Jump to content
Forums are read-only ×
Larry Ullman's Book Forums

Jacques

Members
 View Profile  See their activity

  • Posts

    75

  • Joined

  • Last visited

 Content Type 

Everything posted by Jacques

  1. Jacques
    Hi Larry, I used your view_pdf.php script from Chapter 5 as template for a view_video.php script (below) to view uploaded MP4 videos instead of PDF files (I only changed the PDF variable to MP4 per your script). The script executes perfectly fine except it inserts a duplicate record into the MariaDB "history" table with exactly the same timestamps every time a video is viewed. I only added a "video" ENUM value to the "type" column so to have the following types: page, pdf, video. Any suggestions as I could not find any solution on the web. Thank you. <?php // This pages retrieves and shows a video. // Require the configuration before any PHP code as the configuration controls error reporting: require('./includes/config.inc.php'); // The config file also starts the session. // Require the database connection: require(MYSQL); // Assume invalid info: $valid = false; // Validate the video ID: if (isset($_GET['id']) && (strlen($_GET['id']) === 63) && (substr($_GET['id'], 0, 1) !== '.') ) { // Identify the file: $file = VIDEOS_DIR . $_GET['id']; // Check that the video exists and is a file: if (file_exists ($file) && (is_file($file)) ) { // Get the info: $q = 'SELECT id, title, description, file_name FROM videos WHERE tmp_name="' . escape_data($_GET['id'], $dbc) . '"'; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) === 1) { // OK! // Fetch the info: $row = mysqli_fetch_array($r, MYSQLI_ASSOC); // Indicate that the file reference is fine: $valid = true; // Only display the video to a user whose account is active: if (isset($_SESSION['user_not_expired'])) { // Bonus material! Referenced in Chapter 5. // Record this visit to the history table: $q = "INSERT INTO history (user_id, type, item_id) VALUES ({$_SESSION['user_id']}, 'video', {$row['id']})"; $r = mysqli_query($dbc, $q); // Send the content information: header('Content-type:video/mp4'); header('Content-Disposition:inline;filename="' . $row['file_name'] . '"'); $fs = filesize($file); header("Content-Length:$fs\n"); // Send the file: readfile ($file); exit(); } else { // Inactive account! // Display an HTML page instead: $page_title = $row['title']; include('./templates/header.html'); echo "<h1>$page_title</h1>"; // Change the message based upon the user's status: if (isset($_SESSION['user_id'])) { echo '<div class="alert"><h4>Expired Account</h4>Thank you for your interest in this content, but your account is no longer current. Please <a href="renew.php">renew your account</a> in order to access this file.</div>'; } else { // Not logged in. echo '<div class="alert">Thank you for your interest in this content. You must be logged in as a registered user to access this file.</div>'; } // Complete the page: echo '<div>' . htmlspecialchars($row['description']) . '</div>'; include('./templates/footer.html'); } // End of user IF-ELSE. } // End of mysqli_num_rows() IF. } // End of file_exists() IF. } // End of $_GET['id'] IF. // If something didn't work... if (!$valid) { $page_title = 'Error!'; include('./templates/header.html'); echo '<div class="alert alert-danger">This page has been accessed in error.</div>'; include('./templates/footer.html'); } ?>
  2. Jacques
    Hi Larry, I used your add_pdf.php script from Chapter 5 as template for an add_video.php script (below) to upload MP4 videos instead of PDF files (I only changed the PDF variable to MP4 per your script). The script executes perfectly fine and the validation works on all files except .MOV files. When I test with a .MOV upload, the script prints the following errors: An error occurred in script 'C:\xampp\htdocs\site\html\add_video.php' on line 39: Undefined index: mp4 An error occurred in script 'C:\xampp\htdocs\site\html\add_video.php' on line 39: Trying to access array offset on value of type null An error occurred in script 'C:\xampp\htdocs\site\html\add_video.php' on line 91: Undefined index: mp4 An error occurred in script 'C:\xampp\htdocs\site\html\add_video.php' on line 92: Trying to access array offset on value of type null I have search for a solution but could not find anything on Stack Overflow or any other source. Any suggestions would be appreciated. Thank you. <?php // This page is used by an administrator to add a video to the site. // Require the configuration before any PHP code as the configuration controls error reporting: require('./includes/config.inc.php'); // If the user isn't logged in as an administrator, redirect them: redirect_invalid_user('user_admin'); // Require the database connection: require(MYSQL); // Include the header file: $page_title = 'Add a Video'; include('./templates/header.html'); // For storing errors: $add_video_errors = array(); // Check for a form submission: if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Check for a title: if (!empty($_POST['title'])) { $t = escape_data(strip_tags($_POST['title']), $dbc); } else { $add_video_errors['title'] = 'Please enter the title!'; } // Check for a description: if (!empty($_POST['description'])) { $d = escape_data(strip_tags($_POST['description']), $dbc); } else { $add_video_errors['description'] = 'Please enter the description!'; } // Check for a mp4: if (is_uploaded_file($_FILES['mp4']['tmp_name']) && ($_FILES['mp4']['error'] === UPLOAD_ERR_OK)) { // Get a reference: $file = $_FILES['mp4']; // Find the size: $size = ROUND($file['size']/1024); // Validate the file size (5MB max): if ($size > 3072) { $add_video_errors['mp4'] = 'The uploaded file was too large.'; } // Validate the file type: // Create the resource: $fileinfo = finfo_open(FILEINFO_MIME_TYPE); // Check the file: if (finfo_file($fileinfo, $file['tmp_name']) !== 'video/mp4') { $add_video_errors['mp4'] = 'The uploaded file was not an mp4.'; } // Close the resource: finfo_close($fileinfo); // Move the file over, if no problems: if (!array_key_exists('mp4', $add_video_errors)) { // Create a tmp_name for the file: $tmp_name = sha1($file['name']) . uniqid('',true); // Move the file to its proper folder but add _tmp, just in case: $dest = VIDEOS_DIR . $tmp_name . '_tmp'; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['mp4']['tmp_name'] = $tmp_name; $_SESSION['mp4']['size'] = $size; $_SESSION['mp4']['file_name'] = $file['name']; // Print a message: echo '<div class="alert alert-success"><h3>The file has been uploaded!</h3></div>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['mp4'])) { // No current or previous uploaded file. switch ($_FILES['mp4']['error']) { case 1: case 2: $add_video_errors['mp4'] = 'The uploaded file was too large.'; break; case 3: $add_video_errors['mp4'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_video_errors['mp4'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_video_errors['mp4'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. if (empty($add_video_errors)) { // If everything's OK. // Add the video to the database: $fn = escape_data($_SESSION['mp4']['file_name'], $dbc); $tmp_name = escape_data($_SESSION['mp4']['tmp_name'], $dbc); $size = (int) $_SESSION['mp4']['size']; $q = "INSERT INTO videos (title, description, tmp_name, file_name, size) VALUES ('$t', '$d', '$tmp_name', '$fn', $size)"; $r = mysqli_query($dbc, $q); if (mysqli_affected_rows($dbc) === 1) { // If it ran OK. // Rename the temporary file: $original = VIDEOS_DIR . $tmp_name . '_tmp'; $dest = VIDEOS_DIR . $tmp_name; rename($original, $dest); // Print a message: echo '<div class="alert alert-success"><h3>The MP4 has been added!</h3></div>'; // Clear $_POST: $_POST = array(); // Clear $_FILES: $_FILES = array(); // Clear $file and $_SESSION['mp4']: unset($file, $_SESSION['mp4']); } else { // If it did not run OK. trigger_error('The MP4 could not be added due to a system error. We apologize for any inconvenience.'); unlink ($dest); } } // End of $errors IF. } else { // Clear out the session on a GET request: unset($_SESSION['mp4']); } // End of the submission IF. // Need the form functions script, which defines create_form_input(): require('includes/form_functions.inc.php'); ?><h1>Add a Video</h1> <form enctype="multipart/form-data" action="add_video.php" method="post" accept-charset="utf-8"> <input type="hidden" name="MAX_FILE_SIZE" value="5242880"> <fieldset><legend>Fill out the form to add a video to the site:</legend> <?php create_form_input('title', 'text', 'Title', $add_video_errors); create_form_input('description', 'textarea', 'Description', $add_video_errors); // Add the file input: echo '<div class="form-group'; // Add classes, if applicable: if (array_key_exists('mp4', $add_video_errors)) { echo ' has-error'; } else if (isset($_SESSION['mp4'])) { echo ' has-success'; } echo '"><label for="mp4" class="control-label">Add MP4 file</label><input type="file" name="mp4" id="mp4">'; // Check for an error: if (array_key_exists('mp4', $add_video_errors)) { echo '<span class="help-block">' . $add_video_errors['mp4'] . '</span>'; } else { // No error. // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['mp4'])) { echo '<p class="lead">Currently: "' . $_SESSION['mp4']['file_name'] . '"</p>'; } } // end of errors IF-ELSE. echo '<span class="help-block">MP4 only, 3MB Limit</span> </div>'; ?> <input type="submit" name="submit_button" value="Add This Video" id="submit_button" class="btn btn-default" /> </fieldset> </form> <?php // Include the HTML footer: include('./templates/footer.html'); ?>
  3. Jacques
    Hi Larry, I updated the code to the snippet below but it still gives me an "Undefined offset" error for values 2 onward. I had a look inside a number of your books that I have but can't find my mistake. Any further comment to guide me will be appreciated. Thank you and regards. ... <div class="mega-dropdown-menu row row-no-padding">'; // Retrieve all the languages and add to the pull-down menu: $q = "SELECT id, lang FROM languages WHERE status='Active' ORDER BY lang ASC"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) > 0) { while ($menu_row = mysqli_fetch_array($r, MYSQLI_NUM)) { echo '<div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[0] . '">' . $menu_row[1] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[2] . '">' . $menu_row[3] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[4] . '">' . $menu_row[5] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[6] . '">' . $menu_row[7] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[8] . '">' . $menu_row[9] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[10] . '">' . $menu_row[11] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[12] . '">' . $menu_row[13] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[14] . '">' . $menu_row[15] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[16] . '">' . $menu_row[17] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[18] . '">' . $menu_row[19] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[20] . '">' . $menu_row[21] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[22] . '">' . $menu_row[23] . '</a> </li> </ul> </div>'; } } mysqli_free_result($r); echo '</div> </div> ...
  4. Jacques
    Thank you for your response Larry. I changed the code to the snippet below but it gives me an "Undefined offset" error for values 2 onward. I tried to find a solution in the book as well as online without any success. Regards. ... <div class="dropdown-menu"> <div class="mega-dropdown-menu row row-no-padding">'; // Retrieve all the languages and add to the pull-down menu: $q = "SELECT id, lang FROM languages WHERE status='Active' ORDER BY lang ASC"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) > 0) { $menu_row = mysqli_fetch_array($r, MYSQLI_NUM); echo '<div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[0] . '">' . $menu_row[1] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[2] . '">' . $menu_row[3] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[4] . '">' . $menu_row[5] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[6] . '">' . $menu_row[7] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[8] . '">' . $menu_row[9] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[10] . '">' . $menu_row[11] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[12] . '">' . $menu_row[13] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[14] . '">' . $menu_row[15] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[16] . '">' . $menu_row[17] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[18] . '">' . $menu_row[19] . '</a> </li> </ul> </div> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[20] . '">' . $menu_row[21] . '</a> </li> <li><a class="dropdown-item" href="?lid=' . $menu_row[22] . '">' . $menu_row[23] . '</a> </li> </ul> </div>'; } mysqli_free_result($r); echo '</div> </div>'; ...
  5. Jacques
    Yes, the last code snippet above displays the language results alphabetically and horizontally across the 6 columns in the drop down menu as follow: Deutsch English (UK) English (US) Español Français Italiano Nederlands Português Pусский Ελληνικά 中文 日本の But I want the language results to display alphabetically and vertically across the 6 columns as follow: Deutsch English (US) Français Nederlands Pусский 中文 English (UK) Español Italiano Português Ελληνικά 日本の The result should also provide for additional languages to be added to the database at a later stage. Thank you and regards.
  6. Jacques
    The code I included above has been updated to the code below so that the languages now populate the mega drop-down menu perfectly - alphabetically and horizontally - across six columns. However, I want the languages to populate the menu alphabetically but vertically across the six columns. Is it possible to manipulate the MySQL result accordingly? I couldn't find a working example anywhere. <!-- Navbar links --> <?php // Select a language: echo '<li class="nav-item nav-item-icon hidden-md-down dropdown megamenu"> <a class="nav-link dropdown-toggle" href="#" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">' . $words['lang'] . ' <span><i class="fa fa-globe"></i></span></a> <div class="dropdown-menu"> <div class="mega-dropdown-menu row row-no-padding">'; // Retrieve all the languages and add to the pull-down menu: $q = "SELECT id, lang FROM languages WHERE status='Active' ORDER BY lang ASC"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) > 0) { while ($menu_row = mysqli_fetch_array($r, MYSQLI_NUM)) { echo '<div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li><a class="dropdown-item" href="?lid=' . $menu_row[0] . '">' . $menu_row[1] . '</a> </li> </ul> </div>'; } } mysqli_free_result($r); echo '</div> </div> </li>';
  7. Jacques
    Hi Larry, It took me a while but I finally got it!:) I moved the code defining the $words variable from the header.html script to the mysql.inc.php script and the $page_title variable now updates perfectly! Thank you so much for your time and patience and for getting me to finally understand the logic! Regards.
  8. Jacques
    Hi Larry, The code below defining the $words variable has been included in my header.html script above the <!DOCTYPE html> declaration (as per Chapter 17 - Forum). The language functionality works perfectly fine across my web app except for in the page title where it gives the "Undefined index" error. Regards. // Look for a language id: // Then store the language ID in the session: if (isset($_GET['lid']) && filter_var($_GET['lid'], FILTER_VALIDATE_INT, array('min_range' => 1)) ) { $_SESSION['lid'] = $_GET['lid']; } elseif (!isset($_SESSION['lid'])) { $_SESSION['lid'] = 1; // Default. } // Get the words for selected language: $q = "SELECT * FROM words WHERE lang_id = {$_SESSION['lid']}"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 0) { // Invalid language ID. // Use the default language: $_SESSION['lid'] = 1; // Default. $q = "SELECT * FROM words WHERE lang_id = {$_SESSION['lid']}"; $r = mysqli_query($dbc, $q); } // Fetch the results into a variable: $words = mysqli_fetch_array($r, MYSQLI_ASSOC); // Free the results: mysqli_free_result($r);
  9. Jacques
    Hi Larry, I have tested the $words variable before and after including the header.html file. The error I referred to previously occurred with the $words variable being populated after including the header.html file. When populating the $words variable before including the header.html file, I get the following error: "Undefined variable: words". I include the code snipped below. Regards. <?php // Require the configuration before any PHP code as the configuration controls error reporting: require('includes/config.inc.php'); // The config file also starts the session. // Require the database connection: require(MYSQL); // Include the page title: $page_title = $words['signin']; // Include the HTML header file: include('templates/header.html'); // Array for storing sign up errors: $reg_errors = array(); // Check for a form submission: if ($_SERVER['REQUEST_METHOD'] === 'POST') { ...
  10. Jacques
    Hi Larry, Thank you for your reply and apologies for my poor explanation! I will continue to search for a solution and post it once I found one. Regards.
  11. Jacques
    Hi Larry, Sorry for the oversight, I have added the words to the database. But there still seems to be an issue as the code now displays the default page title. It doesn't seem to pick up the $words variable. Any further suggestions would be much appreciated. Thank you.
  12. Jacques
    Hi Larry, Thank you for your response. I have included the $page_title variable in all the applicable php scripts. However the code below gives an "Undefined index: signup" error. // Include the page title: $page_title = $words['signup'];
  13. Jacques
    Hi Larry, Thank you for your prompt response. The code works perfectly except that it only populates the first column instead of populating across 6 columns. Regards.
  14. Jacques
    Hi All. I want to update my page titles dynamically with the applicable title in the selected language (Chapter 17 - Forum). I have searched the web without success. My code below shows the default "Website Name". Any help will be much appreciated. Regards. header.html snippet <!-- Page title --> <title><?php // Use the default page title if one was not provided: if (isset($page_title)) { echo $page_title; } else { echo 'Website Name'; } ?></title> signup.php snippet // Include the page title: $page_title = $words['signup'];
  15. Jacques
    Hi all. I need some assistance with dynamically populating a mega drop-down menu across 6 columns (Bootstrap 4) with the languages retrieved from a database query (Forum project - Chapter 17). I have searched the internet without any success. Any help will be much appreciated. My code is included below. Regards // Select a language: echo '<li class="nav-item nav-item-icon hidden-md-down dropdown megamenu"> <a class="nav-link dropdown-toggle" href="#" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">' . $words['lang'] . ' <span><i class="fa fa-globe"></i></span></a> <div class="dropdown-menu"> <div class="mega-dropdown-menu row row-no-padding"> <div class="col-md-4 col-lg-2 ml-lg-auto"> <ul class="megadropdown-links"> <li>'; // RetrRetrieve all the languages and add to the pull-down menu: $q = "SELECT id, lang FROM languages WHERE status='Active' ORDER BY lang ASC"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) > 0) { while ($menu_row = mysqli_fetch_array($r, MYSQLI_NUM)) { echo '<a class="dropdown-item" href="?lid=' . $menu_row[0] . '">' . $menu_row[1] . '</a>'; } } mysqli_free_result($r); echo '</li> </ul> </div> </div> </div> </li>';
  16. Jacques
    Hi Larry, Thank you very much for your prompt response. I tried your suggestion without any luck, so I redid the pagination from scratch for the umpteenth time and I finally found my error! I included the active <li class> on line 485 instead of line 505. A really silly error! I include the correct code below. Kind regards. // Add pagination if necessary: if ($pages > 1) { echo '<nav aria-label="page navigation"> <ul class="pagination pagination-sm">'; $current_page = ($start/$display) + 1; // If it's not the first page, make a Previous button: if ($current_page != 1) { echo '<li class="page-item"> <a class="page-link" href="view_users.php?s=' . ($start - $display) . '&p=' . $pages . '&sort=' . $sort . '" aria-label="Previous">«</a></li>'; } // Make all the numbered pages: for ($i = 1; $i <= $pages; $i++) { if ($i != $current_page) { echo '<li class="page-item"><a class="page-link" href="view_users.php?s=' . (($display * ($i - 1))) . '&p=' . $pages . '&sort=' . $sort . '">' . $i . '</a></li>'; } else { echo '<li class="page-item active"><a class="page-link" href="#">' . $i . '</a></li>'; } } // End of FOR loop. // If it's not the last page, make a Next button: if ($current_page != $pages) { echo '<li class="page-item"><a class="page-link" href="view_users.php?s=' . ($start + $display) . '&p=' . $pages . '&sort=' . $sort . '" aria-label="Next">»</a></li>'; } echo '</ul> </nav>'; } // End of pagination section.
  17. Jacques
    Hi Larry, Thank you very much for your unequivocal answers. I have implemented your suggestions successfully! I unfortunately have the following issue with the pagination that I can't seem to resolve. I am using Bootstrap 4. The pagination displays correctly when the page is initially loaded, with page 1 being the active page, but when the sequential page numbers are clicked, they displays in sequence but outside of the Bootstrap 4 <li> tag. I include my code below. Any suggestions to correct the error will be much appreciated. Regards. // Add pagination if necessary. if ($pages > 1) { echo '<nav> <ul class="pagination pagination-sm"> <li class="page-item active"> <a class="page-link" href="#"><span class="sr-only">'; $current_page = ($start/$display) + 1; echo '</span>'; // If it's not the first page, make a Previous link: if ($current_page != 1) { echo '</a></li> <li class="page-item"> <a class="page-link" href="view_users.php?s=' . ($start - $display) . '&p=' . $pages . '&sort=' . $sort . '" tabindex="-1">«</a> </li>'; } // Make all the numbered pages: for ($i = 1; $i <= $pages; $i++) { if ($i != $current_page) { echo '<li class="page-item"><a class="page-link" href="view_users.php?s=' . (($display * ($i - 1))) . '&p=' . $pages . '&sort=' . $sort . '">' . $i . '</a> </li>'; } else { echo $i . ' '; } } // End of FOR loop. // If it's not the last page, make a Next link: if ($current_page != $pages) { echo '<li class="page-item"><a class="page-link" href="view_users.php?s=' . ($start + $display) . '&p=' . $pages . '&sort=' . $sort . '">»</a>'; } echo '</li> </ul> </nav>'; // Close pagination. } // End of links section.
  18. Jacques
    Hello all, I am busy with a complete user management script and have the following questions: Is it good practice to combine the "view users" and "search users" scripts in the same PHP file? How do I amend the "SELECT COUNT(user_id) FROM users" query for pagination purposes to accommodate the search functionality? In its current form it continues to displays ALL the pagination links after a search query. Is there a more efficient way to formulate the following search query: "SELECT u.user_id, u.username, u.type, c.country, u.email, u.status, DATE_FORMAT($date_created, '%Y-%m-%d %H:%i:%s') AS dc FROM users AS u INNER JOIN countries AS c USING (country_id) WHERE lang_id = {$_SESSION['lid']} AND u.username LIKE '%" . $terms[0] . "%' OR u.type LIKE '%" . $terms[0] . "%' OR c.country LIKE '%" . $terms[0] . "%' OR u.email LIKE '%" . $terms[0] . "%' OR u.status LIKE '%" . $terms[0] . "%' OR date_created LIKE '%" . $terms[0] . "%' ORDER BY $order_by LIMIT $start, $display" I have searched online but could not find any workable solutions. Any help will as always be much appreciated.
  19. Jacques
    // Make the links to other pages, if necessary. if ($pages > 1) { echo '<ul class="pagination" style="margin-top: -45.0px;">'; $current_page = ($start/$display) + 1; // If it's not the first page, make a Previous button: if ($current_page != 1) { echo '<li><a href="view_users.php?s=' . ($start - $display) . '&p=' . $pages . '&sort=' . $sort . '" aria-label="Previous"><span aria-hidden="true">«</span></a></li>'; } // Make all the numbered pages: for ($i = 1; $i <= $pages; $i++) { if ($i != $current_page) { echo '<li><a href="view_users.php?s=' . (($display * ($i - 1))) . '&p=' . $pages . '&sort=' . $sort . '"><span class="sr-only">' . $i . '</span></a></li>'; } else { echo $i . ' '; } } // End of FOR loop. // If it's not the last page, make a Next button: if ($current_page != $pages) { echo '<li><a href="view_users.php?s=' . ($start + $display) . '&p=' . $pages . '&sort=' . $sort . '" aria-label="Next"><span aria-hidden="true">»</span></a></li>'; } echo '</ul>'; // Close the paragraph. } // End of links section. I have added pagination (code above) as per "PHP and MySQL for Dynamic Websites (4th Edition)" to the first website (Selling Virtual Goods). The Boostrap pagination displays correct with the exception of the active page displaying outside of the Boostrap pagination. Am I missing something obvious? I did search the web but could not find a solution. Any help will be much appreciated.
  20. Jacques
    Hi Larry, I implemented your first suggestion and it worked perfectly the first time - of course! Thank you so much for your books and this forum!
  21. Jacques
    // Validate the password: if (password_verify($p, $row['pass'])) { // Correct. // Create a new session ID to be safe: if ($row['type'] === 'user_id') { session_regenerate_id(true); $_SESSION['user_type'] = $row['type']; } // Store the data in a session: $_SESSION['user_id'] = $row['id']; $_SESSION['username'] = $row['username']; // Validate the password: if (password_verify($p, $row['pass'])) { // Correct. // If the user is an administrator, create a new session ID to be safe: if ($row['type'] === 'admin') { session_regenerate_id(true); $_SESSION['user_admin'] = true; } // Store the data in a session: $_SESSION['user_id'] = $row['id']; $_SESSION['username'] = $row['username']; Hi Larry, Thank you for your response. The first block of code is the original from the login.inc.php script, and the second block after multiple types of administrators have been added. In the "users" table the "type" column has been changed to SMALLINT and a table "user_types" with columns "id" and "type" and values (1, 'member'), (50, 'author'), (100, 'editor'), (150, 'admin') created. I hope it helps.
  22. Jacques
    I have implemented "multiple types of administrators" as per Chapter 12 and have the following question. What does $SESSION['user_admin'] become in the header.html scrip to support the admin links in the dropdown menu? Any help will be much appreciated.
  23. Jacques
    <?php // This page is for editing a user record. // This page is accessed through view_users.php. // Require the configuration before any PHP code as the configuration controls error reporting: require('./includes/config.inc.php'); // Require the database connection: require(MYSQL); // Include the header file: $page_title = 'Edit User'; include('./includes/header.html'); // Check for a valid user ID, through GET or POST: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php $id = $_GET['id']; } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission. $id = $_POST['id']; } else { // No valid ID, kill the script. echo '<div class="alert alert-warning"><h3 class="text-center">This page has been accessed in error.</h3></div>'; include ('includes/footer.html'); exit(); } // For storing errors: $edit_user_errors = array(); // Check if the form has been submitted: if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Check for a first name: if (preg_match('/^[A-Z \'.-]{2,45}$/i', $_POST['first_name'])) { $fn = escape_data($_POST['first_name'], $dbc); } else { $edit_user_errors['first_name'] = 'Please enter your first name.'; } // Check for a last name: if (preg_match('/^[A-Z \'.-]{2,45}$/i', $_POST['last_name'])) { $ln = escape_data($_POST['last_name'], $dbc); } else { $edit_user_errors['last_name'] = 'Please enter your last name.'; } // Check for a country: if (filter_var($_POST['country'], FILTER_VALIDATE_INT, array('min_range' => 1))) { $c = $_POST['country']; } else { // No country selected. $edit_user_errors['country'] = 'Please select your country.'; } // Check for an email address: if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === $_POST['email']) { $e = escape_data($_POST['email'], $dbc); } else { $edit_user_errors['email'] = 'Please enter a valid email address.'; } if (empty($edit_user_errors)) { // If everything's OK. // Test for unique email address: $q = "SELECT id FROM users WHERE email='$e' AND id != $id"; $r = @mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 0) { // Make the query: $q = "UPDATE users SET last_name='$ln', first_name='$fn', country='$c', email='$e' WHERE id=$id LIMIT 1"; $r = @mysqli_query ($dbc, $q); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Print a message: echo '<div class="alert alert-success"><h3 class="text-center">The user has been edited.</h3></div>'; } else { // If it did not run OK. trigger_error('<div class="alert alert-warning"><h3>You could not be registered due to a system error. We apologize for any inconvenience. We will correct the error ASAP.</h3></div>'); } } else { // Already registered. $edit_user_errors['email'] = 'The email address has already been registered.'; } } } // End of submit conditional. // Always show the form: // Retrieve the user's information: $q = "SELECT u.last_name, u.first_name, c.country, u.email FROM users AS u INNER JOIN countries AS c USING (country_id) WHERE id=$id"; $r = @mysqli_query ($dbc, $q); if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form. // Get the user's information: $row = mysqli_fetch_array ($r, MYSQLI_NUM); require_once('./includes/form_functions.inc.php'); // Create the form: ?> <h3>Edit User</h3> <p>Use this page to edit a user.</p> <form action="edit_user.php" method="post" accept-charset="utf-8"> <?php create_form_input('last_name', 'text', '', $edit_user_errors, array('placeholder'=>'Last Name')); create_form_input('first_name', 'text', '', $edit_user_errors, array('placeholder'=>'First Name')); // Add the country drop down menu: echo '<div class="form-group'; if (array_key_exists('country', $edit_user_errors)) echo ' has-error'; echo '"><select name="country" class="form-control"> <option>Select Country</option>'; // Retrieve all the country and add to the pull-down menu: $q = "SELECT country_id, country FROM countries ORDER BY country ASC"; $r = mysqli_query($dbc, $q); while ($row = mysqli_fetch_array($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['country']) && ($_POST['country'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } echo '</select>'; if (array_key_exists('country', $edit_user_errors)) echo '<span class="help-block">' . $edit_user_errors['country'] . '</span>'; echo '</div>'; create_form_input('email', 'email', '', $edit_user_errors, array('placeholder'=>'Email Address')); ?> <input type="submit" name="submit_button" value="Update User" id="submit_button" class="btn btn-primary" /> <input type="hidden" name="id" value="' . $id . '" /> </form> <br> <?php } else { // Not a valid user ID. echo '<div class="alert alert-warning"><h3 class="text-center">This page has been accessed in error.</h3></div>'; } mysqli_close($dbc); include ('includes/footer.html'); ?> I am busy adding an admin function (to edit registered users) to the first web application - "selling virtual goods". I have the following questions: How do I get the above form to display the stored values for a selected user? I am using the original form_functions.inc.php script. How do I get the select option (Country) to recall the stored value for the user? I am using Apache 2.4.12, PHP 5.6.8 and MySQL5.0.11. Any help will be much appreciated.
  24. Jacques
    Hi Larry. Thank you for your reply. In chapter 11 (Site Administration) you exclude database queries from the the form_function and explain why. I have decided to exclude them too. I will go through PHP & MySQL for Dynamic Websites again to brush up. Kind regards, Jacques
  25. Jacques
    Thank you Larry.
×
×
  • Create New...