[RESOLVED] Disagreing PHP :confused:

@sturz001Jul 25.2008

Hi all!
I have a page that has a MYSQL/PHP function to retrive databank data.
When I try add more extras in the form of a sidebar, the PHP throws a hissy fit, and comes up with this error:

[CODE]Parse error: syntax error, unexpected T_VARIABLE in /home/a9362702/public_html/comped.php on line 1[/CODE]

Here is comped.php (the exact same thing happens on downs.php – they are the same page other than to diffent databases and with different headers)

[CODE]<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”> <html xmlns=”http://www.w3.org/1999/xhtml”> <head> <meta http-equiv=”content-type” content=”text/html; charset=utf-8″ /> <title>Gameslinker – Links for all</title> <meta name=”keywords” content=”” /> <meta name=”description” content=”” /> <link href=”page.css” rel=”stylesheet” type=”text/css” /> </head> <body> <div id=”page”> <!– start content –> <div id=”content”> <div class=”post”> <h1 class=”title”>Downloads Compedium</h1> <b><i>With thanks for coding help from <a href=”http://www.charles-reace.com” target=”_blank”>NogDog</a> and ellisgl on the <a href=”http://www.webdeveloper.com” target=”_blank”>webdeveloper.com forums</a></i></b> <br /><br /> <?php $username=”a9362702_smods”; $password=”***”; $database=”a9362702_downs”;

mysql_connect(“mysql1.000webhost.com”,$username,$password); mysql_select_db($database); $query=”SELECT * FROM table02″; $result=mysql_query($query);

$num=mysql_numrows($result);

mysql_close(); ?> <table border=”0″ cellspacing=”2″ cellpadding=”2″> <tr> <th><font face=”Arial, Helvetica, sans-serif”>ID</font></th> <th><font face=”Arial, Helvetica, sans-serif”>Download Name</font></th> <th><font face=”Arial, Helvetica, sans-serif”>Download URL</font></th> </tr>

<?php $i=0; while ($i < $num) {

$field1_name=mysql_result($result,$i,”dname”); $field2_name=mysql_result($result,$i,”durl”); $field3_name=mysql_result($result,$i,”did”);

?>

<tr> <td><font face=”Arial, Helvetica, sans-serif”><a name=” <?php echo $field3_name; ?> “><?php echo $field3_name; ?> </a></font></td> <td><font face=”Arial, Helvetica, sans-serif”><?php echo $field1_name; ?></font></td> <td><font face=”Arial, Helvetica, sans-serif”><a href=” <?php echo $field2_name; ?> “><?php echo $field2_name; ?> </a></font></td> </tr>

<?php $i++; }

echo “</table>”;

?>

</div> </div> <!– end content –> <!– start sidebar –>

<div id=”sidebar”><br />

<h2>Report Abuse</h2> Please report all spam to the <a href=”mailto:[email protected]”>admin</a>, or a <br /><a href=”mailto:[email protected]”>super</a> <a href=”mailto:[email protected]”>moderator</a>

<h2>Add a Game</h2> Anyone can now add a game. Click more in the title bar. Beware that spammers will be blocked. </div> <!– end sidebar –> <div style=”clear: both;”> </div> </div> </body> </html>[/CODE]

comped.php (and all other pages inside my website) are inside index.html:

[CODE]<body> <!– start header –> <div id=”header”> <div id=”logo”> <h1><a href=”index.html”>GamesLinker</a></h1> <h2>more than just games…</h2> </div> <div id=”menu”> <ul> <li><a href=”index.html”>home</a></li> <li><a href=”comped.php” target=”page”>Flash Games</a></li> <li><a href=”downs.php” target=”page”>Downloads</a></li> <li><a href=”chat.html” target=”page”>Chat</a></li> <li><a href=”admin.php” target=”page”>More</a></li> </ul> </div> </div> <!– end header –> <!– start page –> <iframe src=”home.html” width=”100%” height=”660″ name=”page” border=”0″></iframe> <!– end page –> <!– start footer –> <div id=”footer”> <p id=”legal”>(c) 2008 YourSite. Design by <a href=”http://www.freecsstemplates.org/”>Free CSS Templates</a>.</p> </div> <!– end footer –>

</body>[/CODE]

Index.html is controlled by this CSS:

[CODE]<style> /* Design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License */

body { margin: 0; padding: 0; background: #666159 url(images/img01.jpg) repeat-x; font-family: “Trebuchet MS”, Arial, Helvetica, sans-serif; font-size: 13px; color: #D4D4D4; }

iframe{ border: none; //both have this in them, but it didnot copy into the other one }

h1, h2, h3 { margin: 0; text-transform: lowercase; font-weight: normal; color: #FFFFFF; }

h1 { letter-spacing: -1px; font-size: 32px; }

h2 { font-size: 23px; }

p, ul, ol { margin: 0 0 2em 0; text-align: justify; line-height: 26px; font-size: 11px; }

a:link { color: #C1D11C; }

a:hover, a:active { text-decoration: none; color: #C1D11C; }

a:visited { color: #C1D11C; }

img { border: none; }

img.left { float: left; margin-right: 15px; }

img.right { float: right; margin-left: 15px; }

/* Header */

#header { width: 850px; height: 82px; margin: 0 auto 40px auto; }

#logo { float: left; }

#logo h1 { font-size: 38px; color: #FFFFFF; }

#logo h1 sup { vertical-align: text-top; font-size: 24px; }

#logo h1 a { color: #FFFFFF; }

#logo h2 { margin-top: -10px; font-size: 12px; color: #A0A0A0; }

#logo a { text-decoration: none; }

/* Menu */

#menu { float: right; }

#menu ul { margin: 0; padding: 15px 0 0 0; list-style: none; }

#menu li { display: inline; }

#menu a { display: block; float: left; background: #F5F5F5; margin-left: 5px; padding: 7px 20px; text-decoration: none; font-size: 13px; color: #000000; }

#menu a:hover { border-top: 5px solid #C1D11C; border-bottom: 3px solid #C1D11C; text-decoration: none; }

#menu .active a { border-top: 5px solid #C1D11C; border-bottom: 3px solid #C1D11C; }

/* Footer */

#footer { height: 100px; min-height: 74px; padding: 10px 0 0 0; background: #666159 url(images/img02.jpg) repeat-x left top; }

html>body #footer { height: auto; }

#legal { clear: both; padding-top: 30px; text-align: center; color: #A0A0A0; }

#legal a { color: #A0A0A0; } </style>[/CODE]

but all the others by this Css (the only css in an exernal css file):

[CODE]/* Design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License */

body { margin: 0; padding: 0; background: #666159; font-family: “Trebuchet MS”, Arial, Helvetica, sans-serif; font-size: 13px; color: #D4D4D4; }

h1, h2, h3 { margin: 0; text-transform: lowercase; font-weight: normal; color: #FFFFFF; }

h1 { letter-spacing: -1px; font-size: 32px; }

h2 { font-size: 23px; }

p, ul, ol { margin: 0 0 2em 0; text-align: justify; line-height: 26px; font-size: 13px; }

.imp { color: red; }

a:link { color: #C1D11C; }

a:hover, a:active { text-decoration: none; color: #C1D11C; }

a:visited { color: #C1D11C; }

img { border: none; }

img.left { float: left; margin-right: 15px; }

img.right { float: right; margin-left: 15px; }

/* Form */

form { margin: 0; padding: 0; }

fieldset { margin: 0; padding: 0; border: none; }

legend { display: none; }

input, textarea, select { font-family: “Trebuchet MS”, Arial, Helvetica, sans-serif; font-size: 13px; color: #333333; }

/* Page */

#page { width: 850px; margin: 0 auto; }

/* Content */

#content { float: left; width: 600px; }

/* Post */

.post { }

.post .title { margin-bottom: 20px; margin-top: 20px; padding: 0 0 7px 18px; background: url(images/img03.gif) no-repeat left 50%; border-bottom: 1px solid #86910F; }

.post .entry { }

.post .meta { border: 1px solid #86910F; padding: 15px 10px 30px 10px; }

.post .meta p { margin: 0; line-height: normal; color: #999999; }

.post .meta .byline { float: left; }

.post .meta .links { float: right; }

.post .meta .more { padding: 0 20px 0 18px; background: url(images/img06.gif) no-repeat left center; }

.post .meta .comments { padding-left: 22px; background: url(images/img07.gif) no-repeat left center; }

.post .meta b { display: none; }

/* Sidebar */

#sidebar { float: right; width: 225px; }

#sidebar ul { margin: 0; padding: 0; list-style: none; }

#sidebar li { margin-bottom: 40px; }

#sidebar li ul { }

#sidebar li li { margin: 0; padding-left: 12px; }

#sidebar h2 { margin-bottom: 10px; padding-left: 15px; background: url(images/img04.gif) no-repeat left 50%; border-bottom: 1px solid #86910F; font-size: 16px; }

/* Search */

#search { }

#search h2 { margin-bottom: 20px; }

#s { width: 110px; margin-right: 5px; padding: 2px; border: 1px solid #F0F0F0; }

#x { padding: 4px 4px; background: #C1D11C; border: none; text-transform: uppercase; font-family: Arial, Helvetica, sans-serif; font-size: 10px; color: #FFFFFF; }

/* Boxes */

.box1 { padding: 20px; background: url(images/img05.gif) no-repeat; }

.box2 { color: #BABABA; }

.box2 h2 { margin-bottom: 15px; background: url(images/img10.gif) repeat-x left bottom; font-size: 16px; color: #FFFFFF; }

.box2 ul { margin: 0; padding: 0; list-style: none; }

.box2 a:link, .box2 a:hover, .box2 a:active, .box2 a:visited { color: #EDEDED; } [/CODE]

You can see the barebones and the error online here
~~[URL=”http://www.thelinker.net63.net/index.html”]~~http://www.thelinker.net63.net/index.html[/URL]

to post a comment

PHP

21 Comments(s) _↴

@Phill_PaffordJul 25.2008 — #hmm,

I see this on line 28

[code=php]
 mysql_numrows($result);
 [/code]

might try this

[code=php]
 mysql_num_rows($result);
 [/code]

@sturz001authorJul 25.2008 — #WOW quick reply! I'll just try it -- stand by

@sturz001authorJul 25.2008 — #Phill Pafford! You little beauty! Thanks a lot. I'm sure I'll be posting again soon as I am just learning PHP and How to make it work with SQL. If you can help me again, I will definatly link up a site of your choice to mine in thanks

@sturz001authorJul 26.2008 — #Ok, Phill, here's one for you! I have now finished the write section of my site (write the databases into the pages) I now need the create and delete sections. We'll just go for create for the moment. Here's admin.php:

[CODE]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">Extras Zone</h1>
 <?php 
 //initilize PHP
 
 if($_POST['submit']) //If submit is hit
 {
 //then connect as user
 //change user and password to your mySQL name and password
 mysql_connect("mysql1.000webhost.com","a9362702_admin","**"); 
 
 //select which database you want to edit
 mysql_select_db("a9362702_games"); 
 
 //convert all the posts to variables:
 $name = $_POST['gname'];
 $url = $_POST['gurl'];
 $copip = $_POST['pepsid'];
 
 //Insert the values into the correct database with the right fields
 //mysql table = news
 //table columns = id, title, message, who, date, time
 //post variables = $title, $message, '$who, $date, $time
 $result=MYSQL_QUERY("INSERT INTO table01 (gname,gurl,added_by)".
 "VALUES ('$name', '$url', '$copip')"); 
 
  //confirm
 echo "Query Finished"; 
 }
 else
 {
 // close php so we can put in our code
 ?>
 <form method="post" action="processor.php">
 <input type="text" name="gname" />
 <input type="text" name="gurl" />
 <?php echo "$_SERVER['REMOTE_ADDR']"?><input type="text" name="pepsid" />
 </form>
 <?php
 } //close the else statement
 ?>
 
 
 
   </div>
  </div>
  <!-- end content -->
  <!-- start sidebar -->
  <div id="sidebar"><br />
   <ul>
   <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>[/CODE]

As you can see this is from a tutorial, but modified.

As the page loads I get error like so:

[CODE]PHP Error Message 
 
 Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/a9362702/public_html/admin.php on line 1[/CODE]

Another thing. You can see the code for a IP address to be echoed to the page. Is there anyway to get this inside a hidden Input? I tried with an earlier different code, but it didn't work.

Another thing. Isn't it insecure to have my SQL password etc in the page code?

Another thing. Is there any way to stop users being able to attack the PHP/SQL? I have a particually annoying friend who mucked up the last PHP website I attempted. (ps. I don't have access to the PHP server files)

Good Luck. Phill this is your chance to get credit on my website with a link. If you don't belive me, see how NOG DOG got rewarded. (http://thelinker.net63.net)

@NogDogJul 27.2008 — #

[code=php]
 <?php echo $_SERVER['REMOTE_ADDR']; ?><input type="text" name="pepsid" />
 [/code]

No need for the quotes if just echoing the variable, and if you do have an array element variable like that in double quotes, then you need to use "complex notation" (curly braces) so that the parser knows where the variable ends:

[code=php]
 echo "<p>Your address is: {$_SERVER['REMOTE_ADDR']}.</p>";
 [/code]

@sturz001authorJul 27.2008 — #Thanks NogDog! I would try it, but I am backing up and computer is very slow. I started this message about 10 minutes ago.

@sturz001authorJul 27.2008 — #Not working, but I think I may try sending post data to a diffent page.

@sturz001authorJul 27.2008 — #Ok the base raw code that i posted is working, but when I change the echo statment, or add some if validation, like so:

[code=php]
 if(!$name){
 die("Error");
 }else if.....
 [/code]

The PHP spazzes and just does nothing. I get no returns, and it isn;t posted, as if the PHP code simply does not exist. In the short Time I have worked with PHP I have found it to be a lovely but tempremental code! Any clues, anyone?

@Phill_PaffordJul 28.2008 — #Thnx sturz001,

I did see the error in the code that NogDog pointed out.

As to my challenge could you explain a little more?

you need a delete function? from the MySQL DB?

@sturz001authorJul 28.2008 — #Sorry about the slow reply, seems like Windows live is down at the moment. :eek: Ah, Phill your 2 challenges for reconition are:

1) Help me to sort out my add to database code, which is very [B]unstable[/B]

and (when we have solved the first part) 2) Creating a Delete link next to each record in the write section.

Ok [B]1, a good place to start. Or should I say 0?[/B]

Here are two pages in my website:

0.1: admin.php

[CODE]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">Extras Zone</h1>
 
 <form method="post" action="processor.php">
 <input type="text" name="gname" /><br />
 <input type="text" name="gurl" /><br />
 <?php echo "<p>Copy exactly as shown: {$_SERVER['REMOTE_ADDR']}.</p>"; ?><input type="text" name="pepsid" /><br />
 <!-- This works as a capcatcha field and records IP addresses -->
 <input type="submit" value="Add it!" />
 </form>
 
 
   </div>
  </div>
  <!-- end content -->
  <!-- start sidebar -->
  <div id="sidebar"><br />
   <ul>
   <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>
 [/CODE]

0.2: processor.php

[CODE]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">Extras Zone</h1>
 <?php 
 //initilize PHP
 //then connect as user
 //change user and password to your mySQL name and password
 mysql_connect("mysql1.000webhost.com","a9362702_admin","*"); 
 
 //select which database you want to edit
 mysql_select_db("a9362702_games"); 
 
 //convert all the posts to variables:
 $name = $_POST['gname'];
 $url = $_POST['gurl'];
 $copip = $_POST['pepsid'];
 
 //Insert the values into the correct database with the right fields
 //mysql table = news
 //table columns = id, title, message, who, date, time
 //post variables = $title, $message, '$who, $date, $time
 $result=MYSQL_QUERY("INSERT INTO table01 (gname,gurl,added_by)".
 "VALUES ('$name', '$url', '$copip')"); 
 
  //confirm
 echo "Query Finished"; 
 
 // close php so we can put in our code
 ?>
 
 
 
   </div>
  </div>
  <!-- end content -->
  <!-- start sidebar -->
  <div id="sidebar"><br />
   <ul>
   <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>
 [/CODE]

At the moment the code works!

But If I try to add anything else, or amend the final echo, or add some validation, the code breaks and outputs random errors.

WHY? HOW TO FIX?

@sturz001authorJul 29.2008 — #Sorry about the slow reply, seems like Windows live is down at the moment. :eek: Ah, Phill your 2 challenges for reconition are:

1) Help me to sort out my add to database code, which is very [B]unstable[/B]

and (when we have solved the first part) 2) Creating a Delete link next to each record in the write section.
[/QUOTE]
Windows Live is back ? !

1) seems ok now! phew!

2) Ok, I am having another copy of this code on a different php page:

[CODE]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">Flash Game Compedium</h1>
 <b><i>With thanks for coding help from <a href="http://www.charles-reace.com" target="_blank">NogDog</a> and ellisgl on the <a href="http://www.webdeveloper.com" target="_blank">webdeveloper.com forums</a></i></b>
 <br /><br />
 <?php
 $username="a9362702_admin";
 $password="...";
 $database="a9362702_games";
 
 mysql_connect("mysql1.000webhost.com",$username,$password);
 mysql_select_db($database);
 $query="SELECT * FROM table01";
 $result=mysql_query($query);
 
 $num=mysql_num_rows($result);
 
 mysql_close();
 ?>
 <table border="0" cellspacing="2" cellpadding="2">
 <tr>
 <th><font face="Arial, Helvetica, sans-serif">ID</font></th>
 <th><font face="Arial, Helvetica, sans-serif">Game Name</font></th>
 <th><font face="Arial, Helvetica, sans-serif">Game URL</font></th>
 </tr>
 
 <?php
 $i=0;
 while ($i < $num) {
 
 $field1_name=mysql_result($result,$i,"gname");
 $field2_name=mysql_result($result,$i,"gurl");
 $field3_name=mysql_result($result,$i,"gid");
 
 ?>
 
 <tr>
 <td><font face="Arial, Helvetica, sans-serif"><a name=" <?php echo $field3_name; ?> "><?php echo $field3_name; ?> </a></font></td>
 <td><font face="Arial, Helvetica, sans-serif"><?php echo $field1_name; ?></font></td>
 <td><font face="Arial, Helvetica, sans-serif"><a href=" <?php echo $field2_name; ?> "><?php echo $field2_name; ?> </a></font></td>
 </tr>
 
 <?php
 $i++;
 }
 
 echo "</table>";
 
 ?>
 
   </div>
  </div>
  <!-- end content -->
  <!-- start sidebar -->
  <div id="sidebar"><br />
 
   <h2>Report Abuse</h2>
   Please report all spam to the <a href="mailto:[email protected]">admin</a>,<br /> or a <a href="mailto:[email protected]">super</a> <a href="mailto:[email protected]">moderator</a>
   <br />
   <h2>Add a Game</h2>
   Anyone can now add a game. Click more in the title bar. Beware that spammers will be blocked.
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>
 [/CODE]

I would like a new column beside each row so that I can delete each record from the database. I'm guessing I could include a script using PHP include inside the loop, but as to do it I am Out of the loop (? sorry can;t resist bad jokes) I'm a bit [B]inclueless! (include - ha ha ha)[/B]

@Phill_PaffordJul 29.2008 — #are you taking some code from Jpmaster77 login script?

@sturz001authorJul 29.2008 — #no, why? (it wouldn't let me on to the site)

@Phill_PaffordJul 29.2008 — #Well here goes:

[code=php]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">Extras Zone</h1>
 <?php 
 
 /** Add the include file validate.php**/
 include("validate.php");
 
 /** Add counter for Errors **/
 $error = 0;
 
 //initilize PHP
 
 //convert all the posts to variables:
 $name = $_POST['gname'];
 $url = $_POST['gurl'];
 $copip = $_POST['pepsid'];
 
  /** Validation **/
  if(!$valid->validGamename($name)) {
   echo "ERROR: Invalid Game Name<br />";
   $error++;
  } else if (!$valid->validURL($url)) {
   echo "ERROR: Invalid URL<br />";
   $error++;
  } else if (!$valid->validAddedBy($copip)) {
   echo "ERROR: Invalid Added By<br />";
   $error++;
  }
 
  /**
   * Check for errors, if none connect to DB 
   */
 
  if($error == 0) {
   //then connect as user
   //change user and password to your mySQL name and password
   mysql_connect("mysql1.000webhost.com","a9362702_admin","*"); 
 
   //select which database you want to edit
   mysql_select_db("a9362702_games"); 
 
   //Insert the values into the correct database with the right fields
   //mysql table = news
   //table columns = id, title, message, who, date, time
   //post variables = $title, $message, '$who, $date, $time
   $result=MYSQL_QUERY("INSERT INTO table01 (gname,gurl,added_by)".
   "VALUES ('$name', '$url', '$copip')"); 
 
   //confirm
   echo "Query Finished"; 
  } else {
   echo "You have errors, Please fix<br />"; 
  }
 
 // close php so we can put in our code
 ?>
 
 
 
   </div>
  </div>
  <!-- end content -->
  <!-- start sidebar -->
  <div id="sidebar"><br />
   <ul>
   <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>
 [/code]

Validate.php

[code=php]
 <?php
 
 /******************************************
 * @scriptname:	validate.php 
 * @author:	Phill Pafford
 * @version:	1.0
 * @date:		July 27, 2008
 ******************************************
 * @functionality:
 *		To validate user input
 * 
 ******************************************
 * @updated by: 
 * @updated date: 
 * @changes:
 * 
 ******************************************
 * @notes:
 *
 ******************************************/
 
 
 /**
 * @class Validation
 * @return 
 * @param $name Object
 */
 
 class Validation {
 
  /**
   * validGamename - Should match any alphnumeric characters
   * @return 
   * @param $name Object
   */
 
  function validGamename($name) {
   if((preg_match('/^[w. -]+$/', $name))) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validURL - Validates a URL
   * @return 
   * @param $url Object
   */
 
  function validURL($url) {
   if (preg_match("/^(http(s?):\/\/|ftp:\/\/{1})((w+.)+)w{2,}(/?)$/i", $url)) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validAddedBy - Validates the Added By?
   * @return 
   * @param $copip Object
   */
 
  function validAddedBy($copip) {
   /** I really don't know what to validate for so Alphanumeric I guess **/
   if((preg_match('/^[w. -]+$/', $copip))) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validDeleteId - Validates the postId that is to be deleted
   * @return 
   * @param $deleteId Object
   */
 
  function validDeleteId($deleteId) {
   if((preg_match('/^[0-9]+$/', $deleteId))) {
   return true;
   } else {
   return false;
   }
  }
 }
 
 /** Initialize valid object **/
 $valid = new Validation;
 
 ?>
 [/code]

to do the delete post you could almost use the same for the insert.

First validate the user data (User Post Id #)

you need some sort of field key for each post, this is the value for your where clause in the DELETE statement.

If you want I can still work with you, I would just need to see more of your code.

Send me a private email if you perfer

@sturz001authorJul 30.2008 — #If you want I can still work with you, I would just need to see more of your code.

Send me a private email if you perfer[/QUOTE]
Take all the source you need from my website, It's online, but not complete.

(http://thelinker.net63.net)

As to the validation of $copip, The value needs to be the same as IP address. It works a) as a capatcha field and b) so I know who to block If spam appears!

@Phill_PaffordJul 30.2008 — #
Take all the source you need from my website, It's online, but not complete.

(http://thelinker.net63.net)
[/QUOTE]

Thanks but this is client side code, I would like to see more of the server side code.

Did my validation work for you? on the INSERT ?

@sturz001authorJul 30.2008 — #only just come online! I will try and get a backup copy for you to look at. If you can pull this off, You will get a mesion on EVERY PAGE!

@sturz001authorJul 31.2008 — #[B]Thanks the Validation worked out fine![/B]

I now have 2 questions.

0) How to modify validation to accept only IP address in IP field? and

1) The script(s) below delete a field with the Id that is entered. Is there any way I can make [B]automatically before deletetion[/B] to extract the Ip field and send it to myself in e-mail? Then continue to delete the row??

Here is admin.php

[CODE]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">SuperMod Zone</h1>
 SuperMods have the extra ability to DELETE spam entries!
 <h3>Delete Online Games Entries</h3>
 <form action="compro.php" method="post">
 <input type="text" name="gid" />
 <input type="submit" />
 </form>
 </div>
 </div>
 <!-- end content -->
 <!-- start sidebar -->
 <div id="sidebar"><br />
 <ul>
 <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>
 [/CODE]

And here is compro.php

[CODE]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">SuperMod Zone</h1>
 <?php
 $formid = $_POST["gid"];
 $con = mysql_connect("mysql1.000webhost.com","a9362702_admin","arrow99");
 if (!$con)
 {
 die('Could not connect: ' . mysql_error());
 }mysql_select_db("a9362702_games", $con);
 
 mysql_query("DELETE FROM table01 WHERE ID=$formid");
 mysql_close($con);
 echo "Delete Complete. The server may take awhile to update itself. Be paitent."
 ?> 
 </div>
 </div>
 <!-- end content -->
 <!-- start sidebar -->
 <div id="sidebar"><br />
 <ul>
 <li>
 
   a
   </li>
   </ul>
  </div>
  <!-- end sidebar -->
  <div style="clear: both;">&nbsp;</div>
 </div>
 </body>
 </html>[/CODE]

Thank you all for being so kind to help a umm.. developing web deveolper!

@Phill_PaffordJul 31.2008 — #this will be in 2 posts

[code=php]
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <title>Gameslinker - Links for all</title>
 <meta name="keywords" content="" />
 <meta name="description" content="" />
 <link href="page.css" rel="stylesheet" type="text/css" />
 </head>
 <body>
 <div id="page">
 <!-- start content -->
 <div id="content">
 <div class="post">
 <h1 class="title">SuperMod Zone</h1>
 <?php
 
   /** Add the include file validate.php**/
   include("validate.php");
 
   /** Add counter for Errors **/
   $error = 0;
 
   //convert all the posts to variables:
   $formid = $_POST["gid"];
 
   /** Validation **/
   if(!$valid->validFormId($formid)) {
   echo "ERROR: Invalid Form Id<br />";
   $error++;
   }
 
   /**
   * Check for errors, if none connect to DB 
   */
 
   if($error == 0) {
   $con = mysql_connect("mysql1.000webhost.com","a9362702_admin","arrow99");
   if(!$con)
   {
   die('Could not connect: ' . mysql_error());
   }
 
   mysql_select_db("a9362702_games", $con);
 
   /**
   * NOTE: MIGHT NEED TO REFINE THE WHERE CLAUSE IN THIS STATEMENT
   */
 
   // Select IP for email before Delete record
   $result=MYSQL_QUERY("SELECT added_by FROM table01 WHERE added_by='$copip' AND ID=$formid ");
 
   if(!empty($result) && isset($result)) {
   // Default from email
   $from = "[email protected]";
 
   // Create email
   $to = "[email protected]";
   $subject = "The IP";
   $message = "The IP You have requested: " . $result;
   $from = "[email protected]";
   $headers = "From: $from";
 
   // Send email
   mail($to,$subject,$message,$headers);
 
   echo "Mail Sent. <br />"; 
   }
 
   // Delete Query
   mysql_query("DELETE FROM table01 WHERE ID=$formid");
   mysql_close($con);
 
   echo "Delete Complete. The server may take awhile to update itself. Be paitent. <br />";
   } else {
   echo "You have errors, Please fix<br />"; 
   }
   ?>
   </div>
   </div>
   <!-- end content -->
   <!-- start sidebar -->
   <div id="sidebar">
   <br/>
   <ul>
   <li>
   a
   </li>
   </ul>
   </div>
   <!-- end sidebar -->
   <div style="clear: both;">
   &nbsp;
   </div>
   </div>
  </body>
 </html>
 
 [/code]

@Phill_PaffordJul 31.2008 — #Post #2

Your new validation added

[code=php]
 <?php
 
 /******************************************
 * @scriptname:	validate.php 
 * @author:		Phill Pafford
 * @version:		1.0
 * @date:			July 27, 2008
 ******************************************
 * @functionality:
 *		To validate user input
 * 
 ******************************************
 * @updated by: 
 * @updated date: 
 * @changes:
 * 
 ******************************************
 * @notes:
 *
 ******************************************/
 
 
 /**
 * @class Validation
 * @return 
 * @param $name Object
 */
 
 class Validation {
 
  /**
   * validGamename - Should match any alphnumeric characters
   * @return 
   * @param $name Object
   */
 
  function validGamename($name) {
   if((preg_match('/^[w. -]+$/', $name))) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validURL - Validates a URL
   * @return 
   * @param $url Object
   */
 
  function validURL($url) {
   if (preg_match("/^(http(s?):\/\/|ftp:\/\/{1})((w+.)+)w{2,}(/?)$/i", $url)) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validAddedBy - Validates the Added By?
   * @return 
   * @param $copip Object
   */
 
  function validAddedBy($copip) {
   /** I really don't know what to validate for so Alphanumeric I guess **/
   if((preg_match('/^[w. -]+$/', $copip))) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validDeleteId - Validates the postId that is to be deleted
   * @return 
   * @param $deleteId Object
   */
 
  function validDeleteId($deleteId) {
   if((preg_match('/^[0-9]+$/', $deleteId))) {
   return true;
   } else {
   return false;
   }
  }
 
  /**
   * validateIpAddress - Validates the IP Address
   * @return 
   * @param $ip_addr Object
   */
 
  function validateIpAddress($ip_addr) {
   //first of all the format of the ip address is matched
   if(preg_match("/^(d{1,3}).(d{1,3}).(d{1,3}).(d{1,3})$/",$ip_addr)) {
   //now all the intger values are separated
   $parts=explode(".",$ip_addr);
 
   //now we need to check each part can range from 0-255
   foreach($parts as $ip_parts) {
   if(intval($ip_parts)>255 || intval($ip_parts)<0) {
   return false; //if number is not within range of 0-255
   }
   }
   return true;
   } else {
   return false; //if format of ip address doesn't matches
   }
  }
 
  /**
   * validFormId - Validates the Form Id
   * @return 
   * @param $formid Object
   */
 
  function validFormId($formid)
  {
   if((preg_match('/^[0-9]$/', $formid))) {
   return true;
   } else {
   return false;
   }
  }
 }
 
 /** Initialize valid object **/
 $valid = new Validation;
 
 ?>
 
 
 [/code]

@sturz001authorJul 31.2008 — #thanks! that seems to work! Phill, boy have you earnt your reconition! It will appear after my holiday! Any way i can give "Brownie Points" in the forum? Any site you would like to link along with your name Phill? If so e-mail me at the address You have for me!

Also in #PHP _↴

parsing xml in php How to download source code of a website to hard drive Teleconference Application

Success!

Help @sturz001 spread the word by sharing this article on Twitter...

Tweet This

[RESOLVED] Disagreing PHP :confused:

21 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

[RESOLVED] Disagreing PHP :confused:

21 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

21 Comments(s) _↴

Also in #PHP _↴