><br>"; $intCounter++; $rater_id=$row['id']; $rater_item_name=ucfirst($filename);//capitalize filename for rating include("rater.php"); echo "</td>"; } if ($intCounter%3==0) { echo "</tr><tr>";} } echo "</tr></table>"; mysql_free_result($query);//clear off memory of all data from this query, just in case it returns a lot of results and takes up memory on the sever, helps w/ server load This will output 3 table data cells per row. Image on top, rating below it (in the same table cell). ________________ | IMAGE HERE | | KEYWORDS | | | | RATING | ------------------- 3 of those in each row, etc... Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Hey ratings work but the display of the image are messed up... It looks like this |----------------------| | - - - | | - - - | | - - - | | - - - | | - - - | |----------------------| - represents a image and rate and keyword.. The first row looks good but than thier a big gap in the middle and the second and thrid row are all meesed up .. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Oh wait hold on.. I got the search form named search.html and than the php code witch is at search2.php if i search using the html form it goes and and its in neat columns but when i go to search2.php directly it displays all images with keywords witch is good but looks all messed up like how i described it on the top. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 Wow sorry about all this i know its alot.. But if you can tell me how to make it so they can click the image and it goes to a page.. that displays the image they click on with description and other stuff that i pull from the database Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 3, 2007 Share Posted November 3, 2007 When you generate the HTML for the search results, copy the html source code of the page that is generated, I'll look it it, it may be that I had faulty logic at one point or just a slight typo. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 3, 2007 Author Share Posted November 3, 2007 <table><tr><td><img src='http://www.mysite.net/uploads/9ec8160b5f' width='100' hight='100' alt='cows,other sutff' /><br>Keywords: sex,porn,cows,other sutff<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/35star.gif?x=366061472d000b596251.32619175" alt="3.5 stars" /> Ave. rating: 3.5</span> from <span class="reviewcount"> 2 votes</span>.</div><div><label for="rate5_691"><input type="radio" value="5" name="rating_691[]" id="rate5_691" />Excellent</label><label for="rate4_691"><input type="radio" value="4" name="rating_691[]" id="rate4_691" />Very Good</label><label for="rate1_691"><input type="radio" value="1" name="rating_691[]" id="rate1_691" />Poor</label><input type="hidden" name="rs_id" value="691" /><input type="submit" name="rate691" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/8ee44f994f' width='100' hight='100' alt='gay kid, josh, goins, faggit' /><br>Keywords: gay kid, josh, goins, faggit<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=392738472d000b5fe4c5.76961743" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_695"><input type="radio" value="5" name="rating_695[]" id="rate5_695" />Excellent</label><label for="rate4_695"><input type="radio" value="4" name="rating_695[]" id="rate4_695" />Very Good</label><label for="rate1_695"><input type="radio" value="1" name="rating_695[]" id="rate1_695" />Poor</label><input type="hidden" name="rs_id" value="695" /><input type="submit" name="rate695" value="Rate" /></div></form></div></td></tr><tr></tr><tr><td><img src='http://www.mysite.net/uploads/d405282029' width='100' hight='100' alt='Motorcyle, Motor Bike, Fast Ride, Yellow Motocyle' /><br>Keywords: Motorcyle, Motor Bike, Fast Ride, Yellow Motocyle<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/45star.gif?x=405333472d000b62f718.89196922" alt="4.5 stars" /> Ave. rating: 4.5</span> from <span class="reviewcount"> 2 votes</span>.</div><div><label for="rate5_693"><input type="radio" value="5" name="rating_693[]" id="rate5_693" />Excellent</label><label for="rate4_693"><input type="radio" value="4" name="rating_693[]" id="rate4_693" />Very Good</label><label for="rate1_693"><input type="radio" value="1" name="rating_693[]" id="rate1_693" />Poor</label><input type="hidden" name="rs_id" value="693" /><input type="submit" name="rate693" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/a01eec932d' width='100' hight='100' alt='alert ("This is a Javascript Alert")' /><br>Keywords: alert ("This is a Javascript Alert")<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=408995472d000b63dbd7.37621054" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_696"><input type="radio" value="5" name="rating_696[]" id="rate5_696" />Excellent</label><label for="rate4_696"><input type="radio" value="4" name="rating_696[]" id="rate4_696" />Very Good</label><label for="rate1_696"><input type="radio" value="1" name="rating_696[]" id="rate1_696" />Poor</label><input type="hidden" name="rs_id" value="696" /><input type="submit" name="rate696" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/a0f6ff8cca' width='100' hight='100' alt='alert ("This is a Javascript Alert")' /><br>Keywords: alert ("This is a Javascript Alert")<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=412319472d000b64abd3.68771796" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_697"><input type="radio" value="5" name="rating_697[]" id="rate5_697" />Excellent</label><label for="rate4_697"><input type="radio" value="4" name="rating_697[]" id="rate4_697" />Very Good</label><label for="rate1_697"><input type="radio" value="1" name="rating_697[]" id="rate1_697" />Poor</label><input type="hidden" name="rs_id" value="697" /><input type="submit" name="rate697" value="Rate" /></div></form></div></td></tr><tr></tr><tr><td><img src='http://www.mysite.net/uploads/98f350d75b' width='100' hight='100' alt='<IMG SRC=javascript:alert('XSS')>' /><br>Keywords: <IMG SRC=javascript:alert('XSS')><br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=415657472d000b657c62.69101973" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_699"><input type="radio" value="5" name="rating_699[]" id="rate5_699" />Excellent</label><label for="rate4_699"><input type="radio" value="4" name="rating_699[]" id="rate4_699" />Very Good</label><label for="rate1_699"><input type="radio" value="1" name="rating_699[]" id="rate1_699" />Poor</label><input type="hidden" name="rs_id" value="699" /><input type="submit" name="rate699" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/fa23781089' width='100' hight='100' alt='<IMG SRC=javascript:alert('XSS')>' /><br>Keywords: <IMG SRC=javascript:alert('XSS')><br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=420210472d000b6698c2.05786591" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_700"><input type="radio" value="5" name="rating_700[]" id="rate5_700" />Excellent</label><label for="rate4_700"><input type="radio" value="4" name="rating_700[]" id="rate4_700" />Very Good</label><label for="rate1_700"><input type="radio" value="1" name="rating_700[]" id="rate1_700" />Poor</label><input type="hidden" name="rs_id" value="700" /><input type="submit" name="rate700" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/98bad70ed6' width='100' hight='100' alt='<IMG SRC=http://a512.ac-images.myspacecdn.com/images01/46/s_4059ce62f31297cacb823b4d968a7a0f.jpg>' /><br>Keywords: <IMG SRC=http://a512.ac-images.myspacecdn.com/images01/46/s_4059ce62f31297cacb823b4d968a7a0f.jpg><br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=425674472d000b67ee92.39889669" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_701"><input type="radio" value="5" name="rating_701[]" id="rate5_701" />Excellent</label><label for="rate4_701"><input type="radio" value="4" name="rating_701[]" id="rate4_701" />Very Good</label><label for="rate1_701"><input type="radio" value="1" name="rating_701[]" id="rate1_701" />Poor</label><input type="hidden" name="rs_id" value="701" /><input type="submit" name="rate701" value="Rate" /></div></form></div></td></tr><tr><td><img src='http://www.mysite.net/uploads/aec448645c' width='100' hight='100' alt='';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>' /><br>Keywords: ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT><br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=430019472d000b68fe20.77975258" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_702"><input type="radio" value="5" name="rating_702[]" id="rate5_702" />Excellent</label><label for="rate4_702"><input type="radio" value="4" name="rating_702[]" id="rate4_702" />Very Good</label><label for="rate1_702"><input type="radio" value="1" name="rating_702[]" id="rate1_702" />Poor</label><input type="hidden" name="rs_id" value="702" /><input type="submit" name="rate702" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/ad31945c17' width='100' hight='100' alt='motorcycle' /><br>Keywords: motorcycle<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/5star.gif?x=434864472d000b6a2ca7.73119216" alt="5 stars" /> Ave. rating: 5</span> from <span class="reviewcount"> 1 votes</span>.</div><div><label for="rate5_703"><input type="radio" value="5" name="rating_703[]" id="rate5_703" />Excellent</label><label for="rate4_703"><input type="radio" value="4" name="rating_703[]" id="rate4_703" />Very Good</label><label for="rate1_703"><input type="radio" value="1" name="rating_703[]" id="rate1_703" />Poor</label><input type="hidden" name="rs_id" value="703" /><input type="submit" name="rate703" value="Rate" /></div></form></div></td><td><img src='http://www.mysite.net/uploads/e3b885bb20' width='100' hight='100' alt='sex' /><br>Keywords: not sure<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=438175472d000b6afbb1.32041063" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_704"><input type="radio" value="5" name="rating_704[]" id="rate5_704" />Excellent</label><label for="rate4_704"><input type="radio" value="4" name="rating_704[]" id="rate4_704" />Very Good</label><label for="rate1_704"><input type="radio" value="1" name="rating_704[]" id="rate1_704" />Poor</label><input type="hidden" name="rs_id" value="704" /><input type="submit" name="rate704" value="Rate" /></div></form></div></td></tr><tr><td><img src='http://www.mysite.net/uploads/15aa00a9a6' width='100' hight='100' alt='motorcycle' /><br>Keywords: motorcycle<br><br><p><div class="hreview"><form method="post" action="/search2.php"><h3 class="item">Rate <span class="fn">this item</span></h3><div><span class="rating"><img src="./img/00star.gif?x=441615472d000b6bd329.73963960" alt="Not Rated stars" /> Ave. rating: Not Rated</span> from <span class="reviewcount"> 0 votes</span>.</div><div><label for="rate5_705"><input type="radio" value="5" name="rating_705[]" id="rate5_705" />Excellent</label><label for="rate4_705"><input type="radio" value="4" name="rating_705[]" id="rate4_705" />Very Good</label><label for="rate1_705"><input type="radio" value="1" name="rating_705[]" id="rate1_705" />Poor</label><input type="hidden" name="rs_id" value="705" /><input type="submit" name="rate705" value="Rate" /></div></form></div></td></tr></table> Their might be some Xss code in the keywords that was just for testing Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 3, 2007 Share Posted November 3, 2007 Debugged, it's adding a second <tr></tr> combination per row, the suggested code from the other person had a bug in it, ironically. (not mine xD) <table> <tr> <td> CELL 1 </td> <td> CELL 2 </td> </tr> <tr> </tr> <tr> <td> CELL 3 </td> <td> CELL 4 </td> </tr> <tr> </tr> </table> Fixed the code, copy the following instead: <?php $keyword_query = mysql_real_escape_string($_POST['keyword_query']);//we need to sanitize ANY and ALL user input, to prevent sql injection and yada-yada $query = @mysql_query("SELECT id,basename,keywords FROM images WHERE keywords LIKE '%$keyword_query%' AND basename != null ") or die(mysql_error()); if(!mysql_num_rows($query)){//0 = false, 1 or more = true die("I'm sorry, no results were found for $keyword_query."); } //if it gets to here, that means there were some matches... echo "<table><tr>"; $rowcounter = 0; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; list($filename,$extension) = explode(".",$basename);//something.ext to something & ext $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... if (!$rowcounter%3){echo "<tr>";}//if 1 or 2, nothing happens, if 0, it echos <tr> echo "<td><img src='$basename' alt='$keywords' /><br>Keywords: $keywords<br><br>"; $rater_id=$row['id']; $rater_item_name=ucfirst($filename);//capitalize filename for rating include("rater.php"); echo "</td>"; $rowcounter++; if (!$rowcounter%3){echo "</tr>";}//if 1 or 2, nothing happens, if 0, it echos </tr> } echo "</table>"; mysql_free_result($query);//clear off memory of all data from this query, just in case it returns a lot of results and takes up memory on the sever, helps w/ server load ?> Here's what I did, and it may work or not... I added a new condition in the query of AND basename != null (to get rid of those blank results) so we don't have to worry about checking... That was the main cause of it all, really. Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 4, 2007 Author Share Posted November 4, 2007 That dosent work.. It now dosent display any images even if you search for them. Just says cannot find images Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 4, 2007 Author Share Posted November 4, 2007 <? ob_start();//output buffering include("include/common.php"); $keyword_query = mysql_real_escape_string($_POST['keyword_query']);//we need to sanitize ANY and ALL user input, to prevent sql injection and yada-yada $query = @mysql_query("SELECT id,basename,keywords FROM images WHERE keywords LIKE '%$keyword_query%' ") or die(mysql_error()); if(!mysql_num_rows($query)){//0 = false, 1 or more = true die("I'm sorry, no results were found for $keyword_query."); } //if it gets to here, that means there were some matches... echo "<table><tr>"; $rowcounter = 0; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; list($filename,$extension) = explode(".",$basename);//something.ext to something & ext $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... if (!$rowcounter%3){echo "<tr>";}//if 1 or 2, nothing happens, if 0, it echos <tr> if ($basename) { echo "<td><img src='$basename' witdh='100' hight'100' alt='$keywords' /><br>Keywords: $keywords<br><br>"; } $rater_id=$row['id']; $rater_item_name=ucfirst($filename);//capitalize filename for rating include("rater.php"); echo "</td>"; $rowcounter++; if (!$rowcounter%3){echo "</tr>";}//if 1 or 2, nothing happens, if 0, it echos </tr> } echo "</table>"; mysql_free_result($query);//clear off memory of all data from this query, just in case it returns a lot of results and takes up memory on the sever, helps w/ server load ?> Fixed it myself! Wow I love this forum.. i learned so much just from all this.. Is their any tutorial for Having it create dynamic pages.. so when it echos it makes it so you can click the link and go to a page that displays the image that was clicked... if you understand me correctly. Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 4, 2007 Share Posted November 4, 2007 If you imagine, dynamic pages are simply pages that echo out data based on an input... So... if(is_numeric($_GET['image_id']) && $_GET['page'] == "viewimage"){//display the image //insert query here to get image information, use a LIMIT 1 (at the end of the query to return only the one result) $image_id = mysql_real_escape_string($_GET['image_id']);//make it sanitized for database input $query = "SELECT blah blah blah WHERE image_id = '$image_id' LIMIT 1"; if(!mysql_num_rows($query)){//this returned 0, so die die("I'm sorry, we cannot find the image in the database."); } $row = mysql_fetch_array($query); echo $row['stuff']; echo $row['otherstuff']; } else {//they do not want to view an image, so just show them something else //stuff here } The url would look something like this: http://www.yoursite.com/image.php?page=viewimage&image_id=598012 You should be able to read this and understand how it works, commented out for you. I am ultimately surprised that the code you supposedly fixed, actually works, here's why. $rowcounter = 0; while($row = mysql_fetch_array($query)){ $basename = $row['basename']; list($filename,$extension) = explode(".",$basename);//something.ext to something & ext $keywords = $row['keywords'];//you can do fancy stuff with this one, explode into arrays, etc... if (!$rowcounter%3){echo "<tr>";}//if 1 or 2, nothing happens, if 0, it echos <tr> if ($basename) { echo "<td><img src='$basename' witdh='100' hight'100' alt='$keywords' /><br>Keywords: $keywords<br><br>"; } $rater_id=$row['id']; $rater_item_name=ucfirst($filename);//capitalize filename for rating include("rater.php"); echo "</td>"; $rowcounter++; if (!$rowcounter%3){echo "</tr>";}//if 1 or 2, nothing happens, if 0, it echos </tr> } Think about it, $rowcounter increments by one each time there is a row in the database being read, whether or not it has a basename. This means that each time it loops 3 times, it creates a new row (not dependent on how many table data cells were made per row). Double-check to see if this generates the HTML correctly, and I believe it DOESN'T Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 4, 2007 Author Share Posted November 4, 2007 Hey doubled check and i got it kinda to work... im going to pm you the links to the site so you can see for your self... Quote Link to comment Share on other sites More sharing options...
Deanznet Posted November 4, 2007 Author Share Posted November 4, 2007 Bare with me let me know if i did this right... <? ob_start();//output buffering include("include/common.php"); if(is_numeric($_GET['image_id']) && $_GET['page'] == "viewimage"){//display the image $image_id = mysql_real_escape_string($_GET['image_id']);//make it sanitized for database input $query = "select pkey from images where image_id = '$image_id' LIMIT 1"; if(!mysql_num_rows($query)){//this returned 0, so die die("I'm sorry, we cannot find the image in the database."); } $row = mysql_fetch_array($query); echo $row['stuff']; echo $row['otherstuff']; } else {//they do not want to view an image, so just show them something else //stuff here } ?> If i use the code like that is just a blank white page.. no image their. and if i put in a wrong pkey it shows Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in line 11 witch is if(!mysql_num_rows($query)){//this returned 0, so die and than the I'm sorry, we cannot find the image in the database So you know... The Image colum is has the following in it.. id filename ipaddress date status pkey user keywords basename if you follow me.. the filename stores it like this 921fsf2.jpg and the pkey is just the name 921fsf2 basename is the imge url such as http://www.mysite.net/uploads/d405282029 and it displays the image. Quote Link to comment Share on other sites More sharing options...
kratsg Posted November 5, 2007 Share Posted November 5, 2007 You also need to format those outputs $row['stuff'] and $row['otherstuff'] for images, etc... Table Images: id filename ipaddress date status pkey user keywords basename <?php ob_start();//output buffering include("include/common.php"); if(is_numeric($_GET['image_id']) && $_GET['page'] == "viewimage"){//display the image $image_id = mysql_real_escape_string($_GET['image_id']);//make it sanitized for database input $query = "SELECT filename,pkey,basename FROM images where image_id = '$image_id' LIMIT 1"; if(!mysql_num_rows($query)){//this returned 0, so die die("I'm sorry, we cannot find the image in the database."); } $row = mysql_fetch_array($query); echo "<img src=".$row['basename']." alt=".$row['filename']."><br>"; echo "<b>Viewing image: ".$row['pkey']."</b>"; } else {//they do not want to view an image, so just show them something else echo "Show something else here, we're not looking at a specific image..."; } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.