943,923 Members | Top Members by Rank

Web Development > PHP > how to pass one script to another using php,mysqldatabase
Ad:
  • PHP Discussion Thread
  • Unsolved
  • Views: 1611
  • PHP RSS
Permalink
Apr 23rd, 2008
0

how to pass one script to another using php,mysqldatabase

Expand Post »
Hi.. I am new in php +ajax.....Now i am doing project in php+ajax+linux environment...i create a login page using php,ajax,mysql,, i have mysql tables are. register,slideshow,,,,,In register table having following field...
1.uid (autoincrement)2.first (firstname)3.last(surname)4.user(username),5.pass(password)
In slide show table having following field,,,
1.uid 2.pid(presentation id,autoincrment) 3.slideno 4.description 5.location(this is what image file is store that particular location)..
my login programs are..
//login.html

html Syntax (Toggle Plain Text)
  1. <html>
  2. <head>
  3. <script language="javascript" type="text/javascript">
  4. //Browser Support Code
  5. function ajaxFunction()
  6. {
  7. var ajaxRequest; // The variable that makes Ajax possible!
  8.  
  9. try
  10. {
  11. // Opera 8.0+, Firefox, Safari
  12. ajaxRequest = new XMLHttpRequest();
  13. }
  14. catch (e)
  15. {
  16. // Internet Explorer Browsers
  17. try
  18. {
  19. ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
  20. }
  21. catch (e)
  22. {
  23. try
  24. {
  25. ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
  26. }
  27. catch (e)
  28. {
  29. // Something went wrong
  30. alert("Your browser broke!");
  31. return false;
  32. }
  33. }
  34. }
  35.  
  36. // Create a function that will receive data sent from the server
  37. ajaxRequest.onreadystatechange = function()
  38. {
  39. if(ajaxRequest.readyState == 4)
  40. {
  41. var ajaxDisplay = document.getElementById('ajaxDiv');
  42. ajaxDisplay.innerHTML = ajaxRequest.responseText;
  43. document.getElementById('message').style.visibility = 'hidden';
  44. }
  45. }
  46.  
  47. var user= document.getElementById('user').value;
  48. var pass= document.getElementById('pass').value;
  49. var queryString = "?user=" + user + "&pass=" + pass;
  50. document.getElementById('message').style.visibility = 'visible';
  51. ajaxRequest.open("GET","login.php" + queryString, true);
  52. ajaxRequest.send(null);
  53.  
  54. }
  55. </script>
  56. </head>
  57. <body>
  58. <div id="message" style="position:absolute; top:1%; left:95%; margin-left:-100px; font-size:14;background-color: red ;color: white;width: 165px; height: 25px; overflow: auto;visibility: hidden">Executing...</div>
  59. <form>
  60. <center>
  61. <img src="" style="visibility:hidden" width="0%" height="0%">
  62. <table border="0" bgcolor="#CCCCFF" cellspacing="1" cellpadding="3" width="287">
  63. <tr>
  64. <td align="left" colspan="2" width="275"><b><font size="5" color="#000080">Login</font></b></td>
  65. </tr>
  66. <tr>
  67. <td align="right" width="81"><b><font color="#000080">User
  68. Name:</font></b></td>
  69. <td width="184">
  70. <input type="text" id="user">
  71. </td>
  72. </tr>
  73. <tr>
  74. <td align="right" width="81"><b><font color="#000080">Password:</font></b></td>
  75. <td width="184">
  76. <input type="password" id="pass">
  77. </td>
  78. </tr>
  79. <tr>
  80. <td colspan="2" align="center" width="275"><input type="button" onclick="ajaxFunction()" value="Login" ></td>
  81. </tr>
  82. </table>
  83. <div id="ajaxDiv">&nbsp;
  84. </center>
  85. </form>
  86. </body>
  87. </html>
//login.php
php Syntax (Toggle Plain Text)
  1. <?php
  2. $user=$_GET['user'];
  3. $pass=$_GET['pass'];
  4. $conn = mysql_connect("localhost","root","") or die("could not connect server");
  5. $db = mysql_select_db("thiru",$conn) or die("could not connect database");
  6. $query= "select * from register";
  7. $res = mysql_query($query) or die("query failed" . mysql_error());
  8. $num_rows=mysql_num_rows($res);
  9. while($rr=mysql_fetch_array($res))
  10. {
  11. if($user==$rr[3] && $pass==$rr[4])
  12. {
  13. //get uid
  14. $insert=$rr[0];
  15. //echo"welcome" .$user;
  16. $flag=true;
  17. }
  18. }
  19. if($flag==false)
  20. {
  21. echo"userid and password mismatch";
  22. }
  23. mysql_close($conn);
  24. ?>

The above program is successfully logged .. and i fetch uid in $insert variable...This is my quetion...
uid,pid,slideno,description,location will be stored automaticallyin slideshow table..while i upload file....
my upload proram is given below...
//upload.html file
html Syntax (Toggle Plain Text)
  1. <html>
  2.  
  3. <head>
  4.  
  5. <script type="text/javascript" language="javascript">
  6. function upload()
  7. {
  8.  
  9. var oForm = document.uploadform;
  10. oForm.submit();
  11. }
  12. </script>
  13.  
  14. </head>
  15.  
  16. <body>
  17.  
  18. <div id="message" class="drag" style="position:absolute; top:50%; left:50%; margin-left:-100px; font-size:12;background: transparent;
  19.  
  20. width: 75px; height: 75px; overflow: auto; visibility: hidden">
  21.  
  22. </div>
  23.  
  24. <center>
  25.  
  26. <form name="uploadform" action="upload.php" method="POST" ENCTYPE="multipart/form-data" target="hiddenFrame">
  27. Open :
  28. <input style="font:normal 10px Verdana" size="35" align="left" type="file" name="code" id="code">&nbsp;&nbsp;&nbsp;&nbsp;<br><button onClick="upload();return false">Upload</button>
  29.  
  30. </form>
  31.  
  32. <iframe src="about:blank" name="hiddenFrame" width="400" height="400"
  33.  
  34. frameborder="1" ></iframe>
  35.  
  36. </center>
  37.  
  38. </body>
  39.  
  40. </html>

//upload php file
php Syntax (Toggle Plain Text)
  1. <?php
  2. $uploaddir='/var/www/html/upload/';
  3. $uploadfile=$uploaddir.basename($_FILES['code']['name']);
  4. echo '<pre>';
  5. if (move_uploaded_file($_FILES['code']['tmp_name'], $uploadfile))
  6. {
  7. echo "File was successfully uploaded.\n";
  8. print "</pre>";
  9. $conn=mysql_connect("localhost","root","");
  10. $db=mysql_select_db("thiru");
  11. $query = "insert into slide(sloc)values('$uploadfile')";
  12. $result=mysql_query($query);
  13. echo"<br>";
  14. mysql_close($conn);
  15. $filename=$_FILES['code']['name'];
  16. echo"filename:";
  17. echo $filename;
  18. echo"<br>";
  19. }
  20. else
  21. {
  22. echo "please choose a correct file!!";
  23. }
  24.  
  25. ?>

please send me the correct coding ..
Edit/Delete Message
Last edited by digital-ether; Apr 24th, 2008 at 11:43 am. Reason: Please wrap your code in [code] ... [/code] tags
Reputation Points: 10
Solved Threads: 0
Newbie Poster
thirusvga is offline Offline
5 posts
since Apr 2008
Permalink
Apr 24th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

Your file upload looks ok. You just have to let your File Upload page know that the upload was successful or not.

To do this, in your PHP that handles the file upload, put in a javascript function that returns the status of the upload. ]

eg:

PHP Syntax (Toggle Plain Text)
  1. <script>
  2.  
  3. top.my_callback(true);
  4.  
  5. </script>

Notice that the function is a method of "top". This references the top window, or the window that contains the Iframe you have this code in.


In your File upload page, put in a handler for the javascript function. Eg:

javascript Syntax (Toggle Plain Text)
  1. function my_callback(status) {
  2.  
  3. if (status == true) alert('file uploaded');
  4. else alert('upload failed');
  5.  
  6. }
Last edited by digital-ether; Apr 24th, 2008 at 11:53 am.
Moderator
Reputation Points: 457
Solved Threads: 101
Nearly a Posting Virtuoso
digital-ether is offline Offline
1,250 posts
since Sep 2005
Permalink
Apr 25th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

ya.. uploaded file is successful stored in database when i newly file upload..my problem is how to pass my uid from register table to slideshow table..using php, ajax..
please help me..
Reputation Points: 10
Solved Threads: 0
Newbie Poster
thirusvga is offline Offline
5 posts
since Apr 2008
Permalink
Apr 25th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

Click to Expand / Collapse  Quote originally posted by thirusvga ...
ya.. uploaded file is successful stored in database when i newly file upload..my problem is how to pass my uid from register table to slideshow table..using php, ajax..
please help me..
The UID should be in the current users session. Don't pass it via AJAX.

Eg: When you logged the user in, create a session for the user. You can use the built in PHP session management $_SESSION. Or you can create your own session management by entering each login into a session table in the database.

When a user uploads something, check a cookie sent by the user for the session ID. You can verify this session exists by looking up your session db table, or $_SESSION variable if you use that...
Moderator
Reputation Points: 457
Solved Threads: 101
Nearly a Posting Virtuoso
digital-ether is offline Offline
1,250 posts
since Sep 2005
Permalink
Apr 25th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

i dont know about session..In my login program where i insert a session....help me...and reply me madam..
Reputation Points: 10
Solved Threads: 0
Newbie Poster
thirusvga is offline Offline
5 posts
since Apr 2008
Permalink
Apr 25th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

Simple example of a session:

When a user logs in successfully. you do:

php Syntax (Toggle Plain Text)
  1. $sessid = sha1(rand(1, 1000000000).time()); // create a random id for the users session
  2.  
  3. $_SESSION[$sessid] = $userid; // save the userid to the $_SESSION variable. PHP will automatically keep track of this value across php pages. 
  4.  
  5. setCookie('sess_id', $sessid, time()+3600); // set session cookie for 1 hour expiry. This will track the user and let you know that they already authenticated...


Now when you want to know if the user is logged in, just check the cookie "sess_id" and if its set, get its value an make sure it is an existing session id by checking it against $_SESSION.

php Syntax (Toggle Plain Text)
  1. $sessid = $_COOKIE['sess_id'];
  2. if (isset($_SESSION[$sessid])) {
  3. // ok we have a session and it exists
  4. $userid = $_SESSION[$sessid];
  5. } else {
  6. // we don't have a session for this user
  7.  
  8. }


Off Topic:

In your authentication script you have:
PHP Syntax (Toggle Plain Text)
  1. $query= "select * from register";

then you iterate through each returned db row and check user and password. This is not very efficient. Imagine if you have 100 000 users. You'd have 100 * (bytes per row) Kb sent to your PHP script from the DB each time you authenticate someone. Then PHP has to parse that SQL response into PHP objects.

The "better" way of doing it is:
php Syntax (Toggle Plain Text)
  1. $query= "select * from register where username = '".mysql_escape_string($username)."' AND password = '".mysql_escape_string($password)."' LIMIT 1";

This way you only get the row you want from the db.

Also, you may want to save the passwords as one way encrypted hashes. PHP implements md5, sha hashes natively. You can use this to "encrypt" the passwords and increase user security.

eg:
php Syntax (Toggle Plain Text)
  1. $secret = '32d0we9*03ojsdfp98323;afp%^9;3f;hd'; // its good to keep a secret
  2.  
  3. $hash = sha1($password.$secret); // 1 way encrypt it 
  4.  
  5. // save this password hash in the db.


When you need to verify a password hash the password given by the user, and compare it with the one in the db.
php Syntax (Toggle Plain Text)
  1. $user = $_GET['user'];
  2. $pass = $_GET['pass'];
  3.  
  4.  
  5. $secret = '32d0we9*03ojsdfp98323;afp%^9;3f;hd'; // its good to keep a secret
  6.  
  7. $hash = sha1($password.$secret);
  8.  
  9. $query = "select * from registerwhere username = '".mysql_escape_string($user)."' AND password = '".mysql_escape_string($hash)."' LIMIT 1";

This way even if someone managed to hack into your database, they still will have a hard time decrypting the passwords in the db.
Last edited by digital-ether; Apr 25th, 2008 at 2:22 am.
Moderator
Reputation Points: 457
Solved Threads: 101
Nearly a Posting Virtuoso
digital-ether is offline Offline
1,250 posts
since Sep 2005
Permalink
Apr 25th, 2008
0

Re: how to pass one script to another using php,mysqldatabase

ok..let i try ..if any problem i will reply soon..
Reputation Points: 10
Solved Threads: 0
Newbie Poster
thirusvga is offline Offline
5 posts
since Apr 2008

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in PHP Forum Timeline: Ftp folder
Next Thread in PHP Forum Timeline: session not keeping user logged in





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC