Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts

    oop and functions

    I have a script which i am trying to modify to add a few new features, however it is all done in 'oop' which i am not familiar with,

    however im having a stab at it,

    i am trying to add some validation to a form, and the bit im stuck on is checking to see if the user inputted value is found in a db table

    so i have this code
    PHP Code:
          /* Town error checking */
          
    $field "town";  //Use field name for town
          
    if($database->findTown($subtown))
          {
             
    $form->setError($field"* Town Not Found Please Choose Nearest Town From List");
          } 
    $subtown is passed to the overall function like so
    PHP Code:
        function register($subuser$subpass$subpass2$subemail, [B]$subtown[/B], $subgender$subyob
    and my function findTown is

    PHP Code:
        function findTown($subtown)
        {
          
    $q "SELECT * FROM ".TBL_TOWN_LIST." WHERE placeName = ".$subtown;
          
    $result mysql_query($q$this->connection);
          
    $this->num_towns mysql_numrows($result);
        } 
    but when i run the script it always displays the error! im not sure what im doing wrong, i thought it was mysql_numrows($result); but there are lots of these in the script and they are working fine

    basically what i want it to do is if the function returns 0 rows then display the error else don't. its easy in normal php but im struggling with the oop.

    any help would be great
    thanks

  • #2
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    721
    Thanks
    20
    Thanked 84 Times in 84 Posts
    underscore?

    PHP Code:
    $this->num_towns mysql_num_rows($result); 

  • #3
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    see thats what i thought but all throughout the script in the various functions its set as mysql_numrows($result); and they are all working fine?

    even changing it, it still desnt work.

  • #4
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    721
    Thanks
    20
    Thanked 84 Times in 84 Posts
    have you got a similar function that works?
    im not too familiar with injections

  • #5
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    kind of it uses the same sort of principle i think, i've just tried changing it to get it to perform something different!

    the other function is
    PHP Code:
       function getNumMembers(){
          if(
    $this->num_members 0){
             
    $q "SELECT * FROM ".TBL_USERS;
             
    $result mysql_query($q$this->connection);
             
    $this->num_members mysql_numrows($result);
          }
          return 
    $this->num_members;
       } 
    and i have now changed my code slightly to make it even similar to this like so

    PHP Code:
        function findTown($subtown)
        {
            if(
    $this->num_towns 0)
            {
              
    $q "SELECT * FROM ".TBL_TOWN_LIST." WHERE placeName = ".$subtown;
              
    $result mysql_query($q$this->connection);
              
    $this->num_towns mysql_numrows($result);
            }
            return 
    $this->num_towns;
        }
    }; 
    and am calling it like so
    PHP Code:
          if(!$database->findTown($subtown))
          {
             
    $form->setError($field"* Town Not Found Please Choose Nearest Town From List");
          } 
    but its still always showing the error even if the value of $subtown is in the tb table

  • #6
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    mysql_numrows is a valid function alias in PHP, so that's not an issue.

    PHP Code:
        function findTown($subtown)
        {
            
    printf("Starting %s, num_towns is: %d" PHP_EOL__METHOD__$this->num_towns);
            if(
    $this->num_towns 0)
            {
              
    $q "SELECT * FROM ".TBL_TOWN_LIST." WHERE placeName = ".$subtown;
              
    $result mysql_query($q$this->connection);
              
    $this->num_towns mysql_numrows($result);
            }
            
    printf("Ending %s, num_towns is: %d" PHP_EOL__METHOD__$this->num_towns);
            return 
    $this->num_towns;
        } 
    What's the result?

    Edit:
    BTW, where is the $subtown in your call's declared?
    Last edited by Fou-Lu; 06-18-2012 at 06:23 PM.

  • #7
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    ok on my sign up form it always produces the error, if on my home page i try this

    PHP Code:
    echo "<b>Member Total:</b> ".$database->findTown("Sennen")."<br>"
    it echos out
    Code:
    Starting MySQLDB::findTown, num_towns is: 0 Ending MySQLDB::findTown, num_towns is: 0
    EDIT
    ====

    I finally got it working when echoing out the value of $q i was getting the following
    Code:
    SELECT * FROM tbl_places WHERE placeName = Cornwall
    which innitally i thought was correct but when testing it in my phpmyadmin it returned an error as the value of $subtown was not wrapped in ''s i have now changed the code like so

    PHP Code:
        function findTown($subtown)
        {
            
    printf("Starting %s, num_towns is: %d" PHP_EOL__METHOD__$this->num_towns);
            
    #if($this->num_towns < 0)
            #{
              
    $q "SELECT * FROM ".TBL_TOWN_LIST." WHERE placeName = '$subtown'";
              
    print_r($q);
              
    $result mysql_query($q$this->connection);
              
    $this->num_towns mysql_numrows($result);
            
    #}
            
    printf("Ending %s, num_towns is: %d" PHP_EOL__METHOD__$this->num_towns);
            return 
    $this->num_towns;
        } 
    and its working

    thank you all for your help, only took me 4 or 5 hours lol but i got there ha

  • #8
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    out of curiosity what if any is the difference between mysql_numrows and mysql_num_rows? before today i have never known about mysql_numrows

    thanks

  • #9
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Nothing. Mysql_numrows is an old method that was retained and aliased to mysql_num_rows. They are registered as the same function under the hood.

  • #10
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    ah ok thank you!

  • #11
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    ok im back with another oop problem,

    i will have to post my code in different posts because of the length of the files.

    But what i am trying to do is query my database from my index page (sounds simple and if i wasnt using oop it would be but oop is another language altogether )

    this is my index page
    PHP Code:
    <?php
    /**
     * Register.php
     * 
     * Displays the registration form if the user needs to sign-up,
     * or lets the user know, if he's already logged in, that he
     * can't register another name.
     *
     * Please subscribe to our feeds at http://blog.geotitles.com for more such tutorials
     */
    include("include/session.php");
    ?>

    <html>
    <title>Register | jQuery, AJAX, PHP, MySQL, javascript, web design tutorials &amp; demos | php login script demo</title>
    <body>

    <?php
    /**
     * The user is already logged in, not allowed to register.
     */
    if($session->logged_in){
       echo 
    "<h1>Registered</h1>";
       echo 
    "<p>We're sorry <b>$session->username</b>, but you've already registered. "
           
    ."<a href=\"main.php\">Main</a>.</p>";
    }
    /**
     * The user has submitted the registration form and the
     * results have been processed.
     */
    else if(isset($_SESSION['regsuccess'])){
       
    /* Registration was successful */
       
    if($_SESSION['regsuccess']){
          echo 
    "<h1>Registered!</h1>";
          echo 
    "<p>Thank you <b>".$_SESSION['reguname']."</b>, your information has been added to the database, "
              
    ."you may now <a href=\"main.php\">log in</a>.</p>";
       }
       
    /* Registration failed */
       
    else{
          echo 
    "<h1>Registration Failed</h1>";
          echo 
    "<p>We're sorry, but an error has occurred and your registration for the username <b>".$_SESSION['reguname']."</b>, "
              
    ."could not be completed.<br>Please try again at a later time.</p>";
       }
       unset(
    $_SESSION['regsuccess']);
       unset(
    $_SESSION['reguname']);
    }
    /**
     * The user has not filled out the registration form yet.
     * Below is the page with the sign-up form, the names
     * of the input fields are important and should not
     * be changed.
     */
    else{
    ?>
    <h1><img src="images/user_add.png" width="32" height="32" alt="Register">Create Your Profile</h1>
    <p>STEP 1 OF 4</p>
    <?php
    if($form->num_errors 0){
       echo 
    "<td><font size=\"2\" color=\"#ff0000\">".$form->num_errors." error(s) found</font></td>";
    }
    ?>
    <form action="process.php" method="POST">
    <table align="left" border="0" cellspacing="0" cellpadding="5">


    <tr>
    <td>Username:</td><td><input type="text" name="user" maxlength="30" value="<?php echo $form->value("user"); ?>"></td>
    <td><?php echo $form->error("user"); ?></td>
    </tr>

    <tr>
    <td>Password:</td><td><input type="password" name="pass" maxlength="30" value="<?php echo $form->value("pass"); ?>"></td>
    <td><?php echo $form->error("pass"); ?></td>
    </tr>

    <tr>
    <td>Confirm Password:</td><td><input type="password" name="pass2" maxlength="30" value="<?php echo $form->value("pass2"); ?>"></td>
    <td><?php echo $form->error("pass2"); ?></td>
    </tr>


    <tr>
    <td>Email:</td><td><input type="text" name="email" maxlength="50" value="<?php echo $form->value("email"); ?>"></td>
    <td><?php echo $form->error("email"); ?></td>
    </tr>

    <tr>
    <td>Local Town:</td><td><select name="town"><?php
    $q 
    "SELECT * FROM ".TBL_TOWN_LIST;
    $result mysql_query($q$this->connection);
    while(
    $row=mysql_fetch_array($result))
    {
        return 
    $row['placeName'];
    }

    ?>
    </select></td>
    <td><?php echo $form->error("town"); ?></td>
    </tr>

    <tr>
    <td>Gender:</td><td><select name="gender"><?php
    echo '<option value="Male"'; if ($form->value("gender")) {$selected=(($form->value("gender")=="Male")) ? 'Selected' ""; echo $selected; } echo '>Male</option>';
    echo 
    '<option value="Female"'; if ($form->value("gender")) {$selected=(($form->value("gender")=="Female")) ? 'Selected' ""; echo $selected; } echo '>Female</option>';?>
    </select></td>
    <td><?php echo $form->error("gender"); ?></td>
    </tr>

    <tr>
    <td>Year of birth:</td><td><input type="text" name="yob" maxlength="50" value="<?php echo $form->value("yob"); ?>"></td>
    <td><?php echo $form->error("yob"); ?></td>
    </tr>

    <tr>
    <td colspan="2" align="right">
    <input type="hidden" name="subjoin" value="1">
    <input type="hidden" name="step" value="1">
    <input type="submit" value="Next"></td>
    </tr>

    <tr>
      <td colspan="2" align="left"><a href="main.php">Back to Login page</a></td>
    </tr>
    </table>
    </form>


    <?php
    }
    ?>

    </body>
    </html>
    and the bit where im trying to perform a query isnt echoing anything out so im obviously not doing it right!

    ok so on the index page there is a file included called session.php

  • #12
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    session.php
    PHP Code:
    <?php
    /**
     * Session.php
     * 
     * The Session class is meant to simplify the task of keeping
     * track of logged in users and also guests.
     *
     *  Please subscribe to our feeds at http://blog.geotitles.com for more such tutorials
     */
    include("database.php");
    include(
    "mailer.php");
    include(
    "form.php");

    class 
    Session
    {
       var 
    $username;     //Username given on sign-up
       
    var $userid;       //Random value generated on current login
       
    var $userlevel;    //The level to which the user pertains
       
    var $time;         //Time user was last active (page loaded)
       
    var $logged_in;    //True if user is logged in, false otherwise
       
    var $userinfo = array();  //The array holding all user info
       
    var $url;          //The page url current being viewed
       
    var $referrer;     //Last recorded site page viewed
       /**
        * Note: referrer should really only be considered the actual
        * page referrer in process.php, any other time it may be
        * inaccurate.
        */

       /* Class constructor */
       
    function Session(){
          
    $this->time time();
          
    $this->startSession();
       }

       
    /**
        * startSession - Performs all the actions necessary to 
        * initialize this session object. Tries to determine if the
        * the user has logged in already, and sets the variables 
        * accordingly. Also takes advantage of this page load to
        * update the active visitors tables.
        */
       
    function startSession(){
          global 
    $database;  //The database connection
          
    session_start();   //Tell PHP to start the session

          /* Determine if user is logged in */
          
    $this->logged_in $this->checkLogin();

          
    /**
           * Set guest value to users not logged in, and update
           * active guests table accordingly.
           */
          
    if(!$this->logged_in){
             
    $this->username $_SESSION['username'] = GUEST_NAME;
             
    $this->userlevel GUEST_LEVEL;
             
    $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
          }
          
    /* Update users last active timestamp */
          
    else{
             
    $database->addActiveUser($this->username$this->time);
          }
          
          
    /* Remove inactive visitors from database */
          
    $database->removeInactiveUsers();
          
    $database->removeInactiveGuests();
          
          
    /* Set referrer page */
          
    if(isset($_SESSION['url'])){
             
    $this->referrer $_SESSION['url'];
          }else{
             
    $this->referrer "/";
          }

          
    /* Set current url */
          
    $this->url $_SESSION['url'] = $_SERVER['PHP_SELF'];
       }

       
    /**
        * checkLogin - Checks if the user has already previously
        * logged in, and a session with the user has already been
        * established. Also checks to see if user has been remembered.
        * If so, the database is queried to make sure of the user's 
        * authenticity. Returns true if the user has logged in.
        */
       
    function checkLogin(){
          global 
    $database;  //The database connection
          /* Check if user has been remembered */
          
    if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
             
    $this->username $_SESSION['username'] = $_COOKIE['cookname'];
             
    $this->userid   $_SESSION['userid']   = $_COOKIE['cookid'];
          }

          
    /* Username and userid have been set and not guest */
          
    if(isset($_SESSION['username']) && isset($_SESSION['userid']) &&
             
    $_SESSION['username'] != GUEST_NAME){
             
    /* Confirm that username and userid are valid */
             
    if($database->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0){
                
    /* Variables are incorrect, user not logged in */
                
    unset($_SESSION['username']);
                unset(
    $_SESSION['userid']);
                return 
    false;
             }

             
    /* User is logged in, set class variables */
             
    $this->userinfo  $database->getUserInfo($_SESSION['username']);
             
    $this->username  $this->userinfo['username'];
             
    $this->userid    $this->userinfo['userid'];
             
    $this->userlevel $this->userinfo['userlevel'];
             return 
    true;
          }
          
    /* User not logged in */
          
    else{
             return 
    false;
          }
       }

       
    /**
        * login - The user has submitted his username and password
        * through the login form, this function checks the authenticity
        * of that information in the database and creates the session.
        * Effectively logging in the user if all goes well.
        */
       
    function login($subuser$subpass$subremember){
          global 
    $database$form;  //The database and form object

          /* Username error checking */
          
    $field "user";  //Use field name for username
          
    if(!$subuser || strlen($subuser trim($subuser)) == 0){
             
    $form->setError($field"* Username not entered");
          }
          else{
             
    /* Check if username is not alphanumeric */
             
    if(!eregi("^([0-9a-z])*$"$subuser)){
                
    $form->setError($field"* Username not alphanumeric");
             }
          }

          
    /* Password error checking */
          
    $field "pass";  //Use field name for password
          
    if(!$subpass){
             
    $form->setError($field"* Password not entered");
          }
          
          
    /* Return if form errors exist */
          
    if($form->num_errors 0){
             return 
    false;
          }

          
    /* Checks that username is in database and password is correct */
          
    $subuser stripslashes($subuser);
          
    $result $database->confirmUserPass($subusermd5($subpass));

          
    /* Check error codes */
          
    if($result == 1){
             
    $field "user";
             
    $form->setError($field"* Username not found");
          }
          else if(
    $result == 2){
             
    $field "pass";
             
    $form->setError($field"* Invalid password");
          }
          
          
    /* Return if form errors exist */
          
    if($form->num_errors 0){
             return 
    false;
          }

          
    /* Username and password correct, register session variables */
          
    $this->userinfo  $database->getUserInfo($subuser);
          
    $this->username  $_SESSION['username'] = $this->userinfo['username'];
          
    $this->userid    $_SESSION['userid']   = $this->generateRandID();
          
    $this->userlevel $this->userinfo['userlevel'];
          
          
    /* Insert userid into database and update active users table */
          
    $database->updateUserField($this->username"userid"$this->userid);
          
    $database->addActiveUser($this->username$this->time);
          
    $database->removeActiveGuest($_SERVER['REMOTE_ADDR']);

          
    /**
           * This is the cool part: the user has requested that we remember that
           * he's logged in, so we set two cookies. One to hold his username,
           * and one to hold his random value userid. It expires by the time
           * specified in constants.php. Now, next time he comes to our site, we will
           * log him in automatically, but only if he didn't log out before he left.
           */
          
    if($subremember){
             
    setcookie("cookname"$this->usernametime()+COOKIE_EXPIRECOOKIE_PATH);
             
    setcookie("cookid",   $this->userid,   time()+COOKIE_EXPIRECOOKIE_PATH);
          }

          
    /* Login completed successfully */
          
    return true;
       }

       
    /**
        * logout - Gets called when the user wants to be logged out of the
        * website. It deletes any cookies that were stored on the users
        * computer as a result of him wanting to be remembered, and also
        * unsets session variables and demotes his user level to guest.
        */
       
    function logout(){
          global 
    $database;  //The database connection
          /**
           * Delete cookies - the time must be in the past,
           * so just negate what you added when creating the
           * cookie.
           */
          
    if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
             
    setcookie("cookname"""time()-COOKIE_EXPIRECOOKIE_PATH);
             
    setcookie("cookid",   ""time()-COOKIE_EXPIRECOOKIE_PATH);
          }

          
    /* Unset PHP session variables */
          
    unset($_SESSION['username']);
          unset(
    $_SESSION['userid']);

          
    /* Reflect fact that user has logged out */
          
    $this->logged_in false;
          
          
    /**
           * Remove from active users table and add to
           * active guests tables.
           */
          
    $database->removeActiveUser($this->username);
          
    $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
          
          
    /* Set user level to guest */
          
    $this->username  GUEST_NAME;
          
    $this->userlevel GUEST_LEVEL;
       }

       
    /**
        * register - Gets called when the user has just submitted the
        * registration form. Determines if there were any errors with
        * the entry fields, if so, it records the errors and returns
        * 1. If no errors were found, it registers the new user and
        * returns 0. Returns 2 if registration failed.
        */
        
    function register($subuser$subpass$subpass2$subemail$subtown$subgender$subyob)
           {
          global 
    $database$form$mailer;  //The database, form and mailer object
               
          /* Username error checking */
          
    $field "user";  //Use field name for username
          
    if(!$subuser || strlen($subuser trim($subuser)) == 0){
             
    $form->setError($field"* Username not entered");
          }
          else{
             
    /* Spruce up username, check length */
             
    $subuser stripslashes($subuser);
             if(
    strlen($subuser) < 5){
                
    $form->setError($field"* Username below 5 characters");
             }
             else if(
    strlen($subuser) > 30){
                
    $form->setError($field"* Username above 30 characters");
             }
             
    /* Check if username is not alphanumeric */
             
    else if(!eregi("^([0-9a-z])+$"$subuser)){
                
    $form->setError($field"* Username not alphanumeric");
             }
             
    /* Check if username is reserved */
             
    else if(strcasecmp($subuserGUEST_NAME) == 0){
                
    $form->setError($field"* Username reserved word");
             }
             
    /* Check if username is already in use */
             
    else if($database->usernameTaken($subuser)){
                
    $form->setError($field"* Username already in use");
             }
             
    /* Check if username is banned */
             
    else if($database->usernameBanned($subuser)){
                
    $form->setError($field"* Username banned");
             }
          }

          
    /* Password error checking */
          
    $field "pass";  //Use field name for password
          
    if(!$subpass){
             
    $form->setError($field"* Password not entered");
          }
          else{
             
    /* Spruce up password and check length*/
             
    $subpass stripslashes($subpass);
             if(
    strlen($subpass) < 4){
                
    $form->setError($field"* Password too short");
             }
             
    /* Check if password is not alphanumeric */
             
    else if(!eregi("^([0-9a-z])+$", ($subpass trim($subpass)))){
                
    $form->setError($field"* Password not alphanumeric");
             }
             
    /**
              * Note: I trimmed the password only after I checked the length
              * because if you fill the password field up with spaces
              * it looks like a lot more characters than 4, so it looks
              * kind of stupid to report "password too short".
              */
          
    }
          
          
    /* Password Confirm error checking */
          
    $field "pass2";  //Use field name for password
          
    if(!$subpass2 || $subpass2 <> $subpass){
             
    $form->setError($field"* Passwords Do Not Match");
          }
          
          
    /* Email error checking */
          
    $field "email";  //Use field name for email
          
    if(!$subemail || strlen($subemail trim($subemail)) == 0){
             
    $form->setError($field"* Email not entered");
          }
          else{
             
    /* Check if valid email address */
             
    $regex "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                     
    ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                     
    ."\.([a-z]{2,}){1}$";
             if(!
    eregi($regex,$subemail)){
                
    $form->setError($field"* Email invalid");
             }
             
    $subemail stripslashes($subemail);
          }
          
          
    /* Town error checking */
          
    $field "town";  //Use field name for town
          
    if(!$database->findTown($subtown))
          {
              
    $form->setError($field"* Town Not Found Please Choose Nearest Town From List");
            }

          
    /* Gender error checking */
          
    $field "gender";  //Use field name for username
          
    if(!$subgender || strlen($subgender trim($subgender)) == 0){
             
    $form->setError($field"* Please Enter Your Gender");
          }

           
    /* YOB error checking */
          
    $field "yob";  //Use field name for username
          
    if(!$subyob || strlen($subyob trim($subyob)) == 0){
             
    $form->setError($field"* Year of birth not entered");
          }
          else{
             
    /* Spruce up username, check length */
             
    $subyob stripslashes($subyob);
             if(
    strlen($subyob) <> 4){
                
    $form->setError($field"* Must Be 4 Numbers Long");
             }
             
    /* Check if username is not alphanumeric */
             
    else if(!eregi("^([0-9])+$"$subyob)){
                
    $form->setError($field"* Username not alphanumeric");
             }
          }

        
          

          
    /* Errors exist, have user correct them */
          
    if($form->num_errors 0){
             return 
    1;  //Errors with form
          
    }
          
          
    /* No errors, add the new account to the */
          
          ######################################################
          #ADD CHECK TO SEE IF STEP EQUALS 4 IF SO THEN ADD DATA
          ######################################################
          
          
    else{
             if(
    $database->addNewUser($subname$subsur$subusermd5($subpass), $subemail)){
                if(
    EMAIL_WELCOME){
                   
    $mailer->sendWelcome($subuser,$subemail,$subpass);
                }
                return 
    0;  //New user added succesfully
             
    }else{
                return 
    2;  //Registration attempt failed
             
    }
          }
       }
       
       
    /**
        * editAccount - Attempts to edit the user's account information
        * including the password, which it first makes sure is correct
        * if entered, if so and the new password is in the right
        * format, the change is made. All other fields are changed
        * automatically.
        */
       
    function editAccount($subcurpass$subnewpass$subemail){
          global 
    $database$form;  //The database and form object
          /* New password entered */
          
    if($subnewpass){
             
    /* Current Password error checking */
             
    $field "curpass";  //Use field name for current password
             
    if(!$subcurpass){
                
    $form->setError($field"* Current Password not entered");
             }
             else{
                
    /* Check if password too short or is not alphanumeric */
                
    $subcurpass stripslashes($subcurpass);
                if(
    strlen($subcurpass) < ||
                   !
    eregi("^([0-9a-z])+$", ($subcurpass trim($subcurpass)))){
                   
    $form->setError($field"* Current Password incorrect");
                }
                
    /* Password entered is incorrect */
                
    if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
                   
    $form->setError($field"* Current Password incorrect");
                }
             }
             
             
    /* New Password error checking */
             
    $field "newpass";  //Use field name for new password
             /* Spruce up password and check length*/
             
    $subpass stripslashes($subnewpass);
             if(
    strlen($subnewpass) < 4){
                
    $form->setError($field"* New Password too short");
             }
             
    /* Check if password is not alphanumeric */
             
    else if(!eregi("^([0-9a-z])+$", ($subnewpass trim($subnewpass)))){
                
    $form->setError($field"* New Password not alphanumeric");
             }
          }
          
    /* Change password attempted */
          
    else if($subcurpass){
             
    /* New Password error reporting */
             
    $field "newpass";  //Use field name for new password
             
    $form->setError($field"* New Password not entered");
          }
          
          
    /* Email error checking */
          
    $field "email";  //Use field name for email
          
    if($subemail && strlen($subemail trim($subemail)) > 0){
             
    /* Check if valid email address */
             
    $regex "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                     
    ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                     
    ."\.([a-z]{2,}){1}$";
             if(!
    eregi($regex,$subemail)){
                
    $form->setError($field"* Email invalid");
             }
             
    $subemail stripslashes($subemail);
          }
          
          
    /* Errors exist, have user correct them */
          
    if($form->num_errors 0){
             return 
    false;  //Errors with form
          
    }
          
          
    /* Update password since there were no errors */
          
    if($subcurpass && $subnewpass){
             
    $database->updateUserField($this->username,"password",md5($subnewpass));
          }
          
          
    /* Change Email */
          
    if($subemail){
             
    $database->updateUserField($this->username,"email",$subemail);
          }
          
          
    /* Success! */
          
    return true;
       }
       
       
    /**
        * isAdmin - Returns true if currently logged in user is
        * an administrator, false otherwise.
        */
       
    function isAdmin(){
          return (
    $this->userlevel == ADMIN_LEVEL ||
                  
    $this->username  == ADMIN_NAME);
       }
       
       
    /**
        * generateRandID - Generates a string made up of randomized
        * letters (lower and upper case) and digits and returns
        * the md5 hash of it to be used as a userid.
        */
       
    function generateRandID(){
          return 
    md5($this->generateRandStr(16));
       }
       
       
    /**
        * generateRandStr - Generates a string made up of randomized
        * letters (lower and upper case) and digits, the length
        * is a specified parameter.
        */
       
    function generateRandStr($length){
          
    $randstr "";
          for(
    $i=0$i<$length$i++){
             
    $randnum mt_rand(0,61);
             if(
    $randnum 10){
                
    $randstr .= chr($randnum+48);
             }else if(
    $randnum 36){
                
    $randstr .= chr($randnum+55);
             }else{
                
    $randstr .= chr($randnum+61);
             }
          }
          return 
    $randstr;
       }
    };


    /**
     * Initialize session object - This must be initialized before
     * the form object because the form uses session variables,
     * which cannot be accessed unless the session has started.
     */
    $session = new Session;

    /* Initialize form object */
    $form = new Form;

    ?>
    this has the database.php file included

  • #13
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    database.php
    PHP Code:
    <?php
    /**
     * Database.php
     * 
     * The Database class is meant to simplify the task of accessing
     * information from the website's database.
     *
     * Please subscribe to our feeds at http://blog.geotitles.com for more such tutorials
     */
    include("constants.php");
          
    class 
    MySQLDB
    {
       var 
    $connection;         //The MySQL database connection
       
    var $num_active_users;   //Number of active users viewing site
       
    var $num_active_guests;  //Number of active guests viewing site
       
    var $num_members;        //Number of signed-up users
       
    var $num_towns;
       
    /* Note: call getNumMembers() to access $num_members! */

       /* Class constructor */
       
    function MySQLDB(){
          
    /* Make connection to database */
          
    $this->connection mysql_connect(DB_SERVERDB_USERDB_PASS) or die(mysql_error());
          
    mysql_select_db(DB_NAME$this->connection) or die(mysql_error());
          
          
    /**
           * Only query database to find out number of members
           * when getNumMembers() is called for the first time,
           * until then, default value set.
           */
          
    $this->num_members = -1;
          
          if(
    TRACK_VISITORS){
             
    /* Calculate number of users at site */
             
    $this->calcNumActiveUsers();
          
             
    /* Calculate number of guests at site */
             
    $this->calcNumActiveGuests();
          }
       }

       
    /**
        * confirmUserPass - Checks whether or not the given
        * username is in the database, if so it checks if the
        * given password is the same password in the database
        * for that user. If the user doesn't exist or if the
        * passwords don't match up, it returns an error code
        * (1 or 2). On success it returns 0.
        */
       
    function confirmUserPass($username$password){
          
    /* Add slashes if necessary (for query) */
          
    if(!get_magic_quotes_gpc()) {
              
    $username addslashes($username);
          }

          
    /* Verify that user is in database */
          
    $q "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";
          
    $result mysql_query($q$this->connection);
          if(!
    $result || (mysql_numrows($result) < 1)){
             return 
    1//Indicates username failure
          
    }

          
    /* Retrieve password from result, strip slashes */
          
    $dbarray mysql_fetch_array($result);
          
    $dbarray['password'] = stripslashes($dbarray['password']);
          
    $password stripslashes($password);

          
    /* Validate that password is correct */
          
    if($password == $dbarray['password']){
             return 
    0//Success! Username and password confirmed
          
    }
          else{
             return 
    2//Indicates password failure
          
    }
       }
       
       
    /**
        * confirmUserID - Checks whether or not the given
        * username is in the database, if so it checks if the
        * given userid is the same userid in the database
        * for that user. If the user doesn't exist or if the
        * userids don't match up, it returns an error code
        * (1 or 2). On success it returns 0.
        */
       
    function confirmUserID($username$userid){
          
    /* Add slashes if necessary (for query) */
          
    if(!get_magic_quotes_gpc()) {
              
    $username addslashes($username);
          }

          
    /* Verify that user is in database */
          
    $q "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'";
          
    $result mysql_query($q$this->connection);
          if(!
    $result || (mysql_numrows($result) < 1)){
             return 
    1//Indicates username failure
          
    }

          
    /* Retrieve userid from result, strip slashes */
          
    $dbarray mysql_fetch_array($result);
          
    $dbarray['userid'] = stripslashes($dbarray['userid']);
          
    $userid stripslashes($userid);

          
    /* Validate that userid is correct */
          
    if($userid == $dbarray['userid']){
             return 
    0//Success! Username and userid confirmed
          
    }
          else{
             return 
    2//Indicates userid invalid
          
    }
       }
       
       
    /**
        * usernameTaken - Returns true if the username has
        * been taken by another user, false otherwise.
        */
       
    function usernameTaken($username){
          if(!
    get_magic_quotes_gpc()){
             
    $username addslashes($username);
          }
          
    $q "SELECT username FROM ".TBL_USERS." WHERE username = '$username'";
          
    $result mysql_query($q$this->connection);
          return (
    mysql_numrows($result) > 0);
       }
       
       
    /**
        * usernameBanned - Returns true if the username has
        * been banned by the administrator.
        */
       
    function usernameBanned($username){
          if(!
    get_magic_quotes_gpc()){
             
    $username addslashes($username);
          }
          
    $q "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'";
          
    $result mysql_query($q$this->connection);
          return (
    mysql_numrows($result) > 0);
       }
       
       
    /**
        * addNewUser - Inserts the given (username, password, email)
        * info into the database. Appropriate user level is set.
        * Returns true on success, false otherwise.
        */
       
    function addNewUser($name$surname$username$password$email){
          
    $time time();
          
    /* If admin sign up, give admin user level */
          
    if(strcasecmp($usernameADMIN_NAME) == 0){
             
    $ulevel ADMIN_LEVEL;
          }else{
             
    $ulevel USER_LEVEL;
          }
          
    $q "INSERT INTO ".TBL_USERS." VALUES ('$name', '$surname', '$username', '$password', '0', $ulevel, '$email', $time)";
          return 
    mysql_query($q$this->connection);
       }
       
       
    /**
        * updateUserField - Updates a field, specified by the field
        * parameter, in the user's row of the database.
        */
       
    function updateUserField($username$field$value){
          
    $q "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'";
          return 
    mysql_query($q$this->connection);
       }
       
       
    /**
        * getUserInfo - Returns the result array from a mysql
        * query asking for all information stored regarding
        * the given username. If query fails, NULL is returned.
        */
       
    function getUserInfo($username){
          
    $q "SELECT * FROM ".TBL_USERS." WHERE username = '$username'";
          
    $result mysql_query($q$this->connection);
          
    /* Error occurred, return given name by default */
          
    if(!$result || (mysql_numrows($result) < 1)){
             return 
    NULL;
          }
          
    /* Return result array */
          
    $dbarray mysql_fetch_array($result);
          return 
    $dbarray;
       }
       
       
    /**
        * getNumMembers - Returns the number of signed-up users
        * of the website, banned members not included. The first
        * time the function is called on page load, the database
        * is queried, on subsequent calls, the stored result
        * is returned. This is to improve efficiency, effectively
        * not querying the database when no call is made.
        */
       
    function getNumMembers(){
          if(
    $this->num_members 0){
             
    $q "SELECT * FROM ".TBL_USERS;
             
    $result mysql_query($q$this->connection);
             
    $this->num_members mysql_numrows($result);
          }
          return 
    $this->num_members;
       }
       
       
    /**
        * calcNumActiveUsers - Finds out how many active users
        * are viewing site and sets class variable accordingly.
        */
       
    function calcNumActiveUsers(){
          
    /* Calculate number of users at site */
          
    $q "SELECT * FROM ".TBL_ACTIVE_USERS;
          
    $result mysql_query($q$this->connection);
          
    $this->num_active_users mysql_numrows($result);
       }
       
       
    /**
        * calcNumActiveGuests - Finds out how many active guests
        * are viewing site and sets class variable accordingly.
        */
       
    function calcNumActiveGuests(){
          
    /* Calculate number of guests at site */
          
    $q "SELECT * FROM ".TBL_ACTIVE_GUESTS;
          
    $result mysql_query($q$this->connection);
          
    $this->num_active_guests mysql_numrows($result);
       }
       
       
    /**
        * addActiveUser - Updates username's last active timestamp
        * in the database, and also adds him to the table of
        * active users, or updates timestamp if already there.
        */
       
    function addActiveUser($username$time){
          
    $q "UPDATE ".TBL_USERS." SET timestamp = '$time' WHERE username = '$username'";
          
    mysql_query($q$this->connection);
          
          if(!
    TRACK_VISITORS) return;
          
    $q "REPLACE INTO ".TBL_ACTIVE_USERS." VALUES ('$username', '$time')";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveUsers();
       }
       
       
    /* addActiveGuest - Adds guest to active guests table */
       
    function addActiveGuest($ip$time){
          if(!
    TRACK_VISITORS) return;
          
    $q "REPLACE INTO ".TBL_ACTIVE_GUESTS." VALUES ('$ip', '$time')";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveGuests();
       }
       
       
    /* These functions are self explanatory, no need for comments */
       
       /* removeActiveUser */
       
    function removeActiveUser($username){
          if(!
    TRACK_VISITORS) return;
          
    $q "DELETE FROM ".TBL_ACTIVE_USERS." WHERE username = '$username'";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveUsers();
       }
       
       
    /* removeActiveGuest */
       
    function removeActiveGuest($ip){
          if(!
    TRACK_VISITORS) return;
          
    $q "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE ip = '$ip'";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveGuests();
       }
       
       
    /* removeInactiveUsers */
       
    function removeInactiveUsers(){
          if(!
    TRACK_VISITORS) return;
          
    $timeout time()-USER_TIMEOUT*60;
          
    $q "DELETE FROM ".TBL_ACTIVE_USERS." WHERE timestamp < $timeout";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveUsers();
       }

       
    /* removeInactiveGuests */
       
    function removeInactiveGuests(){
          if(!
    TRACK_VISITORS) return;
          
    $timeout time()-GUEST_TIMEOUT*60;
          
    $q "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE timestamp < $timeout";
          
    mysql_query($q$this->connection);
          
    $this->calcNumActiveGuests();
       }
       
       
    /**
        * query - Performs the given query on the database and
        * returns the result, which may be false, true or a
        * resource identifier.
        */
       
    function query($query){
          return 
    mysql_query($query$this->connection);
       }
       
        function 
    findTown($subtown)
        {
            
    $q "SELECT * FROM ".TBL_TOWN_LIST." WHERE placeName = '$subtown'";
            
    $result mysql_query($q$this->connection);
            
    $this->num_towns mysql_numrows($result);
            return 
    $this->num_towns;
        } 
             
        
    };

    /* Create database connection */
    $database = new MySQLDB;

    ?>
    but i cant for the life of me figure out how to query the database
    if someone could show me an example of how i could pull out all the records from a db table i'd really apprecaite it!
    Last edited by LJackson; 06-18-2012 at 08:34 PM.

  • #14
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    This is way to much code to be going through.
    The first thing you have to do is enable your error reporting:
    PHP Code:
    ini_set('display_errors'1);
    error_reporting(E_ALL); 
    You will have at least one fatal error:
    PHP Code:
    $q "SELECT * FROM ".TBL_TOWN_LIST;
    $result mysql_query($q$this->connection);
    while(
    $row=mysql_fetch_array($result))
    {
        return 
    $row['placeName'];

    $this is not valid outside of an object scope, and cannot be assigned to in main.

    Also, you'll need to re-evalute the OO code here. This is written in PHP 4.x OO engine. Although 5.x doesn't need assignment by reference anymore, just getting the code up to 5.x standard would allow visibility scoping which is the most important part of the class core.

  • #15
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    yeah sorry for the amout of code just wanted to provide all the necessary code in my project. the code is from a tutorial i found off the internet hence why it is like double dutch to me so there for evaluating the code and getting it up to 5.x standard will be very difficult for me at this time

    any way i have added the error reporting code and its not showing any errors but my script is dieing on the database code
    PHP Code:
    $q "SELECT * FROM ".TBL_TOWN_LIST;
    $result mysql_query($q$this->connection);
    while(
    $row=mysql_fetch_array($result))
    {
        return 
    $row['placeName'];

    noting is showing after it.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •