php-windows Digest 24 Nov 2003 03:05:13 -0000 Issue 2013
Topics (messages 22169 through 22176):
filepaths in a db
22169 by: Anthony Ritter
Re: Password Protecting
22170 by: Nik
22171 by: Nik
22176 by: Nigel Jones
Changing URL
22172 by: Nik
22173 by: bmay
22174 by: Nik
Online Polls
22175 by: Nik
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
--- Begin Message ---
Greetings all,
I'm looking for a tutorial or some assistance in explaning how store and
then open and read a binary file using php/mysql.
I've got a few tutorial about storing the binary data within a mysql table
from Kevin Yank, phpbuilder, etc. but I've heard that it's sometime better
to keep your binaries on the server and not in the database.
Thus, if the developer just keeps the file path in a VARCHAR column like:
C:\apache\images\house.jpg
C:\apache\images\tree.jpg
etc...
and then directs that file be
fopen()
fread(), etc.
it will work without the added overhead.
I'm a bit lost in what happens after the filepaths are inserted into the
database and what steps follow in the script so that they can be opened and
read.
Any help, URL's or tutorials will be of assistance.
Thank you.
TR
--- End Message ---
--- Begin Message ---
Thank you. Also I am already using the MD5. Once again. Thanks
NIk
"Piotr Pluciennik" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Your form is set to GET mode. Your form should work in POST mode.
> Think also to MD5 your password before sending over internet.
>
> HTH
> Piotr
>
> Nik wrote:
>
> > Hi Guys 'n' Gals
> > My login page for my user consits of a text field and a password field.
when
> > the user clicks submit the password is being shown in the url, can
someone
> > please tell me how to hide this password.
> >
> > Thank you
> > Nik
> >
> > --
> > PHP Windows Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
To use the MD5 hashing you do "MD5('variable_name').
Nik
"Donatas" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> How do you MD5 it before sendig out to server? Is that possible on the
> user side? I guess not...
>
> Piotr Pluciennik wrote:
>
> >Your form is set to GET mode. Your form should work in POST mode.
> >Think also to MD5 your password before sending over internet.
> >
> >HTH
> >Piotr
> >
> >Nik wrote:
> >
> >
> >
> >>Hi Guys 'n' Gals
> >>My login page for my user consits of a text field and a password field.
when
> >>the user clicks submit the password is being shown in the url, can
someone
> >>please tell me how to hide this password.
> >>
> >>Thank you
> >>Nik
> >>
> >>--
> >>PHP Windows Mailing List (http://www.php.net/)
> >>To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >>
--- End Message ---
--- Begin Message ---
Ok
1)You can't MD5 Crypt the Pass before leaving the server there might be some
fancy way of sending a file signed by pgp keys and then using the Private
Key to decrypt it and reading the pass but that is a 'stupid' way also
highly time consuming.
2)If you want to password Secure Something, have you thought about using
htaccess or http://nz2.php.net/manual/en/features.http-auth.php
_________________
Nigel Jones
[EMAIL PROTECTED]
>> -----Original Message-----
>> From: Donatas [mailto:[EMAIL PROTECTED]
>> Sent: Sunday, November 23, 2003 9:44 PM
>> To: [EMAIL PROTECTED]
>> Subject: Re: [PHP-WIN] Password Protecting
>>
>>
>> How do you MD5 it before sendig out to server? Is that possible on the
>> user side? I guess not...
>>
>> Piotr Pluciennik wrote:
>>
>> >Your form is set to GET mode. Your form should work in POST mode.
>> >Think also to MD5 your password before sending over internet.
>> >
>> >HTH
>> >Piotr
>> >
>> >Nik wrote:
>> >
>> >
>> >
>> >>Hi Guys 'n' Gals
>> >>My login page for my user consits of a text field and a
>> password field. when
>> >>the user clicks submit the password is being shown in the url,
>> can someone
>> >>please tell me how to hide this password.
>> >>
>> >>Thank you
>> >>Nik
>> >>
>> >>--
>> >>PHP Windows Mailing List (http://www.php.net/)
>> >>To unsubscribe, visit: http://www.php.net/unsub.php
>> >>
>> >>
>>
>> --
>> PHP Windows Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
--- End Message ---
--- Begin Message ---
OK Guys,
It's me a again. My problem now is when I click the submit button, the URL
to my php script file is being displayed. That is I have a script doing some
validation, and when the user clicks the submit button if there is error in
the way the entered their information my url changes to match the location
of my php script file. I wish for it to go back to the original url.
************* Start of script ***
<?PHP
//this file is used to verify the user credentials
include "db.inc";
session_start();
$login_username = $_POST['user_name'];
$login_pass = $_POST['_password'];
$user_check = mysql_query("SELECT username FROM users WHERE
username='$login_username'");
if (mysql_num_rows($user_check) > 0)
{
$pass_check = mysql_query("SELECT username,password FROM users WHERE
username='$login_username' AND password=MD5('$login_pass')");
if (mysql_num_rows($pass_check)>0)
{
//put code here to access complaints page and
//start session
session_register('login_name');
$_SESSION['login_name'] = $login_username;
header("Location: issues.php"); //This is when it is successful. I
manage to change the URL when the login is successful.
//include "issues.php";
}
else
{
include "header.php";
echo "There seems to be an error with your password. Kindly re-enter
your correct password. Thank you!";
// header("Location: login.php"); I can't use this since I can't get to
write the error on the page
include "login.html"; //and this is allowing it to keep the url of
the PHP file which is this file
}
}
else
{
include "header.php";
echo "The specified user name does not exists. Kindly register. Thank
you!";
include "signup.html";
include "footer.php";
}
?>
*********** end of script *********
--- End Message ---
--- Begin Message ---
Nik wrote:
OK Guys,
It's me a again. My problem now is when I click the submit button, the URL
to my php script file is being displayed. That is I have a script doing some
validation, and when the user clicks the submit button if there is error in
the way the entered their information my url changes to match the location
of my php script file. I wish for it to go back to the original url.
IMHO a better way to solve your problem is to put the validation PHP
code in the html form page with the page posting to itself. The logic
could then be:
if form variables are present
verifiy
if error
display warning where you have an error in your form
else
redirect imediately to the next page (<META HTTP-EQUIV="REFRESH"
CONTENT="0;URL=http://your next page urll"> i think)
endif
else // first acces to the page or redirect after error content page
display form page
endif
The use of template engine permit some nice reuse of original html form
page.
b.
PS: an easier way is to simply code a redirect in error page header:
<META HTTP-EQUIV="REFRESH" CONTENT="10;URL=http://your form page url">
witch display your error page 10s and redirect to the form page
************* Start of script ***
<?PHP
//this file is used to verify the user credentials
include "db.inc";
session_start();
$login_username = $_POST['user_name'];
$login_pass = $_POST['_password'];
$user_check = mysql_query("SELECT username FROM users WHERE
username='$login_username'");
if (mysql_num_rows($user_check) > 0)
{
$pass_check = mysql_query("SELECT username,password FROM users WHERE
username='$login_username' AND password=MD5('$login_pass')");
if (mysql_num_rows($pass_check)>0)
{
//put code here to access complaints page and
//start session
session_register('login_name');
$_SESSION['login_name'] = $login_username;
header("Location: issues.php"); //This is when it is successful. I
manage to change the URL when the login is successful.
//include "issues.php";
}
else
{
include "header.php";
echo "There seems to be an error with your password. Kindly re-enter
your correct password. Thank you!";
// header("Location: login.php"); I can't use this since I can't get to
write the error on the page
include "login.html"; //and this is allowing it to keep the url of
the PHP file which is this file
}
}
else
{
include "header.php";
echo "The specified user name does not exists. Kindly register. Thank
you!";
include "signup.html";
include "footer.php";
}
?>
*********** end of script *********
--- End Message ---
--- Begin Message ---
Thanks
"Bmay" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Nik wrote:
>
> >OK Guys,
> >It's me a again. My problem now is when I click the submit button, the
URL
> >to my php script file is being displayed. That is I have a script doing
some
> >validation, and when the user clicks the submit button if there is error
in
> >the way the entered their information my url changes to match the
location
> >of my php script file. I wish for it to go back to the original url.
> >
> >
> IMHO a better way to solve your problem is to put the validation PHP
> code in the html form page with the page posting to itself. The logic
> could then be:
>
> if form variables are present
> verifiy
> if error
> display warning where you have an error in your form
> else
> redirect imediately to the next page (<META HTTP-EQUIV="REFRESH"
> CONTENT="0;URL=http://your next page urll"> i think)
> endif
> else // first acces to the page or redirect after error content page
> display form page
> endif
>
> The use of template engine permit some nice reuse of original html form
> page.
>
> b.
>
> PS: an easier way is to simply code a redirect in error page header:
> <META HTTP-EQUIV="REFRESH" CONTENT="10;URL=http://your form page url">
> witch display your error page 10s and redirect to the form page
>
> >************* Start of script ***
> >
> ><?PHP
> >
> > //this file is used to verify the user credentials
> >
> > include "db.inc";
> >
> > session_start();
> > $login_username = $_POST['user_name'];
> > $login_pass = $_POST['_password'];
> >
> > $user_check = mysql_query("SELECT username FROM users WHERE
> >username='$login_username'");
> > if (mysql_num_rows($user_check) > 0)
> > {
> > $pass_check = mysql_query("SELECT username,password FROM users WHERE
> >username='$login_username' AND password=MD5('$login_pass')");
> > if (mysql_num_rows($pass_check)>0)
> > {
> > //put code here to access complaints page and
> > //start session
> >
> > session_register('login_name');
> > $_SESSION['login_name'] = $login_username;
> > header("Location: issues.php"); //This is when it is successful. I
> >manage to change the URL when the login is successful.
> > //include "issues.php";
> >
> > }
> > else
> > {
> > include "header.php";
> > echo "There seems to be an error with your password. Kindly re-enter
> >your correct password. Thank you!";
> > // header("Location: login.php"); I can't use this since I can't get
to
> >write the error on the page
> > include "login.html"; //and this is allowing it to keep the url
of
> >the PHP file which is this file
> > }
> > }
> > else
> > {
> > include "header.php";
> > echo "The specified user name does not exists. Kindly register. Thank
> >you!";
> > include "signup.html";
> > include "footer.php";
> > }
> >?>
> >
> >
> >*********** end of script *********
> >
> >
> >
--- End Message ---
--- Begin Message ---
OK! now I am attempting to develop a small online polling system. I set up
my tables and html pages. However, I don't seem to understand how to update
the information in the polling system. I know how to update using sql but
something about this polling system I don't understand. This is my code
below.
My Table Structure
CREATE TABLE poll (
id int(10) unsigned NOT NULL auto_increment, //id of the question
question varchar(255) NOT NULL, //question
response1 varchar(255) NOT NULL, //the first possible answer
response2 varchar(255) NOT NULL, //the second possible answer
response3 varchar(255) NOT NULL, //the third possible answer
votes1 int(10) unsigned DEFAULT '0' NOT NULL, // It is these three I am
having a problem
votes2 int(10) unsigned DEFAULT '0' NOT NULL, // putting the data into
when the user clicks the form
votes3 int(10) unsigned DEFAULT '0' NOT NULL, // to post their choice.
date date DEFAULT '0000-00-00' NOT NULL, //date of the poll
PRIMARY KEY (id)
);
*********** start of code ****************
$db_host = 'localhost';
$db_user = 'freaknik';
$db_password = '';
$db = 'survey';
$db_srv_conn = mysql_pconnect($dbhost,$db_user,$db_password)
or die("Could not connect to the server");
$db_conn = mysql_select_db($db,$db_srv_conn)
or die("Could not connect to the database");
//Vote.php
$submit = $_POST['submit'];
$response = $_POST['response'];
if (!$submit)
{
echo "kindly click submit";
}
else
{
echo "u're gett there nik<br>";
$query = mysql_query("UPDATE survey SET vote=$vote+1 WHERE
response=$response"); //I don't quite understand how to get the correct
response to go into the correct field.
if (!$query)
{
echo "Unable to cast vote";
}
else
{
echo "Thank you for voting";
}
}
?>
*********** end of code *****************
Thanks in advance
Nik
--- End Message ---
