Please provide a sample value for $row_pages['link'] and $row_injection_text['injection_code'].
hielo 65 Veteran Poster
On line 11, where are you initializing $row_injection_text? I am wondering if you meant to write $row_pages?
hielo 65 Veteran Poster
Try:
<select name="cmbclient">
<option value=""></option>
<?php
/* select only the fields you need. Doing SELECT * gets you all the fields on the table, even the one you don't need! */
$dataSql = 'SELECT reff_number, name FROM pelanggan ORDER BY name';
$dataQry = mysql_query($dataSql, $koneksidb) or die ("Gagal Query".mysql_error());
while ($dataRow = mysql_fetch_assoc($dataQry))
{
if ($dataRow['reff_number'] !== $_POST['cmbclient'])
{
echo '<option value="',htmlentities($dataRow['reff_number'],ENT_QUOTES),'">', htmlentities($dataRow['name'],ENT_QUOTES), '</option>',PHP_EOL;
}
else
{
echo '<option value="',htmlentities($dataRow['reff_number'],ENT_QUOTES),'" selected>', htmlentities($dataRow['name'],ENT_QUOTES), '</option>',PHP_EOL;
}
}
mysql_free_result($dataQry);
?>
</select>
hielo 65 Veteran Poster
On line 20 of Page 2, you are expecting a "field/parameter" named "engineers" as a POST request, but on line 13 of Page 1, you are not passing an object -- you need to extract the value of #engineers and pass it onto to Page 2. The load() method will emit a POST request if you pass an object as a second argument OR a GET request if you pass a string. Since Page 2 uses $_POST, then on line 13 of Page 1 you need:
$('#display_info').load('sqlPage2.php', {'engineers': $('#engineers').val()} );
For the sake of completeness, if you wanted to use $_GET on Page 2 instead, then you would need:
$('#display_info').load('sqlPage2.php', 'engineers='+ encodeURIComponent( $('#engineers').val() ) );
Lastly, on Page 2 you should be generating just the <table> markup, not the <html>,<head>,<body> tags. As a matter of fact,
Page 2 is sending code to "re-include" the jquery library. Your Page 1 already included jquery, and since you are using ajax, the browser does not refresh the page -- which means that you don't "loose" the jquery library when you send the request.
As for the <table> on Page 2, the first <form> tag should "hug" the <table>. The second <form> seems unnecessary. Since you are using ajax, the page actually loaded is Page 1, but your second form is targetting Page 2. The net effect is that the browser will navigate to Page 2. You should be really refreshing Page 1.
<?php
//Page 2
$servername = 'localhost';
$username = 'root'; … hielo 65 Veteran Poster
The issue I'm facing now is that the update button won't work
I don't know what button you are referring to. You need to show your code.
hielo 65 Veteran Poster
but the javascript is still giving me an error with the obj = JSON.parse(ret);
That's because on line 16, you supplied the dataType: 'json', option. By doing so, you are telling jquery that the data you are sending from the server is JSON. As a result, when the request completes, jquery automatically invokes its internal JSON.parse() equivalent for you, turning the JSON string into an object. So your ret parameter is an object. The error you are getting is because JSON.parse() expects a string, not an object. Simply rename ret to obj, and get rid of your JSON.parse() statement:
$.ajax({
url: "statusUpdate.php", // Change this to your PHP update script!
type: 'POST',
dataType: 'json',
data: data,
success: function(obj){
$(status).html(obj.status);
$(desc).html(obj.description);
$(this).replaceWith("<button class='btn btn-info'>Edit</button>");
},
error: function(ret){
console.log(ret.error);
}
});
hielo 65 Veteran Poster
With the new code you have, you just need this.value:
$(document).ready(function(){
$('#engineers').on('change', function()
{
$('#display_info').load('sqlPage2.php?' + this.value );
});
For the sake of completeness, with the old code, you needed to pass the value to loaddata() by adding this.data as a parameter:
echo "<select name='engineers' id='engineers' onchange='loaddata(this.value);'>";
hielo 65 Veteran Poster
On line 11 you have:
$('.codeForm tr:last div[id="status"]').attr('id', '#status' + counter + '');
which ends up generating <div id="#status">...</div>. Get rid of the hash symbol. You need the hash symbol only when using selector expressions for jquery, not for the actual ids of the elements. It should be:
$('.codeForm tr:last div[id="status"]').attr('id', 'status' + counter );
hielo 65 Veteran Poster
Won't this rule redirect these pages as well?
No. Those pages start with a question mark immediately after index.php. The RewriteRule above only affects pages that have a forward slash immediately after index.php.
hielo 65 Veteran Poster
Get rid of the $(document).ready(function(){...}); "wrapper". You need that only when you need to execute something as soon as the page has loaded. In your case, by the time the user selects something, the page is already loaded, so you just need to make the load() method call immediately.
function loaddata()
{
$('#display_info').load('sqlPage2.php?engineers');
}
hielo 65 Veteran Poster
I find some of the OO aspects a bit confusing: It seems that an image is turned into an object simply to be able to process it from within an array, programatically.
If I am not mistaken, you are referring to lines 17- 23 on your original post. If so, all that it is doing is is pre-loading the images to ensure that the browser caches the images. That way when the rollover effect is triggered, instead of fetching the images from the server, the browser will use the cached images. If you don't cache the images, every time you swap the images, the browser will fetch the image from the server. If you are on a slow internet connection, you will experience a "flicker" effect while the image loads directly from the server.
On your original post I see:
<img src="/images/black_menu1.jpg" name="button1" width="185" height="30" border="0">
which indicates that black_menu1.jpg is the "initial" image that appears where the <img> tag is located. The question is, does it render properly upon initial page load? If so, then that implies that your site has a top-most folder named images, and hopefully all the images you are trying to preload are in that folder.
var path = '/images/';
should be:
var path = '/';
hielo 65 Veteran Poster
is_int(1) should return true since 1 is an int primitive. However, is_int("1") should return false because you are checking a string (that happens to have a numeric character, but is a string nevertheless).
A form's input (as in $_POST['id']) or url parameter (as in $_GET['id']) is always a string, even if it has a numeric value. What you need is is_numeric().
if ( array_key_exists('id',$_GET) && is_numeric($_GET['id']) ) {
$id = intval( $_GET['id'] );
echo is_int( $id );
}
hielo 65 Veteran Poster
try:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^/?index\.php\/(.*)$ /index.php [R=301,L]
</IfModule>
hielo 65 Veteran Poster
Try:
var commentContent = $('textarea.comment-box#comment');
commentContent.keydown(function(e){
/* see: http://www.quirksmode.org/js/events_properties.html */
var code;
if (!e){
var e = window.event;
}
if (e.keyCode){
code = e.keyCode;
}
else if (e.which){
code = e.which;
}
if( code == 13 && !e.shiftKey && commentContent.is(":focus"))
{
e.preventDefault();
commentForm.submit();
}
});
hielo 65 Veteran Poster
Try changing include('../../../datalogin.php'); to require_once('../../../datalogin.php'); to make sure that the file is actually being included.
hielo 65 Veteran Poster
when I load an entry
I don't know what you mean by that. What exactly are you doing? Provide step-by-step instructions.
hielo 65 Veteran Poster
For the sake of clarity, let's say that your site is jonna.com and that your database.mdb is located at jonna.com/Databases/database.mdb.
try:
'Get the 5 newest news items
Set conob2 = Server.CreateObject("ADODB.Connection")
conob2.Open "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("/Databases/database.mdb") & ";"
Set objRec2 = Server.CreateObject("ADODB.Recordset")
Dim sql2
sql2="SELECT TOP 5 news_date, news_text FROM news ORDER BY news_date DESC"
objRec2.Open sql, conob2, 1,3
NOTE: if the above doesn't work, try replacing:
Provider=Microsoft.Jet.OLEDB.4.0;
with:
Provider=Microsoft.ACE.OLEDB.12.0;
hielo 65 Veteran Poster
On lines 70-75, you need to use "readonly" (everything in lowercase).
hielo 65 Veteran Poster
Test this code
For that, you will need to provide the missing javascript file (grid.js). Are you sure you have the correct name/path to the grid.js file?
hielo 65 Veteran Poster
You need to do the iteration on the server (via PHP). Since all four of your PHP array have the same number of elements, iterate over one of them and use that numeric index to retrieve the equivalent element from the other arrays. Try:
<?php
$tipi = array("asd","222","dda","xcs");
$gun = array("qwe","vvv","zzz","bffg");
$ay = array("asd","bbb","23a","wqe");
$yil=array("zzz","sad","cxc","zxca");
?>
<script type="text/javascript">
var tipi = new Array();
var gun = new Array();
var ay = new Array();
var yil = new Array();
<?php
for($j=0,$limit=count($tipi);$j<$limit;$j++)
{
echo 'tipi[',$j,']="',str_replace('"','\\"',$tipi[$j]),'";',PHP_EOL;
echo 'gun[',$j,']="',str_replace('"','\\"',$gun[$j]),'";',PHP_EOL;
echo 'ay[',$j,']="',str_replace('"','\\"',$ay[$j]),'";',PHP_EOL;
echo 'yil[',$j,']="',str_replace('"','\\"',$yil[$j]),'";',PHP_EOL;
}
?>
</script>
hielo 65 Veteran Poster
You are aware that this is the Java forum... ?
I am now. However, the regex I provided earlier still applies. Here's the java equivalent:
String EXAMPLE_TEST = "In our tests...1234 and another number 4568...done!";
Pattern pattern = Pattern.compile("^In our tests\\D+(\\d+)\\D+(\\d+)");
Matcher matches = pattern.matcher(EXAMPLE_TEST);
if( matches.find() )
{
//matches.group(1) has the first number
//matches.group(2) has the second number
System.out.println( matches.group(1) + " " + matches.group(2) );
}
else
{
System.out.println("No Match!");
}
hielo 65 Veteran Poster
Try:
$lines = file(getcwd().'/data.txt');
foreach( $lines as $line)
{
if( preg_match('/^In our tests\D+(\d+)\D+(\d+)/',$line,$matches) )
{
print_r($matches);
}
}
If there are any matches, then the variable $matches will contain the data you are after.
hielo 65 Veteran Poster
You can easily troubleshoot your problems provided you have the right tools:
A. Colorzilla extension for Firefox
Once this extension is installed, you can click on it to "activate" it for the page currently loaded on your browser. Then hover on the menu you are interested and once you are on the red sub menu, clicking it will cause colorzilla to "capture" that color. You can then retrieve the color name from the plugin and search for it in you source code (which could be inline css or a linked css file).
B. Web Developer Toolbar
Once installed you can click on CSS > View Style Information. After doing this, you can then mouse over the submenu of that you are interested in. You will then see a changing DOM "path" to the element that you are after (including IDs and CLASS names). If you know the ID and/or CLASS name of the elements you are interested in, then you can search for that ID and/or CLASS in your css.
C. Firebug Extension for Firefox
You can just right click on the sub-menu item that you are interested in and then choose "Inspect with Firebug". You should see some "sub-window" with a left and a right "pane" On the left pane you can click on the exact item you are after (ex: a span, div, etc) and on the left you will see the css for that item.
In case you are curious, …
hielo 65 Veteran Poster
before you begin the delay, try "capturing/recording" a reference to " this " in some variable so that your delayed function actually knows what " this " means:
$(".tabButton").click(function() {
var self=this;
$(self).css("background-color", "white").delay(500, function() {
$(self).css("background-color", "black");
})
});
</script> hielo 65 Veteran Poster
If the XML file you are retrieving has invalid markup, then on line 20 xmlDoc will be set to null. If that is the case, then xmlDoc.getElementsByTagName() will give you the error you are describing. So, you need to make sure that the responseXML is not null.
On your XML file, line 18 has a typo, making your xml markup invalid.
hielo 65 Veteran Poster
Load the page in your browser. Then view the source code. Within the source code look for:
#D50512
That is the "red" color that you are seeing.
Q8iEnG commented: Thanks for the help! +3
hielo 65 Veteran Poster
try:
$result = mysql_query("SELECT * FROM comments") or die(mysql_error());
while( $row = mysql_fetch_assoc($result) )
{
echo $row['alias'], ': ', $row['comment'], '<br />', PHP_EOL;
} hielo 65 Veteran Poster
Below is login.php followed by protectedPage.php. Read comments in code
<?php
//login.php
session_start(); // starts the session
//this makes no sense.
// $_SESSION['url'] = $_SERVER['REQUEST_URI'];
//If this file is named login.php, it sets $_SESSION['url'] to login.php. So essentially
//as soon as you arrive at this page you are setting 'url' to 'login.php'. You then see the
//login form. Once you submit the login form and provide the correct username and password
//you are then redirecting to whatever is in 'url', which is (once again) 'login.php'
//The net effect will be that you will remain 'stuck' in login.
//What you need to do is to set $_SESSION['url'] on the page that you want to protect,
//NOT in login.php. See how I did this in protectedPage.php
$SELF=basename(__FILE__);
$msg='';
if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']))
{
$link = mysql_connect('', '', '') or die('Could not connect: ' . mysql_error());
mysql_select_db('') or die(mysql_error());
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$sql="SELECT `active` FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'";
$search = mysql_query($sql) or die(mysql_error());
$match = mysql_num_rows($search);
}
if($match==1)
{
$_SESSION['authenticated']=true;
$url = 'index.php'; // default page for
if(isset($_SESSION['url']))
{
$url = strip_tags($_SESSION['url']);
unset($_SESSION['url']);
}
header("Location: http://web.com/$url");
exit;
}
else
{
$msg='<p>Login Failed! Please make sure that you enter the correct details and that you have activated your account.</p>';
}
?>
<html>
<body>
<h1>Login Form</h1>
<?php
if(!empty($msg))
{
echo $msg;
}
?>
<p>Please enter your name and password to login</p>
<!-- start sign up form -->
<form action="<?php echo $SELF; ?>" method="post">
<div>
<label … hielo 65 Veteran Poster
IF your /Style/ folder is directly under your DOCUMENT_ROOT - ex:
http://yoursite.com/Styles/ then instead of using ../Styles/ start the path reference with a slash - meaning, drop the dots. That way the search path will begin from DOCUMENT_ROOT: ... href="/Styles/styles.css"...
hielo 65 Veteran Poster
Check your file case. In other words, if your folder/file is named Style (uppercase "S"), make sure you are not using< (...) href="../style/style.css"> (lowercase "S")
hielo 65 Veteran Poster
try:
<?php
session_start();
$redirectTo='http://yoursite.com/page.php';
$DEBUG=true;
$SELF=basename(__FILE__);
$err='';
$match=0;
if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']))
{
$link = mysql_connect('localhost', 'username', 'password') or die('Could not connect: ' . mysql_error());
mysql_select_db('database') or die(mysql_error());
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$sql="SELECT `active` FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'";
$search = mysql_query($sql) or die(mysql_error());
$match = mysql_num_rows($search);
if($DEBUG)
{
$msg.='<br />Executed: '.htmlspecialchars($sql,ENT_QUOTES);
$msg.='<br />Total Matches: '.$match;
}
}
if(1==$match)
{
$msg='<p>Login Complete! Thanks</p>';
$row=mysql_fetch_assoc($search);
$_SESSION['username']=$_POST['username'];
$_SESSION['active']=$row['active'];
if(!empty($redirectTo))
{
header('Location: '.$redirectTo);
exit;
}
else
{
$msg='<p>Congratulations, you managed to login successfully. Now you can to go your <a href="account.php">account</a>.</p>';
}
}
else
{
$msg='<p>Login Failed! Please make sure that you enter the correct details and that you have activated your account.</p>';
}
?>
<html>
<body>
<?php
if( !empty($msg) )
{
echo $msg;
}
if(0==$match)
{
?>
<h3>Login Form</h3>
<p>Please enter your name and password to login</p>
<!-- start sign up form -->
<form action="<?php echo $SELF; ?>" method="post">
<label for="name">Name:</label>
<input type="text" name="username" value="" />
<label for="password">Password:</label>
<input type="password" name="password" value="" />
<input type="submit" class="submit_button" value="Login" />
</form>
<?php
}
?>
</body>
</html> hielo 65 Veteran Poster
<input name="name"... /> should be name="username"... />. You your comment:// Set cookie / Start Session / Start Download etc... is inaccurate. You need to start the session BEFORE you even begin sending any output. That means that you cannot start the session after you have send <html>...
Try the attached code instead:
<?php
session_start();
$DEBUG=true;
$SELF=basename(__FILE__);
?>
<html>
<body>
<?php
$link = mysql_connect('localhost', 'username', 'password') or die('Could not connect: ' . mysql_error());
echo 'Connected successfully';
mysql_select_db('database') or die(mysql_error());
if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$sql="SELECT `active` FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'";
$search = mysql_query($sql) or die(mysql_error());
$match = mysql_num_rows($search);
if($DEBUG)
{
echo '<br />Executed: '.htmlspecialchars($sql,ENT_QUOTES);
echo '<br />Total Matches: '.$match;
}
}
if($match==1){
echo '<p>Login Complete! Thanks</p>';
// Set cookie / Start Session / Start Download etc...
}
else
{
echo '<p>Login Failed! Please make sure that you enter the correct details and that you have activated your account.</p>';
}
?>
<h3>Login Form</h3>
<p>Please enter your name and password to login</p>
<!-- start sign up form -->
<form action="<?php echo $SELF; ?>" method="post">
<label for="name">Name:</label>
<input type="text" name="username" value="" />
<label for="password">Password:</label>
<input type="password" name="password" value="" />
<input type="submit" class="submit_button" value="Login" />
</form>
</body>
</html>
hielo 65 Veteran Poster
save the code below as a single file named hielo.php and try it:
<?php
$SELF=basename(__FILE__);
?>
<html>
<head>
<title>Search the Database</title>
<style type="text/css">
form{display:block; text-align:center;}
table#dbSearch{border:3px double black;width:50%;margin:0 auto;text-align:left;}
table#dbSearch tbody tr td{padding:.5em 0px;border-bottom:3px double black;}
label{display:block;width:45%;text-align:right;float:left;font-weight:bold;}
select{border:1px solid #999999;}
option{min-width:10em;}
td.buttonContainer{text-align:center;border-bottom:0px solid black !important;}
table#dbResult{border:3px double black;width:90%;margin:0 auto;text-align:left;}
</style>
</head>
<body>
<form action="<?php echo $SELF; ?>" method="post">
<table id="dbSearch">
<tbody>
<tr>
<td>
<label for="name">Enter Name:</label>
<select id="name" name="searchterm[0]">
<option value="">Select Names</option>
<option value="Pink">Pink</option>
<option value="Jhon">Jhon</option>
<option value="Foysal">Foysal</option>
<option value="Aparna">Aparna</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="year">Enter Year:</label>
<select id="year" name="searchterm[1]">
<option value="">Select Year</option>
<option value="2000">2000</option>
<option value="2001">2001</option>
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
<option value="2007">2007</option>
<option value="2008">2008</option>
<option value="2009">2009</option>
<option value="2010">2010</option>
<option value="2011">2011</option>
<option value="2012">2012</option>
</select>
</td>
</tr>
<tr>
<td>
<label for="month">Enter Month:</label>
<select id="month" name="searchterm[2]">
<option value="">Select Month</option>
<option value="January">January</option>
<option value="February">February</option>
<option value="March">March</option>
<option value="April">April</option>
<option value="May">May</option>
<option value="June">June</option>
<option value="July">July</option>
<option value="August">August</option>
<option value="September">September</option>
<option value="Octobar">Octobar</option>
<option value="November">November</option>
<option value="December">December</option>
</select>
</td>
</tr>
<tr>
<td class="buttonContainer"><input type="submit" name="Submit" value="SEARCH" /></td>
</tr>
</tbody>
</table>
<?php
if(isset($_POST['Submit']) && 'SEARCH'==$_POST['Submit'])
{
$searchOptions=array('0'=>'name','1'=>'year','2'=>'month');
mysql_connect('localhost','root','...') or die(mysql_error());
mysql_select_db('birth') or die(mysql_error());
foreach($_POST['searchterm'] as $index=>$value)
{
if(empty($value))
{
unset($_POST['searchterm'][$index]);
}
else
{
// LIKE search
$_POST['searchterm'][$index]=sprintf("(`%s` LIKE '%%%s%%')",$searchOptions[$index], mysql_real_escape_string($value) );
// EQUAL search
//$_POST['searchterm'][$index]=sprintf("(`%s`='%s')",$searchOptions[$index], mysql_real_escape_string($value) );
}
}
//OR search
$sql='SELECT * FROM `entry` WHERE '.implode(' OR ',$_POST['searchterm']);
//AND search
//$sql='SELECT * FROM `entry` WHERE '.implode(' AND ',$_POST['searchterm']);
$result=mysql_query($sql) or die(mysql_error());
$total=mysql_num_rows($result);
if(0==$total)
{
echo '<p>No results found.</p>';
}
else
{
$row=mysql_fetch_assoc($result);
echo '<p>Total items found:',$total,'</p>';
echo '<table id="dbResult"><thead><tr><th>',implode( … hielo 65 Veteran Poster
There was some problem on the result page,...
You mean syntax problem? I noticed that you have <select name="name[]"...>. What field on the db should be searched when this list is selected? On your posts I keep seeing SELECT * FROM entry WHERE 'wre' LIKE. Do you really have a field name wre?
Also, change ALL your:<option>XXX</option> to <option value="XXX">XXX</option>
I take it this is a problem with language, rather that an imperative.
Assuming you are correct about that, all I have to say is "LOL".
hielo 65 Veteran Poster
I re-coded the files for you. The version of login.php you have above is NOT the one I gave you. Use the three files I gave you (which have absolutely no use for check_user.php. Read the comments in my version of login.php to find out why you don't need check_user.php).
Additionally, the error on line 21 of my version of login.php is the foreach. It should be:foreach($row as $k=>$v)
hielo 65 Veteran Poster
backup your files and then create new files with the code below (make sure you copy and paste). Also, in login.php, be sure to edit the db credentials as well as line 61 (provide email address for $webmaster );
<?php
//login.php
session_start();
$err='';
$file=strip_tags($_SERVER['PHP_SELF']);
if(isset($_POST['Submit']))
{
mysql_connect('127.0.0.1','root','') or die(mysql_error());
mysql_select_db('member') or die(mysql_error());
$user = mysql_real_escape_string(stripslashes($_POST['user']));
$pass = mysql_real_escape_string(stripslashes($_POST['pass']));
$select = "SELECT * FROM `USERS` where `username`='".$_POST['user']."' AND `password`='".$_POST['password']."'";
$msq = mysql_query($select) or die(mysql_error());
$total=mysql_num_rows($msq);
if(1==$total)
{
$row = mysql_fetch_assoc($msq);
foreach($row as $k=$v)
{
$_SESSION[$k] = $v;
}
//there is no need to go to checkuser.php just to figure out the user level.
//If you look at your query in checkuser, it is also doing
// SELECT * FROM users WHERE username='XXX'
//That means that if the correct username/password were entered, the query
//above already got the user-level and is currently stored in $_SESSION['user_level']
//Thus, instead of redirecting to:
// header("location: checkuser.php");
//and re-querying the db on that other file, attemp to redirect the user
//on this file (which is what the elseif-else is doing below
if(isset($_SESSION['returnTo']) && !empty($_SESSION['returnTo']))
{
$temp=$_SESSION['returnTo'];
$_SESSION['returnTo']=NULL;
header('Location: '.$temp);
}
elseif(1==(int)$_SESSION['user_level'])
{
header('Location: Blog-admin-area.php');
}
else
{
header('Location: index.php');
}
exit;
}
elseif(0==$total)
{
$err='<p>Incorrect username/password</p>';
}
else
{
$err='<p>We are currently experiencing technical difficulties. Please try again later.</p>';
$msg='Error encountered at '.$file.'. Expected the query to yield zero or one row, but instead the query generated '.$total.' rows.'.PHP_EOL;
$msg.='The submitted data is as follows:'.PHP_EOL.print_r($_POST,true);
$webmaster='webmaster@yourdomain.com';
$to=$webmaster;
$subject='Error at Login Page';
$headers='To: '.$to.PHP_EOL;
$headers.='From: '.$webmaster.PHP_EOL;
$headers.='Return-Path: … hielo 65 Veteran Poster
but it outputs the message saying "You must be logged in. Click here to login!"..
change:if(!isset($_SESSION['username']) || empty($_SESSION['username']))
to:if(!isset($_POST['Submit']) && (!isset($_SESSION['username']) || empty($_SESSION['username'])))
hielo 65 Veteran Poster
On all three files you have:
...
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
//WRONG: You cannot call mysql_real_escape_string() until AFTER you have connected to the DB
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
mysql_connect("127.0.0.1","root","");
mysql_select_db("member");
//WRONG: you cannot use $_SESSION on the query string. You need to use the values submitted
//which you have stored in $user and $password variables
$select = "SELECT * FROM USERS where username='".$_SESSION['$user']."' && password='".$_SESSION['$pass']."'";
$msq = mysql_query($select);
...change those lines (on all three files) to:
...
$user = $_POST['username'];
$pass = $_POST['password'];
// validate the data
$user = stripslashes($user);
$pass = stripslashes($pass);
mysql_connect("127.0.0.1","root","") or die(mysql_error());
mysql_select_db("member") or die(mysql_error());
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$select = "SELECT * FROM USERS where username='". $user ."' AND password='". $pass . "'";
$msq = mysql_query($select) or die(mysql_error());
... hielo 65 Veteran Poster
It's sending back the entire file
If I understood you correctly, it is sending back the entire PHP code (instead of what just "Hello"). If that is the case, it typically means that the server is not configured to execute php files. You need to search the internet for articles on how to install PHP for your particular server (IIS, Apache, etc)
hielo 65 Veteran Poster
If you clicked on the "Net" tab of Firebug, you would be able to see the URL the request was sent to. Click on the url. You should see a "Response" tab. This should reveal exactly what the server sends back.
hielo 65 Veteran Poster
try:
<?php
session_start();
error_reporting (E_ALL );
//connect to db
$connect = mysql_connect("*******","*****","*******") or die( mysql_error() );
mysql_select_db("******") or die( mysql_error() );
$get = mysql_query("SELECT * FROM `users` WHERE `username`='".$_SESSION['username']."'") or die(mysql_error());
while($row = mysql_fetch_array($get))
{
$admin = $row['user_level'];
if ($admin == 0)
{
header("Location: index.php");
exit;
}
elseif ($admin == 1)
{
header("Location: Blog-admin-area.php");
exit;
}
else
{
echo "this is an invalid status";
}
}
?>On another note, are you using a <FORM> to post the username? If yes, then maybe you meant $_POST['username'] instead of $_SESSION['username']
hielo 65 Veteran Poster
3. The browser is not refreshed after the function is called but should it have to be since it's just sending an alert?
No, it shouldn't, but it is possible - depending on how you call that function. My question was meant to figure out what else might be on that page of yours since you haven't disclosed much. In your case, you would want the browser to NOT refresh after the function executes. Based on your responses, it seems like you are OK on this regard, so we'll just have to see what Firebug "reports".
hielo 65 Veteran Poster
What troubleshooting steps have you taken? Do you know for a fact that the getCityAndState() function is called? If yes, does it make it INTO the if clause?
If yes, is the browser (as a whole) refreshing after the function is called?
If the problem persists, try installing Firebug for Firefox. Load your page. Enabled/Launch Firebug (by clicking on the "grayed-out" bug). Then click on the "Net" tab. Once your function is called/executed, you should see the out going JSON ajax request and its result. You need to verify that the request is in fact going to the correct url and the browser successfully contacts the server.
hielo 65 Veteran Poster
There is no specification that formally states how to behave when forms are nested. Thus, different browser developers handle it differently. Some of them ignore the nested elements. Others use the inner-most form. The only way to achieve consistency is to get rid of the nested forms.
hielo 65 Veteran Poster
try:
<?php
header('Content-Type: application/json');
$a = array('data' => 'Hello');
echo json_encode($a);
exit;
?> hielo 65 Veteran Poster
You are not allowed to nest HTML forms. To clarify, this is NOT allowed:
<form action="test1.php">
...
<form action="test2.php">
...<input type="submit" value="Inner Submit" />
</form>
...<input type="submit" value="Outer Submit" />
</form>You have to get rid of the inner form(s). You can nest the entire table within a "master" form:
<form name="EditHome" method="post" enctype="multipart/form-data" action="SaveHome.php">
<input type="hidden" name="id" value="<?= $id ?>">
<table align="center" width="100%" border="0" bgcolor="f59422" cellspacing="0" cellpadding="0">
<tr>
<td valign="top" height="50">
<table width="100%">
<tr>
<td valign="top" height="50">
<table width="100%" bgcolor="f8ab60">
<tr>
<td valign="top">
<table width="100%">
<tr>
<td valign="top">
<!-- <FORM> -->
<INPUT TYPE="button" VALUE="Return to Property Admin" onClick="parent.location='property_admin.php'">
<!-- </FORM> -->
</td>
<td valign="top">
<!-- <FORM> -->
<INPUT TYPE="button" VALUE="Add a Picture" onClick="parent.location='AddPicture.php?home_id=<?= $id ?>'">
<!-- </FORM> -->
</td>
<td valign="top">
<input type="submit" value="SAVE" />
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</tr>
</table>
</form> manc1976 commented: Well Explained, Thanks +1
hielo 65 Veteran Poster
try:
<!-- make sure you put the [] at the end of the name -->
<input name="searchterm[]" />
<input name="searchterm[]" />
<input name="searchterm[]" />then try:
<?php
//connect to the db first
$conn=mysql_connect('...', '...', '...') or die(mysql_error());
mysql_select_db('...') or die(mysql_error());
foreach($_POST['searchterm'] as $i=>$v)
{
if(preg_match('#\w#',$v))
{
$_POST['searchterm'][$i]=mysql_real_escape_string($v);
}
else
{
unset($_POST['searchterm'][$i]);
}
}
$term = implode("%' OR `searchterm` LIKE %'", $_POST['searchterm']);
$sql = mysql_query("SELECT * FROM entry WHERE `wre` LIKE '%" . $term ."%'" or die(mysql_error());
...
?> hielo 65 Veteran Poster
try changing:
<input type="button" value="SAVE" onclick="submit();" />to:
<input type="submit" value="SAVE" /> hielo 65 Veteran Poster
I ask again, Do you actually see the message "Your password has been changed..."?
If yes:
a.) check your spam folder
b.) ask your web host if "free" account holders are allowed to send out emails - they may have this restriction.
hielo 65 Veteran Poster
That error typically indicates that your query did NOT succeed. To find out what was any error, change $sql = mysql_query ("SELECT * FROM 'Product'"); to $sql = mysql_query ("SELECT * FROM 'Product'") or die(mysql_error());
On the code you posted, the query is wrong. It should be Product (using backticks NOT apostrophes). On a US keyboard, the backtick is on the same key as the tilde(~) character. Thus, the correct statement is:
$sql = mysql_query ("SELECT * FROM `Product`") or die(mysql_error());
Also, echo ($rows['Product']); should be echo ($row['Product']);, with no "s"