Jump to content

iwato

Members
  • Posts

    1,506
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by iwato

  1. Eliminate all blank spaces before the header() function is invoked. There should be no blank lines, and no blank spaces after each EOL delimiter. This is, by far, the most common source of a failed header() function. Well, at least in my experience. Roddy
  2. Yes. if you use the require( ) function, there is no need to use the open( ) function. It is just like copying part2.php into part1.php at that point where you insert the require( ) function.
  3. BACKGROUND: I have a confirmation page to which I would like to pass the values of two PHP variables via PHP's header( ) function. QUESTION: Can this be done with normal query statement say something on the following order: header('Location: ../../gate_confirmation.html?name=w3schools&msg=msg_success'); Roddy
  4. <?php class VeriFirm { private $mysqli_obj; private $username; private $email; private $hash; private $status; private $field; private $tbl_name = 'captive_roster'; public $admin = 'admin@grammarcaptive.com'; public $subject = 'Grammar%20Captive%20-%20Verify%20and%20Confirm%20User%20Action'; public $msg_mismatch; public $msg_success; public $msg_failure; public function __construct($mysqli_obj, $field) { $this->mysqli_obj = $mysqli_obj; // if(!empty($_GET['username']) AND !empty($_GET['email']) AND !empty($_GET['hash']) AND !empty($_GET['field'])){ if(!empty($_GET['username']) AND !empty($_GET['email']) AND !empty($_GET['hash'])) { $this->username = $mysqli_obj->real_escape_string($_GET['username']);; $this->email = $mysqli_obj->real_escape_string($_GET['email']); $this->hash = $mysqli_obj->real_escape_string($_GET['hash']); // $this->field = $mysqli_obj->real_escape_string($_GET['field']); $this->field = $field; } } public function create_link() { return $mailto = "mailto:" . $this->admin . "?Subject=" . $this->subject; } public function update_status() { $mysqli_obj = $this->mysqli_obj; $mysqli_stmt = $mysqli_obj->stmt_init(); $sql_select = "SELECT user_name, email_address, psw_hash, " . $this->field . " FROM " . $this->tbl_name . " WHERE user_name=? AND email_address=? AND psw_hash=?"; $mysqli_stmt->prepare($sql_select); $mysqli_stmt->bind_param("sss", $this->username, $this->email, $this->hash); $mysqli_stmt->execute(); $mysqli_result = $mysqli_stmt->get_result(); $match = mysqli_num_rows($mysqli_result); if($match > 0){ while ($row = $mysqli_result->fetch_assoc()) { foreach ($row as $key => $value) { $result[$key] = $value; } } $this->status = $result[$this->field]; print_r($result); echo '<br />'; if ($this->status == 0) { $sql_update = "UPDATE " . $this->tbl_name . " SET " . $this->field . '="1" WHERE user_name=? AND email_address=? AND psw_hash=?'; $mysqli_stmt->prepare($sql_update); $mysqli_stmt->bind_param("sss", $this->username, $this->email, $this->hash); var_dump($mysqli_stmt); echo '<hr>'; if ($mysqli_stmt->execute()) { return $this->msg_success; } else { return $this->msg_failure; } } else if ($this->status == 1) { $sql_update = "UPDATE " . $this->tbl_name . " SET " . $this->field . '="0" WHERE user_name=? AND email_address=? AND psw_hash=?'; $mysqli_stmt->prepare($sql_update); $mysqli_stmt->bind_param("sss", $this->username, $this->email, $this->hash); var_dump($mysqli_stmt); echo '<hr>'; if ($mysqli_stmt->execute()) { return $this->msg_success; } else { return $this->msg_failure; } } } else { return $this->msg_mismatch; } } public function get_admin_and_subject() { return $this->admin . " and " . $this->subject; } public function set_admin_and_subject($admin, $subject) { $this->admin = $admin; $this->subject = $subject; } public function get_tablename() { return $this->tbl_name; } public function set_tablename($tbl_name) { $this->tbl_name = $tbl_name; } public function get_field() { return $this->field; } public function set_field($field) { $this->field = $field; } public function get_status() { return $this->status; } public function get_msg_mismatch() { return $this->msg_mismatch; } public function set_msg_mismatch($msg_mismatch) { $this->msg_mismatch = $msg_mismatch; } public function get_msg_success() { return $this->msg_success; } public function set_msg_success($msg_success) { $this->msg_success = $msg_success; } public function get_msg_failure() { return $this->msg_failure; } public function set_msg_failure($msg_failure) { $this->msg_failure = $msg_failure; } } ?> Please find above the tentative completed class. It has been tested, and it works. The most important structural rearrangement necessary to make it work required that I dissolve the the update_record() function and transfer its content into the match_data() function that I have renamed as the update_status() function. There were other changes required to get the UPDATE SET statement to work properly, but everything is running smoothly now. QUESTION ONE: Are you suggesting that I remove the various implementations of the real_escape_string( ) functions?
  5. Oh, how silly of me. It had been a long and exhausting day. Thanks! Roddy
  6. Does merging a $_GET superglobal with a $_SESSION superglobal destroy the $_GET superglobal? Consider the following two pieces of code: one works, the other does not. The included PHP file in both cases contains the following piece of code: if ($_SERVER["REQUEST_METHOD"] == "GET") { if (empty($_GET['letter_no'])) { $error_msg = "Please submit an edition number for the newsletter that you desire."; } else { $letter_no = filter_var($_GET['letter_no'], FILTER_VALIDATE_INT); ... } } THIS CODE FAILS if (!empty($_GET['letter_no'])) { session_start(); $_SESSION = array_merge($_SESSION, $_GET['letter_no']; include('./newsletter/template/newsletter_generator_foreign.php'); } THIS CODE SUCCEEDS if (!empty($_GET['letter_no'])) { session_start(); $_SESSION['letter_no'] = $_GET['letter_no']; include('./newsletter/template/newsletter_generator_foreign.php'); } Both sets of code receive an HTTPRequest similar to the following: https://www.grammarcaptive.com/overview.html?letter_no=1
  7. public function match_data() { $sql_select = "SELECT user_name, email_address, hash, " . $this->field . " FROM " . $this->tbl_name . " WHERE user_name=? AND email_address=? AND hash=? AND " . $this->field . "=" . $this->action; $mysqli_stmt = $this->mysqli_obj->stmt_init(); $mysqli_stmt->prepare($sql_select); $mysqli_stmt->bind_param("sss", $this->username, $this->email, $this->hash); $mysqli_stmt->execute(); $mysqli_result = $mysqli_stmt->get_result(); // $match = mysqli_num_rows($mysqli_result); // if($match > 0){ if($mysqli_stmt->num_rows > 0){ $this->update_record(); } else { return $this->msg_mismatch; } } These past two weeks have been really bad for me. First the flu and then bacterial bronchitis. The result was extreme fatigue and physical discomfort. Never in my life have I been so plagued by the common cold. January 2018 will live in infamy in my personal history. Roddy
  8. So, are you saying that my prepared statements are what caught the error, and for this I should be thankful? If so, hooray, hooray! By the way, are the prepared statements also rejecting the forward slash. For, I can eliminate the symbol from my hash generator? Roddy
  9. 1) Surprise! It is just the opposite. It is the second case that produces the error message, not the first. I suspect that that the nature of the hash tag is the source of the problem, for its value is not what appears in the error message. The true value is "$2y$10$OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS/Muy8c/YEXYqT0F6CVvoO". Notice what is returned and not returned: $2y$10$ (no) + OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS (yes) + /Muy8c/YEXYqT0F6CVvoO (no). The first case returns "$2y$10$OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS/Muy8c/YEXYqT0F6CVvoO" I suspect that mysqli is treating the value as a variable name. 2) Yes, this was to be my next step. In fact, I had already opened the page before your entry. At this stage of the game I prefer to change the column name. There are a still few files that I need to upgrade to prepared statements, anyway, and all of them make use of the same hash field. Once again, many thanks!
  10. OK. Then, we return to the same question that I had long ago and whose answer I never truly found. To what refers a $_SESSION variable anyway? All the pages of a particular domain in the same browser window of the same browser session? All the pages of a particular domain in any browser window of the same browser session? All the pages of any domain in the same browser window of the same browser session? All the pages of any domain in any browser window of the same browser session? By browser session I mean an opened browser -- no matter the presence or absence of tabs or windows. Roddy
  11. I believe that I have found the source of my dilemma. This said, I still do not know how to overcome it The LIKELY SOURCE: Can anyone say which of the following is more likely to work and explain why? One works and the other does not. The one that does not returns the following error message: Undefined variable: OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS in ... $sql_select = 'SELECT user_name, email_address, hash, newsletter FROM captive_roster WHERE user_name = "橋守岩人" AND hash = "$2y$10$OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS/Muy8c/YEXYqT0F6CVvoO"'; $sql_select = "SELECT user_name, email_address, hash, newsletter FROM captive_roster WHERE user_name = '橋守岩人' AND hash = '$2y$10$OiW8qXsUU1r0uwC9irE2TeHbMTEhYPqS/Muy8c/YEXYqT0F6CVvoO'"; I believe to know the answer, but would like to here it from you first. Roddy
  12. Got it! Problem resolved. Another victory for W3Schools and me! Roddy
  13. 'Tis true, but it says nothing about font color. h3 a#pc_click_listen { font-family: 'Bradley Hand', cursive; font-size: 1.6em; } Roddy
  14. Yes, this works, but I discovered that once the $_SESSION variable has been merged it overrides its previous value -- this, despite that the absence of a session_start() function at the time of implementation. In summary, the following code $_SESSION['status'] = 0; print_r($_SESSION); echo '<br />'; $_GET['letter_no'] = 1; $_GET['username'] = JSG; print_r($_GET); echo '<br />'; $_SESSION = array_merge($_SESSION, $_GET); print_r($_SESSION); results in Array ( [letter_no] => 1 [status] => 0 [username] => JSG ) Array ( [letter_no] => 1 [username] => JSG ) Array ( [letter_no] => 1 [status] => 0 [username] => JSG ) when I was expecting to see Array ( [status] => 0 ) Array ( [letter_no] => 1 [username] => JSG ) Array ( [letter_no] => 1 [status] => 0 [username] => JSG ) How do you explain this? Roddy
  15. Yes, you can see it as <link rel="stylesheet" type="text/css" href="_utilities/css/podcast_filler.css"> And, the link appears as <a id="pc_click_listen" class="pc_link" href="podcast_hostpage.php?hash=30a6836a3f7c5fc57751a61098e5c2fc&amp;podcast_no=92" title="Grammar Captive Weekly Podcasts" target="_top">Click and Listen</a> And, this is the CSS code in the stylesheet podcast_filler.css a:link.pc_link {color:#999999; font-weight: normal; text-decoration: none;} a:visited.pc_link {color:#aaaaaa; font-weight: normal;} a:hover.pc_link {color:#ffffff; font-weight: bold;} a:active.pc_link {color:#fadb9d; font-weight: bold;}
  16. OK. This is the table structure as read by phpMyAdmin of my ISP. Could the problem be that I have two primary keys (*) # Name Type Collation Attributes Null Default Comments Extra 1 obs * int(11) No None AUTO_INCREMENT 2 user_name varchar(20) utf8_bin No None 3 language varchar(225) utf8_general_ci No None 4 email_address varchar(60) ascii_general_ci No None 5 given_name varchar(30) utf8_general_ci Yes NULL 6 family_name varchar(30) utf8_general_ci Yes NULL 7 subscription_date * timestamp No CURRENT_TIMESTAMP 8 hash varchar(225) ascii_bin No None 9 active enum('0', '1') utf8_unicode_ci No 0 0=Inactive, 1=Active 10 modification_date timestamp on update CURRENT_TIMESTAMP No CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP 11 newsletter enum('0', '1') utf8_unicode_ci No 0 0=Inactive, 1=Active 12 webinar enum('0', '1') utf8_unicode_ci No 0 0=Inactive, 1=Active
  17. These are lines 40, 41, and 42, as well as 45 of the error code. $mysqli_stmt->bind_param("sss", $this->username, $this->email, $this->hash); $mysqli_stmt->execute(); $mysqli_result = $mysqli_stmt->get_result(); if($mysqli_stmt->num_rows > 0){
  18. Please consider the following code and see if you can find anything wrong. The appended <link> does not appear to register the information contained in the stylesheet. You can observe the failure by clicking on the menu item Weekly Podcasts under Products in the page's navigation bar (left column) and then passing your cursor across the blank area between the subtitle "Weekly Podcast Host Page" at https://www.grammarcaptive.com/overview.html $("#podcasts").mouseover(function() { $(this).css({"cursor": "pointer", "font-weight":"800"}); }) .click(function() { $("#main").load("podcast_filler.html #podcasts_div"); $("<link/>", { rel: "stylesheet", type: "text/css", href: "_utilities/css/podcast_filler.css" }).appendTo("head"); $.ajax({ url: './_utilities/php/most_recent_podcast.php', // context: '#main', dataType: 'JSON', success: function(jsonData) { $.each(jsonData, function(key, object) { var podcast_number = jsonData.podcast_no_item; var podcast_title = jsonData.item_title; var podcast_desc = jsonData.item_description; var podcast_guid = jsonData.item_guid; var podcast_pubdate = jsonData.item_pubdate; $('#main span#pc_title').html(podcast_title); $('#main span#pc_desc').html(podcast_desc); $('#main span#pc_num').html(podcast_number); $('#main span#pc_pubdate').html(podcast_pubdate); var click_listen = 'podcast_hostpage.php?hash=' + podcast_guid + '&podcast_no=' + podcast_number; $('#pc_click_listen').attr('href', click_listen); }); } }); }) .mouseup(function() { $(this).css({"color": "#fadb9d","font-weight": "normal"}); $('body, html').animate({scrollTop: $('#main').offset().top},800); }); Roddy
  19. GOT IT! Thanks! I will start development this evening. Roddy
  20. I understand what I am doing wrong, but I am not sure what I should be doing that is right. What I do understand is that I should assign the $_GET variables to the $_SESSION global? What i do not understand is how these are read into the $_SESSION global. For example, say I have a $_GET global with two key-value pairs: $_GET[ 'letter_no' ] = 1 and $_GET[ 'username' ] = 'JSG'. Say further that I have a $_SESSION global with the value $_SESSION[ 'current_state' ] = 0. How would I go about establishing the following? $current_state = $_SESSION[ 'current_state' ] ; echo $current_state; // 0 $letter_no = $_SESSION[ 'letter_no' ]; echo $letter_no; // 1 $username = $_SESSION[ 'username' ]; echo $username; // JSG Roddy
  21. OK. So, I am off to a good start. Now, what is the easiest way to increment selected column values of a MySQL selected row. Surely, one does not have to read, process, and then update. Roddy
  22. BACKGROUND: In the past I have retrieved an HTTPRequest via the $_GET superglobal, used the data from the superglobal to access a MySQL database, and from the thus retrieved data, generated an array of parameter values that I then assigned to a local array. This local array was then assigned to a $_SESSION variable where it was used for other purposes. This time, I would like to make the routing of data less circuitous. QUESTION: Does the following expression make sense? $_SESSION = $_GET; Roddy
  23. JSG: Click on the trigger file with the field value -- namely, $this->action -- set to Inactive, rather than 0 and read the error messages that result. Now, look carefully at the following statement and tell me whether you see anything afoul. $sql_select = "SELECT user_name, email_address, hash, " . $this->field . " FROM " . $this->tbl_name . " WHERE user_name=? AND email_address=? AND hash=? AND " . $this->field . "=" . $this->action; Thanks, Roddy
×
×
  • Create New...