Posts by minitauros

It queries a MySQL database and, for example, fetches the data you need, or updates it, or deletes it, or creates it. If you need help to start with PHP or MySQL, I guess you'd be better of starting a new topic than asking your questions in this one :).

If login.php is the page that receives the erro=1, you could check on that page if it has indeed been set. E.g.: You can check if $_GET['erro'] is set by just outputting it and see if anything is displayed on the screen. Something like

<?php
echo '<p>For testing purposes we\'re echo\'ing $_GET[\'erro\']. Its value is: ' . $_GET['erro'] . '</p>';

// Another test:
if(!empty($_GET['erro']))
{
    echo '<p>erro appears to have been set, its value is: ' . $_GET['erro'] . '</p>';
}
else
{
    echo '<p>error appears to be empty.</p>';
}

on your login.php page. Just for testing purposes. If you want to pass it on to the next page, I would suggest you include it in the form that is submitted to go to that next page. Create a hidden input or something. For example:

<input type="hidden" name="erro" value="<?php echo $_GET['erro']; ?>">

Then on the next page, you can check if $_POST['erro'] is set. Or, if you're sending the form through GET, you should check $_GET instead of $_POST, of course.

You are not getting an error, only a notice. That means that there is not necessarily something wrong, it's just something to look at. The notice is probably occurring because of $_GET['erro'] not having been defined before the lines that say echo $_GET['erro'];.

Ah! Yea I didn't really think that it would work like I just described. But I hadn't thought of what you said, yet, either, so this is some insight for me =). Sounds like a neat plan.

Every field that has a value gets searched.

How would that work? Because the way I just interpreted that is: a Person object gets constructed with first name Jack and last name Weesl, then how would you use this object to perform a search? I mean, if you already have the person named Jack Weesl, what else could you search for with the data you already have?

Do you use any kind of autoloader, pritaeas?

Maybe you could try this:

$("#inputID").ready(function(){
    $("#inputID input").focus(function(){
        $(this).css("background-color","#fbecc5");
    });

    $("#inputID input").blur(function(){
        $(this).css("background-color","#f5f5f5");
    });

    $("#inputID textarea").focus(function(){
        $(this).css("background-color","#fbecc5");
    });

    $("#inputID textarea").blur(function(){
        $(this).css("background-color","#f5f5f5");
    });
});

I've added "#inputID" to all your jQuery selectors, so that only the inputs inside div#inputID are affected.

Well I haven't used spl_autoload ever, but for as far as I can see when I read the manual, it's worth checking it out. An example of my use of the __autoload() function (dates from over 2 years back, so it's just an example, not sure about the current standards):

function __autoload($class_name)
{
    if(file_exists('includes/classes/' . $class_name . '.class.php'))
        include_once 'includes/classes/' . $class_name . '.class.php';
    else
        return false;
}

This function is defined in your includes.php, for example, so that it is defined in every document that is loaded. This worked for me back then, but again, if you want to use it I would suggest you do some more research to be sure if this is still up to standards =).

Yes the __autoload() function is a useful one, but I myself don't like to rely solely on that. The manual itself specifies:

By calling this function the scripting engine is given a last chance to load the class before PHP fails with an error.

But playing around with it and getting to know how it works can be useful. Maybe you like it more than I do ^^.

It is indeed done like that, in general, for as far as my knowledge goes :). However, if you for example have a Registration class, that helps members register an account for your website, I wouldn't include it on pages that only registered people can see, personally, as it wouldn't have any use if it only helps non-registered members register an account.

You mean if you include all your classes at once? Of course, that does impact your performance in a way, but it will probably not be significantly in small projects. A question though: why would you include classes that you don't need on every page?

Have you seen the TV show called Alias.The way that toldav post his code is like he's trying to hide something, or very suspicious. For me line 6 to line 10 was funny when I first saw it it remind of that TV show.

Nope I haven't, but I do understand what you mean though ;). I was actually more curious for an answer to why a large website is more likely to need/use more aliases!

If you put an alias on htaccess file it's like a security blanket

Could you explain this? :) And also why a website with more members could use more aliases?

@toldav:
Did you know that you can read a URI with PHP as well? Try $_SERVER['REQUEST_URI']. If you redirect all your users to an index.php page for example, you can use $_SERVER['REQUEST_URI'] to read the URI string and, for example, redirect him to another page according to the information in the URI string.

What exactly is it that you're asking? Are you asking how you can use this code? Or how to build a contact form? Or..? :)

Yea I downloaded that but I can't find any lines containing the $this->flexi_auth you're talking about :o.

Sounds like you're on the right track. Seeing the rest of your code I think I would use a function that would convert a query string into a real query. For example if you want to search for WHERE field = value, you could transform an input string like "field=value" into "WHERE field = value". Problem arises when you start thinking about LIKE comparisons.

What do you do when you want to retrieve data by something other than ID?

Hm I think I'm working with a different version or something then :S. Cause I can't even find "$this->flexi_auth". If you can point me to the package and file you're using, I'll give finding the function a try.

Well for as far as I know there exist PHP functions for reading a CSV file to an array. You can then modify that array, add whatever you want, and then overwrite the CSV file with the new info. That is how I think it should work. Check out fgetcsv().

Also, if the file is not too big, you could also just serialize an array and write that to a file. That way you can work with an array even more easily.

Of course, that could be :). But I can't tell for sure, as I don't know the flexi auth system.

-- Ok I've downloaded the flexi auth package and can't find the function as well. Are you sure it is an existing function?

What about you loop through your $_GET keys, and if the key represents a filter, you add the filter to your filters list? For example:

<?php
if($_GET)
{
    // Create an array to store the filters that are to be used in.
    $filters = array();

    foreach($_GET as $key => $value)
    {
        if(strpos($key, 'filter') !== false)
        {
            // This key contains the word "filter". Add it to the filters array.
            $filters[] = $value;
        }
    }
}



if($filters)
{
    // Create a variable to store the WHERE clause in.
    $where_clause = '';

    // Create a counter for the foreach() loop.
    $i = 0;

    foreach($filters as $filter)
    {
        // Do whatever you want with this filter. For example, let's add it to your query:

        // We don't want to add the word "AND" to our first part of $where_clause.
        if($i === 0)
        {
            $add = null;
        }
        else
        {
            $add = ' AND ';
        }

        // Each filter is connected to its own colum, so let's use a switch to determine the
        // exact words that we need to add to our WHERE clause.
        switch($filter)
        {
            case 'filter1':
                $where_clause .= $and . ' column1.value = "filter1" ';
                break;

            case 'filter2':
                $where_clause .= $and . ' column2.value = "filter2" ';
                break;
        }

        // Add one to the foreach() counter.
        $i++;
    }
}



// Build the query.
$query = 'SELECT *
    FROM table
    WHERE ' . $where_clause;

Is the $_GET info not already automatically stored in an array? E.g. ?key=value becomes $_GET['key'] == 'value'

For as far as I can remember (but I'm not sure), installing Magento goes roughly like this (when using XAMPP).

1. Download XAMPP.
2. Install XAMPP.
3. Put the contents of your Magento folder inside a folder (which you will have to newly create) in your [drive letter]:\xampp\htdocs directory.
4. Start XAMPP and start Apache and MySQL.
5. Open your internet browser and go to http://localhost/[magento_folder_name]
6. Follow instructions on screen.

A video I found if the above doesn't work (haven't seen the video, but I think it explains how to install Magento): http://www.youtube.com/watch?v=KjnoAQrhGSs

I would suggest another code structure:

Part 1 is the part where you create the table. You do not have to execute this every time the page is loaded, or even check if this needs to be executed; just create the table once, then remove the code.

Part 2 is the part where you check if any data is posted to the page. If it is, insert it into your database.

Part 3 is the part where you retrieve all comments from your database. Seemingly this part can be executed every time the page is loaded, so you do not necessarily have to put this code inside an if-else statement.

About your query problem: has it been fixed yet?

Are you using a form to send the query? How is the request being sent?

You're welcome :).

An idea:

Create arrays containing for example a-z or 0-9. Create a function that randomly selects an array key. Then create a loop that executes this function 6-30 times.

Well, judging from the line of code you provided, $this->flexi_auth must be an object, as it can execute a function. It is impossible that it is not getting defined somewhere within the class you are working with or its parent class. Still can't find it, even if you do a thorough search? :o

What about using a .csv file? These files can be easily edited using Microsoft Excel and can be easily read and traversed by PHP.

What about:

<?php
if($role == 'admin')
{
    ?>

    ... Your textbox ...

    <?php
}
else
{
    // No textbox.
}

?

Hm yes I guess you could. You can place the internal pointer of a file to a specific position using fseek(). However, I've never used it before myself, so I wouldn't know exactly how to use it.

What you COULD do is, if you know the exact value of the variable you are seeking, use a strpos() or stripos() to find the offset of the word you are looking for, then split the string there and insert whatever you want to insert. For example:

<?php
// Imaginary file contents.
$file_contents = 'This is a file. It contains text.';

// We're looking for this word:
$looking_for = 'file';

// We want to add this word after the word we're looking for:
$add = '. It is HUGE.';

// Find its offset.
$offset = stripos($file_contents, $looking_for);

// Split the string.
$substr_to = $offset + strlen($looking_for);
$part_1 = substr($file_contents, 0, $substr_to);
$part_2 = substr($file_contents, $substr_to);

$new_file_contents = $part_1 . $add . $part_2;

// $new_file_contents is now:
// 'This is a file. It is HUGE. It contains text.';

Haha ah well, luckily your problem is solved now ^^.

That should work.. :\ Are you sure there are over 4 images in your database?

Hm yea for as far as I know the PDO::query() method returns a PDO statement (see also here). I don't know SQLite though. What works for me is this:

try
{
    //open the database
    $db = new PDO('sqlite:iSearch.sqlite');

    $statement = $db->prepare("SELECT Fname , Lname , RegoNo, Model, Color, MobNo, DeskNo, AltMobNo
        FROM Owner
        JOIN Cars ON Owner.id=Cars.Owner_id
        JOIN Contacts ON Owner.id=Contacts.Owner_id
        WHERE RegoNo LIKE :search_rego");
    $statement->bindValue(':search_rego', $search_Rego);
    $statement->execute();
    $result = $statement->fetchAll();

    // close the database connection
    $db = NULL;
}
catch(Exception $e)
{
    echo 'Exception : ' . $e->getMessage();
}

if($result)
{
    // Display results
    foreach($result as $row)
    {
        echo ' This Car Belongs to ';
        echo '<br>' . '<br>';
        echo $row['Fname'] . ' ' . $row['Lname'].'<br>';
        echo $row[ 'RegoNo'] . '<br/>';
        echo $row['Model'] . ' ' . $row['Color']. '<br>' ;
        echo '<br>';
        echo $row['MobNo'] . '<br>' ;
        echo $row['DeskNo'] . '<br>';
        echo $row['AltMobNo'] . '<br>';
    }
}
else
{ 
    // No results were found.
    echo '<p>No results were found.</p>';
}

Well, have you checked where $this->flexi_auth gets defined? It must get defined somewhere ;). If it is not in the current class, it might be in the current class's parent class.

Care to share how you solved it? :)

Hm I don't know CI, but that sounds pretty unlogical to me. If you define the class Page as you are doing now, and if you include that class on every page that needs the navigation that it now contains, then there is no problem, right? As it would then contain the hardcoded navigation items that it contains right now each time it is included.

(See also the post above that wasn't there yet when I started typing this message ^^).

$action = isset($_POST['login']);
What you are doing here is checking if $_POST['login'] has been set. If it has, the value of $action will be true; if it hasn't, it will be false. Therefore, the if() statement a couple of lines ahead will not work as you probably want it to work.

if($action == 'login')
$action will be either true or false, so the statement above will never be triggered in your current script.

I would therefore suggest changing your $action = isset($_POST['login']); line to $action = isset($_POST['login']) ? $_POST['login'] : false;. What this does is an inline if/else check. It says: if(isset($_POST['login']) { return $_POST['login']; } else { return false; }. That means that now $action will either be the value of $_POST['login']; or false.

Secondly, your query can be optimized by using JOINs.

For example, the folling query

$query = "SELECT u.userId,
            u.Uname,
            u.Passoword,
            r.roleId,
            r.rolename
        FROM users u,
            role r,
            previlage p
        WHERE u.Uname='$Uname' 
            AND u.Password= '$Password'
            AND p.roleId = r.roleId 
            AND u.userId= p.userId";

could probably be optimized by adding JOINs, like this:

$query = 'SELECT u.userId,
            u.Uname,
            u.Passoword,
            r.roleId,
            r.rolename
        FROM users u
        JOIN roles r ON u.userId = r.userId
        WHERE u.Uname = "' . $Uname . '"
            AND u.Password = "' . $Password . '"';

I've removed the table previlage from your query, as you were not selecting anything from it, and I've added a JOIN. This means that the table roles will also be queried. There MUST be a …

Hm this sounds like you would have to add an exception for each and every username that is being used in your system, am I right? For example you'd have to add an elseif($part == 'minitauros') {} if I were a user, right? This sounds a bit too complex, if you ask me.

If this is indeed the case, you would probably be better off by checking if the current collection of breadcrumbs is pointing to any user rather than to one user in specific, and to not add any new breadcrumbs if the breadcrumbs are pointing to a user.

Am I on the right track here? :)

Doesn't it work if you just add the following?

if($result)
{
    // Results were found.
    foreach($result as $row)
    {
        echo " This Car Belongs to " ;
        echo "<br />"."<br/>";
        echo $row['Fname']." ". $row['Lname']."<br />";
        echo $row[ 'RegoNo']. "<br/>";
        echo $row['Model']." ". $row['Color']. "<br />" ;
        echo "<br />";
        echo $row['MobNo']. "<br />" ;
        echo $row['DeskNo']. "<br />";
        echo $row['AltMobNo']. "<br />";
    }
}
else
{
    // No results were found.
    echo '<p>No results were found.</p>';
}

    else if ($part!='user') {
        $this->url .= "/$part";
        $repl = array('_', '...');
        $this->breadcrumbs .= " $this->pointer ".'<a class="bc" href="'.$this->url.'">'.strtoupper(str_replace($repl, ' ', $part)).'</a>';
    }

This appears to skip any $part that is named "user", correct? It seems that there is not another else { } part in your script, so from what I'd expect, the "user" parts should be skipped.

What exactly is happening?

Damn I'm such a dumbass, wasn't using htmlentities() so the <form part was recognized as HTML and therefore not printed to the screen. Sorry! This thread may be deleted, locked, etc. but I can't find a way to do so myself.

The text:
<form action="ajaxa/login" method="post" class="odf_ajax loading_image_left" data-target="ajax_login_form">

The regex (to find the form's action):
$regex = '/<form.+?action="(.+?)"/i';

The expected result:
Array (2): [0] => '<form action="ajaxa/login"', [1] => 'ajaxa/login'

The actual result:
Array (1): [0] => 'ajaxa/login'

Can anyone help me explain why this regex is not returning the expected result?

Sidenote: If I remove the "<" from the start of the regex, it does return the expected result (without the "<", of course).

Woops, I meant HAVING, of course, not WHERE :).

What about adding something like WHERE percent > 0 to your statement? :)

On a side note: I'm not sure if this is an efficient query. I'm not a MySQL expert, but for as far as my knowledge goes I think this query is executing its subquery a lot of times (each time a record is fetched, it has to execute the subquery). Why don't you just make two queries? One fetching the maximum COUNT from lm_users, and then one that fetches all the records. You could use PHP to do the percentage calculations. Anyone here with more information on this?

You have a couple of classes in PHP to read XML. An example is SimpleXML. Here's a W3Schools tutorial for that class. With it you can iterate through an XML file and while you do that, you can, for example, create a new array which you then traverse later on to insert the records into your database, or you can just insert the records into your database right away.

You can store the IP address of the user who is using the form and the time at which the form is submitted. When the form is then submitted again, you can check the time difference between now and the last time the form was submitted, and if that time is too short (and if the same user is again submitting the form), you can show an error for example.

You could also try to find and download a captcha generator, or just ask some simple random questions like "what is the color of the sun?" to ensure that a live person is filling in the form. Spam systems do get smarter and smarter though, so you may have to come up with some weird questions to ensure no spam robot is using your form.

Did this help? :)

On a sidenote I would like to mention that I too have been messing around with my own AJAX scripts for quite some time, until I finally decided to give jQuery a try. It has a couple of AJAX functions built in, and they work like a charm, at least in my opinion.

It might take one or two hours to get to know jQuery's AJAX functions if you have never used them before, but once you get the hang of it.. man that shit is good.

You can find an introduction to jQuery's AJAX functions here, a bit more detailed tutorial on the same subject here, and, finally, you can find the jQuery website here.

Sorry for the late reply! It could be that this if-else is triggered:

if($message=='message')$message='';

Have you checked the values of your variables before you execute your send_email() function?

For example, try this:

$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$message = $_POST['message'];
$subject = $_POST['subject'];

$return_array = validate($name,$email,$phone,$message,$subject);


// Let's see what's in our variables:
echo '<p>Our POST variables look like this:</p><pre>'; print_r($_POST); echo '</pre>';

echo '<p>Our other variables look like this:</p>';
echo '<p>';
echo '$name: ' . $name . '<br>';
echo '$phone: ' . $phone . '<br>';
echo '$email: ' . $email . '<br>';
echo '$message: ' . $message . '<br>';
echo '$subject: ' . $subject . '<br>';
echo '</p>';

echo '<p>We\'re assuming that everything is correct, so an email will now be sent..</p>';


if($return_array['success'] == '1')
{
    send_email($name,$email,$phone,$subject,$message);
}

What is the name if the <input> element in your form in which the message is typed? Has it been named correctly? Is its name attribute really set to "message", so that $_POST['message'] actually contains a value?

E.g. do you have something like:

<input name="message"> or <textarea name="message"></textarea>?