Boy, I wish I had found this thread sooner because then I wouldn't have to make such a huge post. Here it goes:
Originally Posted by
MisterSako
is there a way to get user input into variables with php using only one file (ie have the form to input the data and process it in one document instead of "POST"ing to a seperate document)
Yes, infact it's quite common for smaller scripts. Take for instance this bare bone code:
PHP Code:
switch($_REQUEST['action']) {
case "login":
login();
break;
case "search":
search();
break;
default:
main_page();
break;
}
function login() {
// check if $_REQUEST['user'] and $_REQUEST['pass'] is set
// .. if not display login form and return;
// if set, check if this is a valid login (escape input if this is a mysql ceck.
// $usrname = mysql_real_escape($_REQUEST['user']);
// $passwrd = mysql_reql_escape($_REQUEST['pass']);
// $sql = "select * from login_table WHERE user = '$usrname' AND pass = '$passwrd'";
// .. if result is null display bad login message, display login form again and return;
// if login is good, set session variables, and forward back to the main page.
}
function search() {
// check if search input is specified, if not display search form
// if search is specified display search results return;
}
function main_page() {
// display your main page
// return;
}
All this requires is that in your forms you include a hidden variable called action so you can easily find out what you should be doing in your code. If you didnt specify an action variable you'd have huge if statements check for which variables should be defined. By using a simple action variable you group your variable checks into single sections. Nice neat code.
Originally Posted by
MisterSako
another thing im trying to stab at is this fancy mysql database output im trying to do if anyone thinks they could help (im new at php and mysql). Im trying to make my own automatied FAQ system. theres 4 fields for each row but thats not important
Code:
$result = mysql_query("SELECT * FROM faq");
if (!$result)
{
$errorreport="3faq printing out faq";
echo($errormessage);
}
else
{
$highestID=0;
$contentSize=0;
$contentPrinted=0;
while($row = mysql_fetch_array( $result ))
{
if($row['ID'] > $highestID)
{
$highestID=$row['ID'];
};
$contentSize=$contentSize+1;
}
echo($highestID);
while($row = mysql_fetch_array( $result ))
{
echo "<p>Question: ";
echo $row['Question'];
echo "<br>Answer: ";
echo $row['Answer'];
echo "</p><br>";
}
the problem is it only processes the first "while($row = mysql_fetch_array( $result ))" part correctly, the 2nd one doesnt do anything. if i switch them around in order the new first one works but not the 2nd one.
i think the problem is it doesn't look down through each row starting from the begining on the 2nd while loop, is there some kind of command to "reset" the "cursor"?
The problem with your second loop not working is that you've already looped through all the record sets. Mysql queries return a record set just like an associative array.
The code:
PHP Code:
while($row = mysql_fetch_array( $result ))
Says logically while mysql returns me a record set I want to do this loop. I dont want to exit until fetch_array is null. Hence you come out of the first loop already at the end of your array. Luckily, mysql has a handy dandy function that allows you to reset the record set index. It's mysql_data_seek. However, you should rewrite the code so you don't need to do this as its very unefficient and theres probably a tremendously better way to do it. It looks roughly like you want to know how many QnA's you selected. So you can use mysql_num_rows() To find out.
Originally Posted by
MisterSako
agh what am i doing wrong???
http://mrsako.gotdns.com/backupwithlogin.php
right below the body tag i tried to do this
<?php
include("loginsystem/include/session.php");
?>
why does it just write it all to the screen? on my faq section (scroll super alot down and click FAQ) i have php embded within my page there (but not a include file) and it works fine so i know i have PHP and mysql installed correcctly. this is whats in the session.php file
i tried putting php after <? but it just made the entire site not show up except for the include stuff
PHP Code:
edit- i took this code out because it was a waste of 200 lines
btw shadow if i'd still muchly appreciate that zip file :}
In the php.ini file there's some php tag options. One is asp tags, the other is short tags (<? ?>).
Originally Posted by
php.net
short_open_tag "1" PHP_INI_PERDIR PHP_INI_ALL in PHP <= 4.0.0.
asp_tags "0" PHP_INI_PERDIR PHP_INI_ALL in PHP <= 4.0.0.
Originally Posted by
MisterSako
alright im stuck once again. i started all over and ditched that other guys login system
i have finished making my own system in which you can login and register
(
http://mrsako.gotdns.com/index.php )
its pretty nifty you can even try it if youd like.
how it works lets say your logging in you type in the information on login.php and you hit submit and it gets processed in a different .php file. and then it sends you back to the site after logging you in. or it sends you back to login.php if you had a wrong username or password. what i want to do is be able to have some text coming up saying "invalid username or password" is there a way i can do this with variables by having the processing php file assign $errormsg="bad uname or pass"; then have login.php echo(errormsg);
or do i have to do something like login.php?error=1
im not going to use cookies though thats just dumb, id rather do the login.php?error=1 method
The customary method is to stay at the login page on error. Ie if the login is being processed on a seperate file, you could also have the same login form in that page so you can echo out an error and display the login again. You could also use session variables even though the user hasn't logged in yet. Just set $_SESSION['login_error_msg'] = "you failed at loggin in"; Then on the main page check to see if the variable is set, if so display the message.
Originally Posted by
MisterSako
yeh i use cookies to keep track if their logged in or out. but im trying to avoid cookies becasue not everyone has them enabled and you can just edit your cookie file to do stuff that maybe your not supposed to etc.
i decided to use the assiging variables at the end of the address way for the error reporting. my only slight concern is some browsers might trip up wth stuff like ! : and , being in the address
Session's are the standard form of variable storage. To keep things secure, the onlything that should be stored in a cookie, is a session id. If they edit the value, then all they do is lose their session.
Originally Posted by
MisterSako
some people do make random passwords. my passwords never form words, it would be more fool proof. but none of that is important
whats the command in php to check a string variable for a certain string of text within it.
ie i have a this variable $dir which is a location to the directory your browsing (im making a online web site control panel thing like alot of free web hosts have) and i want to say like
if in $dir theres the string "hosted/../" (spelled like that in that order) to change $dir to = "hosted"
i searched the php website i cant find the command for this. im using the latest version of php (im trying to make it so the user cant browse into directories hes not supposed to be in)
Use strpos to find the location of a string within a string. If the string does not contain the search, it returns false. In php to determine the difference between false and 0 (because a sub string could start @ 0) use !== or ===. The three character signs mean check variable type as well as value.
Originally Posted by
MisterSako
also is there a command to remove the last certain amount of characters from a string
ie
PHP Code:
$oldstring="tenletters";
$newstring=takeofflast($oldstring, 7);
if($newstring=="ten")
{
echo("it worked");
}
actualy does the double quotes make it an array of characters not a string?
Not a command persay, but very easy to accomplish.
PHP Code:
$newstring = substr($oldstring, strlen($oldstring)-(8), 7);
use -8, because character indexes are 0 based, but strlen is 1 based.
Originally Posted by
MisterSako
ok another command question
i know stristr(); can find the first occurance of a character within a string. but how about the last occurance?
ie i have $dir=hosted/blah/blah2
i need it to seperate off blah2 by only looking at the string starting after the last /
This is a fun one, as it involves a neat logic trick.
PHP Code:
$search_str = strrev($str);
$needle_str = strrev($needle);
$last_pos = strpos($needle_str, $search_str) - (strlen($search_str) - strlen($needle_str));
// (13)
Hello World! World! // 18 long
// (5)
!dlroW !dlroW olleH // 18 long
// 18 - 5 = 13 // huzah
Originally Posted by
MisterSako
i have this part in my code. which DID work then out of nowhere it stopped working and i cant understand it. this is apart of my registration process to make sure the user input the right kind of information
PHP Code:
if(($username_check > 0) || ($usersite_check > 0) || ($usersite_check2==0) || ($password_check==0) || ($email_check2==0))
{
if($username_check > 0){
header("Location: register.php?error=2"); //Sorry, that username already exists
}
if($password_check == 0){
header("Location: register.php?error=3"); //The Password and Confirmation Password you entered do not match
}
if($email_check > 0){
header("Location: register.php?error=4"); //sorry that email is taken
}
if($email_check2 == 0){
header("Location: register.php?error=5"); //The Email and Confirmation Email you entered do not match
}
if($usersite_check > 0){
header("Location: register.php?error=7"); //Sorry, that web url is taken
}
if($usersite_check2 == 0){
header("Location: register.php?error=8"); //your web url can only contain letters and numbers
}
header("Location: register.php?error=9991"); //if somehow they got through those if statements, send em back to register
die("error, report to webmaster ($site_email)");
}
whenever they input something wrong it goes into the first if statement (with all the ||) if nothing is wrong it skips over the if statement, like it should be.
see how on the bottom i have the "//if somehow they got through those if statements, send em back to register" part. well when it goes inside this if statement, which means it had to qualify as one of the if statements which are seperated with ||. but it NEVER will go into the ifstatements below it, and always goes to the backup header command i put.
i can't figure out why it does this, it also skips over them if i place them outside the "mother" if statement
Welcome to the Repeating Department of Redundancy Department (RDR Department).
Chop off the first if statement and just use the nested statements. Also, if you are using cookies, you should be aware that header() tends not to work as session_start() sends out header statements that will make the header() function error out. Use a javascript, or html meta redirect instead unless you know your session isn't going ot use cookies and send out headers before hand.
Originally Posted by
CornedBee
Which, slightly modified, is not a bad idea. Basically, you should always separate processing and displaying in the code anyway. If you have both well encapsulated, it's easy to make the two effectively the same, so you can directly reuse the values.
That said, there is no security issue with just GET-forwarding the variables - the only problem would be the long querystring, which might be longer than what the server wants to handle. (I think Apache rejects URLs longer than ~1000 characters, perhaps even less.)
Well, don't forward the requested password, as it would appear in clear text in the URL, and users might not like that.
Just conformation here:
http://www.zend.com/zend/spotlight/mimocsumissions.php
Originally Posted by
Zend
The second of the restrictions on the GET method leads me to the focus of today's column. Although the GET method is very useful, it has a limit of approximately 1k (1024 characters). This means that any submission that can possibly be greater than 1024 characters (including the names of all of the variables, ampersands, etc.) must be done through the POST method, which will discuss next.