Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 13 of 13

Thread: MYSql Quering

  1. #1
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts

    MYSql Quering

    I am using PHP and MYSQL for my download archive and would like password protect some of the files I'm uploading.

    I have MYSQL database working and pretty much understand the basics of it'soperation.

    This is what I'm trying to do.

    The Files I'm uploading are inserted into the database with there download URL as well. What I have done so far is added a table column called password.

    Each file I would like passworded I have added the password to this file in this coloumn.

    When downloading the file, it calls it through a download.php file.

    What I'd like to happen, is when the download.php is called with the ID, is make a MYSQL query to the database, to see if the file has
    a password entered. If not it allows the download to continue. If it has, it directs to another PHP file - ie. password.php. Which has a form with a password field on asking for the password. If the password is correct, file downloads.
    If not this script redirects back to homepage.

    So, ultimately -
    1.
    How do I query a MYSQL Table's Column to return all the results that have information in them, some of the information has a blank in them,
    I want to only return the results of cells that have something in it!

    IE

    SELECT * FROM (TABLE_NAME) WHERE (COLUMN_NAME) LIKE '%'

    This returns all results whether info in them or not.

    (This is of course using PHPMyAdmin!)

    2.
    Where can I get hold of a script for the password entry...?

    I know I could make this script myself - if I had any clue - but sadly I can only make the form. I don't know how to process it using PHP. (

    Any help would be HUGELY appreciated.
    Thankz in advance.

    Golden Eagle

  • #2
    mat
    mat is offline
    Regular Coder
    Join Date
    Jul 2002
    Posts
    199
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I want to only return the results of cells that have something in it!
    SELECT * FROM table_name WHERE column_name > '';



    When downloading the file, it calls it through a download.php file.
    What I'd like to happen, is when the download.php is called with the ID, is make a MYSQL query to the database, to see if the file has
    a password entered. If not it allows the download to continue. If it has, it directs to another PHP file - ie. password.php. Which has a form with a password field on asking for the password. If the password is correct, file downloads.
    If not this script redirects back to homepage.

    I think by the sounds of it general http user/pass auth would be better, it would allow you to just keep the files in a folder you want to be secure instead of using php and actually putting the files into a mySQL table,

    you could just put everything in that folder and people who want to acces anything in there (files/pages) would need U:P to be able to. quick and simple. you know where a little pop up box comes up and asks for user/pass?

    http://www.he.net/info/htaccess/demo.html
    http://faq.clever.net/htaccess.htm
    http://www.javascriptkit.com/howto/htaccess.shtml

    lots more info around on this and I'm sure users here who have dealt with this could help.


    If you think php/mySQL would be better then you'll need to give more info for instance:

    When downloading the file, it calls it through a download.php file.
    What I'd ...
    make no sense to me they are downloading the file but they need to provide user/pass to download the file

    what I'm wondering is how exactly you get to the 'file downloading' bit? how is that file choosen? you say there is a form where the user puts in U:P right? is there like some sort of option list with the available files for download to choose from...?
    Last edited by mat; 11-27-2002 at 07:46 AM.

  • #3
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Here check this out

    http://www.font-factory.com/archive/pafiledb.php

    This is what I'm trying to impliment it into!

  • #4
    mat
    mat is offline
    Regular Coder
    Join Date
    Jul 2002
    Posts
    199
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I checked it out, picked a font but when trying to D/L the download button does nothing, i am referring to this page

    http://www.font-factory.com/archive/...n=file&id=6609


    I take it that is becuase you have not got any security up and don't want to allow people to d/l these for free. I assume you would want something like:

    user arrives at this 'pafiledb.php' page and clicks the 'download' link, this link checks if the user has logged in already or not (by checking for a session variable / cookie) and if not directs them to a login page, if they have already logged in (session variable / cookie is found) the download commences.

    For this you will be looking at using sessions? cookies? I have done this login system type thing with CF but not really with PHP. I'm sure others here will have though and can help out.

    The basice concept is > I arrive at the page for the first time. I click 'download' the download checks for a session variable which contains my 'user,pass, id or something' if it is found then i get to download if not i get directed to a login page. On the login page i enter user/pass and if it's correct a 'session' variable is set for me so now when i click 'download' php will find a 'session' variable and let me download. yeah? am i making sense

    anyway take a look at
    http://www.phpbuilder.com/columns/tim20000505.php3
    http://www.hotscripts.com/PHP/Tips_a...uthentication/
    http://www.phpfreaks.com/tutorials/40/0.php
    http://martin.f2o.org/php/login
    http://www.free2code.net/tutorials/print_friendly/99
    others you can find with google.


    and do some research on 'login system' sessions \ cookies with php.

  • #5
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Not quite.....

    Sorry. Site is using Iframes at the moment (changing to PHP includes at present!)

    Try this and you need to navigate using menu system to archive.
    http://www.font-factory.com

    I'll try to explain what it is I'm trying to achieve again.

    I don't wish to implement sessions, login or cookie membership.

    When a download is clicked the script makes a query to MySQL database table column called files_password. If there is nothing in this field for the file 'id' number that is being downloaded, the script skips this and downloads the file.

    If there IS a password in the database for the download. The script loads a form with one text box and one submit button asking for the word typed into the files_password column. If entered correctly download occurs. If not, your returned to the file info page.

    Sounds simple to me. But perhaps this is not actually do-able.

    If it is please help me. I'm even struggling to process a form using PHP!

  • #6
    mat
    mat is offline
    Regular Coder
    Join Date
    Jul 2002
    Posts
    199
    Thanks
    0
    Thanked 0 Times in 0 Posts
    o.k so you want to have a sort of universal password right? (one password for all)

    some fonts are free to d/l but some require a pass, and that is just one universal pass yeah?


  • #7
    New to the CF scene
    Join Date
    Sep 2002
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Originally posted by mat
    [B]

    SELECT * FROM table_name WHERE column_name > '';
    wouldn't it be better to say:

    Code:
    SELECT * FROM table WHERE column != '';
    ??

    Saying that WHERE column is NOT NULL...

  • #8
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Originally posted by mat
    o.k so you want to have a sort of universal password right? (one password for all)

    some fonts are free to d/l but some require a pass, and that is just one universal pass yeah?

    Almost!

    The password for the font will be different in the field the query is looking for. (If possible)

    This is what I came up with -

    I have been looking at PHP for months now (about 5), but if seems that no matter how long I try. I cannot seem to get to grips with it!

    This may seem like a bad way of showing an example.
    But it's the best way I can do it, seeing as PHP is proving to be a little over my head!

    HERE GOES!

    //START WITH A MYSQL QUERY OF DATABASE
    $password = $pafiledb_sql->query($db, "SELECT * FROM $db pafiledb_files WHERE file_password > ''", 1);


    // IF PASSWORD FIELD HAS A WORD IN DATABASE
    if $password == ("yes") {
    // LOAD WORD FROM 'file_password' & LOAD SOMESORT OF FORM HERE ASKING FOR THE WORD IN FIELD
    <FORM> BLAH BLAH (With just ONE textbox for password only (NO USER) & a submit button).</FORM>
    }

    // IF PASSWORD FIELD IN DATABASE IS EMPTY
    if $password == ("none") {
    // GO DIRECT TO NON-PROTECTED DOWNLOAD
    }

    //FORM PROCESSED
    else {
    $password == ("incorrect")
    // JAVASCRIPT HISTORY(GO BACK -1) TO FILE DETAILS
    }

    //FORM PROCESSED (CORRECT PASSWORD)
    else
    }
    if $password == ("correct")
    // GO DIRECT TO PROTECTED DOWNLOAD
    }

    I hope this explains it a little more simpler.
    And that is actually possible to do.

    Thanks for helping.

    Anyone know of any GOOD places to learn PHP & MySQL?

    I can't stand reading books. I prefer to read online if possible. Although if book is the best option. So be it!

  • #9
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Is anyone able to help me with this script?

  • #10
    mat
    mat is offline
    Regular Coder
    Join Date
    Jul 2002
    Posts
    199
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Each font is in the database so i take it, each will have a unique ID. Pass this ID to the download script.

    <a href="download.php?download=yes&font=ID">Download</a>




    <?php
    if(!isset($download)){

    include "../dbConnect.php";

    $sql1 = "SELECT COUNT(password) FROM fontsTable WHERE ID = '$font'";

    $numRows = mysql_num_rows($sql1);

    if($numRows == 1){

    echo"
    <form method='post' action='download.php'>
    <input type='text" name='passwordInput'>
    <input type='hidden' name='font' value='$font'>
    <input type='submit' name='submit' value='go'>
    </form>
    ";

    }else{

    download font?
    }

    }
    ?>


    <?php
    if(!isset($submit){

    include "../dbConnect.php";

    $sql2 = "SELECT password FROM fontsTable WHERE ID = '$font'";

    while ($row = mysql_fetch_array($sql2)){
    $correctPass= $row['password'];

    if($passwordInput == $correctPass){

    yay! download font from DB... don't ask me

    }else{

    echo"incorrect pass";
    ( actually you should redirect with a query string '?invalidPass=yes' so that the form comes up again but with an incorrect message. )

    }


    }

    ?>




    I'm no php brain.. but this may help a little bit I've also never actually downloaded a file from a database so ? i'm sure someone else can point out how
    Last edited by mat; 12-05-2002 at 11:17 PM.

  • #11
    Senior Coder Nightfire's Avatar
    Join Date
    Jun 2002
    Posts
    4,266
    Thanks
    6
    Thanked 48 Times in 48 Posts
    If your host/server doesn't have asp tags supports, you'd have to replace the <% %> to <? ?> or <?php ?>

  • #12
    mat
    mat is offline
    Regular Coder
    Join Date
    Jul 2002
    Posts
    199
    Thanks
    0
    Thanked 0 Times in 0 Posts
    woops didn't realise i was doing that.
    ( been learning asp )
    Last edited by mat; 12-05-2002 at 11:15 PM.

  • #13
    Regular Coder
    Join Date
    Jul 2002
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks guys. I'll give it ago over the weekend and I'll get back to you ASAP to let you know if I managed to get it working. If I don't, I'll reply with some more (hopefully useful) information.

    Thanks again

    Golden Eagle


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •