Page 1 of 1
will this work????
Posted: Wed Sep 22, 2004 1:11 pm
by itsmani1
Code: Select all
<?php
ob_start("mb_output_handler");
include("conn.php");
$Error = 0;
$id = $HTTP_POST_VARS['id'];
$pwd1 = $HTTP_POST_VARS['pwd1'];
$name = $HTTP_POST_VARS['name'];
$phone = $HTTP_POST_VARS['phone'];
$email = $HTTP_POST_VARS['email'];
$country = $HTTP_POST_VARS['country'];
//////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////
$uploaddir = '/htdocs/img';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print "Here's some more debugging info:\n";
print_r($_FILES);
} else {
print "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}
print "</pre>";
//////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////
if(empty($id) || (bool)strpos($id,"'"))
{
++$Error;
$QString = $QString."idEr=true&";
}
if(empty($pwd1) || (bool)strpos($pwd1,"'"))
{
++$Error;
$QString=$QString."pwd1Er=true&";
} /*
if(empty($pwd2) || (bool)strpos($pwd2,"'"))
{
++$Error;
$QString = $QString."pwd2Er=true&";
} */
if(empty($name) || (bool)strpos($name,"'"))
{
++$Error;
$QString = $QString."nameEr=true&";
}
if(empty($phone) || (bool)strpos($phone,"'"))
{
++$Error;
$QString = $QString."idphone=true&";
}
if(empty($email) || (bool)strpos($email,"'"))
{
++$Error;
$QString = $QString."idemail=true&";
}
if(empty($country) || (bool)strpos($country,"'"))
{
++$Error;
$QString = $QString."idcountry=true&";
}
if($Error > 0)
{ // echo $Error; exit;
$QString = "Location:signup.php?";
$QString = $QString."id=$id&pwd1=$pwd1&name=$name&phone=$phone&email=$email&country=$country&";
$QString = $QString."log=false";
header($QString);
exit;
}
else{
$chk_qry = "select * from user where id='$id'";
$result_chk_qry = mysql_query($chk_qry) or die(mysql_error());
$num_chk_qry = mysql_num_rows($result_chk_qry);
//echo $num_chk_qry;exit;
if($num_chk_qry > 0){
$QString = "Location:signup.php?log=old&";
$QString = $QString."id=$id&pwd1=$pwd1&name=$name&phone=$phone&email=$email&country=$country&";
header($QString);
exit;
}
else{
$qry = "INSERT INTO `user` (id,pwd,name,phone,email,country) VALUES ('$id','$pwd1','$name','$phone','$email','$country')";
$result = mysql_query($qry) or die(mysql_error());
//echo"*****************";
//exit;
//$num = mysql_num_rows($result);
header("Location:home.php");
exit;
}
exit;
}
?>
above is the code that i m using. now i wants to know that code given will work or not. the code given below is also taken from the above code.
problem is that nothing is going to my img folder.
Code: Select all
$uploaddir = '/htdocs/img';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print "File is valid, and was successfully uploaded. ";
print "Here's some more debugging info:\n";
print_r($_FILES);
} else {
print "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}
print "</pre>";
Posted: Wed Sep 22, 2004 1:15 pm
by lostboy
Wouldn't it make sense then to test it?
Posted: Wed Sep 22, 2004 1:17 pm
by kettle_drum
Well did it work when you ran it? Did you get any errors? Its easier for you to just test it, that to ask if it works or not.
Posted: Wed Sep 22, 2004 1:17 pm
by feyd
what is it outputting? what's the form that sends to this script?
Posted: Wed Sep 22, 2004 1:25 pm
by itsmani1
it did not gave any error and work nicely but problem is that i did not found any thing to my Img floder as i am sending the images to that folder???
this is the main issue.....
Posted: Wed Sep 22, 2004 1:27 pm
by feyd
post the html or script that has the form sending to this script.
Posted: Wed Sep 22, 2004 1:31 pm
by itsmani1
feyd | Please use Code: Select all
tags where approriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Code: Select all
<?PHP
ob_start('mb_output_hanlder');
session_start();
if(session_is_registered('loginadmin')){
///
}
else if(!session_is_registered('loginadmin'))
{
//echo "*************";
//exit;
//header("Location:index.php?Logout");
//exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?PHP
$loger = $HTTP_POST_VARS['log'];
?>
<form action="signup_process.php" method="post" enctype="multipart/form-data" name="form1" target="mainFrame">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="25%"> </td>
<td width="3%"> </td>
<td width="72%"> </td>
</tr>
<tr>
<td><div align="right">id</div></td>
<td> </td>
<td><input name="id" type="text" id="id"></td>
</tr>
<tr>
<td><div align="right">pw</div></td>
<td> </td>
<td><input name="pwd1" type="text" id="pwd1"></td>
</tr>
<tr>
<td><div align="right">pw</div></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><div align="right">nam</div></td>
<td> </td>
<td><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td><div align="right">ph</div></td>
<td> </td>
<td><input name="phone" type="text" id="phone"></td>
</tr>
<tr>
<td><div align="right">eml</div></td>
<td> </td>
<td><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td><div align="right">ctry</div></td>
<td> </td>
<td><select name="country" id="country">
<option>Select</option>
<option>Pakistan</option>
<option>China</option>
<option>UK</option>
<option>USA</option>
<option>Ukrine</option>
<option>India</option>
<option>Holand</option>
<option>Greece</option>
<option>Germany</option>
<option>Australia</option>
<option>Canada</option>
<option>Turkey</option>
<option>Oman</option>
</select></td>
</tr>
<tr>
<td><div align="right">upload image.</div></td>
<td> </td>
<td><input name="userfile" type="file" id="userfile"></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td> </td>
<td><label> </label> </td>
</tr>
<tr>
<td><div align="right"></div></td>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
this is the html code from where it get the image and above is the complete code..
Code: Select all
<input name="userfile" type="file" id="userfile">
feyd | Please use Code: Select all
tags where approriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Posted: Wed Sep 22, 2004 1:54 pm
by itsmani1
feyd | This is getting VERY tiring. Use Code: Select all
tags [b]properly[/b] when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Code: Select all
<?PHP
ob_start('mb_output_hanlder');
session_start();
if(session_is_registered('loginadmin')){
///
}
else if(!session_is_registered('loginadmin'))
{
//echo "*************";
//exit;
//header("Location:index.php?Logout");
//exit;
}
?>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
Code: Select all
<?PHP
$loger = $HTTP_POST_VARS['log'];
?>
Code: Select all
<form action="signup_process.php" method="post" enctype="multipart/form-data" name="form1" target="mainFrame">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="25%">&nbsp;</td>
<td width="3%">&nbsp;</td>
<td width="72%">&nbsp;</td>
</tr>
<tr>
<td><div align="right">id</div></td>
<td>&nbsp;</td>
<td><input name="id" type="text" id="id"></td>
</tr>
<tr>
<td><div align="right">pw</div></td>
<td>&nbsp;</td>
<td><input name="pwd1" type="text" id="pwd1"></td>
</tr>
<tr>
<td><div align="right">pw</div></td>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td><div align="right">nam</div></td>
<td>&nbsp;</td>
<td><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td><div align="right">ph</div></td>
<td>&nbsp;</td>
<td><input name="phone" type="text" id="phone"></td>
</tr>
<tr>
<td><div align="right">eml</div></td>
<td>&nbsp;</td>
<td><input name="email" type="text" id="email"></td>
</tr>
<tr>
<td><div align="right">ctry</div></td>
<td>&nbsp;</td>
<td><select name="country" id="country">
<option>Select</option>
<option>Pakistan</option>
<option>China</option>
<option>UK</option>
<option>USA</option>
<option>Ukrine</option>
<option>India</option>
<option>Holand</option>
<option>Greece</option>
<option>Germany</option>
<option>Australia</option>
<option>Canada</option>
<option>Turkey</option>
<option>Oman</option>
</select></td>
</tr>
<tr>
<td><div align="right">upload image.</div></td>
<td>&nbsp;</td>
<td><input name="userfile" type="file" id="userfile"></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td>&nbsp;</td>
<td><label> </label> &nbsp;</td>
</tr>
<tr>
<td><div align="right"></div></td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
<p>&nbsp;</p>
</body>
</html>
check it now........
feyd | This is getting VERY tiring. Use Code: Select all
tags [b]properly[/b] when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Posted: Wed Sep 22, 2004 2:58 pm
by m3mn0n
Did you not just see the message feyd edited into your previous post?
Posted: Thu Sep 23, 2004 12:17 am
by feyd
did you even read the posting code guidelines that I've linked to now many times?
Posted: Thu Sep 23, 2004 3:10 am
by patrikG
itsmani1, remove the ob_start() and run the script and come back with error-messages it gives you. You never end the output buffering, hence you won't see any errors.
Oh, and adding my voice to the chorus: use
Code: Select all
-tags around scripts. And click on the first link below and read it.
Posted: Thu Sep 23, 2004 4:03 am
by itsmani1
OK
