Jump to content

ATM

Members
  • Posts

    70
  • Joined

  • Last visited

Everything posted by ATM

  1. ATM

    Parsing XML

    HelloI was wondering if someone could give me the code to parse an XML document in PHP4 and display all of the tags except the root tags as well as the text they contain so it could be processed in a way similar to the way bellow:foreach($tag){echo $tagecho ":";echo $contents }I would also want it to process only tags with in certain other tags for example:<page 1><title>page 1</title></page 1><page 2><title>Page 2</title></page 2>I would only want it to display tags in certain pages.I'm sorry if this seems a large task to do, but I have tried and failed many times using PHP4 and I just can't do it.Thank you.
  2. Sorry, I don't really understand what you need help with, please could you make it a little bit more clearer what you are trying to do, thank you.
  3. Hello,please may someone help me to load any xml file into a form using php 4.For example if I had an xml file with<letters><letter>a</letter><letter>b</letter><letter>c</letter></letters>on it.I would want an html form to appear like this:-LETTERS-letter:[ a ]letter:[ b ]letter:[ c ]I would prefer this to use the foreach command and it must work with any XML file and must work with php 4.Thank you.
  4. I'm not really sure, I'm using phpmyadmin and there is a 'PASSWORD' option.The method I'm using to compare them is a simple if statement.Thank you,
  5. Ok, I'm creating a login system and I have the users passwords saved in a database. However the passwords in the database are encrypted using the password encryption included with mysql.When I compare the password the user submitted, with the encrypted password on the database they do not match.Is there anyway I can stop this from happening, I'm using php by the way.Thank You.
  6. ATM

    Login System Problem

    Hello,I have created this login system, but for some wierd reason it started allowing users login using any password. Thankfully Its not protecting anything important at the moment.Anyway I was wondering whether someone could help me find the reason the script allows access to the admin page using any password.Normally I wouldn't ask such a big task but I have been stuck on this for quite a while and I'm really frustrated by it. <?php/*User Submitted Information*/$username=$_POST["username"];$password=$_POST["password"];/*Users IP Address*/$ip_address=$_SERVER["REMOTE_ADDR"]; /*HTTP REFERER*/$http_referer=parse_url($_SERVER['HTTP_REFERER']);/*Mysql Information*/$mysql_username="******";$mysql_password="******";$mysql_servername="******";$mysql_database="******";/*General Table*/$mysql_fieldname_user_id="user_id";$mysql_fieldname_reference="reference";/*Login Table*/$mysql_tablename_login="login_information";$mysql_fieldname_username="username";$mysql_fieldname_password="password";/*Personal Information Table*/$mysql_tablename_personal_information="personal_information";$mysql_fieldname_title="title";$mysql_fieldname_first_name="first_name";$mysql_fieldname_surname="surname";$mysql_fieldname_company="company";$mysql_fieldname_street_address="street_address";$mysql_fieldname_town="town";$mysql_fieldname_county="county";$mysql_fieldname_country="country";$mysql_fieldname_postcode="postcode";$mysql_fieldname_email_address="email_address";$mysql_fieldname_telephone_number="telephone_number";$mysql_fieldname_website="website";/*Account Information Table*/$mysql_tablename_account_information="account_information";$mysql_fieldname_account_type="account_type";$mysql_fieldname_date_created="date_created";$mysql_fieldname_last_login="last_login";$mysql_fieldname_xml_reference="xml_reference";$mysql_fieldname_xml_version="xml_version";/*Title Reference Table*/$mysql_tablename_title_reference="title_reference";$mysql_fieldname_title="title";/*County Reference Table*/$mysql_tablename_county_reference="county_reference";$mysql_fieldname_county="county";/*Country Reference Table*/$mysql_tablename_country_reference="country_reference";$mysql_fieldname_country="country";/*Login Record Table*/$mysql_tablename_login_record="login_record";/*IP Address Record*/$mysql_tablename_ip_address_record="ip_address_record";$mysql_fieldname_ip_address="ip_address";$mysql_fieldname_failed_attempts="failed_attempts";$mysql_fieldname_status="status";/*Current Timestamp*/$current_timestamp=date("Y-m-d H:i:s");/*Fail Function*/function Fail(){header('Location: ******');@mysql_close($connect);exit();}/*Process HTTP REFERER*/if($http_referer['host']=="******"){unset($http_referer['host']);$http_referer['host']="******";}/*Verify HTTP REFERER*/if($http_referer['host']!="******"){Fail();}/*Process Username*/$username=@stripslashes($username);$username=@strip_tags($username);/*Process Password*/$password=@stripslashes($password);$password=@strip_tags($password);/*Mysql Connect*/$connect=@mysql_connect($mysql_servername,$mysql_username,$mysql_password);if(!$connect){Fail();}/*Mysql Select Database*/$database_select=@mysql_select_db($mysql_database,$connect);if (!$database_select){Fail();} /*Mysql Login Information Query*/$mysql_username_query=@mysql_query("SELECT * FROM " . $mysql_tablename_login . " WHERE " . $mysql_fieldname_username . "='" . $username . "' LIMIT 1",$connect);$fetch_array_login=@mysql_fetch_array($mysql_username_query);if(!$fetch_array_login){Fail();}/*Insert IP Address*/@mysql_query("INSERT INTO " . $mysql_tablename_ip_address_record . " VALUES ('" . $ip_address . "', '0', '1')");/*Select IP Address*/$mysql_ip_address_record_query=@mysql_query("SELECT * FROM " . $mysql_tablename_ip_address_record . " WHERE " . $mysql_fieldname_ip_address . "='" . $ip_address . "'");if(!$mysql_ip_address_record_query){Fail();}/*Mysql IP Address Query*/$fetch_array_ip_address_record=@mysql_fetch_array($mysql_ip_address_record_query);$failed_attempt=$fetch_array_ip_address_record[$mysql_fieldname_failed_attempts];$ip_address_status=$fetch_array_ip_address_record[$mysql_fieldname_status];/*Verify IP Address*/if($ip_address_status==0){Fail();}/*Process IP Address*/$failed_attempts=$failed_attempt+1;/*Retrieve Password*/$verify=$fetch_array_login[$mysql_fieldname_password];/*Verify Password*/if(!$verify==$password){$verify_password="false";}elseif($verify==$password){$verify_password="true";}/*Process IP Address*/if($failed_attempts%5==0){$block_ip_address="true";}elseif($failed_attempts%5!=0){$block_ip_address="false";}/*Block IP Address*/if($verify_password="true" && $block_ip_address="false"){$login="true";}elseif ($verify_password="false" && $block_ip_address="true"){@mysql_query("UPDATE " . $mysql_tablename_ip_address_record . " SET " . $mysql_fieldname_status . " ='0' WHERE " . $mysql_fieldname_ip_address . " ='" . $ip_address . "'");Fail();}elseif($verify_password="false" && $block_ip_address="false"){@mysql_query("UPDATE " . $mysql_tablename_ip_address_record . " SET " . $mysql_fieldname_failed_attempts . " ='" . $failed_attempts . "' WHERE " . $mysql_fieldname_ip_address . " ='" . $ip_address . "'");Fail();}else{Fail();}/*Get User ID*/$user_id=$fetch_array_login[$mysql_fieldname_user_id];/*Mysql Personal Information Query*/$mysql_personal_information_query=@mysql_query("SELECT * FROM " . $mysql_tablename_personal_information . " WHERE " . $mysql_fieldname_user_id . "='" . $user_id . "' LIMIT 1",$connect);$fetch_array_personal_information=@mysql_fetch_array($mysql_personal_information_query);if(!$fetch_array_personal_information){Fail();}/*Mysql Account Information Query*/$mysql_account_information_query=@mysql_query("SELECT * FROM " . $mysql_tablename_account_information . " WHERE " . $mysql_fieldname_user_id . "='" . $user_id . "' LIMIT 1",$connect);$fetch_array_account_information=@mysql_fetch_array($mysql_account_information_query);if(!$fetch_array_account_information){Fail();}/*Get Personal Information*/$title=$fetch_array_personal_information[$mysql_fieldname_title];$first_name=$fetch_array_personal_information[$mysql_fieldname_first_name];$surname=$fetch_array_personal_information[$mysql_fieldname_surname];$company=$fetch_array_personal_information[$mysql_fieldname_company];$street_address=$fetch_array_personal_information[$mysql_fieldname_street_address];$town=$fetch_array_personal_information[$mysql_fieldname_town];$county=$fetch_array_personal_information[$mysql_fieldname_county];$country=$fetch_array_personal_information[$mysql_fieldname_country];$postcode=$fetch_array_personal_information[$mysql_fieldname_postcode];$email_address=$fetch_array_personal_information[$mysql_fieldname_email_address];$telephone_number=$fetch_array_personal_information[$mysql_fieldname_telephone_number];$website=$fetch_array_personal_information[$mysql_fieldname_website];/*Get Account information*/$account_type=$fetch_array_account_information[$mysql_fieldname_account_type];$date_created=$fetch_array_account_information[$mysql_fieldname_date_created];$last_login=$fetch_array_account_information[$mysql_fieldname_last_login];$xml_reference=$fetch_array_account_information[$mysql_fieldname_xml_reference];$xml_version=$fetch_array_account_information[$mysql_fieldname_xml_version];/*Mysql Title Reference Query*/$mysql_title_reference_query=@mysql_query("SELECT * FROM " . $mysql_tablename_title_reference . " WHERE " . $mysql_fieldname_reference . "='" . $title . "'",$connect);$fetch_array_title_reference=@mysql_fetch_array($mysql_title_reference_query);if(!$fetch_array_title_reference){unset($title);$title=$first_name;}else{unset($title);$title=$fetch_array_title_reference[$mysql_fieldname_title];}/*Mysql County Reference Query*/$mysql_county_reference_query=@mysql_query("SELECT * FROM " . $mysql_tablename_county_reference . " WHERE " . $mysql_fieldname_reference . "='" . $county . "'",$connect);$fetch_array_county_reference=@mysql_fetch_array($mysql_county_reference_query);if(!$fetch_array_county_reference){unset($county);$county="";}else{unset($county);$county=$fetch_array_county_reference[$mysql_fieldname_county];}/*Mysql Country Reference Query*/$mysql_country_reference_query=@mysql_query("SELECT * FROM " . $mysql_tablename_country_reference . " WHERE " . $mysql_fieldname_reference . "='" . $country . "'",$connect);$fetch_array_country_reference=@mysql_fetch_array($mysql_country_reference_query);if(!$fetch_array_country_reference){unset($country);$country="United Kingdom";}else{unset($country);$country=$fetch_array_country_reference[$mysql_fieldname_country];}/*Update Last Login*/@mysql_query("UPDATE account_information SET " . $mysql_fieldname_last_login . " ='" . $current_timestamp . "' WHERE " . $mysql_fieldname_user_id . " ='" . $user_id . "'",$connect);/*Record Successful Login*/@mysql_query("INSERT INTO " . $mysql_tablename_login_record . " VALUES ('" . $user_id . "', '" . $current_timestamp . "', '" . $ip_address . "') LIMIT 1",$connect);/*Mysql Close Connection*/@mysql_close($connect);/*Start Session*/session_start();/*Write Session Variables*/$_SESSION['login']="true";$_SESSION['user_id']=$user_id;$_SESSION['username']=$username;$_SESSION['password']=$password;$_SESSION['title']=$title;$_SESSION['first_name']=$first_name;$_SESSION['surname']=$surname;$_SESSION['company']=$company;$_SESSION['street_address']=$street_address;$_SESSION['town']=$town;$_SESSION['county']=$county;$_SESSION['country']=$country;$_SESSION['postcode']=$postcode;$_SESSION['email_address']=$email_address;$_SESSION['telephone_number']=$telephone_number;$_SESSION['website']=$website;$_SESSION['account_type']=$account_type;$_SESSION['date_created']=$date_created;$_SESSION['last_login']=$last_login;$_SESSION['xml_reference']=$xml_reference;$_SESSION['xml_version']=$xml_version;/*Account Type Redirect*/if($account_type=="1"){header('Location: ******');exit();}elseif($account_type=="0"){header('Location: ******');exit();}else{header('Location: ******');exit();}?> Thank You.
  7. It would be a good idea to download them, It's not like they are extreamly large downloads and Personally I think FireFox is a really good browser.
  8. Hey,Javascript isn't my favorite of scripting languages, most proberly because I'm not very good at it. Anyway, I was wondering if there is a way to only display the page once it is fully loaded, I have no idea how this can be done, but I reckon it is possible.Thanks,
  9. ATM

    Dynamic pages

    If you want a way to do it without using any codes, open all files on dreamwearer (if you have it) or another program that has a find and replace function.go edit > find and replace select all open documents and then put in your current code and the one you want to replace it with. Make sure you use a peice of code that is not going to change something you don't want to change.this is the best way if you don't have server-side scripting.Unless you included a javascript file with all the variables on it using '<script>' and then your page wrote those variables. I don't think you can use it for everything though.
  10. Hello,I know this is an easy question, but I'm not currently very good at SQL and would like to know how to update a TIMEDATE field.Currently I'm trying to use $current_timestamp=mysql_query("SELECT CURRENT_TIMESTAMP");$mysql_update_last_login=mysql_query("UPDATE account SET last_login='" . $current_timestamp . "' WHERE user_id='1');
  11. Hello,I was wondering if it is possible to add new users to mysql using SQL alongside with PHP, I have spent many days looking but the only thing I seem to find is the 'grant' function, which I don't see a point for unless I can create new mysql users.Thanks,
  12. Hello,I was wondering if someone could perhaps write me some php code to check to see if the HTTP_REFERER is withinn a certain directory or even better, within a domain.Normally I wouldn't ask this but I have tried writing one and it doesn't seem to work, and I expect this script will only be a couple of lines.Thanks,
  13. I've fixed it now, thanks
  14. Hey, I'm trying to make a login system using php, firstly I have a form which submits the submitted username and password, this will also be used to connect to the database as the user will have there limited mysql account. I also have the database it's self which I have set up using the same username and password as my mysql. However this is not working so I'm wondering if you can help me find out what is wrong with this code: <?php/*Mysql Details*/$mysql_username=$_POST["username"];$mysql_password=$_POST["password"];$mysql_servername="*****";$mysql_database="*****";/*General Table*/$mysql_fieldname_user_id="user_id";/*Login Table*/$mysql_tablename_login="login";$mysql_fieldname_username="username";$mysql_fieldname_password="password";/*Personal Information Table*/$mysql_tablename_personal_information="personal_information";$mysql_fieldname_title="title";$mysql_fieldname_first_name="first_name";$mysql_fieldname_surname="surname";$mysql_fieldname_company="company";$mysql_fieldname_street_address="street_address";$mysql_fieldname_town="town";$mysql_fieldname_county="county";$mysql_fieldname_country="country";$mysql_fieldname_postcode="postcode";$mysql_fieldname_email_address="e-mail_address";$mysql_fieldname_telephone_number="telephone_number";$mysql_fieldname_website="website";/*Account Details Table*/$mysql_tablename_account_details="account_details";$mysql_fieldname_account_type="account_type";$mysql_fieldname_xml_reference="xml_reference";$mysql_fieldname_xml_version="xml_version";$mysql_fieldname_date_created="date_created";$mysql_fieldname_last_login="last_login";/*Fail Function*/function Fail() { header('Location: http://www.designs.rymax.co.uk/'); exit(); }/*Mysql Connect*/$connect=@mysql_connect($mysql_servername,$mysql_username,$mysql_password);if(!$connect){Fail();}/*Mysql Username Query*/$mysql_username_query=mysql_query("SELECT * FROM ".$mysql_tablename_login." WHERE ".$mysql_fieldname_username."='".$username."'");$fetch_array_login=@mysql_fetch_array($mysql_username_query);if(!@mysql_fetch_array($fetch_array_login)){Fail();}/*Verify Password*/$verify=$fetch_array_login[$mysql_fieldname_password];if(!$verify==$password){Fail();}/*Get User ID*/$user_id=$fetch_array_login[$mysql_fieldname_user_id];/*Mysql Personal Information Query*/$mysql_personal_information_query=mysql_query("SELECT * FROM ".$mysql_tablename_personal_infomation." WHERE ".$mysql_fieldname_user_id."='".$user_id."'");$fetch_array_personal_information=@mysql_fetch_array($mysql_personal_information_query);/*Mysql Account Details Query*/$mysql_account_details_query=mysql_query("SELECT * FROM ".$mysql_tablename_account_details." WHERE ".$mysql_fieldname_user_id."='".$user_id."'");$fetch_array_account_details=@mysql_fetch_array($mysql_account_details_query);/*Get Personal Information*/$title=$fetch_array_personal_information[$mysql_fieldname_title];$first_name=$fetch_array_personal_information[$mysql_fieldname_first_name];$surname=$fetch_array_personal_information[$mysql_fieldname_surname];$company=$fetch_array_personal_information[$mysql_fieldname_company];$street_address=$fetch_array_personal_information[$mysql_fieldname_street_address];$town=$fetch_array_personal_information[$mysql_fieldname_town];$county=$fetch_array_personal_information[$mysql_fieldname_county];$country=$fetch_array_personal_information[$mysql_fieldname_country];$postcode=$fetch_array_personal_information[$mysql_fieldname_postcode];$email_address=$fetch_array_personal_information[$mysql_fieldname_email_address];$telephone_number=$fetch_array_personal_information[$mysql_fieldname_telephone_number];$website=$fetch_array_personal_information[$mysql_fieldname_website];/*Get Account Details*/$account_type=$fetch_array_personal_information[$mysql_fieldname_account_type];$xml_reference=$fetch_array_personal_information[$mysql_fieldname_xml_reference];$xml_version=$fetch_array_personal_information[$mysql_fieldname_xml_version];$date_created=$fetch_array_personal_information[$mysql_fieldname_date_created];$last_login=$fetch_array_personal_information[$mysql_fieldname_last_login];/*Edit Data*/if($title==1){unset($title);$title="Mr";}elseif($title==2){unset($title);$title="Mrs";}elseif($title==3){unset($title);$title="Miss";}elseif($title==4){unset($title);$title="Ms";}else{unset($title);$title=$first_name;}/*Start Session*/session_start();/*Write Session Variables*/$_SESSION['login']="true";$_SESSION['user_id']=$user_id;$_SESSION['title']=$title;$_SESSION['first_name']=$first_name;$_SESSION['surname']=$surname;$_SESSION['company']=$company;$_SESSION['street_address']=$street_address;$_SESSION['town']=$town;$_SESSION['county']=$county;$_SESSION['country']=$country;$_SESSION['postcode']=$postcode;$_SESSION['email_address']=$email_address;$_SESSION['telephone_number']=$telephone_number;$_SESSION['website']=$website;$_SESSION['account_type']=$account_type;$_SESSION['xml_reference']=$xml_reference;$_SESSION['xml_version']=$xml_version;$_SESSION['date_created']=$date_created;$_SESSION['last_login']=$last_login;/*Verify Account Type*/if($account_type=="1"){header('Location: *****');exit();}else{header('Location: *****');exit();}?> Thanks,
  15. ATM

    Changing variables

    cheers, I should have really worked that out on my own I knew it can cancel sessions.
  16. ATM

    Changing variables

    Hey,I was wondering if there is a way to either end a variable, or change a variable for example would <?php$number = "1";$number = "2";echo "$number";?> work or would I have to end the variable or do a function to change the variable.thanks,
  17. ATM

    PHP Mysql Headers Help

    the @mysql_connect worked, Thanks
  18. ATM

    PHP Mysql Headers Help

    Still does not work! This is really frustrating me now!Thanks anyway,
  19. ATM

    PHP Mysql Headers Help

    it's just how the code is shown, In the real code there is no space.I think it's that if the connection fails then it will write an error, and the error is the header which is stoping me from sending one, I think? is there anyway to stop this?thanks,
  20. ATM

    PHP Mysql Headers Help

    <?php$username=$_POST["username"];$password=$_POST["password"];$mysql_username=$username;$mysql_password=$password;$mysql_servername="**********";$mysql_database="*******";$mysql_tablename_login="Login";$mysql_tablename_name="Name";$mysql_tablename_contact="Contact";$mysql_tablename_other="Other";$mysql_fieldname_user_id="User_ID";$mysql_fieldname_username="Username";$mysql_fieldname_password="Password";$mysql_fieldname_title="Title";$mysql_fieldname_first_name="First_Name";$mysql_fieldname_last_name="Last_Name";$mysql_fieldname_address_line_one="Address_Line_One";$mysql_fieldname_address_line_two="Address_Line_Two";$mysql_fieldname_city="City";$mysql_fieldname_county="County";$mysql_fieldname_country="Country";$mysql_fieldname_postcode="Postcode";$mysql_fieldname_telephone_number="Telephone_Number";$mysql_fieldname_mobile_number="Mobile_Number";$mysql_fieldname_email_address="E-mail_Address";$mysql_fieldname_fax="Fax";$mysql_fieldname_primary_domain="Primary_Domain";$mysql_fieldname_ip_address="IP_Address";$mysql_fieldname_xml_reference="XML_Reference";$mysql_fieldname_xml_version="XML_Version";$mysql_fieldname_date_created="Date_Created";$mysql_connect=mysql_connect($mysql_servername,$mysql_username,$mysql_password);if (!$mysql_connect){die(header('Location: [url=http://www.mysite.com/'));]http://www.mysite.com/'));[/url]}?> don't see anything, the code isn't finished yet. The above is what I have done so far.
  21. ATM

    Passing variables

    Could you put it in the url?for example have an address simular to this in your javascript pop-up window code as index.php?variable=$anyvariableand on the pop-up window have <?php $anyvariable=$_GET["variable"]; ?>or maybe something simular
×
×
  • Create New...