Basically, this code works but it displays both the sender and receiver in the same color
what do i want? i want the sender colour to be different with the receiver message color
<?php
require_once 'cn.php';
session_start(); // startsession .line17 (username || usernameto='.$username.')
//messages sent or received by the $_SESSION or $_GET["ident"]..line 26
require_once 'protect.php';
$username=$_SESSION['UserID'];
$fiveMinutesAgo = time() - 1000;
$to=$_SESSION['UserTo'];
$sql = 'SELECT
username, message_content,message_file, message_time,usernameto
FROM
messages
WHERE
message_time > ' . $fiveMinutesAgo . '
and ((username='.$username.'
and usernameto='.$to.') or (usernameto='.$username.'
and username='.$to.'))
ORDER BY
message_time';
$result = mysql_query($sql, $cn) or
die(mysql_error($cn));
//mysql_query ("Update messages set message_file= replace(message_file,' ','');
while ($row = mysql_fetch_assoc($result)) {
$hoursAndMinutes = date('g:ia', $row['message_time']);
$mycontent=$row['message_content'];
$myfile=$row['message_file'];
$playfile="<A href=upload/$myfile> $myfile </A>";
/*************************************************************************************************/
echo '<i><p style="font-family:arial;color:purple;font-size:15px;"><strong>' . $row['username']. '</strong>: <em>(' . $hoursAndMinutes . ')</em> ' . $playfile . $mycontent.'</i></p>';
}
?>
Assuming that $username and your column username contains a userID: Check if $username is the same as $row['username']. If it is, your message is from the sender.
if ($row['username'] == $username)
$color = 'red';
else
$color = 'purple';
echo '<i><p style="font-family:arial;color:'.$color.';font-size:15px;"><strong>' . $row['username']. '</strong>: <em>(' . $hoursAndMinutes . ')</em> ' . $playfile . $mycontent.'</i></p>';
Also: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
http://www.php.net/manual/en/function.mysql-query.php
you need to know when the sendername is the same people who has the session open if the sendername else is the receiver
Related
I have created a script and a php file where it will fetch a certain link to get the public address of the mikrotik address.
I can send a plain text(in this instancem "tester"), but I cant send the result from mikrotik([/system identity print]).
Here is the file:
mikrotik script:
:global name [/system identity print]
:global lock "tester"
# put it all together ----------------------------------------------------
:set $str "key=$lock&namepr=$name"
# send to server ---------------------------------------------------------
:do {
:put "Checking in";
/tool fetch mode=https keep-result=no http-method=post url="https://sc.glcnetworks.com:63010/scriptcase/app/glcbilling/receive_monitoring_from_host/\?$str" http-data=$str ;
:put "Data sended successfully";
} on-error={ log warning "Greeter: Send to server Failed!" }
php file from scriptcase:
#get hostname,ip public and key from mikrotik
$hostname_get = $_GET['namepr'];
$key_get = $_GET['key'];
$remote = $_SERVER['REMOTE_ADDR'];
// Check for record
$check_sql = "SELECT id,hostname"
. " FROM glc_host"
. " WHERE hostname = '$hostname_get'";
sc_lookup(rs, $check_sql);
// Check for record
$check_sql2 = "SELECT key,value"
. " FROM bas_config"
. " WHERE key = 'mikrotik_secrets_$hostname_get'";
sc_lookup(ls, $check_sql2);
$id = isset({rs[0][0]});
// Check for record, to record public IP changes or new public ip changes
$check_sql3 = "SELECT *"
. " FROM glc_host_monitoring"
. " WHERE host_id = '$id'";
sc_lookup(ms, $check_sql3);
#to check for mikrotik output, i send the result to activity log
sc_log_add("test", "$key_get and $hostname_get");
#if key and hostname match from database
if (isset({rs[0][1]}) && isset({ls[0][1]})){
# if record exist
if(isset({rs[0][0]})== isset({ms[0][1]})){
// echo "yes" ;
#no change happen
if($ms[0][5]== $remote){
// echo "ok";
exit();
#ip public changed
}else{
echo "update";
$update_table = 'glc_host_monitoring'; // Table name
$update_where = "host_id = '$id' "; // Where clause
$update_fields = array( // Field list, add as many as needed
"ip_address_public = '$remote'",
);
// Update record
$update_sql = 'UPDATE ' . $update_table
. ' SET ' . implode(', ', $update_fields)
. ' WHERE ' . $update_where;
sc_exec_sql($update_sql);
}
}else{
#if record does not exist
$insert_table = 'glc_host_monitoring'; // Table name
$insert_fields = array( // Field list, add as many as needed
'host_id' => "'$id'",
'ip_route' => "'NULL'",
'ip_address' => "'NULL'",
'interface' => "'NULL'",
'ip_address_public' => "'$remote'",
);
// Insert record
$insert_sql = 'INSERT INTO ' . $insert_table
. ' (' . implode(', ', array_keys($insert_fields)) . ')'
. ' VALUES (' . implode(', ', array_values($insert_fields)) . ')';
sc_exec_sql($insert_sql);
}
}else{
#key and hostname not matched
echo "failed";
}
I have searched everywhere but I dont find the right answer, please tell me whats wrong with my file, Im new with mikrotik scripting.
Try it another way. Let server ask for info and then store it in DB
https://wiki.mikrotik.com/wiki/API_PHP_package
<?php
use PEAR2\Net\RouterOS;
$client = new RouterOS\Client('192.168.88.1', 'admin', 'password');
$util = new RouterOS\Util($client);
$util->setMenu('/system identity')->get('name'); # Just guessing
...
I have a separate file that generates a PDF, saves select information to a database, creates the PDF and then emails it to the user. What I am trying to do is echo the sql statement on the confirmation page.
request.php -> PDF-generation.php -> confirmation.php
The user never sees the PDF generation page.
Here is the function:
function LogToDatabase($holding_id, $to_email, $from_email, $subject, $message, $pdf) {
//Save record of PDF here
$db = new wpdb(DB_USER, DB_PASSWORD, 'webtransaction', DB_HOST);
$sql = "INSERT INTO 504_pdf_storage (`holding_id`, `to_email`, `from_email`, `subject`, `message`, `pdf`)
VALUES(" . $holding_id . "," . $to_email ."," . $from_email ."," . $subject ."," . $message ."," . $pdf . ");";
return $db->insert_id;
}
I want to echo the variable $sql from PDF-generation.php onto the confirmation.php but a simple "echo $sql;" gives an error saying "Undefined variable"
Please help and thanks!
EDIT: Here is the top of the confirmation page.
require_once('../../../../wp-load.php');
require_once('../includes/phpmailer/class.phpmailer.php');
require_once('../classes/504-send-request.php');
require_once ('../classes/pdf_generator.php');
$mh = new MobileHomeRequest();
$data = $mh->GetTempData($_POST['id']);
$holding_id = $data->SaveToDatabase();
$pdf = new PDFGen(null,$data);
echo $sql;
get_header();
if(!$pdf->RenderPDF()) { ?>
<script>
alert('Couldn\'t send your email because our servers seem to be really lame today.');
</script>
<?php } ?>
Save the value in a session variable, and then echo out the session variable on the confirmation page. You'll need session_start() at the top of each page.
function LogToDatabase($holding_id, $to_email, $from_email, $subject, $message, $pdf) {
//Save record of PDF here
$db = new wpdb(DB_USER, DB_PASSWORD, 'webtransaction', DB_HOST);
$sql = "INSERT INTO 504_pdf_storage (`holding_id`, `to_email`, `from_email`, `subject`, `message`, `pdf`)
VALUES(" . $holding_id . "," . $to_email ."," . $from_email ."," . $subject ."," . $message ."," . $pdf . ");";
//add this
$_SESSION['savedSQL'] = $sql;
return $db->insert_id;
}
Then on the confirmation page, it's a simple:
echo htmlentities($_SESSION['savedSQL'], ENT_QUOTES);
Side Note
As mentioned in the comments, a var_dump($sql) followed by exit() would be much better. Also note the htmlentities() to protect against XSS, since it is unknown where the variables in the query are coming from.
I am trying to create a web page using php. The problem is that sometimes I get server errors and sometime I get nothing in return at all. At one point the server changed the file type itself. I have NO idea what the problem can be.
And since I have actually no idea what the problem is I paste the entire file here, even though I expect that it's the first few rows that is the problem (I put it here: http://www.iandapp.com/smic/subscription.php) :
<?php header('Content-Type: text/html; charset=ISO-8859-1');
echo("<div id='subscribe'>");
$mail = $_POST['email1'];
//Set the locale format, etc. of date and time
date_default_timezone_set('Europe/Stockholm');
setlocale(LC_TIME, "sv_SV");
//Create the db-connection
$mysqli = mysqli_connect("mydb", "myuser", "mupsw", "myschema", "3306");
//If verifying the subscription, makse sure the db is updated accordingly
if($_GET['newid'] != ""){
//Make the subscriber a verified subscriber
$result = mysqli_query($mysqli,"UPDATE users SET subscriber = 1 WHERE id = " . $_GET['newid']);
if($result){
echo("<p>Welcome to our newsletter! We will send you information about any new application or update. This will not happen too often, but once it does we hope you will have the opportunity to look into our site again.<p/>");
echo("<p><br/>If you wish to unsubscribe from this mail-list, please visit out subscription page: http://" . $_SERVER['HTTP_HOST'] . "/subscription.php <p/>");
}else{
echo("<p>Somthing went wrong, please click the link again!<p/>");
}
}elseif($_POST['email1'] != ""){ //Only do things if there is an e-mail posted
//Make sure the ID is unique
do{
$rand_int = rand(100000000, 999999999);
$result = mysqli_query($mysqli, "SELECT id FROM users WHERE id = " . $rand_int);
$no_of_rows = mysqli_num_rows($result);
}while($no_of_rows != 0);
echo("RAND :".$rand_int);
//Create query for saving the new user e-mail
$query = "INSERT INTO users(id, email, first_name, surname) VALUES ('" . $rand_int . "', '".$_POST['email1']."', '". $_POST['first_name']."','".$_POST['surname']."')";
$re = mysqli_query($mysqli, $query);
echo("Result: ".$re);
//Check if mail already exist (Error code 1062 = dublicate entries for unique fields)
$existing = 0;
if(mysqli_errno($mysqli)==1062){
echo("It seems like your e-mail already is registered. Perhaps you have been a subscriber earlier? By clicking the link that you will receive in your mail box you subscribe to the newsletter again. ");
$existing = 1;
$result = mysqli_query($mysqli,"SELECT id FROM users WHERE email = '" . $_POST['email1'] . "'");
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$rand_int = $row['id'];
mysqli_query($mysqli,"UPDATE users SET waiting_for_unsubscribe = 0 WHERE email = '" . $_POST['email1'] . "'");
if(mysqli_errno($mysqli)){
echo("Error code " . mysqli_errno($mysqli) . "<br/>");
echo("Error text " . mysqli_errno($mysqli) . "<br/>");
}
//echo("ID------ " . $row['id'] . " ri---- " . $rand_int);
}
//Create the link for the user to verify the subscription
$url = "http://" . $_SERVER['HTTP_HOST'] . "/smic/subscription.php?newid=" . $rand_int;
$mymail = $_POST['email1'];
$esubject = "Please verify your subscription to iAndApp's newsletter ";
$body = "Click the link in order to verify your subscription (If you cannot click the link, just copy it and paste it into the adress field of your browser): " . $url;
$eemail = "NoReply#iandapp.com";
$sent = mail($mymail,$esubject,$body,"From: $eemailn");
if($sent){
if($existing != 1){
echo "<br/>An e-mail with a link has been sent to ". $mymail . ". Please click the link in order to verify your subscription";
}
}else{
echo "Something went wrong. Please try again and make sure you enter a correct e-mail adress.";
}
$existing = 0;
mysqli_free_result($result);
//If unsubscribing
}elseif($_POST['unsubscribedmail'] != ""){
//echo("Unsubscribe........");
//echo($_POST['unsubscribedmail']);
$result = mysqli_query($mysqli,"UPDATE users SET waiting_for_unsubscribe = 1 WHERE email = '" . $_POST['unsubscribedmail'] . "'");
//echo("Err code " . mysqli_errno($mysqli));
//echo("Err text " . mysqli_error($mysqli));
if(mysqli_errno($mysqli)){
echo("Error code " . mysqli_errno($mysqli) . "<br/>");
echo("Error text " . mysqli_errno($mysqli) . "<br/>");
}
$result = mysqli_query($mysqli,"SELECT id FROM users WHERE email = '" . $_POST['unsubscribedmail'] . "'");
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
//echo("ID------ " . $row['id']);
//Create the link for the user to verify that he/she unsubscribes
$url = "http://" . $_SERVER['HTTP_HOST'] . "/smic/subscription.php?unsubscribeid=" . $row['id'];
$mymail = $_POST['unsubscribedmail'];
$esubject = "Please verify that you want to unsubscribe from iAndApp's newsletter ";
$body = "Click the link in order to verify that you want to unsubscribe from iAndApp's newsletter (If you cannot click the link, just copy it and paste it into the adress field of your browser): " . $url;
$eemail = "NoReply#iandapp.com";
$sent = mail($mymail,$esubject,$body,"From: $eemailn");
if ($sent) echo "<br/>A mail with a link has been sent to ". $mymail . ". Please click the link in order to verify that you will unsubscribe from the newsletters.";
else echo "Something went wrong. Please try again and make sure you enter a correct e-mail adress.";
mysqli_free_result($result);
}elseif($_GET['unsubscribeid'] != ""){
$result = mysqli_query($mysqli,"UPDATE users SET subscriber = 0, waiting_for_unsubscribe = 0 WHERE id = " . $_GET['unsubscribeid']);
if($result){
echo("<p>You have now unsubscribed to the newsletter. Thank you for this time and we hope to see you again in the future. /iAndApp.<p/>");
}else{
echo("<p>Somthing went wrong, please click the link again!<p/> ".$result);
}
}else{
echo("<div class="subscribe">
<h4>Subscribe</h4>
<p>Subscribe to iAndApp's newsletter in order to get information about new and updated iPhone games and iPhone applications, that has been released by iAndApp. </p>
<form action="subscription.php" name="subscribe" method="post" onsubmit="return isValidEmailAndEqual()">
<p class="formlabel">Förnamn</p> <input type="text" name="first_name"/><br/>
<p class="formlabel">Efternamn</p> <input type="text" name="surname"/> <br/>
<p class="formlabel">E-mail</p> <input type="text" name="email1"/>
<br/>
<p class="formlabel">Repeat e-mail</p> <input type="text" name="email2"/> <br/>
<input class="inputsubmit" type="submit" value="Subscribe"/>
</form>
</div>");
echo("<div class="footer"></div>");
echo("<div class="subscribe">
<h4>Unsubscribe</h4>
<p>Fill in your e-mail address and submit in order to unsubscribe from iAndApp's newsletter. </p>
<form action="subscription.php" name="unsubscribe" method="post" onsubmit="return isValidEmail()">
<p class="formlabel">E-mail</p> <input type="text" name="unsubscribedmail"/><br/>
<input class="inputsubmit" name="submitbutton" type="submit" value="Unsubscribe"/>
</form>
</div>");
}
mysqli_close($mysqli);
echo("</div>");
?>
Of course, I don't expect you to go through and debug the entire application, but perhaps for the more expreienced folks out there, you know where to look.
I'm starting to get a bit stressed out here...
Please advice what the problem is and how I can solve it.
Thank you in advance!
eror in code:
echo("<div class="subscribe">
<h4>Subscribe</h4>
<p>Subscribe to i
in 1-st line you just close the string by 2-nd quote
you just need to correct code
You have to escape double quotes inside html tags or use single quotes. Right now, echo thinks it's closed after "<div class=". Use one of these:
echo "<div class=\"class\">";
or
echo '<div class="class">';
or
echo "<div class='class'>";
If you dont get any reposne from server (document is clear) or you have server errors but this is not all the time and sometimes script works fine it could be memory limit problem.
do{
$rand_int = rand(100000000, 999999999);
$result = mysqli_query($mysqli, "SELECT id FROM users WHERE id = " . $rand_int);
$no_of_rows = mysqli_num_rows($result);
}while($no_of_rows != 0);
This part of code dosn't look good for me, I suggest you to use auto_increment at id field in db (so id will be unique all the time)
I am using php imap functions to parse the message from webmail. I can fetch messages one by one and save them in DB. After saving, I want to delete the inbox message. imap_delete function is not working here. My code is like that:
$connection = pop3_login($host,$port,$user,$pass,$folder="INBOX",$ssl=false);//connect
$stat = pop3_list($connection);//list messages
foreach($stat as $line) {
//save in db codes...
imap_delete($connection, $line['msgno']);//flag as delete
}
imap_close($connection, CL_EXPUNGE);
I also tested - imap_expunge($connection);
But it is not working. The messages are not deleted. Please help me out...
You are mixing POP and IMAP.
That is not going to work. You need to open the connection with IMAP. See this example:
<?php
$mbox = imap_open("{imap.example.org}INBOX", "username", "password")
or die("Can't connect: " . imap_last_error());
$check = imap_mailboxmsginfo($mbox);
echo "Messages before delete: " . $check->Nmsgs . "<br />\n";
imap_delete($mbox, 1);
$check = imap_mailboxmsginfo($mbox);
echo "Messages after delete: " . $check->Nmsgs . "<br />\n";
imap_expunge($mbox);
$check = imap_mailboxmsginfo($mbox);
echo "Messages after expunge: " . $check->Nmsgs . "<br />\n";
imap_close($mbox);
?>
Actually the functions names are like pop3. but they perform imap functionality. like -
function pop3_login($host,$port,$user,$pass,$folder="INBOX",$ssl=false)
{
$ssl=($ssl==false)?"/novalidate-cert":"";
return (imap_open("{"."$host:$port/pop3$ssl"."}$folder",$user,$pass));
}
function pop3_list($connection,$message="")
{
if ($message)
{
$range=$message;
} else {
$MC = imap_check($connection);
$range = "1:".$MC->Nmsgs;
}
$response = imap_fetch_overview($connection,$range);
foreach ($response as $msg) $result[$msg->msgno]=(array)$msg;
return $result;
}
I am working on a osCommerce project, which is accessible on the main server, but when i try to access the admin portion of the project on my LOCALHOST the login page do accepts my login, ideally it should accept my login and redirect me to index,php..
below is the login script i am using..
<?php
require('includes/application_top.php');
if ($session_started == false) {
echo 'session not started';
}
$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
// Check if email exists
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
if (!tep_db_num_rows($check_admin_query)) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
$check_admin = tep_db_fetch_array($check_admin_query);
//BOF code for cPanel installer - convert password to cre hash
$check_password = $check_admin['login_password'];
if (substr($check_password, 0, 8) == '_cPanel_'){
$check_password = substr($check_password, 8);
$password_hash = tep_encrypt_password($check_password);
tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
$check_admin = tep_db_fetch_array($check_admin_query);
}
//EOF code for cPanel installer - convert password to cre hash
// Check that password is good
if (!tep_validate_password($password, $check_admin['login_password'])) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
if (tep_session_is_registered('password_forgotten')) {
tep_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$login_groups_id = $check_admin[login_groups_id];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
tep_session_register('login_id');
tep_session_register('login_groups_id');
tep_session_register('login_firstname');
//$date_now = date('Ymd');
tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");
if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin#localhost') || ($login_modified == '0000-00-00 00:00:00')) {
tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
}
}
}
}
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
include('includes/functions/rss2html.php');
?>
I tried tracking the issue, whenever I login with correct email and password it doesnt give me the "$HTTP_GET_VARS['action']"
Could someone guide me whats going wrong here?
ACCORDING TO THE INITIAL REPLIES
i have register_long_arrays enabled in my localhost and it is working very well in case of wrong input of email address and password..
Variables such as HTTP_GET_VARS are called long-arrays, and are deprecated -- and can be disabled.
See the register_long_arrays directive, about this : maybe it's disabled on your server ?
Instead of $HTTP_GET_VARS, you should be using the $_GET super-global array.
For a couple of references, see :
$_GET
Predefined Variables
Note : OS-commerce is a quite old piece of software, and was developped before long-arrays were deprecated -- which is probably why they are used... and why it is possible to enable the register_long_arrays directive in PHP's configuration.
Of course, this is not recommended for new software... But if you have to work with that... it might be easier than replacing every instance of $HTTP_GET_VARS.
$HTTP_GET_VARS is old and deprecated, use $_GET instead. Same applies to other superglobals as well: $_POST, $_REQUEST, $_SERVER, $_COOKIES, $_FILES, etc.
Try $_GET['action'] instead of $HTTP_GET_VARS['action']. I suggest you entirely replace $HTTP_GET_VARS with $_GET.
As of PHP 5.0.0, the long PHP
predefined variable arrays may be
disabled with the register_long_arrays
directive.
From PHP 5.0.3 long predefined arrays such HTTP_GET_VARS got disabled by default. Use this instead:
$_GET['action'];