Jump to content

danposs86

Members
  • Posts

    45
  • Joined

  • Last visited

danposs86's Achievements

Newbie

Newbie (1/7)

0

Reputation

  1. danposs86

    Image Uploader

    Seeing as a lot of you guys and girls on here seriously know your php, i was wondering if anyone could recomend the best downloadable script (or tutorial) for a php multiple image uploader, ideally i would like to resize and rename the images.So what script do you know about and trust?
  2. danposs86

    PHP Validating

    actually nevermind, cracked it, rather simple really
  3. danposs86

    PHP Validating

    Just wanted to know whats the quickest and easiest way to check that the user has filled in a text field when submitting data from a form to a database?
  4. danposs86

    quick question

    sorted it, by shoving this in: <?php} else { $sql = "SELECT name FROM ibf_members WHERE id='".$member_id."'"; $query = mysql_query($sql); $row = mysql_fetch_assoc($query); $update = $row["name"]; $news_date = date("d-m-Y");mysql_query("UPDATE site_news SET news_updatename = '$update', news_updatedate = '$news_date', news_title = '$_POST[title]', news_post = '$_POST[news]' WHERE news_ID = '$_GET[refer]'");echo "<td>Success! The news has been edited! <a href='admin.php'>Back to Admin Panel</a></td>";}?> it may not be pretty but it works lol
  5. danposs86

    quick question

    yeah it is showing the username and all the information correctly. It is inputing the date and any changes into the table correctly, just not the name of the user that has done the edit.The $_GET["refer"] is used in the hyperlink that takes it to the page, so it isnt in the table.
  6. danposs86

    quick question

    It's a cookie actually lol <?php$member_id = $_COOKIE['member_id'];$pass_hash = $_COOKIE['pass_hash'];$thequery = mysql_query("SELECT m.id AS id, m.member_login_key AS password, m.name AS name, m.email AS email, m.mgroup AS mgroup, m.new_msg AS new_msg, m.show_popup AS show_popup, g.g_id AS g_id, g.g_access_cp AS g_access_cp FROM ibf_members m LEFT JOIN ibf_groups g ON ( g.g_id = m.mgroup) WHERE id='$member_id' AND member_login_key= '$pass_hash'") or die(mysql_error());$member = mysql_fetch_array($thequery);?>
  7. danposs86

    quick question

    ohh sorry, theres some php at the very top of the page. It is using the member_id to get the username, and it is displaying the username correctly.It's just getting it to save the username in the table. Do you need to see that php?EDIT: it's taken from a session used for a user login in.
  8. danposs86

    quick question

    have put that code in but it doesn't work how i want. Heres the rest of the code: <?phpif (!isset($_POST['submit'])) {?><table><tr><form action="" method="post"><td align="right" width="150">Edited by:</td><td align="left"><?php $sql = "SELECT name FROM ibf_members WHERE id='".$member_id."'"; $query = mysql_query($sql); $row = mysql_fetch_assoc($query); echo $row["name"]; $update = $row["name"];?></td></tr><?php $sql = "SELECT * FROM site_news WHERE news_ID = '$_GET[refer]'"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)) { echo "<tr><td align='right'>Title:</td><td align='left'><input type='text' name='title' size='40' value='".$row['news_title']."'></td></tr>"; echo "<tr><td align='right'>News:</td><td align='left'><textarea type='text' name='news' cols='40' rows='5'>".$row['news_post']."</textarea></td></tr>"; }?><tr><td colspan="2"><input type="submit" name="submit" value="Edit News"></td></tr></form><?php} else {$news_date = date("d-m-Y");mysql_query("UPDATE site_news SET news_updatename = '$update', news_updatedate = '$news_date', news_title = '$_POST[title]', news_post = '$_POST[news]' WHERE news_ID = '$_GET[refer]'");echo "<td>Success! The news has been edited! <a href='admin.php'>Back to Admin Panel</a></td>";}?></tr></table> Ignore the crappy mess its in.towards the bottom you can see i am wanting to put '$update' into the table. It's not working though.
  9. danposs86

    quick question

    What i want to do is set a row from a mysql table as "$update" so i can use it later on in the page.Just doesnt seem to be working. <?php $sql = "SELECT name FROM ibf_members WHERE id='$member_id'"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)) { echo "Edited by: ".$row['name']." "; $update = $row['name']; }?> Any ideas?
  10. danposs86

    md5 password

    more investigating, created a test user with the password "test123" (original i know lol)anyway, i then typed this into a md5 generator online and got this: cc03e747a6afbbcbf8be7668acfebee5however member_login_key is: 4a75eabdad08c6ecd83af1f364e127c2so obviously i am either barking up the wrong field, or it uses something that isnt md5.
  11. danposs86

    md5 password

    what i am trying to do is create a log in system on a website that uses the same username and password as a forum (Invision Power Board v2.2.1).So the 'member_login_key' is generated when a user first registers with the forum.the only think i can think of is that 'member_login_key' isnt actually the password or it isnt actually generated using md5?
  12. danposs86

    md5 password

    no luck i'm affraid
  13. danposs86

    md5 password

    this is all the script: <?php# Simple password protection## (c) http://www.phpbuddy.com# Author: Ranjit Kumar# Feel free to use this script but keep this message intact!## To protect a page include this file in your PHP pages!session_start();//you can change the username and password by changing the above two stringsif (!isset($HTTP_SESSION_VARS['user'])) { if(isset($HTTP_POST_VARS['u_name'])) $u_name = $HTTP_POST_VARS['u_name']; if(isset($HTTP_POST_VARS['u_password'])) $u_password = $HTTP_POST_VARS['u_password']; if(!isset($u_name)) { ?> <HTML> <HEAD> <TITLE><?php echo $HTTP_SERVER_VARS['HTTP_HOST']; ?> : Authentication Required</TITLE> </HEAD> <BODY bgcolor=#ffffff> <table border=0 cellspacing=0 cellpadding=0 width=100%> <TR><TD> <font face=verdana size=2><B>(Access Restricted to Authorized Personnel)</b> </font></td> </tr></table> <P></P> <font face=verdana size=2> <center> <?php $form_to = "http://$HTTP_SERVER_VARS[HTTP_HOST]$HTTP_SERVER_VARS[PHP_SELF]"; if(isset($HTTP_SERVER_VARS["QUERY_STRING"])) $form_to = $form_to ."?". $HTTP_SERVER_VARS["QUERY_STRING"]; ?> <form method=post action=<?php echo $form_to; ?>> <table border=0 width=350> <TR> <TD><font face=verdana size=2><B>User Name</B></font></TD> <TD><font face=verdana size=2><input type=text name=u_name size=20></font></TD></TR> <TR> <TD><font face=verdana size=2><B>Password</B></font></TD> <TD><font face=verdana size=2><input type=password name=u_password size=20></font></TD> </TR> </table> <input type=submit value=Login></form> </center> </font> </BODY> </HTML> <?php exit; } else { function login_error($host,$php_self) { echo "<HTML><HEAD> <TITLE>$host : Administration</TITLE> </HEAD><BODY bgcolor=#ffffff> <table border=0 cellspacing=0 cellpadding=0 width=100%> <TR><TD align=left> <font face=verdana size=2><B> You Need to log on to access this part of the site! </b> </font></td> </tr></table> <P></P> <font face=verdana size=2> <center>"; echo "Error: You are not authorized to access this part of the site! <B><a href=$php_self>Click here</a></b> to login again.<P> </center> </font> </BODY> </HTML>"; session_unregister("adb_password"); session_unregister("user"); exit; } $user_checked_passed = false; mysql_connect("localhost", "xxx", "xxx"); mysql_select_db("xxx"); if (isset($HTTP_SESSION_VARS['adb_password']) && isset($HTTP_SESSION_VARS['user'])) { $adb_session_password = $HTTP_SESSION_VARS['adb_password']; $session_user = $HTTP_SESSION_VARS['user']; $result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='".mysql_real_escape_string($session_user)."'"); if ($row = mysql_fetch_assoc($result)) { if ($row['member_login_key'] == $adb_session_password) $admin = true; else $admin = false; } else $admin = false; if (!$admin) login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']); else { $user_checked_passed = true; } } if($user_checked_passed == false) { $result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='" . mysql_real_escape_string($u_name) . "'"); if ($row = mysql_fetch_assoc($result)) { if ($row['member_login_key'] == $u_password) $admin = true; else $admin = false; } else $admin = false; if (!$admin) login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']); session_register("adb_password"); session_register("user"); $adb_password = $u_password; $user = $u_name; $page_location = $HTTP_SERVER_VARS['PHP_SELF']; if(isset($HTTP_SERVER_VARS["QUERY_STRING"])) $page_location = $page_location ."?". $HTTP_SERVER_VARS["QUERY_STRING"]; header ("Location: ". $page_location); } }}?> I want to sort out the lines: if ($row['member_login_key'] == $adb_session_password) and if ($row['member_login_key'] == $u_password)
  14. danposs86

    md5 password

    done a quick check, and using the first script i mentioned, i copy and pasted the actual hashed code from the table and it still doesnt work. all the table names are right. whats going on?
  15. danposs86

    md5 password

    I have the line: if ($row['member_login_key'] == $u_password) member_login_key is a md5 hash, what i want is to make the string $u_password into an md5 hash (hope i am using the right terminology!)i have tried: if ($row['member_login_key'] == md5($u_password)) but it doesnt appear to work, any ideas?
×
×
  • Create New...