not working code, please help!
Moderator: General Moderators
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: not working code, please help!
mysql_real_escape_string() is an important part of security regarding entering data into the database. It wouldn't hurt your script to have it in place. 
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Re: not working code, please help!
I understand, but the code doesn't work with it. and the data is already in the databse, I just extract it from there. So I hope it is not a big problem in this case 
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: not working code, please help!
I see you quoted mysql_escape_string instead of mysql_real_escape_string(). What happens if you use it in your query, any error messages? Sure the data is already in the database but whoever is using your script is in effect 'adding' a value into a query that interacts with the database. Im no expert on SQL injection but if you leave it unprotected you are asking for trouble.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Need a 'forgot password' code
Hello!
I need a working forgot password and send password code in php.
I have some , but it doesn't work :
And I prefer not to send the password, but a link to the site that enables changing the password, and confirmation email message after it.
Thank you in advance!
forgot_password.php
I need a working forgot password and send password code in php.
I have some , but it doesn't work :
And I prefer not to send the password, but a link to the site that enables changing the password, and confirmation email message after it.
Thank you in advance!
forgot_password.php
Code: Select all
<?php
include "config.php";
include "shablon_bez_acc.php";?>
<table id='text11' width="380" border="0" cellpadding="3" cellspacing="1" align="center" >
<tr>
<td >Моля, въведете имейла си: </td></tr>
<tr>
<td width="67%"><form name="email_to" method="post" action="send_password_ac.php">
<input name="mail" type="text" id="mail" size="25">
<input type="submit" name="Submit" value="Submit">
</form>
</td>
</tr>
</table>
send_password_ac.php
<?
include "config.php";
// value sent from form
$mail=$_POST['mail'];
// table name
$tbl_name='users';
// retrieve password from table where e-mail = $email_to(mark@phpeasystep.com)
$sql="SELECT password FROM users WHERE mail='$mail'";
$result=mysql_query($sql);
// if found this e-mail address, row must be 1 row
// keep value in variable name "$count"
$count=mysql_num_rows($result);
// compare if $count =1 row
if($count==1){
$rows=mysql_fetch_array($result);
// keep password in $your_password
$your_password=$rows['password'];
// ---------------- SEND MAIL FORM ----------------
// send e-mail to ...
$to=$mail;
// Your subject
$subject="Your password here";
// From
$header="from: your name <your email>";
// Your message
$messages= "Your password for login to our website \r\n";
$messages.="Your password is $password \r\n";
$messages.="more message... \r\n";
// send email
$sentmail = mail($to,$subject,$messages,$header);
}
// else if $count not equal 1
else {
echo "<center>Имейл адресът не съществува в базата данни!</center><br>";
}
// if your email succesfully sent
if($sentmail){
echo "<center>Паролата Ви беше изпратена на посочения имейл.<br>
<a href='index.php'>начало</а></center><br>";
}
else {
echo "<center>Паролата не може да бъде изпратена<br>
<a href='index.php'>начало</а></center>";
}
?>
Last edited by Benjamin on Wed Dec 29, 2010 1:10 am, edited 1 time in total.
Reason: Added [syntax=php] tags.
Reason: Added [syntax=php] tags.
image functions problem
Hello!
I have a problem with image functions, which I don't understand.
When I ran the code on my localhost it worked, now I upoladed on a web server and there is a problem:
(I marked the lines mentioned below)
Thank you in advance!
Warning: imagecreatetruecolor() [function.imagecreatetruecolor]: Invalid image dimensions in /home/artisti/public_html/check_image.php on line 117
Warning: imagecopyresampled(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 119
Warning: imagejpeg(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 120
Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 122
code:
<? ob_start(); //Its turning on the output buffer. So any output is kept in the buffer. And ob_flush() is to flush the buffer ?><?php
session_start();
//if (isset($_SESSION['username'])) {
$type_id=$_SESSION['type_id'];
$username=$_SESSION['username'];
include "config.php";
//include "shablon.php";
//make variables available
if (isset($_POST['Submit'])) {
//$image_caption = $_POST['image_caption'];
//$username = $_POST['user'];
$image_tempname = $_FILES['image_filename']['name'];
date_default_timezone_set('Europe/Helsinki');
$today = date("Y-m-d");
define ("MAX_SIZE","500");
$size=filesize($_FILES['image_filename']['tmp_name']);
if ($size > MAX_SIZE*1024)
{echo "<div id='text11'><center>Рамерът е голям!<br>
Моля, <a href='check_image.php'>опитай</a> с по-малък файл!</center></div>";
//$errors=1;
exit;
}
//upload image and check for image type
//make sure to change your path to match your images directory
$ImageDir ="img_user/";
$ImageThumb = $ImageDir . "thumbs/";// za syzdavane na miniaturi
$ImageName = $ImageDir . $image_tempname;
if (move_uploaded_file($_FILES['image_filename']['tmp_name'],
$ImageName)) {
//get info about the image being uploaded
list($width, $height, $type, $attr) = getimagesize($ImageName);
switch ($type) {
case 1:
$ext = ".gif";
break;
case 2:
$ext = ".jpg";
break;
case 3:
$ext = ".png";
break;
default:
echo "<div id='text11'><center>Съжалявам, но файлът не беше от следните формати: GIF, JPG, или PNG <br></center></div>";
echo "<div id='text11'><center>Моля, <a href='check_image.php'>опитай пак</a>.</center></div>";
}
if ($type > 3) {
echo "<div id='text11'><center>Съжалявам, но файлът не беше от следните формати: GIF, JPG, или " .
"PNG .<br></center></div>";
echo "<div id='text11'><center>Моля, <a href='check_image.php'>опитай пак</a>.</center></div>";
} else {
//insert info into image table
$insert = "INSERT INTO images
(image_caption, username, image_date)
VALUES
('', '$username', '$today')";
$insertresults = mysql_query($insert)
or die(mysql_error());
if ($insertresults) {echo "<div id='text11'><center><h3>Файлът е качен успешно!</h3><br>
<a href='check_image.php'>опитай пак</a> или <a href='gallery.php'>виж галерия</a></div>" ;}
$lastpicid = mysql_insert_id();
$newfilename = $ImageDir . $lastpicid .".jpg";
if ($type == 2) {
rename($ImageName, $newfilename);
} else {
if ($type == 1) {
$image_old = imagecreatefromgif($ImageName);
} elseif ($type == 3) {
$image_old = imagecreatefrompng($ImageName);
}
//"convert" the image to jpg
$image_jpg = imagecreatetruecolor($width, $height);
imagecopyresampled($image_jpg, $image_old, 0, 0, 0, 0,
$width, $height, $width, $height);
imagejpeg($image_jpg, $newfilename);
imagedestroy($image_old);
imagedestroy($image_jpg);
}
$newthumbname = $ImageThumb . $lastpicid . ".jpg";
//get the dimensions for the thumbnail
$thumb_width = $width * 0.10;
$thumb_height = $height * 0.10;
//create the thumbnail
$largeimage = imagecreatefromjpeg($newfilename);
line 117: $thumb = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb, $largeimage, 0, 0, 0, 0,
line : 119 $thumb_width, $thumb_height, $width, $height);
line 120 : imagejpeg($thumb, $newthumbname);
imagedestroy($largeimage);
line 122 : imagedestroy($thumb);}
}
}else{
$querycount="SELECT username FROM images WHERE username='$username' ";
$result=mysql_query($querycount) or die (mysql_error());
$num_rows = mysql_num_rows($result);
if ($num_rows<'6') {
?>
<html>
<head>
<title>Прикачете снимки!</title>
</head>
<body>
<form name="form1" method="post" action='<?=$_SERVER['PHP_SELF']?>'
enctype="multipart/form-data">
<table id='text11' border="0" cellpadding="5">
</tr><tr><td>Може да качите до 6 снимки, <? echo $username; ?>!</td></tr>
<tr><td>
Приемат се следните формати: GIF, JPG/JPEG и PNG.<br></td></tr><tr>
<td>Прикачи снимка: <input name="image_filename" type="file" id="image_filename" value=''></td><br>
</tr>
<br>
<tr><td align="center"><input type="submit" name="Submit" value="Прикачи"> <input type="reset" name="Submit2" value="Изчисти"></td></tr>
</form><tr><td align="center">
<a href='gallery.php'>виж галерия</a></td></tr></table>
</body>
</html><?php }}if (($num_rows=='6')||($num_rows>'6')) {exit ("<div id='text11'><center>Имате право да качите до 6 снимки!<br><a href='gallery.php'>виж галерия</a></center></div>");}
if (isset($_POST['Submit']) && ($size =='0')) {exit ("<div id='text11'><center>Моля, <a href='check_image.php'>прикачете</a> файл!</center></div>");}
//} else {header("Location:login.php");} ?>
<? ob_flush(); ?>
I have a problem with image functions, which I don't understand.
When I ran the code on my localhost it worked, now I upoladed on a web server and there is a problem:
(I marked the lines mentioned below)
Thank you in advance!
Warning: imagecreatetruecolor() [function.imagecreatetruecolor]: Invalid image dimensions in /home/artisti/public_html/check_image.php on line 117
Warning: imagecopyresampled(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 119
Warning: imagejpeg(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 120
Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/artisti/public_html/check_image.php on line 122
code:
<? ob_start(); //Its turning on the output buffer. So any output is kept in the buffer. And ob_flush() is to flush the buffer ?><?php
session_start();
//if (isset($_SESSION['username'])) {
$type_id=$_SESSION['type_id'];
$username=$_SESSION['username'];
include "config.php";
//include "shablon.php";
//make variables available
if (isset($_POST['Submit'])) {
//$image_caption = $_POST['image_caption'];
//$username = $_POST['user'];
$image_tempname = $_FILES['image_filename']['name'];
date_default_timezone_set('Europe/Helsinki');
$today = date("Y-m-d");
define ("MAX_SIZE","500");
$size=filesize($_FILES['image_filename']['tmp_name']);
if ($size > MAX_SIZE*1024)
{echo "<div id='text11'><center>Рамерът е голям!<br>
Моля, <a href='check_image.php'>опитай</a> с по-малък файл!</center></div>";
//$errors=1;
exit;
}
//upload image and check for image type
//make sure to change your path to match your images directory
$ImageDir ="img_user/";
$ImageThumb = $ImageDir . "thumbs/";// za syzdavane na miniaturi
$ImageName = $ImageDir . $image_tempname;
if (move_uploaded_file($_FILES['image_filename']['tmp_name'],
$ImageName)) {
//get info about the image being uploaded
list($width, $height, $type, $attr) = getimagesize($ImageName);
switch ($type) {
case 1:
$ext = ".gif";
break;
case 2:
$ext = ".jpg";
break;
case 3:
$ext = ".png";
break;
default:
echo "<div id='text11'><center>Съжалявам, но файлът не беше от следните формати: GIF, JPG, или PNG <br></center></div>";
echo "<div id='text11'><center>Моля, <a href='check_image.php'>опитай пак</a>.</center></div>";
}
if ($type > 3) {
echo "<div id='text11'><center>Съжалявам, но файлът не беше от следните формати: GIF, JPG, или " .
"PNG .<br></center></div>";
echo "<div id='text11'><center>Моля, <a href='check_image.php'>опитай пак</a>.</center></div>";
} else {
//insert info into image table
$insert = "INSERT INTO images
(image_caption, username, image_date)
VALUES
('', '$username', '$today')";
$insertresults = mysql_query($insert)
or die(mysql_error());
if ($insertresults) {echo "<div id='text11'><center><h3>Файлът е качен успешно!</h3><br>
<a href='check_image.php'>опитай пак</a> или <a href='gallery.php'>виж галерия</a></div>" ;}
$lastpicid = mysql_insert_id();
$newfilename = $ImageDir . $lastpicid .".jpg";
if ($type == 2) {
rename($ImageName, $newfilename);
} else {
if ($type == 1) {
$image_old = imagecreatefromgif($ImageName);
} elseif ($type == 3) {
$image_old = imagecreatefrompng($ImageName);
}
//"convert" the image to jpg
$image_jpg = imagecreatetruecolor($width, $height);
imagecopyresampled($image_jpg, $image_old, 0, 0, 0, 0,
$width, $height, $width, $height);
imagejpeg($image_jpg, $newfilename);
imagedestroy($image_old);
imagedestroy($image_jpg);
}
$newthumbname = $ImageThumb . $lastpicid . ".jpg";
//get the dimensions for the thumbnail
$thumb_width = $width * 0.10;
$thumb_height = $height * 0.10;
//create the thumbnail
$largeimage = imagecreatefromjpeg($newfilename);
line 117: $thumb = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb, $largeimage, 0, 0, 0, 0,
line : 119 $thumb_width, $thumb_height, $width, $height);
line 120 : imagejpeg($thumb, $newthumbname);
imagedestroy($largeimage);
line 122 : imagedestroy($thumb);}
}
}else{
$querycount="SELECT username FROM images WHERE username='$username' ";
$result=mysql_query($querycount) or die (mysql_error());
$num_rows = mysql_num_rows($result);
if ($num_rows<'6') {
?>
<html>
<head>
<title>Прикачете снимки!</title>
</head>
<body>
<form name="form1" method="post" action='<?=$_SERVER['PHP_SELF']?>'
enctype="multipart/form-data">
<table id='text11' border="0" cellpadding="5">
</tr><tr><td>Може да качите до 6 снимки, <? echo $username; ?>!</td></tr>
<tr><td>
Приемат се следните формати: GIF, JPG/JPEG и PNG.<br></td></tr><tr>
<td>Прикачи снимка: <input name="image_filename" type="file" id="image_filename" value=''></td><br>
</tr>
<br>
<tr><td align="center"><input type="submit" name="Submit" value="Прикачи"> <input type="reset" name="Submit2" value="Изчисти"></td></tr>
</form><tr><td align="center">
<a href='gallery.php'>виж галерия</a></td></tr></table>
</body>
</html><?php }}if (($num_rows=='6')||($num_rows>'6')) {exit ("<div id='text11'><center>Имате право да качите до 6 снимки!<br><a href='gallery.php'>виж галерия</a></center></div>");}
if (isset($_POST['Submit']) && ($size =='0')) {exit ("<div id='text11'><center>Моля, <a href='check_image.php'>прикачете</a> файл!</center></div>");}
//} else {header("Location:login.php");} ?>
<? ob_flush(); ?>
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: not working code, please help!
RE The forgotten password script : Passwords shouldn't be keep as plain text inside the database. If a user forgets their password you should reset the password, send it to them and urge them to change the password again once they login.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering