Hi, I am having a problem with returning some records based off the session of the user.
Here is the code:
PHP Code:
<!doctype html public "-//W3C//DTD HTML 4.0 //EN"> <html> <head> <title>Display images</title> </head> <body> <?php
// this is the name of the database $dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies mysql_select_db ("hrpjeff_time");
$sql=Select * FROM photos WHERE photoUserID = {$_SESSION['user']};
?> </body> </html>
The error I am getting is:
Parse error: syntax error, unexpected T_STRING in /home/hrpjeff/public_html/uploader/display.php on line 13
Alright, I cant seem to return anything from the select statement. Just to test, I tried to echo the $_SESSION['user'] and it didnt return anything. I also tried adding session_start(); and it gave me this error:
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/hrpjeff/public_html/uploader/display.php:7) in /home/hrpjeff/public_html/uploader/display.php on line 9
Here is the code:
PHP Code:
<!doctype html public "-//W3C//DTD HTML 4.0 //EN">
<html>
<head>
<title>Display images</title>
</head>
<body>
<?php
session_start();
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
$sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}";
session_start() has to go before any text output or session vars are used, so best put it at the top of pages.
PHP Code:
<?php
session_start();
?><!doctype html public "-//W3C//DTD HTML 4.0 //EN">
<html>
<head>
<title>Display images</title>
</head>
<body>
<?php
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
$sql="Select filename FROM photos WHERE photoUserID = {$_SESSION['user']}";
?> </body>
</html>
If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
The same applies to HTML and the forums [HTML][/HTML] tags.
$rs = mysql_query($sql);
// 2 methods here:
$row = mysql_fetch_assoc($rs);
echo $row['filename'];
// OR:
$row = mysql_fetch_row($rs);
echo $row[0]; // uses less ram and CPU time, but harder to understand for humans :P
If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
The same applies to HTML and the forums [HTML][/HTML] tags.
That worked. I was wondering if one thing I am going about correctly.....
I am using Bokeh's image upload script but he has it saving images to a directory. I want to save them to a database. I want it so the user can find all the photos they have uploaded. Right now I have the images uploading to a directory and have a database table that is saving the filename, date, and the photoUserId of the user. The filename is the reference to where the images are on the server. I was thinking that I could use the filename as the path to where the images are. I am not sure if I should just save the images to the database themselves(if I can do that) or am I on the right track? I am very new to php and mysql so I am not sure.
it is possible to save an image directly to the database, that is what the BLOB fields are for. Personaly however, I would go the easy way, and use PHP's directory functions(namely: mkdir to create a directory for each user, scandir to see what images are in the folder(so you can list them) then rmdir and unlink to delete the users images(unlink) or entire folder as needed).
If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
The same applies to HTML and the forums [HTML][/HTML] tags.
Alright, this is my add page which is used when a user registers for a account. I would imagine the directory should be created here and stored with the users table. Does that sound like the most logical scenario? Then I can use the users directory to upload the photos to. Is this how you would approach it?
PHP Code:
<?php
// This is a email validate function that tests for many things
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths are right
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
return false;
}
}
// Check if domain is IP. If not, it should be valid domain name
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
// this gets the user name from the register.php form
$dbNewUser = $_REQUEST['newuser'];
// this gets the password from the register.php form
$dbNewPassword = $_REQUEST['newpassword'];
// this gets the email from the register.php form
$dbNewEmail = $_REQUEST['newemail'];
// this checks to see if a user name and password was given
if(empty($dbNewUser) or empty($dbNewPassword)) {
header( "Location: register.php?bad=3" );
}
else {
// This strips out any html tags
$dbNewUser=strip_tags($dbNewUser);
$dbNewPassword=strip_tags($dbNewPassword);
// This calls the email validator that checks to see if the email is good or not
if (check_email_address($dbNewEmail)) {
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
// this checks to see if the user name is already taken and sends it back to the register page if it is taken
if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
header( "Location: register.php?bad=1" );
}
else {
// take a given email address and split it into the username and domain and check to make sure the domain is real
list($userName, $mailDomain) = split("@", $dbNewEmail);
if (checkdnsrr($mailDomain, "MX")) {
// This is what happens when the email is valid
// This is where it writes the user name, password and email to the database
$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )";
$result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
//header( "Location: index.php?" );
// Email address to send to which is the users email address they registered with
// The website email address
$myEmail = "info@wallstickies.com";
// The subject of the email
$subject = "Thanks for signing up with Wallstickies!";
// The message of the email
$message = "This is a auto responder.
Thanks for signing up with Wallstickies!
----------------------------------------
Your username: $dbNewUser Your password: $dbNewPassword
----------------------------------------
Please do not respond to this message and disregard if you did not sign up with wallstickies.";
// This is actually mailing the email
mail($dbNewEmail, $subject, $message, "From: $myEmail");
// sends the user to the index page
header( "Location: index.php?good=1" );
}
else {
// this is what happens if the email domain is not valid
header( "Location: register.php?bad=4" );
}
}
} else {
// this is what happens if the email is not good
header( "Location: register.php?bad=2" );
$result = mysql_query($query) or die("Query failed: " . mysql_error());
// add this any time after the results of your insert.
mkdir("/imagesFolder/user".mysql_insert_id($result), 0755);
after that in your images folder you should have a folder called userXX where XX is their id number, this makes it far easier to manage than username or emails, more private as well.
If you are using PHP please use the [PHP] and [/PHP] forum tags for highlighting...
The same applies to HTML and the forums [HTML][/HTML] tags.
Ok, if I understand you correctly, I added your code. Here it is.
PHP Code:
<?php
// This is a email validate function that tests for many things
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths are right
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
return false;
}
}
// Check if domain is IP. If not, it should be valid domain name
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
// this gets the user name from the register.php form
$dbNewUser = $_REQUEST['newuser'];
// this gets the password from the register.php form
$dbNewPassword = $_REQUEST['newpassword'];
// this gets the email from the register.php form
$dbNewEmail = $_REQUEST['newemail'];
// this checks to see if a user name and password was given
if(empty($dbNewUser) or empty($dbNewPassword)) {
header( "Location: register.php?bad=3" );
}
else {
// This strips out any html tags
$dbNewUser=strip_tags($dbNewUser);
$dbNewPassword=strip_tags($dbNewPassword);
// This calls the email validator that checks to see if the email is good or not
if (check_email_address($dbNewEmail)) {
// this is the name of the database
$dbh=mysql_connect ("localhost", "hrpjeff_root", "password") or die ('I cannot connect to the database because: ' . mysql_error()); // this connects to the database or dies
mysql_select_db ("hrpjeff_time");
// this checks to see if the user name is already taken and sends it back to the register page if it is taken
if(mysql_num_rows(mysql_query("SELECT name FROM users WHERE name = '$dbNewUser'"))){
header( "Location: register.php?bad=1" );
}
else {
// take a given email address and split it into the username and domain and check to make sure the domain is real
list($userName, $mailDomain) = split("@", $dbNewEmail);
if (checkdnsrr($mailDomain, "MX")) {
// This is what happens when the email is valid
// This is where it writes the user name, password and email to the database
$query = "INSERT INTO users (id, name, password, email) VALUES ( 0, '$dbNewUser', MD5( '$dbNewPassword'), '$dbNewEmail' )";
$result = mysql_query($query) or die("Query failed: " . mysql_error()); // if it is not saved then a error is thrown
// add this any time after the results of your insert.
mkdir("/imagesFolder/user".mysql_insert_id($result), 0755);
//header( "Location: index.php?" );
// Email address to send to which is the users email address they registered with
// The website email address
$myEmail = "info@wallstickies.com";
// The subject of the email
$subject = "Thanks for signing up with Wallstickies!";
// The message of the email
$message = "This is a auto responder.
Thanks for signing up with Wallstickies!
----------------------------------------
Your username: $dbNewUser Your password: $dbNewPassword
----------------------------------------
Please do not respond to this message and disregard if you did not sign up with wallstickies.";
// This is actually mailing the email
mail($dbNewEmail, $subject, $message, "From: $myEmail");
// sends the user to the index page
header( "Location: index.php?good=1" );
}
else {
// this is what happens if the email domain is not valid
header( "Location: register.php?bad=4" );
}
}
} else {
// this is what happens if the email is not good
header( "Location: register.php?bad=2" );
}
}
?>
I am getting this error:
Warning: mysql_insert_id(): supplied argument is not a valid MySQL-Link resource in /home/hrpjeff/public_html/add.php on line 78
Warning: mkdir() [function.mkdir]: No such file or directory in /home/hrpjeff/public_html/add.php on line 78
Warning: Cannot modify header information - headers already sent by (output started at /home/hrpjeff/public_html/add.php:78) in /home/hrpjeff/public_html/add.php on line 109
Am is supposed to change the .mysql_insert_id($result) to somehow include the users id?
Reply With Quote
Bookmarks