Page 1 of 1

Save text string to database then print to image

Posted: Wed Nov 12, 2014 11:50 pm
by chrisb302
Hello, I am attempting to create a script where the user inputs information into a form on index.php which givekey.php inserts that into the database. I have not yet figure out how to do this in one single step. After that I need it to navigate directly to key.php which would display the information submitted with a link to mysite.com/key.php?id=XX as well as print out the 'source' they input in the form prior. I wrote something up but I cannot get it to work. I may be a little in over my head. Any help is appreciated, thank you.

getkey.php

Code: Select all

<?php
  require_once 'dbinfo.php';
  // database connection
 
  $id = $_GET['id'];
  // do some validation here to ensure id is safe
 
  $link = mysql_connect($servername, $username, $password);
  if (!$link) {
            die('Could not connect: ' . mysql_error());
            }
  @mysql_select_db($database) or die( "Unable to select database");
  $sql = "SELECT ukey FROM keycode WHERE id=$id";
  $result = mysql_query("$sql");
  $row = mysql_fetch_assoc($result);
  mysql_close($link);
 
  header("Content-type: image/png");
  echo $row['ukey'];
?>

key.php

Code: Select all

<html>


<head>
  <title>Your Key Is Ready</title>
</head>


<body>
<center><p>Your key is</p>
<img src="getkey.php?id=1" width="175" height="50" /><br />
<p>You can redeem your key at $source</p>
</center>
</body>


</html>

index.php

Code: Select all

<html>


<head>
  <title></title>
</head>


<body>


<section id="mid_section">
                <div id="boxes">
                    <h1>
                        Testing input key
                    </h1>
                    <br/>
                    <form id="myform" action="givekey.php" method="post">
                        Key:<br />
                        <input type="text" value="ukey">
                        Source:<br />
                        <input type="radio" value="hb">HB<br />
                        <input type="radio" value="ig">IG<br />
                        <input type="radio" value="other">Other<br />
                        <button id="sub">Submit</button>
                    </form>


</body>


</html>

givekey.php

Code: Select all

<?php
    include_once('dbinfo.php');


    $conn = mysql_connect($servername, $username, $password);
    $db= mysql_select_db($database);


    $ukey =$_POST['ukey'];
    $hb =$_POST['hb'];
    $ig =$_POST['ig'];
    $other =$_POST['other'];


    $key = "INSERT INTO keycode (ukey) VALUES ('$ukey')";
    $source ="INSERT INTO source (hb,ig,other) VALUES ('$hb','$ig','$other')";


    if(mysql_query($key, $source));


?>

Re: Save text string to database then print to image

Posted: Thu Nov 13, 2014 6:42 am
by Celauran

Code: Select all

<?php
    include_once('dbinfo.php');


    // No. This isn't 2004. Stop using mysql_anything
    $conn = mysql_connect($servername, $username, $password);
    $db= mysql_select_db($database);


    $ukey =$_POST['ukey'];
    $hb =$_POST['hb']; // Doesn't exist
    $ig =$_POST['ig']; // Doesn't exist
    $other =$_POST['other']; // Doesn't exist

    // Escape and sanitize before putting anything in the DB. Use prepared statements!
    $key = "INSERT INTO keycode (ukey) VALUES ('$ukey')";
    $source ="INSERT INTO source (hb,ig,other) VALUES ('$hb','$ig','$other')";

    // What?
    if(mysql_query($key, $source));


?>
There are a number of problems with your code. See comments I've added above. The radio buttons on your form also have no name attribute, so you're going to have a tough time retrieving the value.

Re: Save text string to database then print to image

Posted: Thu Nov 13, 2014 6:45 am
by Celauran

Code: Select all

<html>


<head>
  <title>Your Key Is Ready</title>
</head>


<body>
<center><p>Your key is</p>
<img src="getkey.php?id=1" width="175" height="50" />

<p>You can redeem your key at $source</p>
</center>
</body>


</html>
Where is $source defined? Why is 1 hardcoded into the image? What is ID meant to be? How does the user arrive at this page?