Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
PHP help anybody..please PHP help anybody..please
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 04-21-2008, 03:02 PM   #1
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
PHP help anybody..please
I have edited this preferences.php file and added two extra forms so that players can add both an avatar and a banner but the problem is when you add an avatar or sig and you already have a banner it takes the banner and quote away and vice versa. This is driving me crazy been trying to figure it out for the last 6 hours..lol

Does anybody know how to make these work independently of each other so that when you submit a new banner or avatar they do not affect each other..any help will be much appreciated

Code:
<?
include 'header.php';

if (isset($_POST['submit'])) {

  $avatar = $_POST["avatar"];
  $quote = $_POST["quote"];
  $banner = $_POST["banner"];
  $sig = $_POST["sig"];
  //insert the values
  if (!isset($message)){
    $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'");
    $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
    echo Message('Your preferences have been saved.');
    
	die();
  }
}
?>
<?
if (isset($message)) {
echo Message($message);
}
?>
<tr><td class="contenthead">
Account Preferences
</td></tr>
<tr><td class="contentcontent">
<form name='login' method='post'>
  <table width='50%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Avatar Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='avatar' value='<?= $user_class->avatar ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='quote' value='<?= $user_class->quote ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>
        <input type='submit' name='submit' value='Save Preferences'>
        </font></td>
    </tr>
</table>
</form>
<br>
<tr><td class="contenthead">
Add Banner
</td></tr>
<tr><td class="contentcontent">
<form name='login' method='post'>
  <table width='100%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Banner Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='banner' value='<?= $user_class->banner ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='sig' value='<?= $user_class->sig ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>
        <input type='submit' name='submit' value='Save Preferences'>
        </font></td>
    </tr>
</table>
</form>
<?
include 'footer.php';
?>
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:21 PM   #2
mrkris
Confirmed User
 
Join Date: May 2005
Posts: 2,737
Nothing is more awesome than code being mixed with layout.
__________________

PHP-MySQL-Rails | ICQ: 342500546
mrkris is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:24 PM   #3
okok
Confirmed User
 
Join Date: Jan 2003
Location: LA
Posts: 502
This is what causes the prob:


Code:
if (!isset($message)){
    $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'");
    $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
    echo Message('Your preferences have been saved.');
    
	die();
  }
You are updating everything every time $message is not set, whether or not $avatar and/or $banner are set.
okok is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:25 PM   #4
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by mrkris View Post
Nothing is more awesome than code being mixed with layout.
yeah.. we bought this script and it had it also had html code mixed with php
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:29 PM   #5
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by okok View Post
This is what causes the prob:


Code:
if (!isset($message)){
    $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'");
    $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
    echo Message('Your preferences have been saved.');
    
	die();
  }
You are updating everything every time $message is not set, whether or not $avatar and/or $banner are set.
K thanks

Im not a php coder and only know bits and bobs so if I change it to this will it work

Code:
    $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."'`banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:36 PM   #6
okok
Confirmed User
 
Join Date: Jan 2003
Location: LA
Posts: 502
Quote:
Originally Posted by halfpint View Post
K thanks

Im not a php coder and only know bits and bobs so if I change it to this will it work

Code:
    $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."'`banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
Try wrapping isset around the individual SQL statements, something like:


Code:
if (isset(_POST['avatar'])) { $result = ...... }
if (isset(_POST['banner'])) { $result = ...... }
Be warned that above is just a dirty bandaid on an already dirty wound.
okok is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 03:39 PM   #7
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by okok View Post
Try wrapping isset around the individual SQL statements, something like:


Code:
if (isset(_POST['avatar'])) { $result = ...... }
if (isset(_POST['banner'])) { $result = ...... }
Be warned that above is just a dirty bandaid on an already dirty wound.
Ok thanks I will give it a try... appreciate your help thanks
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 04:36 PM   #8
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Is this the correct way to wrap the if (isset(_POST['avatar'])) { $result = ...... }

Code:
<?
include 'header.php';
if (isset($_POST['submit'])) {

if (isset($_POST['avatar'])){ $result = mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', WHERE `id`='".$user_class->id."'");
}
if (isset($_POST['quote'])){ $result = mysql_query("UPDATE `grpgusers` SET `quote`='".$quote."', WHERE `id`='".$user_class->id."'");
}
if (isset($_POST['banner'])){ $result = mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', WHERE `id`='".$user_class->id."'");
}
if (isset($_POST['sig'])){ $result = mysql_query("UPDATE `grpgusers` SET `sig`='".$sig."', WHERE `id`='".$user_class->id."'");
}  
 
 //insert the values
    echo Message('Your preferences have been saved.');
    
	die();
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:04 PM   #9
drocd
Confirmed User
 
Join Date: Aug 2007
Posts: 128
The most logical way:

Code:
<?
include 'header.php';

if($_POST['form_type'] == 'avatarquote') {
	$avatar = $_POST["avatar"];
	$quote = $_POST["quote"];
	$result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'");
		echo 'Your preferences have been saved.';
		die();
}
elseif($_POST['form_type'] == 'bannersig') {
	$banner = $_POST["banner"];
	$sig = $_POST["sig"];
	$result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'");
		echo 'Your preferences have been saved.';
		die();
}
?>
<tr><td class="contenthead">
Account Preferences
</td></tr>
<tr><td class="contentcontent">
<form name='login' method='post'>
<input type="hidden" name="form_type" value="avatarquote" />
  <table width='50%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Avatar Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='avatar' value='<?= $user_class->avatar ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='quote' value='<?= $user_class->quote ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>
        <input type='submit' name='submit' value='Save Preferences'>
        </font></td>
    </tr>
</table>
</form>
<br>
<tr><td class="contenthead">
Add Banner
</td></tr>
<tr><td class="contentcontent">
<form name='login' method='post'>
<input type="hidden" name="form_type" value="bannersig" />
  <table width='100%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Banner Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='banner' value='<?= $user_class->banner ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='sig' value='<?= $user_class->sig ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>
        <input type='submit' name='submit' value='Save Preferences'>
        </font></td>
    </tr>
</table>
</form>
<?
include 'footer.php';
?>
__________________
230-699
drocd is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:06 PM   #10
Smarty
Registered User
 
Join Date: Nov 2006
Posts: 11
Code:
$avatar = blah blah
$quote = blah Blah


mysql_query(UPDATE 'whatever' SET avatar = $avatar, quote = $quote and so on ... WHERE id = id ..)
make sure that when you show them teh form .. the values that are in teh database already shown in teh form .. and when they update something you just update all teh values.

Also teh script is a drama .. because you allow teh users to put everything in your database without any checking .. at least do a mysql escape on the posted vars.
Smarty is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:15 PM   #11
sarettah
see you later, I'm gone
 
Industry Role:
Join Date: Oct 2002
Posts: 14,111
A better solution would probably be to just run one form instead of 2. That way your vars are always filled out on the submit and it doesn't matter if your rewrite them each time.

Code:
<?
include 'header.php';

if (isset($_POST['submit'])) {

  $avatar = $_POST["avatar"];
  $quote = $_POST["quote"];
  $banner = $_POST["banner"];
  $sig = $_POST["sig"];
  //insert the values
  if (!isset($message)){

// kill this write and include it in the next    
// $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'");

    $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."',  avatar`='".$avatar."', `quote`='".$quote."'WHERE `id`='".$user_class->id."'");
    echo Message('Your preferences have been saved.');
    
	die();
  }
}
?>
<?
if (isset($message)) {
echo Message($message);
}
?>
<tr><td class="contenthead">
Account Preferences
</td></tr>
<tr><td class="contentcontent">
<form name='login' method='post'>
  <table width='50%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Avatar Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='avatar' value='<?= $user_class->avatar ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='quote' value='<?= $user_class->quote ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>

// kill this submit button here... 
<!--  <input type='submit' name='submit' value='Save Preferences'> -->
 
       </font></td>
    </tr>
</table>
</form>
<br>
<tr><td class="contenthead">
Add Banner
</td></tr>
<tr><td class="contentcontent">

// kill this form line
<!-- <form name='login' method='post'> -->

  <table width='100%' border='0' align='center' cellpadding='0' cellspacing='0'>
  	<tr>
      <td height='28'><font size='2' face='verdana'>Banner Image Location&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='banner' value='<?= $user_class->banner ?>'>
        </font></td>
    </tr>
    <tr>
    <tr>
      <td height='28' align="right"><font size='2' face='verdana'>Quote&nbsp;&nbsp;&nbsp;</font></td>
      <td><font size='2' face='verdana'>
        <input type='text' name='sig' value='<?= $user_class->sig ?>'>
        </font></td>
    </tr>
      <td>&nbsp;</td>
      <td><font size='2' face='verdana'>
        <input type='submit' name='submit' value='Save Preferences'>
        </font></td>
    </tr>
</table>
</form>
<?
include 'footer.php';
?>
__________________
All cookies cleared!
Last edited by sarettah; 04-21-2008 at 06:16 PM..
sarettah is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:16 PM   #12
PornGeneral
Confirmed User
 
Join Date: Sep 2004
Location: In front of computer
Posts: 564
Code:
<?
include 'header.php';

//Add these lines to ensure you don't get hacked
$_POST = trim(array_map('mysql_real_escape_string', $_POST));
$_GET = trim(array_map('mysql_real_escape_string', $_GET));
$_COOKIE = trim(array_map('mysql_real_escape_string', $_COOKIE));

?>
You sould add these three lines to your code to ensure your users don't inject arbitrary SQL statements ... Hacking...
__________________
"The object of war is not to die for your country but to make the other bastard die for his." -Patton
"Only the dead have seen the end of war." -Plato
PornGeneral is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:19 PM   #13
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by Smarty View Post
Code:
$avatar = blah blah
$quote = blah Blah


mysql_query(UPDATE 'whatever' SET avatar = $avatar, quote = $quote and so on ... WHERE id = id ..)
make sure that when you show them teh form .. the values that are in teh database already shown in teh form .. and when they update something you just update all teh values.

Also teh script is a drama .. because you allow teh users to put everything in your database without any checking .. at least do a mysql escape on the posted vars.

The script has been a pain in the arse ever since we purchased it and the guy that scripted it has given us no support what so ever. We ended up having to pay another coder for a load of bug fixes in the end..but thats life and nothing is ever easy..lol

Thanks for all your help guys
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:28 PM   #14
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by PornGeneral View Post
Code:
<?
include 'header.php';

//Add these lines to ensure you don't get hacked
$_POST = trim(array_map('mysql_real_escape_string', $_POST));
$_GET = trim(array_map('mysql_real_escape_string', $_GET));
$_COOKIE = trim(array_map('mysql_real_escape_string', $_COOKIE));

?>
You sould add these three lines to your code to ensure your users don't inject arbitrary SQL statements ... Hacking...
Thanks should I add that before the if (isset($_POST['submit']))
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:31 PM   #15
sarettah
see you later, I'm gone
 
Industry Role:
Join Date: Oct 2002
Posts: 14,111
Quote:
Originally Posted by halfpint View Post
Thanks should I add that before the if (isset($_POST['submit']))
You should put those right after the include header or if your header uses any POST statements, then put it before the include header.
__________________
All cookies cleared!
sarettah is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 06:34 PM   #16
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Quote:
Originally Posted by sarettah View Post
You should put those right after the include header or if your header uses any POST statements, then put it before the include header.
Ok I will do that... thanks again you have all been a great help
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 08:21 PM   #17
halfpint
GFY's Halfpint
 
halfpint's Avatar
 
Industry Role:
Join Date: Jun 2007
Location: UK
Posts: 15,223
Finally got it working thanks to all of you
A big thanks to PornGeneral for your help and the links
__________________

Get FREE website listings on Cryptocoinshops.net
halfpint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-21-2008, 11:10 PM   #18
brandonstills
Confirmed User
 
brandonstills's Avatar
 
Join Date: Dec 2007
Location: Chatsworth, CA
Posts: 1,964
Quote:
Originally Posted by mrkris View Post
Nothing is more awesome than code being mixed with layout.
What about PHP mixed with SQL, mixed with Javascript, mixed with malformed HTML?
brandonstills is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
PHP help anybody..please PHP help anybody..please
« Previous Thread | Next Thread »

Bookmarks



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.