Global variable scope is the last result to every pro. language engine. When you keep referring to globals so many times, you compensate on program execution time.
Look i have been reading all your code and the problem is always have a session realm start on top of your file before any code. That includes html too.
session_start();
just declare a simple session start in its owm php tag up there. ON THE FIRST LINE WITHOUT A SPACE.
later you can set a session variable .
Also try not to use session variable raw like..
echo $_SESSION['username']
dont keep to that.
always put it in a standard variable. eg..
if($_POST){
$_SESSION['name']=$_POST['name'];
//dont forget to trim,strip_tags, etc.. clean always inputs that you receives even if it come from heaven. angels sometimes get lazy. trust no inputs.
}
// refer to session variable and put it in normal variable for use.
$foo=$_SESSION['name'];
echo $foo;
dschuett, We are speaking the same language with different tenses.
As i told you, Admin will for some time be the user.
There are two things here involve.
1. admin to login automatically when the said user's account is created and start uploading the fotos.
2. admin does this from the admin CP.
if the later is true,
1. You just code a CP system that will pull registered users up which you put them in the link tag that consists of the user_id, username. (user_show.php)This mean there must be a query to the mysql DB to look for the user. That is user firstname r username etc.
2.You write another file called upload_user_pic.php to recieve the get details from user_show.php. The upload_user_pic.php file must have... a. A html file upload b. A mysql script to insert picture c. The get variable pass the user_id and username to help mysql query so that pics doesnt get to a wrong person. d. A session to keep the &_GET variable so that you stay in state as $_get will loose the variables originally passed.
1.Photographer is the Admin. 2. Admin setup account for users. 3. Admin uploads pictures of an occasion . 4. Admin give the account created to the customer(the user).
5. The user login and can see all the photos uploaded by the admin. right?
If so. Please the script must help you. tweak it. Its the same logic. Use your geek eyes and skills. I have already given you the idea.
Design a flow chart about your idea and send it to me. But i will not give you full working code. since this is not only designed for you but for some other unknown geeks.
One of MS big issue is automatic file exe without the consent of the admin. this is why its easy to hack-in.
I have been hosting up 468 customers on my server and one thing i picked up 8 years ago was admin security. Dont give a gun to a mad man. And when he says he is not mad, still dont give him.
Give him when he admit that he is mad. its a sign of healing.
Firefox is far ahead of chrome. that is a fact. chrome get some few tricks and integrate in google's search. But browser support such as 1.css rendering, 2.Javascript 3.speed 4.stability.
Firefox is robust. Safari and google stays the same as they use the same engine. that is webkit. Opera got her own style and funny font rendering mechanism. IE... ooo IE, Very confused man. They do not conform with www3 standards. They mess up the platform. every web designers woes.
I will update later with facts and figures if it pleases anyone.
if mysql server is running on the same machine,(pc).
hostname","username","password","default schema".
1. Hostname is the host (pc) where the mysql server is. in this case, its localhost. 2.The username is the user(the mysql user account) default is root. 3. Password is the user's password( the mysql user account password). in this case, but id you do not have own yet. This is the password you usually use to login to your system OR the password mysql requested when you were installing. 4. The default schema, is just the default operation mysql mechanism. you can ignore that when you populate the mysql server connection.
That is .
mysql_connect(localhost,root,password).// very simple
/* Place code to connect to your DB here.
*/
include('config.php'); // include your code to connect to DB.
$tbl_name=""; //your table name
// How many adjacent pages should be shown on each side?
$adjacents = 3;
/*
First get total number of rows in data table.
If you have a WHERE clause in your query, make sure you mirror it here.
*/
$query = "SELECT COUNT(*) as num FROM $tbl_name";
$total_pages = mysql_fetch_array(mysql_query($query));
$total_pages = $total_pages[num];
/* Setup vars for query. */
$targetpage = "filename.php"; //your file name (the name of this file)
$limit = 2; //how many items to show per page
$page = $_GET['page'];
if($page)
$start = ($page - 1) * $limit; //first item to display on this page
else
$start = 0; //if no page var is given, set start to 0
/* Get data. */
$sql = "SELECT column_name FROM $tbl_name LIMIT $start, $limit";
$result = mysql_query($sql);
/* Setup page vars for display. */
if ($page == 0) $page = 1; //if no page var is given, default to 1.
$prev = $page - 1; //previous page is page - 1
$next = $page + 1; //next page is page + 1
$lastpage = ceil($total_pages/$limit); //lastpage is = total pages / items per page, rounded up.
$lpm1 = $lastpage - 1; //last page minus 1
/*
Now we apply our rules and draw the pagination object.
We're actually saving the code to a variable in case we want to draw it more than once.
*/ …
Yes, dschuett. You look through the user table for the id field. Just as every table got its own unique id.
Very simple man :)
richieking: Your post makes sense as well except for the same part..I just don't get how to make sure that the user from the users table get the EXACT id from the images table..
Forgive me son. :)
The $foo=insert into users values ('',bal,bal,bla); the empty filed is the
Note: The insert statement again. $foo= insert into users values('','$path','$user_id');
There are 2 ways to get and insert the user id to reference to the picture.
1. if the user already registered and just logon to his control panel, The user can click on upload a picture and upload a picture of his choice from his comp. if this is the case, write your script like this from the login page.
$foo= select user_id,username,fulname , pass from user where(username='$username' and password='$password');
execute mysql query.
// Now you check if the detail exists. You do this
$results = mysql_query($foo) or die (mysql_error()); // Always do this
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
//You put this variables in session global array for future use.
$_SESSION[user_id]=$row[user_id];
$_SESSION[username]=$row[username];
$_SESSION[fulname]=$row[fulname];
// regenerate session, register session and a php header relocation to user account.
// now inserting the picture into the picture table is simple.
//You have the picture table picture(pic_id,path,user_id);
$user=$_SESSION[user_id];
$query="insert into picture values('','$path','$user')"; // execute query and job done. the '' is always the id of …
2. $query = "SELECT * FROM Images WHERE username='{$_SESSION}' "; 3. $result = mysql_query($query);
$query = "SELECT * FROM Images WHERE username='{$_SESSION}' "; $result = mysql_query($query);
Lsmjudoka. Please watch out with this query. For better referencial integrity, you should not use username for query like this.
The possibility of same username is very common. There can exist more than one username and that will be a bug. Always use the uniqueness of a table and that is its ID. If you are dealing with hundreds or thousands of usernames, You will understand why mysql always advice this mechanism.
Just a friendly advice ok?. We are all learning :) Explore ;)
Do you see that on line 8 and 9 you have 2 form tags . with a different actions.
psedo:
$query= "select * from foo"; table foo got id, name,
$select=mysql_query($query) or die (mysql_error());// always do this
//Declare form tag here.
echo "<form action='#' name='form'>"; other form headers bla bla...
echo "<table style='width:60%;'> "; // Table opening
// do the while loops here
while($row=mysql_fetch_array($select)){
echo "<tr><td><input type='radio' name='radio[]' value=$row[name]> $row[name]</td><tr>";
}
echo "<input type='submit' name='submit' value='submit'>";
echo "</table></form>";
Pay attention to the input name radio[]; you need to iterate through to get the id for the fields you will need to update.
Do you really need the do-while iteration???? why not just code
1
While($row=mysql_fetch_array($result)){
// BLA BLA BLA here.
Also your form tag<form action="subjectload.php" method="POST" name="theForm" onsubmit="return validateFormOnSubmit(this)"> not good.
The form opening and closing tags must always be outside the iteration and the body of the form inside unless you want to provide each button with its own executions.
Are you planning to have a multiple delete radio button or what?. That the user selects what to delete and just click on the send button to execute the action??.
Provide more info if you can. I need more insight if you really need my help.
Modify this script and check for mime type such as txt,doc and write if statement to upload and insert and delete.
2. for the rest of the file, just save them on the server and save the path into the DB.
You must also generate random file name to help the uniqueness of the files. very simple.
$foo= rand (time(),1234567890);
// The real file extention.to get the ext you do this.
$filename = strtolower($goodfile) ;
$exts = split("[/\\.]", $filename) ;
$n = count($exts)-1;
$exts = $exts[$n];
// NEW FILE NAME IS
$newName=$foo.".".$sxts;
The rest of the job thus the mime check,upload,insert are all basic if clauses.
//very basic script. build on it
//You need to get the value of the file.
for($i=0;$i<count($_FILES);$i++){
//
$upload="uploaded_file".$i;
if(empty($_FILES[$upload]['name'])){
// Do nothing.
}
else{
// you do this just incase all the form field was not porpulated.
$goodFile=$_FILES[$upload]['name']; /**
* You can do all your checks by using $upload.
* ie. $_FILES[$upload]['mime_type'], $_FILES[$upload]['size'] etc
*/
// Where the file is going to be placed Ofcourse you provide your own path
$target_path = "uploads/";
/* Add the original filename to our target path.
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $goodFile);
// If You intend to save files at the server side.
if(move_uploaded_file($_FILES[$upload]['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "<br/>There was an error uploading the file, please try again!<br/>";
}
// if you want to put inside mysql db
$content= file_get_contents('uploads/'.$goodFile);// uploads is the path you uploaded the file
// go ahead and insert into db. $content
$content;
$query= "Insert Bla Bla values ($content)"; // Are you following me???????????
//EXECUTE mysql_query to insert.
if (mysql_query($query)){
// You DELETE the file You Uploade.
unlink("uploads/$goodFile");
}
}
}
//Function to do date.
function foo($doo='1900') // default
{
//run for loop;
$year= date("Y");
for($i=$doo,$<=$year;$i++){
// Now html select
$select ="<select name ='foo'>";
$select.="<option value=$i>$i</option></select>";
}
return $select;
}
This i hope will pull out the date for your select date needed by your customer.
you receive the variable and run it through your sql database and pull your results. simple.
Explore ;)
The USER ID is the ID part stating from your create query up there.
To get there user id to link to the pictures tables.
Now you must modify your insert statement to accommodate the picture table. there are several ways to do this.
$foo=insert into users values ('',bal,bal,bla); the empty filed is the
then you execute the mysql query funtion.
There is another mysql function called insert_id().
The insert id is the same as the just inserted user id or the last inserted query's id.
Now assuming you already have a table for pictures that is eg. picture(id, path,user_id)
Note that the user_id is the id for the user table. That id help referencial integrity btw the tables picture and user.
you catch the insert id like this.
$insID=mysql_insert_id();
once you have the insert_id();
You run your second insert query for the picture table.
ie. $query="insert into picture values('','$path','$insID')";
Execute the query. Now you have the exact picture matching to the user. To get the picture and the user .
query mysql as.
eg.
$query="SELECT * FROM USER,TABEL WHERE(user.id=picture.user_id)";
assuming you have the that row user_id to take the user ID .
you run your while loop after your normal query.
while($row=mysql_fetch_array(result))
{
echo $row[USER_NAME];
echo "<path-to-pic/$row[PIC_PATH]/>";
BLA, BLA BLA.
}
Please contact for more info if needed. Explore! ;)
You have indicated for loop with 8 iterations. On your upload form its less than that. Not a good sign.
why cant you do it simple like
for($i=0;$i<count($_FILES);$i++)// U can use $_FILES super global array to catch all files. Thus my view. also count() and sizeof() works the same.
{
if($_FILES['uploaded_file['.$i.']){
//CHECK UP YOUR LOGIC FROM HERE
THAT IS THE SECOND IF STATEMENT.
}
My advice is make it simple and build on it. Divide and conquer.
I can only point you to a simple and right direction. Get back to me if you can.
Yep Ardav. The as keyword is also very operational. Personally, i don't really advice the JOIN stuffs to a noob. The logic of the joins needs to be really mastered. If not, you can pull results that are not needed for a particular account.
I prefer the using the table ID's. Also inner join is very easy and it works the same. ciao.
You are contributing the following post: This is very simple. lets say you got table1, table2, table2.
There are several ways to query mysql server, thus inner join, left join and right join.
There is another easy for noob. check this out.
$query="SELECT * FROM table1,table2,table3 WHERE table1.t1_ID=table2.t2_ID AND table2.t2_ID=table3.t3_ID";
// QUERY DB
$result= mysql_query($query)or die (mysql_error());
//RUN THROUGH
while($row=mysql_fetch_array($result))
{
echo $row[];// BLAR BLAR BLAR
}
This will come out with the exact info for each user id you wanted. This is only to give you an idea. explore. ;)
