We Keep Coding

Voting System using Radio Buttons & Checkboxes (PHP)

I have three PHP pages. Login, Vote, and Vote Process. In the vote page, the user may vote for the candidates. There are radio buttons and checkboxes. Here are the codes for the Vote page:
<?php
error_reporting(E_ALL & ~E_NOTICE);
session_start();
if (isset($_SESSION['uname'])) {
$username = $_SESSION['uname'];
}
else {
header('Location: login_user.php');
die();
}
?>
<html>
<head>
<title>Trinity University of Asia Voting System</title>
</head>
<body>
<img src="images/tua_logo.jpg"><marquee>Practice your right to vote.</marquee><br>
<center>
Home | Results | Logout<br>
<h3>Cast Your Vote</h3>
<form action="processvoting.php" method="post">
<table cellpadding="4" border="1">
<tr>
<th>Position</th>
<th>Choice 1</th>
<th>Choice 2</th>
</tr>
<tr>
<th>President</th>
<td><input type="radio" name="president" value="pres1"> JOHN MICHAEL KALEMBE<br>College of Business Administration</td>
<td><input type="radio" name="president" value="pres2"> SUZAN JOHN<br>College of Education</td>
</tr>
<tr>
<th>Vice President</th>
<td><input type="radio" name="vice_president" value="vicepres1"> JULIUS SAMWEL<br>College of Medical Technology</td>
<td><input type="radio" name="vice_president" value="vicepres2"> JEUNICE MARIANO<br>College of Business Administration</td>
</tr>
<tr>
<th>Secretary</th>
<td><input type="radio" name="secretary" value="sec1"> ANGELO CHRSTIAN DE GUZMAN<br>College of Medical Technology</td>
<td><input type="radio" name="secretary" value="sec1"> MICHAEL SANGA<br>College of Hospitality and Tourism Management</td>
</tr>
<tr>
<th>Treasurer</th>
<td><input type="radio" name="treasurer" value="treas1"> MARIE DANIELLE THEREZE VALDEZ<br>College of Hospitality and Tourism Management</td>
<td><input type="radio" name="treasurer" value="treas1"> JEUNICE MARIANO<br>College of Business Administration</td>
</tr>
<tr>
<th>Auditor</th>
<td><input type="radio" name="auditor" value="aud1"> KOBI TSARLZ GONZALES<br>College of Computing and Information Sciences</td>
<td><input type="radio" name="auditor" value="aud1"> MARIAN ENTERO<br>College of Business Administration</td>
</tr>
<tr>
<th>Business Manager</th>
<td><input type="checkbox" name="bus_manager" value="bus1"> MICAH EDILYN TAN<br>College of Arts and Sciences</td>
<td>N/A</td>
</tr>
<tr>
<th>Public Relations Officer (PRO)</th>
<td><input type="checkbox" name="pro" value="pro1"> MARIBETH LIAMZON<br>College of Education</td>
<td>N/A</td>
</tr>
</table>
<input type="submit" name="submit" value="Cast Your Vote"> <input type="reset" value="Reset">
</form>
</center>
</body>
</html>
Once the user votes, he will be redirected to the Vote Process page and this is the code:
<?php
error_reporting(E_ALL & ~E_NOTICE);
session_start();
if (isset($_SESSION['uname'])) {
$username = $_SESSION['uname'];
}
else {
header('Location: login_user.php');
die();
}
include 'connection.php';
if(isset($_POST['submit'])) {
$president = $_POST['president'];
$vicepres = $_POST['vice_president'];
$secretary = $_POST['secretary'];
$treasurer = $_POST['treasurer'];
$auditor = $_POST['auditor'];
$businessmanager = $_POST['bus_manager'];
$pro = $_POST['pro'];
$conn = mysqli_connect('localhost', 'root', '', 'electiondb');
if (!$conn) {
die("Connecton failed: " . mysqli_connect_error());
}
$votesql = "SELECT voted FROM student_log WHERE username = '$username'";
$query = mysqli_query($conn, $votesql);
while($record = mysqli_fetch_array($query)) {
$hasvoted = $record['voted'];
}
if ($hasvoted == 0) {
if ($president == '') {
echo "You cannot leave $president blank. Please go back and try again.";;
}
elseif ($vicepres == '') {
echo "You cannot leave $vicepres blank. Please go back and try again.";
}
elseif ($secretary == '') {
echo "You cannot leave $secretary blank. Please go back and try again.";
}
elseif ($treasurer == '') {
echo "You cannot leave $treasurer blank. Please go back and try again.";
}
elseif ($auditor == '') {
echo "You cannot leave $auditor blank. Please go back and try again.";
}
elseif ($businessmanager == ''){
echo "You cannot leave $businessmanager blank. Please go back and try again.";
}
elseif ($pro == '') {
echo "You cannot leave $pro blank. Please go back and try again.";
}
else {
switch ($president) {
case 'pres1':
$votepres1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'president'";
$runpres1 = mysqli_query($conn, $votepres1);
break;
case 'pres2':
$votepres2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'president'";
$runpres2 = mysqli_query($conn, $votepres2);
break;
}
switch ($vicepres) {
case 'vicepres1':
$votevicepres1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'vice_president'";
$runvicepres1 = mysqli_query($conn, $votevicepres1);
break;
case 'vicepres2':
$votevicepres2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'vice_president'";
$runvicepres2 = mysqli_query($conn, $votevicepres2);
break;
}
switch ($secretary) {
case 'sec1':
$votesec1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'secretary'";
$runsec1 = mysqli_query($conn, $votesec1);
break;
case 'sec2':
$votesec2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'secretary'";
$runsec2 = mysqli_query($conn, $votesec1);
break;
}
switch ($treasurer) {
case 'treas1':
$votetreas1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'treasurer'";
$runtreas1 = mysqli_query($conn, $votetreas1);
break;
case 'treas2':
$votetreas2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'treasurer'";
$runtreas2 = mysqli_query($conn, $votetreas2);
break;
}
switch ($auditor) {
case 'aud1':
$voteaud1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'auditor'";
$runaud1 = mysqli_query($conn, $voteaud1);
break;
case 'aud2':
$voteaud2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'auditor'";
$runaud2 = mysqli_query($conn, $voteaud2);
break;
}
switch ($businessmanager) {
case 'bus1':
$votebus1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'business_manager'";
$runbus1 = mysqli_query($conn, $votebus1);
break;
}
switch ($pro) {
case 'pro1':
$votepro1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'pro'";
$runpro1 = mysqli_query($conn, $votepro1);
break;
}
$sqlforvoted = "UPDATE student_log SET voted = 1 WHERE username = '$username'";
$processsql = mysqli_query($conn, $sqlforvoted) or die (mysqli_error($conn));
echo "Thank you for voting. You may now logout of the system.<br><a href='logout.php'>Logout</a>";
}
}
else {
echo "You cannot vote more than once. <br><a href='logout.php'>Logout</a>";
}
}
?>
<html>
<head>
<title>Voting Process</title>
</head>
<body>
</body>
</html>
The votes do not increment but the user is deemed as 'voted' therefore the user cannot vote again once logged in. My only concern is that the votes are not counting. Is there something wrong with my codes or is my understanding of vote counts not that great? Thank you!

I think you have some typos in your HTML. Here, the options are pres1 and pres2:
<td><input type="radio" name="president" value="pres1"> ... </td>
<td><input type="radio" name="president" value="pres2"> ... </td>
but here, both options are sec1:
<td><input type="radio" name="secretary" value="sec1"> ... </td>
<td><input type="radio" name="secretary" value="sec1"> ... </td>
Regarding the database interactions, it would be better to use PDO and prepared statements - it's safer than most string concatenation schemes. Check the "related" column to the right on this page - the top question is most likely this one that explains this topic well.
Anyway, here's a different take on your submit section that simply removes all the repetition. It doesn't use PDO (I didn't add any database code) but at least there's no unfiltered user input in the final query - only predefined values:
if(isset($_POST['submit']) && !empty($_POST["submit"])) {
if($hasvoted != 0){
echo "You cannot vote more than once. <br><a href='logout.php'>Logout</a>";
exit;
}
$positions = array(
"president" => null,
"vice_president" => null,
"secretary" => null,
"treasurer" => null,
"auditor" => null,
"bus_manager" => null,
"pro" => null
);
foreach (array_keys($positions) as $position)
{
if (!isset($_POST[$position]) || empty($_POST[$position])) {
echo "All positions must be filled. Please try again.<br>";
exit;
}
else{
$choice = "";
$choice_num = substr($_POST[$position], -1);
if($choice_num == 1 || $choice_num == 2){
$choice = "choice" . $choice_num;
}
else{
echo "Error - invalid option";
exit;
}
$positions[$position] = $choice;
}
}
foreach (array_keys($positions) as $position)
{
$choice = $positions[$position];
$sql_str = "UPDATE vote_log SET " . $choice ." = " . $choice . "+1 WHERE position = '" . $position . "'";
// $sql_insert = mysqli_query($conn, $sql_str);
echo $sql_str . "<br>";
}
echo "Thank you for voting. You may now logout of the system.<br><a href='logout.php'>Logout</a>";
}

You could replace this:
switch ($president) {
case 'pres1':
$votepres1 = "UPDATE vote_log SET choice1 = choice1+1 WHERE position = 'president'";
$runpres1 = mysqli_query($conn, $votepres1);
break;
case 'pres2':
$votepres2 = "UPDATE vote_log SET choice2 = choice2+1 WHERE position = 'president'";
$runpres2 = mysqli_query($conn, $votepres2);
break;
}
With this:
// here you take the last char of $president (value 1 or 2) and concatenate it to "choice"
$choice = "choice".substr($president, -1);
$votepres = "UPDATE vote_log SET $choice = $choice + 1 WHERE position = 'president'";
$runpres = mysqli_query($conn, $votepres);
Note spacing in SQL statement.
To prevent SQL Injection you have to modify the statements where a variable is called. In this case the statements where you call $username (you should call the user ID, instead the username).
Calling the user ID you can simply check if it's an integer value before do the query as follow: if (is_int($userID)) { ...do query... } else { ...do not... }

Why wont my PHP MYSQL comparison work

Im messing around, trying to see if i can make one of those clickable pet sites that were all the rage a couple years ago and i run into a problem with trying to use if, else, elseif stuff in PHP.
Heres what I have:
<?php
include_once "mysql_connect.php";
$newip = $_SERVER['REMOTE_ADDR'];
$oldip = mysql_query("SELECT lastip FROM sitefunctions WHERE name='index'");
if ($newip == $oldip) {
$message = "You were the last one to click this pet, please wait until someone else has clicked it before trying again.";
}
else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='index'");
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='index'");
$tempclicks = mysql_query("SELECT `clicks` FROM sitefunctions WHERE name='index'");
$message = "You gave this pet a click!";
};
if ($tempclicks == 150) {
mysql_query("UPDATE sitefunctions SET `level` = 2 WHERE name='index'");
$message = "Your click leveled the pet up!";
}
elseif ($tempclicks == 600) {
mysql_query("UPDATE sitefunctions SET `level` = 3 WHERE name='index'");
$message = "Your click leveled the pet up!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='index'");
while($row = mysql_fetch_array($sql)){
$clicks = $row["clicks"];
$level = $row["level"];
$name = $row["name"];
$image1 = $row["image1"];
$image2 = $row["image2"];
$image3 = $row["image3"];
};
if ($level == 1) {
$imageu = $image1;
}
elseif ($level == 2) {
$imageu = $image2;
}
elseif ($level == 3) {
$imageu = $image3;
}
?>
<html>
<head>
</head>
<body>
<p>
<?php print $oldip; ?> <br>
<?php print $newip; ?> <br>
Name: <?php print $name; ?> <br>
<img src=<?php print $imageu; ?> /> <br>
Clicks: <?php print $clicks; ?> <br>
Level: <?php print $level; ?> <br>
<?php print $message; ?>
</p>
</body>
</html>
Now the first problem i'm having is with comparing the users ip with the last ip that was on the page.
$newip = $_SERVER['REMOTE_ADDR'];
$oldip = mysql_query("SELECT lastip FROM sitefunctions WHERE name='index'");
if ($newip == $oldip) {
$message = "You were the last one to click this pet, please wait until someone else has clicked it before trying again.";
}
else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='index'");
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='index'");
$tempclicks = mysql_query("SELECT `clicks` FROM sitefunctions WHERE name='index'");
$message = "You gave this pet a click!";
};
No matter what i have tried it doesnt really compare the values. If i put a "=" it says theyre the same no matter what and if i do "==" it says theyre different even though they shouldn't be.
I dont even know where to start with this, no errors come up and i'm fairly new to PHP and MYSQL. Nothing else can be really tested until this, but im sure that the rest of the comparisons dont work either.
im using 000webhost for my site, if thats known to have problems lol

This is what my code looks like now, it works too so im done here:
<?php error_reporting(E_ALL); ini_set('display_errors', 1);
$name = $_POST['name'];
if (empty($name) == true){
$name = "index";
};
include_once "mysql_connect.php";
$newip = $_SERVER['REMOTE_ADDR'];
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$lastip = $row["lastip"];
}
if ($lastip == $newip) {
$message = "You were the last one to click this pet! You have to wait until someone else clicks it!";
} else {
mysql_query("UPDATE sitefunctions SET `clicks` = `clicks`+1 WHERE name='$name'") or die(mysql_error());
mysql_query("UPDATE sitefunctions SET `lastip` = '$newip' WHERE name='$name'") or die(mysql_error());
$message = "You clicked the pet!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$clicks = $row["clicks"];
$level = $row["level"];
}
if ($clicks > 50*$level) {
mysql_query("UPDATE sitefunctions SET `level` = `level`+1 WHERE name='$name'") or die(mysql_error());
$message = "Your click leveled up the pet!";
}
$sql = mysql_query("SELECT * FROM sitefunctions WHERE name='$name'") or die(mysql_error());
while($row = mysql_fetch_array($sql)) {
$clicks = $row["clicks"];
$level = $row["level"];
$name = $row["name"];
$image1 = $row["image1"];
$image2 = $row["image2"];
$image3 = $row["image3"];
$lastip = $row["lastip"];
};
if ($level > 35) {
$imageu = $image3;
} elseif ($level > 15) {
$imageu = $image2;
} elseif ($level > 0) {
$imageu = $image1;
};
?>
<html>
<head>
</head>
<body>
<center>
<p>
Name: <?php print $name; ?> <br>
<img src=<?php print $imageu; ?> /> <br>
Clicks: <?php print $clicks; ?> <br>
Level: <?php print $level; ?> <br>
Last User: <?php print $lastip; ?> <br>
<?php print $message; ?>
</p>
</center>
</body>
</html>

php + mysql + how to add a comma to split the string in the database

i am creating a friend request page that it need to take the friends request as an array than separate each username by a comma.
i do not know what to use the implode or the explode i did use both but neither one give me the result as i want
when i press the accpet button i get this error
Warning: implode(): Invalid arguments passed in C:\wamp\www\Unnamed Site 2\resources\friend_requests.php on line 59
can anyone help me ???
friend_request.php
<?php
session_start();
if($sessionlogin = isset($_SESSION['login']))
{
$login = ($_SESSION['login']);
$userid = ($_SESSION['user_id']);
$login_user = ($_SESSION['username']);
$fname = ($_SESSION['first_name']);
$lname = ($_SESSION['last_name']);
$sessionaddres =($_SESSION['address']);
// require_once('header.php');
require_once('for members/scripts/connect.php');
//find friend request
$findrequests = mysql_query("SELECT * FROM friend_requests WHERE user_from = '$login_user'") or die(mysql_error());
$numrows = mysql_num_rows($findrequests);
if($numrows == 0)
{
echo "YOU HAVE no friend Requests at this time";
$user_from = "";
}
else
{
while($get_row = mysql_fetch_assoc($findrequests))
{
$id = $get_row['id'];
$user_to = $get_row['user_from'];
$user_from = $get_row['user_to'];
echo '' . $user_from . ' wants to be friend' . '<br />';
//var_dump($user_from);
//var_dump($user_to);
//echo "your user_to is '$user_to'";
//echo "your user_from is '$user_from'";
?>
<?php
if(isset($_POST['acceptrequest'.$user_from]))
{
//select the friend array row from the logged in user
$get_friend_check = mysql_query("SELECT friend_array FROM user WHERE user_name = '$login_user'") or die(mysql_error());
$get_friend_row = mysql_fetch_assoc($get_friend_check);
$friend_array = $get_friend_row['friend_array'];
$friendArray_explode = implode(",", $friend_array);
$friend_array_count = count($friendArray_explode);
//select the friend array row from the user who sent the friend request
$get_friend_check_friend = mysql_query("SELECT friend_array FROM user WHERE user_name = '$user_from'") or die(mysql_error());
$get_friend_row_friend = mysql_fetch_assoc($get_friend_check_friend);
$friend_array_friend = $get_friend_row_friend['friend_array'];
$friendArray_explode_friend = implode(",", $friend_array_friend);
$friend_array_count_friend = count($friendArray_explode_friend);
if($friend_array == "")
{
$friendArray_count = count(NULL);
}
//var_dump($friendArray_count);
if($friend_array_friend == "")
{
$friendArray_count_friend = count(NULL);
}
if (#$friendArray_count == NULL)
{
$add_friend_query = mysql_query("UPDATE user SET friend_array = CONCAT(friend_array, '$user_from') WHERE user_name = '$login_user'");
}
if(#$friendArray_count_friend == NULL)
{
$add_friend_query = mysql_query("UPDATE user SET friend_array = CONCAT(friend_array, '$user_to') WHERE user_name = '$user_from'");
}
/*
if(#$friendArray_count >= 1)
{
$add_friend_query = mysql_query("UPDATE user SET friend_array = CONCAT(friend_array, ',$user_from') WHERE user_name = '$login_user'");
}
/*
if(#$friendArray_count_friend >= 1)
{
$add_friend_query = mysql_query("UPDATE user SET friend_array = CONCAT(friend_array, ',$user_to') WHERE user_name = '$user_from'");
}
*/
// for delete request
$delete_request = mysql_query("DELETE FROM friend_requests WHERE user_to = '$user_to' && user_from = '$user_from'") or die(mysql_error());
echo "YOU are now friends!!";
//header("Location: friend_requests.php");
}
if(isset($_POST['ignorerequest'.$user_from]))
{
$ignore_request = mysql_query("DELETE FROM friend_requests WHERE user_to = '$user_to' && user_from = '$user_from'") or die(mysql_error());
echo "Request ignored !!";
header("Location: friend_requests.php");
}
?><br />
<br />
<br />
<br />
<br />
<form action="friend_requests.php" method="post">
<input type="submit" name="acceptrequest<?php echo $user_from; ?>" value="Accept">
<input type="submit" name="ignorerequest<?php echo $user_from; ?>" value="Ignor">
</form>
<?php
}
}
}
?>

try this
$get_friend_check = mysql_query("SELECT friend_array FROM user WHERE user_name = '$login_user'") or die(mysql_error());
$your_array = array();
while ($get_friend_row = mysql_fetch_array($get_friend_check)) {
$your_array[] = $get_friend_row['friend_array'];
}
$friendArray_explode = implode(",", $your_array);
echo $friendArray_explode;
you could also use implode in mysql directly
like that
$get_friend_check = mysql_query("SELECT group_concat(friend_array SEPARATOR ',')
FROM user WHERE user_name = '$login_user'")
or die(mysql_error());

php setting up profile for account type

hey guys need some help or advice, im building a member based website and looking for a way to point the logged in user to their profile which is based on their account type.
the system started with 1 account and evereything runs fine, i have added the accounts field into mysql and the registration form lets them pick the account they need i just need a push in the right direction to point them to their profile at login
heres my current code that directs them on login
<?php
/*
* Date: january 20, 2012
*------------------------------------------------------------------------------------------------*/
session_start(); // Start Session First Thing
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
//-----------------------------------------------------------------------------------------------------------------------------------
include_once "scripts/connect_to_mysql.php"; // Connect to the database
$dyn_www = $_SERVER['HTTP_HOST']; // Dynamic www.domainName available now to you in all of your scripts that include this file
//------ CHECK IF THE USER IS LOGGED IN OR NOT AND GIVE APPROPRIATE OUTPUT -------
$logOptions = ''; // Initialize the logOptions variable that gets printed to the page
// If the session variable and cookie variable are not set this code runs
if (!isset($_SESSION['idx'])) {
if (!isset($_COOKIE['idCookie'])) {
$logOptions = 'Register Account
|
Log In';
}
}
// If session ID is set for logged in user without cookies remember me feature set
if (isset($_SESSION['idx'])) {
$decryptedID = base64_decode($_SESSION['idx']);
$id_array = explode("p3h9xfn8sq03hs2234", $decryptedID);
$logOptions_id = $id_array[1];
$logOptions_username = $_SESSION['username'];
$logOptions_username = substr('' . $logOptions_username . '', 0, 15); // cut user name down in length if too long
// Check if this user has any new PMs and construct which envelope to show
$sql_pm_check = mysql_query("SELECT id FROM private_messages WHERE to_id='$logOptions_id' AND opened='0' LIMIT 1");
$num_new_pm = mysql_num_rows($sql_pm_check);
if ($num_new_pm > 0) {
$PM_envelope = '<img src="images/pm2.gif" width="18" height="11" alt="PM" border="0"/>';
} else {
$PM_envelope = '<img src="images/pm1.gif" width="18" height="11" alt="PM" border="0"/>';
}
// Ready the output for this logged in user
$logOptions = $PM_envelope . '
Home
|
Profile
|
<div class="dc">
Account <img src="images/darr.gif" width="10" height="5" alt="Account Options" border="0"/>
<ul>
<li>Account Options</li>
<li>Inbox Messages</li>
<li>Sent Messages</li>
<li>Log Out</li>
</ul>
</div>
';
} else if (isset($_COOKIE['idCookie'])) {// If id cookie is set, but no session ID is set yet, we set it below and update stuff
$decryptedID = base64_decode($_COOKIE['idCookie']);
$id_array = explode("nm2c0c4y3dn3727553", $decryptedID);
$userID = $id_array[1];
$userPass = $_COOKIE['passCookie'];
// Get their user first name to set into session var
$sql_uname = mysql_query("SELECT firstname, lastname, email FROM memberstable WHERE id='$userID' AND password='$userPass' LIMIT 1");
$numRows = mysql_num_rows($sql_uname);
if ($numRows == 0) {
// Kill their cookies and send them back to homepage if they have cookie set but are not a member any longer
setcookie("idCookie", '', time()-42000, '/');
setcookie("passCookie", '', time()-42000, '/');
header("location: index.php"); // << makes the script send them to any page we set
exit();
}
while($row = mysql_fetch_array($sql_uname)){
$firstname = $row["firstname"];
$surname = $row["lastname"];
$useremail = $row["email"];
}
$_SESSION['id'] = $userID; // now add the value we need to the session variable
$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$userID");
$_SESSION['firstname'] = $firstname;
$_SESSION['surname'] = $surname;
$_SESSION['useremail'] = $useremail;
$_SESSION['userpass'] = $userPass;
$logOptions_id = $userID;
$logOptions_uname = $firstname;
$logOptions_uname = $surname;
$logOptions_uname = substr('' . $logOptions_uname . '', 0, 15);
/////////// Update Last Login Date Field /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
mysql_query("UPDATE memberstable SET last_log_in=now() WHERE id='$logOptions_id'");
// Ready the output for this logged in user
// Check if this user has any new PMs and construct which envelope to show
$sql_pm_check = mysql_query("SELECT id FROM private_messages WHERE to_id='$logOptions_id' AND opened='0' LIMIT 1");
$num_new_pm = mysql_num_rows($sql_pm_check);
if ($num_new_pm > 0) {
$PM_envelope = '<img src="images/pm2.gif" width="18" height="11" alt="PM" border="0"/>';
} else {
$PM_envelope = '<img src="images/pm1.gif" width="18" height="11" alt="PM" border="0"/>';
}
// Ready the output for this logged in user
$logOptions = $PM_envelope . '
<!--Home
| -->
Profile
|
<div class="dc">
Account <img src="../images/darr.gif" width="10" height="5" alt="Account Options" border="0"/>
<ul>
<li>Account Options</li>
<li>Inbox Messages</li>
<li>Sent Messages</li>
<li>Log Out</li>
</ul>
</div>';
}
?>
i thought i could possibly add something along the lines of
// set profile type depending on which user type it is
if ($accounttype == "a") {
$userOptions = "";
} else if ($accounttype == "b") {
$userOptions = "";
} else if ($accounttype == "c") {
$userOptions = "";
} else if ($accounttype == "d") {
$userOptions = "";
} else if ($accounttype == "e") {
$userOptions = "";
} else if ($accounttype == "f") {
$userOptions = "";
} else {
$userOptions = "";
}
but really unsure as i would also need to changed the edit profile page aswell
sorry if im unclear about what im trying to achieve just say and ill try to clarify but any help here would be great, i know its going to be if and else statements and a call to mysql think i hit a blank spot in my head

I recommend you to use something like:
You build the array:
$accountType = array('a', 'b');
$userOptions = array();
Than
foreach ($accountType as $value)
{
switch ($value)
{
case $value:
$userOptions[] = 'option '.$value;
break;
}
}
print_r($userOptions);
this is a very efficient way of symplifing your code and make it more dynamic.

This is the WebIntersect code, isn't it?
Change this line:
header("location: index.php");
to
header("location: profile.php?=". $userID ."");
It's line 86 in the original changeuserlog.php.
Hope this helps!

get names of online users

as i have mentioned at my earlier post, we are creating a chat for a specific website. Now this chat would have to retrieve the names of the users online and would automatically update once one user would log out of the chat. we were able to create this with the use of PHP alone and right now we are trying to use jquery to avoid often refreshing.so far, this is what we have:
<?php
session_start(); //Configuation
?>
<link rel="stylesheet" type="text/css" href="http://www.pinoyarea.com/videochat/css/winterblues.css">
<?php
$name = $_SESSION['username'];
$room = $_SESSION['room'];
$user = $_SESSION['user'];
if($name == NULL || $room == NULL || $user = NULL)
{
echo "<script>window.location = 'http://www.pinoyarea.com/index.php?p=member/signup';</script>";
}
include "connect.php";
$timeoutseconds = 60; // length of session, 20 minutes is the standard
$timeoutseconds_idle = 30;
$timestamp=time();
$timeout=$timestamp-$timeoutseconds;
$timeout_idle=$timestamp-$timeoutseconds_idle;
$PHP_SELF = $_SERVER['PHP_SELF'];
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
{
//check for ip from share internet
$ip = $_SERVER["HTTP_CLIENT_IP"];
}
elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
{
// Check for the Proxy User
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
}
else
{
$ip = $_SERVER["REMOTE_ADDR"];
}
$temp = #mysql_query("SELECT * FROM useronline WHERE online_name='$name' AND online_user='$user' AND online_room='$room'");
$rowie = #mysql_num_rows($temp);
// Add this user to database
$loopcap = 0;
while ($loopcap<3){
if($rowie == 0 AND $name != NULL)
{
#mysql_query("insert into useronline values('$timestamp','$ip','$PHP_SELF','$name','$room','$user')");
}
else
{
} // in case of collision
$timestamp = $timestamp+$ip{0}; $loopcap++;
}
// Delete users that have been online for more then "$timeoutseconds" seconds
mysql_query("delete from useronline where timestamp<$timeout");
//Modified
// Select users online
$result = #mysql_query("select distinct online_name from useronline");
$result2 = #mysql_query("SELECT distinct online_name FROM useronline WHERE online_room='$room'");
$user_count = #mysql_num_rows($result2);
mysql_free_result($result);
#mysql_close();
// Show all users online
echo '<table name="tableonline" width="180px">';
if ($user_count==1)
{
echo '<tr><th>';
echo '<font size="1px" style="font-family:arial;"><strong>'.$user_count.' Toozer Online</th></tr>';
}
else
{
echo '<tr><th>'.$user_count.' Toozers Online</strong></font></th></tr></table>';
}
echo "</table><br /><table width='180px'>";
while($cell = mysql_fetch_array($result2))
{
$timestamping = $cell["timestamp"];
if($timestamping >= $timeout_idle && $timestamping < $timeout)
{
$src = "http://www.pinoyarea.com/images/videochat/user-offline.png";
}
else
{
$src = "http://www.pinoyarea.com/images/videochat/user-online.png";
}
echo '<tr><td><img src="'.$src.'"/><font size="1px" style="text-decoration:none;font-family:tahoma;"></td><td>'.$cell["online_name"].'</font>';
echo '<br /></td></tr>';
}
echo '<table>';
?>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js"> </script>
<script>
$(document).ready(function() {
$("#tableonline").load("online_users.php");
var refreshId = setInterval(function() {
$("#tableonline").load('online_users.php?randval='+ Math.random());}, 3000);
});
</script>
//<META HTTP-EQUIV="Refresh" CONTENT="10">

You have to put a boolean value for the user in the DB (in the user table). when he get's login ie when he enter's to his profile page the BOOL value should be changed to 1 and when he get logout change the vlaue to 0.