Posts by nav33n

foreach($array as $value) simply means, for every element in the array, assign its value to $value.
foreach($array as $key => $value) assigns the index of the array to $key and value of that index to $value.
:S I hope I am not confusing you!
This is almost similar to for loop.

for($i=0;$i<count($array);$i++) {
  echo "Key is".$i."Value is".$array[$i];
}
//is same as
foreach($array as $key =>$value) {
 echo "Key is".$key."Value is".$value;
}

<?php
// removal malicious script by forzadraco

$filename="target.php";

$existfile=fopen($filename,"a+");

if($existfile){
echo "file berhasil dibaca \n\n";
}else{
echo "file gagal dibaca \n\n";
}


if( false == ($str=file_get_contents( $filename )))
echo "Could not read file.";
else
echo "File contents: ".htmlspecialchars($str);

$hsl=preg_replace("/xxxx/i","draco",$str);

echo "<hr />".htmlspecialchars($hsl);

fwrite($existfile,$hsl);
fclose($existfile);

?>

Check "mode" http://in2.php.net/manual/en/function.fopen.php . Mode "w" : Open for writing only; place the file pointer at the beginning of the file and truncate the file to zero length. If the file does not exist, attempt to create it.

While fetching, use str_replace to replace "<br />" with "".
ie.,

str_replace("<br />", "", $data);

Column names which are mysql keywords have to be wrapped in ` or else, it would give the above error. date, status, from etc are all keywords.

I don't understand, where is the textarea that you mentioned in your earlier post ?

Great! You are welcome!

Umm.. Yeah, well, almost.. This looks good except the part where you insert string values to a varchar column of the table. Strings should be wrapped in ' single quotes.. So, pass the values accordingly.. ie.,

$obj_Connection = new Database();
$obj_Connection->getConnection();
$table = "food";
$columns = "type, calories";
$data = "[single_quote_here]'cake'[/single_quote], 1000";
$obj_Connection->insertToTable($table, $columns, $data);
$obj_Connection->closeConnection();

I hope you understood what I am talking bout.

The example posted above can also deal with multiple tables. But, if you have different forms and different operations (like one form inserting a record to food table, another form to animals table, etc), you can have multiple functions. Sorry for my ignorance, but, I am not really sure what exactly is the problem :-/

Hi there! I am not sure about the idea of an abstract class or an interface. Here is a simple example of a class with 3 functions, getConnection, closeConnection and insertToTable. getConnection is to connect to the database and closeConnection to close(!). The function insertToTable takes 1 parameter, that is an array. You can pass as many values you want through the array and insert relative values to the table.

<?php
class Database {
	private $db_connection;
	public function getConnection(){
		$this->db_connection=mysql_connect("localhost","root","passw");
		mysql_select_db("databasename");
		if(!$this->db_connection) {
			die('Could not connect'.mysql_error());
		} else {
			return $this->db_connection;
		} 
	}
	public function closeConnection() {
		mysql_close($this->db_connection);
	}
	public function insertToTable($data){
		 $animal_type = $data['animal_type'];
		 $animal_age = $data['animal_age'];
		 /* and all the other data */
		 $insert_to_table1 = "insert into animal (type) values ('$animal_type');
		 mysql_query($insert_to_table1);
		 $insert_to_table2 = "insert into animal_age (age) values ('$animal_age');
		 mysql_query($insert_to_table2);
	}
}	
$obj_Connection = new Database();
$obj_Connection->getConnection();
$data = array();
$data['animal_type'] = "dog";
$data['animal_age'] = 12;
$obj_Connection->insertToTable($data);
$obj_Connection->closeConnection();
?>

Cheers!

Use nl2br function :)
ex.

$message_with_breaks = nl2br($_POST['message']);

If you 'investigate' properly in phpmyadmin, there is an option exactly below the table's structure to add a new column. You can specify the columnname, its datatype and mention "auto_increment" under extra. :-) Its quite simple.

ALTER TABLE tablename ADD columnname INT NOT NULL AUTO_INCREMENT

is the query (just in case if you can't find it!)

Using set_time_limit(0) in your script will make the maximum execution time to 'infinity'. This usually happens if you are processing large number of data or if one of the loop in your script has failed..

$sql = "INSERT INTO `wkho_users`.`directory` (id, organisation, type, addr1, addr2, addr3, addr4, addr5, pcode, phone, fax, gen_email, other, person, position, ext, pers_email) VALUES ('','$org','$type', '$addr1','$addr2','$addr3','$addr4','$addr5','$pcode','$telno','$fax','$web','$notes', '$name','$title','$ext','$email'";

Missing ) in the end.

Hi Nav33n,

I tried that code, open file seems to be alright but the fwrite doesn't seem to work. I put the xls file in the same folder with the .php file. I run the .php file a few times but nothing write to the .xls file.

I google the command and saw that they also used the same with the one you provided, dont know where i'm doing wrong. :(

enz

Umm.. Can you read data from the excel file ? Try that ! also check file permissions. :)

mcd is right. You need to pass the array as a parameter if you want it to use inside a function.

The names of your input are wrong. That is,

<label>
Movie Name: <input name=\"$moviename\" type=\"text\" value=\"$moviename\" size=\"31\" maxlength=\"30\" />
</label>

name=\"moviename\" and not name=\"$moviename\" Since the variables will be empty, the input tags name will be empty too.

<?php
$value1 = $_POST['something1'];
$value2 = $_POST['something2'];
$value3 = $_POST['something3'];
$fp=fopen("example.xls","a+");
$test="$value1 \t $value2 \t $value3 \t \n";
//where $value1,$value2 and $value3 POSTED values to write to excel
fwrite($fp,$test);
fclose($fp);
?>

Here is an example.

<?php
$file="test.xls";
$test="<table border=1><tr><td>Cell 1</td><td>Cell 2</td></tr></table>";
header("Content-type: application/vnd.ms-excel");
header("Content-Disposition: attachment; filename=$file");
echo $test;
?>

Use explode to explode the string to an array and use the 2nd index. ie., $array[2].

So the $dataholder array would just have the data for the matched ID?

No. In the above example, $dataholder will have all the records of the csv file.

What if I want to pull the individual fields from that array?

You can do that by specifying the id. If you want to pull the record for id 4, $dataholder[4] will pull the relevant record.

<?php
$handle = fopen("test.csv", "r"); //open the csv file
while (($data = fgetcsv($handle, 1000, ";")) !== FALSE) { //get the contents
   $id = $data[0]; //first field is the id
   $string = implode(";",$data); //create a string from the array
   $dataholder[$id] = $string; //assign it to another array keeping id as index
   //echo $string."<br>";
}
fclose($handle); //close the file


$id = 2; //id specified by the user
if(array_key_exists($id,$dataholder)) {  //if that id is in the array that we created
	$value1 = "newvalues34"; //write the new values for that id
	$value2 = "newvalues34";
	$dataholder[$id] = $id.";".$value1.";".$value2; //update the values for that id
	
}

$fp = fopen("test.csv","w"); //open the file for writing.. using w as mode will place the file pointer at the beginning (so everything you had in your file is gone!)
foreach ($dataholder as $line) { //for each element of dataholder array
	$line = $line."\n"; 
   fwrite($fp,$line); //write the values to the file
}
fclose($fp); //close the file

?>

I have written comments wherever necessary. First of all, you get all the contents of the csv file to an array keeping the id as the index.
Then for a specific id, change/update the data and put it back to the array.
Again, open the file in write mode and write the contents of the array to the file.
I agree, this isn't a beautiful solution (Infact, if your system crashes after opening the file in write mode, the original data is lost!). But yep, this is all I could think …

<?php
// we must never forget to start the session
session_start(); 
   $dbhost = 'localhost';
   $dbuser = 'root';
   $dbpass = '';
   $dbname = 'urdbname';
   $errorMessage = '';

   if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) 
   {
   
   $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die('Error connecting to mysql');
   mysql_select_db($dbname);

   $userId = $_POST['txtUserId'];
   $password = $_POST['txtPassword'];

   // check if the user id and password combination exist in database
   $sql = "SELECT user_id 
           FROM tbl_auth_user
           WHERE user_id = '$userId' 
                 AND user_password = '$password'";

   $result = mysql_query($sql) 
             or die('Query failed. ' . mysql_error()); 

   if (mysql_num_rows($result) == 1) 
   {
      // the user id and password match, 
      // set the session
      $_SESSION['db_is_logged_in'] = true;

      // after login we move to the main page
      header('Location: main.php');
      exit;
   }
    else
	 {
      $errorMessage = 'Sorry, wrong user id / password';
     }

   mysql_close($conn);
   }
?>

<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head> 
<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?> 
<form method="post" name="frmLogin" id="frmLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150">&nbsp;</td>
<td><input type="image"  name="btnLogin"  value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

Hope this helps, ..
pages based on your requirement...
this code is total in same page.....

One thing I will do on top of this is, sanitize user's input to prevent sql injections. Always use mysql_real_escape_string or addslashes and stripslashes .

Because you are using mysql_fetch_row and trying to use the associated name. Use mysql_fetch_array instead.

In your post, it just redirects the user to respective page on button click. It doesn't post the form. In my post, I have specified the action for the form, so it posts the form data to respective script. That is, $_POST will be available in test1.php, test2.php and test3.php on respective button clicks.

you just give different names to your buttons like:

<input type="submit" name="b1">
<input type="submit" name="b2">
<input type="submit" name="b3">

then at the top of your page:
do like this:

<?
ob_start();
if($_POST['b1'])
{
header("location:one.php");
}
if($_POST['b2'])
{
header("location:two.php");
}
if($_POST['b3'])
{
header("location:three.php");
}

That will just redirect the page once the button is clicked. To post the form data to different scripts depending upon the button clicked, you need to make use of javascript.

<html>
<head>
</head>
<body>
<form method="post" name="form">
<input type="text" name="name" />
<input type="submit" name="submit1" value="submit1" onclick="javascript: form.action='test1.php';" />
<input type="submit" name="submit2" value="submit2" onclick="javascript: form.action='test2.php';"/>
<input type="submit" name="submit3" value="submit3" onclick="javascript: form.action='test3.php';" />
</form>
</body>
</html>

This looks good! :)

I am not sure if you can do that using joins. Join returns all the records which matches the condition. So, there is no way to find out which advertiser belongs to which category.

$query = "select id from category";
$result = mysql_query($query);
while($row = mysql_fetch_array($result)) {
    $categoryid = $row['id'];
  $query2 = "select * from advertisers where category_id='$categoryid' and active=1";
$result2 = mysql_query($query2);
if(mysql_num_rows($result2) > 0 ) {
echo "<h1>".$categoryid."</h1>";
  while($row2 = mysql_fetch_array($result2)) {
$advertisername = $row2['name'];
  echo "Advertiser is ".$advertisername;
}
} else {
 echo "No advertisers found for this category..";
}
}

This way, you can print Category first, then get all the advertisers for that category.

When you post your form to a page, include other php files and process the posted data.
ie.,
page1.php submits to page2.php .
in page2.php, include page3.php and page4.php. So, When you post the form data to page2.php , the same values will be accessible in page3.php and page4.php . Here is an example.

//testpost1.php
<html>
<body>
<form method="post" action="testpost2.php">
Name: <input type="text" name="name">
<br />
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>

<?php
//this is testpost2.php
include "testpost3.php";
print_r($_POST);
?>

<?php
//this is testpost3.php
print_r($_POST);
?>

It will print the form data twice!

If you are dealing with a string in your query, that is,

$query = "select * from table where name='test'";
$query = "select * from table where date='2008-01-20'";
//...etc

then you are supposed to use single quotes around them.
If you are using an integer, then you don't need those quotes. Eg.

$query = "select * from table where id=3";

So, your query has to be modified a lil bit.

$query = "SELECT * FROM runners WHERE first_name ='".$name."'";

Notice the single quotes around $name. You can also do it this way.

$query = "SELECT * FROM runners WHERE first_name ='$name'";

I hope its clear now.

P.S. Also, since you are using a loop, its always good if you put them in a block. ie., use { } .

while($row = mysql_fetch_array($result)) {
 //something here
}

umm.. the form doesn't have a submit button..
But anyway, I am sure it works.

The script that I posted works fine for me, you can see it here.
http://dev.ositnet.com/test.php

:@ Its asking for username and password !

P.S. Its working for them now.. ;)

Umm.. what are you guys trying ? Tinymce or fckeditor ?

As you have said it already, You can get the contents of the csv file to an array (keeping ID as key), modify/update the required records, write the data back to csv again using fputcsv .

Is there a way I can alter my existing code to be able to do this for just the ID (the first column in my table)?

Use print_r to display the array contents and use the required field. ie., print_r($data);

Doesn't create a URL, just text, can I alter that to create a URL out of it?

print "<a href='http://www.somesite.com?id=$id'> Click here </a>"; ?

You are welcome!

Yep. It will create a user called "naveen" with password "password1" and grant SELECT,INSERT,UPDATE,DELETE permissions for that user.

is it possible to create a new db on the server with a new user name and password without having to login to the phpmyadmin section on the control panel on the server?

You have to create a new user (and grant required permissions) using 'root' credentials.
Eg.

<?php
$con = mysql_connect("localhost","root");
mysql_select_db("test");

$query = "Create user 'naveen'@'localhost' IDENTIFIED BY 'password1'";
mysql_query($query);
$query2 = "GRANT SELECT,INSERT,UPDATE,DELETE ON *.* TO 'naveen'@'localhost'";
mysql_query($query2);

mysql_close($con);
echo mysql_connect("localhost","naveen","password1");
?>

I am sorry! I don't have a link to any good tutorial.

There is nothing wrong with your create table query. The only thing that I found missing was the dot operator. Do you still have the error ? If yes, you need to post your complete code as I don't see any other errors!

Use die with mysql_query.
ie., $result = mysql_query($query) or die (mysql_error()); If your query fails, it will 'inform' you why it failed.

Here is an example.

<?php
$handle = fopen('somefile.csv', 'r');
if ($handle)
{
  
    //the top line is the field names
    $fields = fgetcsv($handle, 4096, ',');
   
    //loop through one row at a time
    while (($data = fgetcsv($handle, 1000, ',')) !== FALSE)
    {
        $name=$data[0];
        $address=$data[1];
        print "somesite.com?id=".$name.$address;
    }

    fclose($handle);
}
?>

If it isn't clear enough, just ask :)

"U can't touch this" should have been "U shouldn't touch this!!!" ;)

I am not sure. Maybe this could help.
http://phpbuilder.com/manual/en/faq.com.php#faq.com.q1

mysql_query($sql) or die (mysql_error() mysql_errno());

Try this.

mysql_query($sql) or die (mysql_error(). mysql_errno());

Notice the concatenation operator .
Cheers,
Naveen

Or even tinymce editor.

date is a mysql reserved keyword. Its better if you change the column name "date" to something else. If you don't want to change the column name, use ` around the column name. Oh, btw, if your query isn't still working, print your query and execute it in mysql console/phpmyadmin.

Umm.. Is it related to php ? :-/

Yeah, I tried using &amp; but it truncated the text. I don't believe Flash interprets html. I know the <br> tag gets displayed as plain text.

Oh, I didn't know that. But there must be a work around.. :-/

You can use htmlentities or htmlspecialchars.

I don't think its possible. You have to use foreach, iterate through array elements and take required step. You can't change the 'structure' of an array (ie., replacing [] with " "). Again, I hope I am wrong.

Unless you do a print_r, there 'wont' be []. :-/ I don't understand why[ or how] you want to [going to] do it.