Hi, I am having a problem with returning some records based off the session of the user.
Here is the code:
[code=php]<!doctype html public “-//W3C//DTD HTML 4.0 //EN”>
<html>
<head>
<title>Display images</title>
</head>
<body>
<?php
// this is the name of the database
$dbh=mysql_connect (“localhost”, “hrpjeff_root”, “password”) or die (‘I cannot connect to the database because: ‘ . mysql_error()); // this connects to the database or dies
mysql_select_db (“hrpjeff_time”);
$sql=Select * FROM photos WHERE photoUserID = {$_SESSION[‘user’]};
?>
</body>
</html>
The error I am getting is:
Parse error: syntax error, unexpected T_STRING in /home/hrpjeff/public_html/uploader/display.php on line 13
Any suggestions?
Thanks in advance!
[code=php]$sql="Select * FROM photos WHERE photoUserID = {$_SESSION['user']}";[/code]
[code=php]<!doctype html public "-//W3C//DTD HTML 4.0 //EN">
<html>
<head>
<title>Display images</title>
</head>
<body>
<?php
session_start();
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
$sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}";
?>
</body>
</html>
[/code]
[code=php]<?php
session_start();
?><!doctype html public "-//W3C//DTD HTML 4.0 //EN">
<html>
<head>
<title>Display images</title>
</head>
<body>
<?php
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
$sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}";
?>
</body>
</html>[/code]
[code=php]$rs = mysql_query($sql);
// 2 methods here:
$row = mysql_fetch_assoc($rs);
echo $row['filename'];
// OR:
$row = mysql_fetch_row($rs);
echo $row[0]; // uses less ram and CPU time, but harder to understand for humans :P
[/code]
[code=php]while(($row = mysql_fetch_assoc($rs)) !== false){
echo $row['filename'];
};
// OR:
while(($row = mysql_fetch_row($rs)) !== false){
echo $row[0];
};[/code]
[code=php]<?php
// This is a email validate function that tests for many things
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths are right
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_{|}~-][A-Za-z0-9!#$%&'*+/=?^_
{|}~.-]{0,63})|("[^(\|")]{0,62}"))$", $local_array[$i])) {
return false;
}
}
// Check if domain is IP. If not, it should be valid domain name
if (!ereg("^[?[0-9.]+]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
// this gets the user name from the register.php form
$dbNewUser = $_REQUEST['newuser'];
// this gets the password from the register.php form
$dbNewPassword = $_REQUEST['newpassword'];
// this gets the email from the register.php form
$dbNewEmail = $_REQUEST['newemail'];
// this checks to see if a user name and password was given
if(empty($dbNewUser) or empty($dbNewPassword)) {
header( "Location: register.php?bad=3" );
}
else {
// This strips out any html tags
$dbNewUser=strip_tags($dbNewUser);
$dbNewPassword=strip_tags($dbNewPassword);
// This calls the email validator that checks to see if the email is good or not
if (check_email_address($dbNewEmail)) {
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
// this checks to see if the user name is already taken and sends it back to the register page if it is taken
if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
header( "Location: register.php?bad=1" );
}
else {
// take a given email address and split it into the username and domain and check to make sure the domain is real
list($userName, $mailDomain) = split("@", $dbNewEmail);
if (checkdnsrr($mailDomain, "MX")) {
// This is what happens when the email is valid
// This is where it writes the user name, password and email to the database
$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )";
$result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
//header( "Location: index.php?" );
// Email address to send to which is the users email address they registered with
// The website email address
$myEmail = "[email protected]";
// The subject of the email
$subject = "Thanks for signing up with Wallstickies!";
// The message of the email
$message = "This is a auto responder.
Thanks for signing up with Wallstickies!
----------------------------------------
Your username: $dbNewUser
Your password: $dbNewPassword
----------------------------------------
Please do not respond to this message and disregard if you did not sign up with wallstickies.";
// This is actually mailing the email
mail($dbNewEmail, $subject, $message, "From: $myEmail");
// sends the user to the index page
header( "Location: index.php?good=1" );
}
else {
// this is what happens if the email domain is not valid
header( "Location: register.php?bad=4" );
}
}
} else {
// this is what happens if the email is not good
header( "Location: register.php?bad=2" );
}
}
?>[/code]
[code=php]$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )";
$result = mysql_query($query) or die("Query failed: " . mysql_error());
// add this any time after the results of your insert.
mkdir("/imagesFolder/user".mysql_insert_id($result), 0755);
[/code]
[code=php]<?php
// This is a email validate function that tests for many things
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths are right
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_{|}~-][A-Za-z0-9!#$%&'*+/=?^_
{|}~.-]{0,63})|("[^(\|")]{0,62}"))$", $local_array[$i])) {
return false;
}
}
// Check if domain is IP. If not, it should be valid domain name
if (!ereg("^[?[0-9.]+]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
// this gets the user name from the register.php form
$dbNewUser = $_REQUEST['newuser'];
// this gets the password from the register.php form
$dbNewPassword = $_REQUEST['newpassword'];
// this gets the email from the register.php form
$dbNewEmail = $_REQUEST['newemail'];
// this checks to see if a user name and password was given
if(empty($dbNewUser) or empty($dbNewPassword)) {
header( "Location: register.php?bad=3" );
}
else {
// This strips out any html tags
$dbNewUser=strip_tags($dbNewUser);
$dbNewPassword=strip_tags($dbNewPassword);
// This calls the email validator that checks to see if the email is good or not
if (check_email_address($dbNewEmail)) {
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
// this checks to see if the user name is already taken and sends it back to the register page if it is taken
if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
header( "Location: register.php?bad=1" );
}
else {
// take a given email address and split it into the username and domain and check to make sure the domain is real
list($userName, $mailDomain) = split("@", $dbNewEmail);
if (checkdnsrr($mailDomain, "MX")) {
// This is what happens when the email is valid
// This is where it writes the user name, password and email to the database
$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )";
$result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
// add this any time after the results of your insert.
mkdir("/imagesFolder/user".mysql_insert_id($result), 0755);
//header( "Location: index.php?" );
// Email address to send to which is the users email address they registered with
// The website email address
$myEmail = "[email protected]";
// The subject of the email
$subject = "Thanks for signing up with Wallstickies!";
// The message of the email
$message = "This is a auto responder.
Thanks for signing up with Wallstickies!
----------------------------------------
Your username: $dbNewUser
Your password: $dbNewPassword
----------------------------------------
Please do not respond to this message and disregard if you did not sign up with wallstickies.";
// This is actually mailing the email
mail($dbNewEmail, $subject, $message, "From: $myEmail");
// sends the user to the index page
header( "Location: index.php?good=1" );
}
else {
// this is what happens if the email domain is not valid
header( "Location: register.php?bad=4" );
}
}
} else {
// this is what happens if the email is not good
header( "Location: register.php?bad=2" );
}
}
?>[/code]
[code=php]// add this any time after the results of your insert.
mkdir("/imagesFolder/user".mysql_insert_id, 0755);
[/code]
[code=php]mkdir("./imagesFolder/user".mysql_insert_id(), 0755);[/code]
[code=php]mkdir("./imagesFolder/user".mysql_insert_id(), 0755);[/code]
[code=php]$dirname = "./imagesFolder/user${_SESSION['user']}";
$images = scandir($dirname);
foreach($images as $curimg){
echo "<a href='/imagesFolder/user${_SESSION['user']}/$curimg'>$curimg</a><br>n";
};[/code]
I'm sure you can adjust that styling yourself.[code=php]// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . ('imagesFolder/user${_SESSION['user']}, 0755');
[/code]
[code=php]$uploadsDirectory = "{$_SERVER['DOCUMENT_ROOT']}{$directory_self}imagesFolder/user{$_SESSION['user']}";[/code]
[code=php]$dirname = "./imagesFolder/user${_SESSION['user']}/";
$images = scandir($dirname);
foreach($images as $curimg){
echo "<a href='./imagesFolder/user${_SESSION['user']}/$curimg'>$curimg</a><br>n";
};[/code]
[code=php]// add this any time after the results of your insert.
mkdir("./uploader/imagesFolder/user".mysql_insert_id(), 0755); [/code]
[code=php]// add this any time after the results of your insert.
mkdir("./uploader/imagesFolder/user".mysql_insert_id(), 0777);
[/code]
[code=php]chmod("./uploader/imagesFolder", 0777);[/code]
[code=php]chmod("./uploader/imagesFolder/user49", 0777);[/code]
0.1.9 — BETA 4.28