return records sql statement

@graphical_forceJan 08.2008

Hi, I am having a problem with returning some records based off the session of the user.

Here is the code:

[code=php]<!doctype html public “-//W3C//DTD HTML 4.0 //EN”> <html> <head> <title>Display images</title> </head> <body> <?php

// this is the name of the database $dbh=mysql_connect (“localhost”, “hrpjeff_root”, “password”) or die (‘I cannot connect to the database because: ‘ . mysql_error()); // this connects to the database or dies mysql_select_db (“hrpjeff_time”);

$sql=Select * FROM photos WHERE photoUserID = {$_SESSION[‘user’]};

?> </body> </html>[/code]

The error I am getting is:

Parse error: syntax error, unexpected T_STRING in /home/hrpjeff/public_html/uploader/display.php on line 13

Any suggestions?

Thanks in advance!

to post a comment

PHP

31 Comments(s) _↴

@scragarJan 08.2008 — #try using quotes? ?

[code=php]$sql="Select * FROM photos WHERE photoUserID = {$_SESSION['user']}";[/code]

@graphical_forceauthorJan 08.2008 — #doh! Whew I need to take a break! Thanks!

@graphical_forceauthorJan 08.2008 — #Alright, I cant seem to return anything from the select statement. Just to test, I tried to echo the $_SESSION['user'] and it didnt return anything. I also tried adding session_start(); and it gave me this error:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/hrpjeff/public_html/uploader/display.php:7) in /home/hrpjeff/public_html/uploader/display.php on line 9

Here is the code:

[code=php]<!doctype html public "-//W3C//DTD HTML 4.0 //EN">
 <html>
 <head>
 <title>Display images</title>
 </head>
 <body>
 <?php
 
 session_start(); 
 
 // this is the name of the database 
 $dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error());  // this connects to the database or dies
 mysql_select_db ("hrpjeff_time"); 
 
 $sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}";
 
 ?>
 </body>
 </html>
 [/code]

Not sure why?

@scragarJan 08.2008 — #session_start() has to go before any text output or session vars are used, so best put it at the top of pages.

[code=php]<?php
 session_start();
 ?><!doctype html public "-//W3C//DTD HTML 4.0 //EN">
 <html> 
 <head> 
 <title>Display images</title> 
 </head> 
 <body> 
 <?php 
 // this is the name of the database 

 $dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error());  // this connects to the database or dies 
 mysql_select_db ("hrpjeff_time"); 
 
 $sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}"; 
 
 ?> 
 </body> 
 </html>[/code]

@graphical_forceauthorJan 08.2008 — #Thanks that did help show the $_SESSION['user'] but I am having trouble with the syntax on how to SHOW the file name based of that sql statement.

And thanks again for all the help youve given. I went to bed doing this and I wake up doing this! But it seems I'm not the only one!?

@scragarJan 08.2008 — #

[code=php]$rs = mysql_query($sql);
 // 2 methods here:
 $row = mysql_fetch_assoc($rs);
 echo $row['filename'];
 // OR:
 $row = mysql_fetch_row($rs);
 echo $row[0];  // uses less ram and CPU time, but harder to understand for humans :P
 [/code]

@graphical_forceauthorJan 08.2008 — #that did work but what if I have several file names? Only one is showing.

@scragarJan 08.2008 — #

[code=php]while(($row = mysql_fetch_assoc($rs)) !== false){
 echo $row['filename'];
 };
 // OR:
 while(($row = mysql_fetch_row($rs)) !== false){
 echo $row[0];
 };[/code]

@graphical_forceauthorJan 08.2008 — #That worked. I was wondering if one thing I am going about correctly.....

I am using Bokeh's image upload script but he has it saving images to a directory. I want to save them to a database. I want it so the user can find all the photos they have uploaded. Right now I have the images uploading to a directory and have a database table that is saving the filename, date, and the photoUserId of the user. The filename is the reference to where the images are on the server. I was thinking that I could use the filename as the path to where the images are. I am not sure if I should just save the images to the database themselves(if I can do that) or am I on the right track? I am very new to php and mysql so I am not sure.

@scragarJan 08.2008 — #it is possible to save an image directly to the database, that is what the BLOB fields are for. Personaly however, I would go the easy way, and use PHP's [url=http://php.net/dir]directory functions[/url](namely: [url=http://php.net/mkdir]mkdir[/url] to create a directory for each user, [url=http://php.netscandir]scandir[/url] to see what images are in the folder(so you can list them) then [url=http://php.net/rmdir]rmdir[/url] and [url=http://php.net/unlink]unlink[/url] to delete the users images(unlink) or entire folder as needed).

@graphical_forceauthorJan 08.2008 — #Thanks for the tip! I'm going to try and see if I can set that up!

@graphical_forceauthorJan 08.2008 — #Alright, this is my add page which is used when a user registers for a account. I would imagine the directory should be created here and stored with the users table. Does that sound like the most logical scenario? Then I can use the users directory to upload the photos to. Is this how you would approach it?

[code=php]<?php
 
 // This is a email validate function that tests for many things
 function check_email_address($email) {
 // First, we check that there's one @ symbol, and that the lengths are right
 if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
 // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
 return false;
 }
 // Split it into sections to make life easier
 $email_array = explode("@", $email);
 $local_array = explode(".", $email_array[0]);
 for ($i = 0; $i < sizeof($local_array); $i++) {
 if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_{|}~-][A-Za-z0-9!#$%&amp;'*+/=?^_{|}~.-]{0,63})|("[^(\|")]{0,62}"))$", $local_array[$i])) {
 return false;
 }
 }
 // Check if domain is IP. If not, it should be valid domain name
 if (!ereg("^[?[0-9.]+]?$", $email_array[1])) { 
 $domain_array = explode(".", $email_array[1]);
 if (sizeof($domain_array) < 2) {
 return false; // Not enough parts to domain
 }
 for ($i = 0; $i < sizeof($domain_array); $i++) {
 if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
 return false;
 }
 }
 }
 return true;
 }
 
 // this gets the user name from the register.php form
 $dbNewUser = $_REQUEST['newuser']; 
 
 // this gets the password from the register.php form
 $dbNewPassword = $_REQUEST['newpassword']; 
 
 // this gets the email from the register.php form
 $dbNewEmail = $_REQUEST['newemail']; 
 
 // this checks to see if a user name and password was given
 if(empty($dbNewUser) or empty($dbNewPassword)) {
 header( "Location: register.php?bad=3" );
 } 
 
 else {
 
  // This strips out any html tags
  $dbNewUser=strip_tags($dbNewUser);
  $dbNewPassword=strip_tags($dbNewPassword);
 
 // This calls the email validator that checks to see if the email is good or not
 if (check_email_address($dbNewEmail)) {
 
 // this is the name of the database 
 $dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error());  // this connects to the database or dies
 mysql_select_db ("hrpjeff_time"); 
 
 // this checks to see if the user name is already taken and sends it back to the register page if it is taken
 if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
 header( "Location: register.php?bad=1" );
 } 
 
 else {
 
 // take a given email address and split it into the username and domain and check to make sure the domain is real
 list($userName, $mailDomain) = split("@", $dbNewEmail);
 if (checkdnsrr($mailDomain, "MX")) {
 
 // This is what happens when the email is valid
 // This is where it writes the user name, password and email to the database
 $query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )"; 
 
 $result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
 
 //header( "Location: index.php?" );
 
 // Email address to send to which is the users email address they registered with
 
 // The website email address
 $myEmail = "[email protected]";
 
 // The subject of the email
 $subject = "Thanks for signing up with Wallstickies!";
 
 // The message of the email 
 $message = "This is a auto responder.
 
 Thanks for signing up with Wallstickies!
 
 ----------------------------------------
 
 Your username: $dbNewUser
 Your password: $dbNewPassword
 
 ----------------------------------------
 
 
 Please do not respond to this message and disregard if you did not sign up with wallstickies.";
 
 // This is actually mailing the email
 mail($dbNewEmail, $subject, $message, "From: $myEmail");
 
 // sends the user to the index page
 header( "Location: index.php?good=1" );
 
 }
 else {
 
 // this is what happens if the email domain is not valid
 header( "Location: register.php?bad=4" );
 
 } 
 
 }
 
 } else {
 
 // this is what happens if the email is not good
 header( "Location: register.php?bad=2" );
 
 }
 }
 
 ?>[/code]

@scragarJan 08.2008 — #

[code=php]$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )"; 
 
 $result = mysql_query($query) or die("Query failed: " . mysql_error());
 
 // add this any time after the results of your insert.
 mkdir("/imagesFolder/user".mysql_insert_id($result), 0755);
 [/code]

after that in your images folder you should have a folder called userXX where XX is their id number, this makes it far easier to manage than username or emails, more private as well.

@graphical_forceauthorJan 08.2008 — #Ok, if I understand you correctly, I added your code. Here it is.

[code=php]<?php
 
 // This is a email validate function that tests for many things
 function check_email_address($email) {
 // First, we check that there's one @ symbol, and that the lengths are right
 if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
 // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
 return false;
 }
 // Split it into sections to make life easier
 $email_array = explode("@", $email);
 $local_array = explode(".", $email_array[0]);
 for ($i = 0; $i < sizeof($local_array); $i++) {
 if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_{|}~-][A-Za-z0-9!#$%&amp;'*+/=?^_{|}~.-]{0,63})|("[^(\|")]{0,62}"))$", $local_array[$i])) {
 return false;
 }
 }
 // Check if domain is IP. If not, it should be valid domain name
 if (!ereg("^[?[0-9.]+]?$", $email_array[1])) { 
 $domain_array = explode(".", $email_array[1]);
 if (sizeof($domain_array) < 2) {
 return false; // Not enough parts to domain
 }
 for ($i = 0; $i < sizeof($domain_array); $i++) {
 if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
 return false;
 }
 }
 }
 return true;
 }
 
 // this gets the user name from the register.php form
 $dbNewUser = $_REQUEST['newuser']; 
 
 // this gets the password from the register.php form
 $dbNewPassword = $_REQUEST['newpassword']; 
 
 // this gets the email from the register.php form
 $dbNewEmail = $_REQUEST['newemail']; 
 
 // this checks to see if a user name and password was given
 if(empty($dbNewUser) or empty($dbNewPassword)) {
 header( "Location: register.php?bad=3" );
 } 
 
 else {
 
  // This strips out any html tags
  $dbNewUser=strip_tags($dbNewUser);
  $dbNewPassword=strip_tags($dbNewPassword);
 
 // This calls the email validator that checks to see if the email is good or not
 if (check_email_address($dbNewEmail)) {
 
 // this is the name of the database 
 $dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error());  // this connects to the database or dies
 mysql_select_db ("hrpjeff_time"); 
 
 // this checks to see if the user name is already taken and sends it back to the register page if it is taken
 if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
 header( "Location: register.php?bad=1" );
 } 
 
 else {
 
 // take a given email address and split it into the username and domain and check to make sure the domain is real
 list($userName, $mailDomain) = split("@", $dbNewEmail);
 if (checkdnsrr($mailDomain, "MX")) {
 
 // This is what happens when the email is valid
 // This is where it writes the user name, password and email to the database
 $query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )"; 
 
 $result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
 
 // add this any time after the results of your insert.
 mkdir("/imagesFolder/user".mysql_insert_id($result), 0755); 
 
 //header( "Location: index.php?" );
 
 // Email address to send to which is the users email address they registered with
 
 // The website email address
 $myEmail = "[email protected]";
 
 // The subject of the email
 $subject = "Thanks for signing up with Wallstickies!";
 
 // The message of the email 
 $message = "This is a auto responder.
 
 Thanks for signing up with Wallstickies!
 
 ----------------------------------------
 
 Your username: $dbNewUser
 Your password: $dbNewPassword
 
 ----------------------------------------
 
 
 Please do not respond to this message and disregard if you did not sign up with wallstickies.";
 
 // This is actually mailing the email
 mail($dbNewEmail, $subject, $message, "From: $myEmail");
 
 // sends the user to the index page
 header( "Location: index.php?good=1" );
 
 }
 else {
 
 // this is what happens if the email domain is not valid
 header( "Location: register.php?bad=4" );
 
 } 
 
 }
 
 } else {
 
 // this is what happens if the email is not good
 header( "Location: register.php?bad=2" );
 
 }
 }
 
 ?>[/code]

I am getting this error:

Warning: mysql_insert_id(): supplied argument is not a valid MySQL-Link resource in /home/hrpjeff/public_html/add.php on line 78

Warning: mkdir() [function.mkdir]: No such file or directory in /home/hrpjeff/public_html/add.php on line 78

Warning: Cannot modify header information - headers already sent by (output started at /home/hrpjeff/public_html/add.php:78) in /home/hrpjeff/public_html/add.php on line 109

Am is supposed to change the .mysql_insert_id($result) to somehow include the users id?

@scragarJan 08.2008 — #just remove $result from that line and try again. It must be returning true instead a mysql resource.

@graphical_forceauthorJan 08.2008 — #Ok, here is what it looks like now:

[code=php]// add this any time after the results of your insert.
 mkdir("/imagesFolder/user".mysql_insert_id, 0755); 
 [/code]

And now I am getting this error:

Warning: mkdir() [function.mkdir]: No such file or directory in /home/hrpjeff/public_html/add.php on line 78

Warning: Cannot modify header information - headers already sent by (output started at /home/hrpjeff/public_html/add.php:78) in /home/hrpjeff/public_html/add.php on line 109

I also created the directory imagesFolder just in case but that did not help.

@scragarJan 08.2008 — #if the path starts with a / then it should be a root path, and should start with $_SERVER['DOCUMENT_ROOT']

if you want to skip that though, you can start the path with a . infront
[code=php]mkdir("./imagesFolder/user".mysql_insert_id(), 0755);[/code]
to designate that the path starts at the current folder.

@graphical_forceauthorJan 08.2008 — #That's working but it is not creating a unique directory which I would need correct?

It is just creating a directory called imagesFolder/usermysql_insert_id

I believe that I would then have to save this directory in the user database perhaps to be able to keep it unique and reference them but I am not sure.

@scragarJan 08.2008 — #sorry, you need to keep the brackets on the function.
[code=php]mkdir("./imagesFolder/user".mysql_insert_id(), 0755);[/code]
if that works your directory names will be user[b]xx[/b] where xx is the id number of the user.

first I assume you know things a begginer would proberly never know, then I make silly mistakes like that...

@graphical_forceauthorJan 08.2008 — #Hey, I REALLY am thankful for all the help youve given me so dont sweat any mistakes that you may make. ?

Boom, that works!

I assume that I am going to have to associate the directory with the user so I could display anything that would be in the users directory? I could probably add the path to the users table? Not sure how to proceed....

@scragarJan 08.2008 — #since the number is the users ID nothing more need be done to associate them

to list files in the dirrectory you just do:

[code=php]$dirname = "./imagesFolder/user${_SESSION['user']}";
 $images = scandir($dirname);
 foreach($images as $curimg){
 echo "<a href='/imagesFolder/user${_SESSION['user']}/$curimg'>$curimg</a><br>n";
 };[/code]

I'm sure you can adjust that styling yourself.

@graphical_forceauthorJan 08.2008 — #That works but now I have to make sure that the images are saved to that directory.

In my upload.processor page I have this code:

[code=php]// make a note of the directory that will recieve the uploaded files
 $uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . ('imagesFolder/user${_SESSION['user']}, 0755');
 [/code]

Here is the error:

Parse error: syntax error, unexpected T_STRING in /home/hrpjeff/public_html/uploader/upload.processor.php on line 13

I know I need to assign the image to the folder but I dont know the syntax to do it.

@scragarJan 08.2008 — #try:
[code=php]$uploadsDirectory = "{$_SERVER['DOCUMENT_ROOT']}{$directory_self}imagesFolder/user{$_SESSION['user']}";[/code]

@graphical_forceauthorJan 08.2008 — #That works, accept that it is giving me a error:

Forbidden

You don't have permission to access /uploader/imagesFolder/ on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Here is the code:

[code=php]$dirname = "./imagesFolder/user${_SESSION['user']}/";
 $images = scandir($dirname);
 foreach($images as $curimg){
 echo "<a href='./imagesFolder/user${_SESSION['user']}/$curimg'>$curimg</a><br>n";
 };[/code]

I thought the permission was set when we made the directory?

[code=php]// add this any time after the results of your insert.
 mkdir("./uploader/imagesFolder/user".mysql_insert_id(), 0755); [/code]

@scragarJan 08.2008 — #it should have done...

oops, my mistake again(why do I keep making these?), perms are best left at 0777, technicaly it should be either 0766 or 0733, but I can't remember which. use the chmod function in PHP to change the directory's you already have

@graphical_forceauthorJan 08.2008 — #I still am getting this error:

Forbidden

You don't have permission to access /uploader/imagesFolder/user47/ on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Here is my code:

[code=php]// add this any time after the results of your insert.
 mkdir("./uploader/imagesFolder/user".mysql_insert_id(), 0777); 
 [/code]

I checked the directory using ftp and it says that it is at 755. Which I tried using that too and I still get the same issue.

@scragarJan 08.2008 — #your forbiden from making the dir?

do [code=php]chmod("./uploader/imagesFolder", 0777);[/code]
then try to make you directory again.

@graphical_forceauthorJan 08.2008 — #No it makes the directory, but when I try to access it it throws that error.

You don't have permission to access /uploader/imagesFolder/user49/ on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I checked using my ftp client and it shows the directory only with different permissions (755)?

@scragarJan 08.2008 — #as I said, 755 is broken(no write perms), change them to 777 using chmod:

[code=php]chmod("./uploader/imagesFolder/user49", 0777);[/code]

sorry again about this, out of all the perms I picked I chose ones that didn't give write perms.

@graphical_forceauthorJan 08.2008 — #I got it to work! Although I now realize that the image is NOT saved in the user directory. It is saved in the same directory as the user folder.

@graphical_forceauthorJan 08.2008 — #I got it to work! Ouch that was a pickle....for me.

I really appreciated all of the help. I'm not done yet. I still have other issues to tackle but I'll get there!

Also in #PHP _↴

execute query in oracle 10g express server image delete uploaded image

Success!

Help @graphical_force spread the word by sharing this article on Twitter...

Tweet This

return records sql statement

31 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

return records sql statement

31 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

31 Comments(s) _↴

Also in #PHP _↴