will this work????

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

will this work????

Post by itsmani1 »

Code: Select all

<?php
ob_start("mb_output_handler");

include("conn.php");
$Error = 0;


$id  = $HTTP_POST_VARS['id'];
$pwd1 = $HTTP_POST_VARS['pwd1'];

$name = $HTTP_POST_VARS['name'];
$phone = $HTTP_POST_VARS['phone'];
$email = $HTTP_POST_VARS['email'];
$country = $HTTP_POST_VARS['country'];

//////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////
$uploaddir = '/htdocs/img';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   print "File is valid, and was successfully uploaded. ";
   print "Here's some more debugging info:\n";
   print_r($_FILES);
} else {
   print "Possible file upload attack!  Here's some debugging info:\n";
   print_r($_FILES);
}
print "</pre>";
//////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////
if(empty($id) || (bool)strpos($id,"'"))
	{
		++$Error;
		$QString = $QString."idEr=true&";
	}		
if(empty($pwd1) || (bool)strpos($pwd1,"'"))
	{
		++$Error;
		$QString=$QString."pwd1Er=true&";
	}	/*
if(empty($pwd2) || (bool)strpos($pwd2,"'"))
	{
		++$Error;
		$QString = $QString."pwd2Er=true&";
	}		*/
if(empty($name) || (bool)strpos($name,"'"))
	{
		++$Error;
		$QString = $QString."nameEr=true&";
	}	
if(empty($phone) || (bool)strpos($phone,"'"))
	{
		++$Error;
		$QString = $QString."idphone=true&";
	}
if(empty($email) || (bool)strpos($email,"'"))
	{
		++$Error;
		$QString = $QString."idemail=true&";
	}
if(empty($country) || (bool)strpos($country,"'"))
	{
		++$Error;
		$QString = $QString."idcountry=true&";
	}
if($Error > 0)
{		//	echo $Error; exit;
			$QString = "Location:signup.php?";
			$QString = $QString."id=$id&pwd1=$pwd1&name=$name&phone=$phone&email=$email&country=$country&";
			$QString = $QString."log=false";
			header($QString);
			exit;
}
else{
$chk_qry =  "select * from user where id='$id'";
$result_chk_qry = mysql_query($chk_qry) or die(mysql_error());
$num_chk_qry = mysql_num_rows($result_chk_qry);
//echo $num_chk_qry;exit;
	if($num_chk_qry > 0){
			$QString = "Location:signup.php?log=old&";
			$QString = $QString."id=$id&pwd1=$pwd1&name=$name&phone=$phone&email=$email&country=$country&";
			header($QString);
			exit;
	}
	else{
	$qry = "INSERT INTO `user` (id,pwd,name,phone,email,country) VALUES ('$id','$pwd1','$name','$phone','$email','$country')";
	$result = mysql_query($qry) or die(mysql_error());
	//echo"*****************";
	//exit;
	//$num = mysql_num_rows($result);
	header("Location:home.php");
	exit;
	}
exit;		
}

?>
above is the code that i m using. now i wants to know that code given will work or not. the code given below is also taken from the above code.

problem is that nothing is going to my img folder.

Code: Select all

$uploaddir = '/htdocs/img';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   print "File is valid, and was successfully uploaded. ";
   print "Here's some more debugging info:\n";
   print_r($_FILES);
} else {
   print "Possible file upload attack!  Here's some debugging info:\n";
   print_r($_FILES);
}
print "</pre>";
lostboy
Forum Contributor
Posts: 329
Joined: Mon Dec 30, 2002 8:12 pm
Location: toronto,canada

Post by lostboy »

Wouldn't it make sense then to test it?
kettle_drum
DevNet Resident
Posts: 1150
Joined: Sun Jul 20, 2003 9:25 pm
Location: West Yorkshire, England

Post by kettle_drum »

Well did it work when you ran it? Did you get any errors? Its easier for you to just test it, that to ask if it works or not.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

what is it outputting? what's the form that sends to this script?
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

it did not gave any error and work nicely but problem is that i did not found any thing to my Img floder as i am sending the images to that folder???
this is the main issue.....
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

post the html or script that has the form sending to this script.
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]

Code: Select all

<?PHP
ob_start('mb_output_hanlder');
session_start();
if(session_is_registered('loginadmin')){
///
}
else if(!session_is_registered('loginadmin'))
{
//echo "*************";
//exit;
//header("Location:index.php?Logout");
//exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?PHP
$loger = $HTTP_POST_VARS['log'];
?>
<form action="signup_process.php" method="post" enctype="multipart/form-data" name="form1" target="mainFrame">
  <table width="100%"  border="0" cellspacing="0" cellpadding="0">
    <tr> 
      <td width="25%">&nbsp;</td>
      <td width="3%">&nbsp;</td>
      <td width="72%">&nbsp;</td>
    </tr>
    <tr> 
      <td><div align="right">id</div></td>
      <td>&nbsp;</td>
      <td><input name="id" type="text" id="id"></td>
    </tr>
    <tr> 
      <td><div align="right">pw</div></td>
      <td>&nbsp;</td>
      <td><input name="pwd1" type="text" id="pwd1"></td>
    </tr>
    <tr> 
      <td><div align="right">pw</div></td>
      <td>&nbsp;</td>
      <td>&nbsp;</td>
    </tr>
    <tr> 
      <td><div align="right">nam</div></td>
      <td>&nbsp;</td>
      <td><input name="name" type="text" id="name"></td>
    </tr>
    <tr> 
      <td><div align="right">ph</div></td>
      <td>&nbsp;</td>
      <td><input name="phone" type="text" id="phone"></td>
    </tr>
    <tr> 
      <td><div align="right">eml</div></td>
      <td>&nbsp;</td>
      <td><input name="email" type="text" id="email"></td>
    </tr>
    <tr> 
      <td><div align="right">ctry</div></td>
      <td>&nbsp;</td>
      <td><select name="country" id="country">
          <option>Select</option>
          <option>Pakistan</option>
          <option>China</option>
          <option>UK</option>
          <option>USA</option>
          <option>Ukrine</option>
          <option>India</option>
          <option>Holand</option>
          <option>Greece</option>
          <option>Germany</option>
          <option>Australia</option>
          <option>Canada</option>
          <option>Turkey</option>
          <option>Oman</option>
        </select></td>
    </tr>
    <tr> 
      <td><div align="right">upload image.</div></td>
      <td>&nbsp;</td>
      <td><input name="userfile" type="file" id="userfile"></td>
    </tr>
    <tr> 
      <td><div align="right"></div></td>
      <td>&nbsp;</td>
      <td><label> </label> &nbsp;</td>
    </tr>
    <tr> 
      <td><div align="right"></div></td>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Submit"></td>
    </tr>
  </table>
</form>
<p>&nbsp;</p>
</body>
</html>
this is the html code from where it get the image and above is the complete code..

Code: Select all

&lt;input name="userfile" type="file" id="userfile"&gt;

feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

feyd | This is getting VERY tiring. Use

Code: Select all

tags [b]properly[/b] when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]

Code: Select all

<?PHP
ob_start('mb_output_hanlder');
session_start();
if(session_is_registered('loginadmin')){
///
}
else if(!session_is_registered('loginadmin'))
{
//echo "*************";
//exit;
//header("Location:index.php?Logout");
//exit;
}
?>

Code: Select all

&lt;!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"&gt;
&lt;html&gt;
&lt;head&gt;
&lt;title&gt;Untitled Document&lt;/title&gt;
&lt;meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"&gt;
&lt;/head&gt;

&lt;body&gt;

Code: Select all

<?PHP
$loger = $HTTP_POST_VARS['log'];
?>

Code: Select all

&lt;form action="signup_process.php" method="post" enctype="multipart/form-data" name="form1" target="mainFrame"&gt;
  &lt;table width="100%"  border="0" cellspacing="0" cellpadding="0"&gt;
    &lt;tr&gt; 
      &lt;td width="25%"&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td width="3%"&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td width="72%"&gt;&amp;nbsp;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;id&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="id" type="text" id="id"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;pw&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="pwd1" type="text" id="pwd1"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;pw&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;nam&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="name" type="text" id="name"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;ph&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="phone" type="text" id="phone"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;eml&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="email" type="text" id="email"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;ctry&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;select name="country" id="country"&gt;
          &lt;option&gt;Select&lt;/option&gt;
          &lt;option&gt;Pakistan&lt;/option&gt;
          &lt;option&gt;China&lt;/option&gt;
          &lt;option&gt;UK&lt;/option&gt;
          &lt;option&gt;USA&lt;/option&gt;
          &lt;option&gt;Ukrine&lt;/option&gt;
          &lt;option&gt;India&lt;/option&gt;
          &lt;option&gt;Holand&lt;/option&gt;
          &lt;option&gt;Greece&lt;/option&gt;
          &lt;option&gt;Germany&lt;/option&gt;
          &lt;option&gt;Australia&lt;/option&gt;
          &lt;option&gt;Canada&lt;/option&gt;
          &lt;option&gt;Turkey&lt;/option&gt;
          &lt;option&gt;Oman&lt;/option&gt;
        &lt;/select&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;upload image.&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input name="userfile" type="file" id="userfile"&gt;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;label&gt; &lt;/label&gt; &amp;nbsp;&lt;/td&gt;
    &lt;/tr&gt;
    &lt;tr&gt; 
      &lt;td&gt;&lt;div align="right"&gt;&lt;/div&gt;&lt;/td&gt;
      &lt;td&gt;&amp;nbsp;&lt;/td&gt;
      &lt;td&gt;&lt;input type="submit" name="Submit" value="Submit"&gt;&lt;/td&gt;
    &lt;/tr&gt;
  &lt;/table&gt;
&lt;/form&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;/body&gt;
&lt;/html&gt;
check it now........


feyd | This is getting VERY tiring. Use

Code: Select all

tags [b]properly[/b] when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Last edited by itsmani1 on Thu Sep 23, 2004 3:02 am, edited 1 time in total.
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

Did you not just see the message feyd edited into your previous post?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

did you even read the posting code guidelines that I've linked to now many times?
User avatar
patrikG
DevNet Master
Posts: 4235
Joined: Thu Aug 15, 2002 5:53 am
Location: Sussex, UK

Post by patrikG »

itsmani1, remove the ob_start() and run the script and come back with error-messages it gives you. You never end the output buffering, hence you won't see any errors.

Oh, and adding my voice to the chorus: use

Code: Select all

-tags around scripts. And click on the first link below and read it.
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

Post by itsmani1 »

OK
:)
Post Reply