I am trying to create a web page using php. The problem is that sometimes I get server errors and sometime I get nothing in return at all. At one point the server changed the file type itself. I have NO idea what the problem can be.
And since I have actually no idea what the problem is I paste the entire file here, even though I expect that it's the first few rows that is the problem (I put it here: http://www.iandapp.com/smic/subscription.php) :
<?php header('Content-Type: text/html; charset=ISO-8859-1');
echo("<div id='subscribe'>");
$mail = $_POST['email1'];
//Set the locale format, etc. of date and time
date_default_timezone_set('Europe/Stockholm');
setlocale(LC_TIME, "sv_SV");
//Create the db-connection
$mysqli = mysqli_connect("mydb", "myuser", "mupsw", "myschema", "3306");
//If verifying the subscription, makse sure the db is updated accordingly
if($_GET['newid'] != ""){
//Make the subscriber a verified subscriber
$result = mysqli_query($mysqli,"UPDATE users SET subscriber = 1 WHERE id = " . $_GET['newid']);
if($result){
echo("<p>Welcome to our newsletter! We will send you information about any new application or update. This will not happen too often, but once it does we hope you will have the opportunity to look into our site again.<p/>");
echo("<p><br/>If you wish to unsubscribe from this mail-list, please visit out subscription page: http://" . $_SERVER['HTTP_HOST'] . "/subscription.php <p/>");
}else{
echo("<p>Somthing went wrong, please click the link again!<p/>");
}
}elseif($_POST['email1'] != ""){ //Only do things if there is an e-mail posted
//Make sure the ID is unique
do{
$rand_int = rand(100000000, 999999999);
$result = mysqli_query($mysqli, "SELECT id FROM users WHERE id = " . $rand_int);
$no_of_rows = mysqli_num_rows($result);
}while($no_of_rows != 0);
echo("RAND :".$rand_int);
//Create query for saving the new user e-mail
$query = "INSERT INTO users(id, email, first_name, surname) VALUES ('" . $rand_int . "', '".$_POST['email1']."', '". $_POST['first_name']."','".$_POST['surname']."')";
$re = mysqli_query($mysqli, $query);
echo("Result: ".$re);
//Check if mail already exist (Error code 1062 = dublicate entries for unique fields)
$existing = 0;
if(mysqli_errno($mysqli)==1062){
echo("It seems like your e-mail already is registered. Perhaps you have been a subscriber earlier? By clicking the link that you will receive in your mail box you subscribe to the newsletter again. ");
$existing = 1;
$result = mysqli_query($mysqli,"SELECT id FROM users WHERE email = '" . $_POST['email1'] . "'");
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$rand_int = $row['id'];
mysqli_query($mysqli,"UPDATE users SET waiting_for_unsubscribe = 0 WHERE email = '" . $_POST['email1'] . "'");
if(mysqli_errno($mysqli)){
echo("Error code " . mysqli_errno($mysqli) . "<br/>");
echo("Error text " . mysqli_errno($mysqli) . "<br/>");
}
//echo("ID------ " . $row['id'] . " ri---- " . $rand_int);
}
//Create the link for the user to verify the subscription
$url = "http://" . $_SERVER['HTTP_HOST'] . "/smic/subscription.php?newid=" . $rand_int;
$mymail = $_POST['email1'];
$esubject = "Please verify your subscription to iAndApp's newsletter ";
$body = "Click the link in order to verify your subscription (If you cannot click the link, just copy it and paste it into the adress field of your browser): " . $url;
$eemail = "NoReply#iandapp.com";
$sent = mail($mymail,$esubject,$body,"From: $eemailn");
if($sent){
if($existing != 1){
echo "<br/>An e-mail with a link has been sent to ". $mymail . ". Please click the link in order to verify your subscription";
}
}else{
echo "Something went wrong. Please try again and make sure you enter a correct e-mail adress.";
}
$existing = 0;
mysqli_free_result($result);
//If unsubscribing
}elseif($_POST['unsubscribedmail'] != ""){
//echo("Unsubscribe........");
//echo($_POST['unsubscribedmail']);
$result = mysqli_query($mysqli,"UPDATE users SET waiting_for_unsubscribe = 1 WHERE email = '" . $_POST['unsubscribedmail'] . "'");
//echo("Err code " . mysqli_errno($mysqli));
//echo("Err text " . mysqli_error($mysqli));
if(mysqli_errno($mysqli)){
echo("Error code " . mysqli_errno($mysqli) . "<br/>");
echo("Error text " . mysqli_errno($mysqli) . "<br/>");
}
$result = mysqli_query($mysqli,"SELECT id FROM users WHERE email = '" . $_POST['unsubscribedmail'] . "'");
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
//echo("ID------ " . $row['id']);
//Create the link for the user to verify that he/she unsubscribes
$url = "http://" . $_SERVER['HTTP_HOST'] . "/smic/subscription.php?unsubscribeid=" . $row['id'];
$mymail = $_POST['unsubscribedmail'];
$esubject = "Please verify that you want to unsubscribe from iAndApp's newsletter ";
$body = "Click the link in order to verify that you want to unsubscribe from iAndApp's newsletter (If you cannot click the link, just copy it and paste it into the adress field of your browser): " . $url;
$eemail = "NoReply#iandapp.com";
$sent = mail($mymail,$esubject,$body,"From: $eemailn");
if ($sent) echo "<br/>A mail with a link has been sent to ". $mymail . ". Please click the link in order to verify that you will unsubscribe from the newsletters.";
else echo "Something went wrong. Please try again and make sure you enter a correct e-mail adress.";
mysqli_free_result($result);
}elseif($_GET['unsubscribeid'] != ""){
$result = mysqli_query($mysqli,"UPDATE users SET subscriber = 0, waiting_for_unsubscribe = 0 WHERE id = " . $_GET['unsubscribeid']);
if($result){
echo("<p>You have now unsubscribed to the newsletter. Thank you for this time and we hope to see you again in the future. /iAndApp.<p/>");
}else{
echo("<p>Somthing went wrong, please click the link again!<p/> ".$result);
}
}else{
echo("<div class="subscribe">
<h4>Subscribe</h4>
<p>Subscribe to iAndApp's newsletter in order to get information about new and updated iPhone games and iPhone applications, that has been released by iAndApp. </p>
<form action="subscription.php" name="subscribe" method="post" onsubmit="return isValidEmailAndEqual()">
<p class="formlabel">Förnamn</p> <input type="text" name="first_name"/><br/>
<p class="formlabel">Efternamn</p> <input type="text" name="surname"/> <br/>
<p class="formlabel">E-mail</p> <input type="text" name="email1"/>
<br/>
<p class="formlabel">Repeat e-mail</p> <input type="text" name="email2"/> <br/>
<input class="inputsubmit" type="submit" value="Subscribe"/>
</form>
</div>");
echo("<div class="footer"></div>");
echo("<div class="subscribe">
<h4>Unsubscribe</h4>
<p>Fill in your e-mail address and submit in order to unsubscribe from iAndApp's newsletter. </p>
<form action="subscription.php" name="unsubscribe" method="post" onsubmit="return isValidEmail()">
<p class="formlabel">E-mail</p> <input type="text" name="unsubscribedmail"/><br/>
<input class="inputsubmit" name="submitbutton" type="submit" value="Unsubscribe"/>
</form>
</div>");
}
mysqli_close($mysqli);
echo("</div>");
?>
Of course, I don't expect you to go through and debug the entire application, but perhaps for the more expreienced folks out there, you know where to look.
I'm starting to get a bit stressed out here...
Please advice what the problem is and how I can solve it.
Thank you in advance!
eror in code:
echo("<div class="subscribe">
<h4>Subscribe</h4>
<p>Subscribe to i
in 1-st line you just close the string by 2-nd quote
you just need to correct code
You have to escape double quotes inside html tags or use single quotes. Right now, echo thinks it's closed after "<div class=". Use one of these:
echo "<div class=\"class\">";
or
echo '<div class="class">';
or
echo "<div class='class'>";
If you dont get any reposne from server (document is clear) or you have server errors but this is not all the time and sometimes script works fine it could be memory limit problem.
do{
$rand_int = rand(100000000, 999999999);
$result = mysqli_query($mysqli, "SELECT id FROM users WHERE id = " . $rand_int);
$no_of_rows = mysqli_num_rows($result);
}while($no_of_rows != 0);
This part of code dosn't look good for me, I suggest you to use auto_increment at id field in db (so id will be unique all the time)
Related
I am trying to make a form for people to fill out that requests a service. They must for one of the fields enter a phone number. To ensure that the phone number is valid I have set up the PHP to send an SMS to the provided number using my providers API.
The sms sends okay and it sends with a PHP variable enclosed. (A Random int between 9999 and 99999.) This code is sent successfully but every submit the code changes as the function runs. The problem with this is that you receive the text but when you enter it in the code has already changed as you submitted the form to validate. I have tried using a button type in html but cant figure our how to run the PHP using it.
Below is the first form they fill out which sends the message.
<?php
$confirmcode = rand(9999, 99999);
//echo "<br/><br/><br/><br/><br/><br/>Confirmation Code:"."<br/><br/>$confirmcode<br/><br/><br/>";
if (isset($_POST['submit'])){
// Validation
//Check Name is non-blank
if( 0=== preg_match("/\S+/", $_POST['fname'])){
$errors['first_name'] = "Please enter your name.";
}
if (0=== preg_match("/^[\+0-9\-\(\)\s]{10,}+$/", $_POST['phone'])){
$errors['phone'] = "Please enter a phone number";
}
//Check Email has required symbols
if (0=== preg_match("/.+#.+\..+/", $_POST['email'])){
$errors ['email'] = "Please enter a valid email address.";
}
//End Validation
$errors = array();
$name = $_POST['fname'];
$address = $_POST['address'];
$phone = $_POST['phone'];
$email = $_POST['email'];
//Sending Confirmation SMS code to confirm phone number.
// Declare the security credentials to use
$username = "############";
$password = "############";
// Set the attributes of the message to send
$message = "Hello " ."$name" ."Your confirmation code is: " ."$confirmcode".". " ."Please enter it .". "on he appraisal request form.";
$type = "1-way";
$senderid = "SanctuaryRE";
$to = $_POST['phone'];
// Build the URL to send the message to. Make sure the
// message text and Sender ID are URL encoded. You can
// use HTTP or HTTPS
$url = "http://api.directsms.com.au/s3/http/send_message?" .
"username=" . $username . "&" .
"password=" . $password . "&" .
"message=" . urlencode($message) . "&" .
"type=" . $type . "&" .
"senderid=" . urlencode($senderid) . "&" .
"to=" . $to;
// Send the request
$output = file($url);
// The response from the gateway is going to look like
// this:
// id: a4c5ad77ad6faf5aa55f66a
//
// In the event of an error, it will look like this:
// err: invalid login credentials
$result = explode(":", $output[0]);
//END SMS
header("Location: process.php");
}
?>
And the form they are pushed onto to confirm the code they were sent.
<html>
<div class="wrapper2">
<form action="" method="POST">
<input type="text" class="textfieldlong" placeholder="Confirmation Code" name="giventoken">
<input type="button" class="submit" value="Verify Phone Number" name="submit2" id="submit2">
</form>
</html>
<style>
.wrapper{
display:none;
}
</style>
</div>
<?php
include "index.php";
//$token = $_POST['giventoken'];
//if (!strcmp($confirmcode,$token)){
// echo "Match";
//}
echo "$confirmcode";
?>
The random int is generated right at the beginning. Please help! Thnx. :D
The random number is being created every time.
You will have to database the number for each specific user and then check when they enter the code. You cant expect the user to get the text and confirm immediately. The only real way to do this is to database it.
Setup a table with the userid and the code, then check when they confirm that you sent that code to that user.
How can I make it so that when a job status gets changed to "Cancelled" it sends an email to me notifying me of the change after submitting?
<form action='phplib/job_update.php' method='post' id='new_job'>
<label for='status'>Job Status</label>
<select name='status' id='status'>
<?php
$sql = "SELECT * FROM status";
$result = mysqli_query($dbc3, $sql);
while($row = mysqli_fetch_assoc($result)){
echo "<option value='" . $row['id'] . "'";
if($row['id'] == $data['status']) echo "selected='selected'";
echo ">" . ucwords($row['name']) . "</option>";
}
?>
</select>
</form>
What the form looks like:
There are many ways to send email with PHP, but I'll show you the simplest (assuming you're not using any libraries or frameworks). Modify the phplib/job_update.php script. After writing to the database (look for another mysqli_query(...) line) add the following code:
$cancelledCode = // Easiest way to find this is to view source in the HTML
if ($cancelledCode == $_POST['status']) {
$to = 'you#example.com';
$subject = 'Cancelled Job';
$message = 'Yo, a job has been cancelled. ...';
if (!mail($to, $subject, $message)) {
// Error sending mail
}
}
More information on the mail() function, including setting the FROM address, can be found at http://www.php.net/mail
the code bellow, is a PHP script that activates a user's account by clicking a link.
The SQL query is executed which updates a table. The update is fine but in the end I'm displaying a message, if activation was successful or not. but mssql_rows_affected returns probably 0 so even the update is successful I'm getting the wrong message. Can't understand whats wrong. Thanks in advance.
$account = $_GET['account'];
$code = $_GET['code'];
$account = antiinjection($account);
$code = antiinjection($code);
connectdb($CONFIG['dbdbname'], $CONFIG['dbaddress'], $CONFIG['dbuser'], $CONFIG['dbpass']);
mssql_query (sprintf(UPDATE_PAY_STAT, $account, $code));
mssql_query("COMMIT");
$rowsaffected = mssql_rows_affected();
$message = "
<div align=center>The account {$account} has been activated! Have fun!</div>
";
if( $rowsaffected != 0 ){
echo "$message";
}
else
{
$message = "
<div align=center>The account {$account} has not been activated due to an error. Please contact the Account Support.</div>
";
}
echopage('header', 'Activate');
echo($message);
echopage('footer', '');
Because i couldn't manage to get mssql_affected_rows() work, I did it like this. I added 1 more sql query that checks if x account name has pay_stat ='1'. Thanks for your answers!
$link=mssql_query (sprintf(SELECT_COUNT_PS, $account));
$row = mssql_fetch_row($link);
if( $row[0] == '1' ){
$message = "
<div align=center>The account {$account} has been activated! Have fun!</div>
";
}
else
{
$message = "
<div align=center>The account {$account} has not been activated due to an error. Please contact the Account Support.</div>
";
}
Basically, this code works but it displays both the sender and receiver in the same color
what do i want? i want the sender colour to be different with the receiver message color
<?php
require_once 'cn.php';
session_start(); // startsession .line17 (username || usernameto='.$username.')
//messages sent or received by the $_SESSION or $_GET["ident"]..line 26
require_once 'protect.php';
$username=$_SESSION['UserID'];
$fiveMinutesAgo = time() - 1000;
$to=$_SESSION['UserTo'];
$sql = 'SELECT
username, message_content,message_file, message_time,usernameto
FROM
messages
WHERE
message_time > ' . $fiveMinutesAgo . '
and ((username='.$username.'
and usernameto='.$to.') or (usernameto='.$username.'
and username='.$to.'))
ORDER BY
message_time';
$result = mysql_query($sql, $cn) or
die(mysql_error($cn));
//mysql_query ("Update messages set message_file= replace(message_file,' ','');
while ($row = mysql_fetch_assoc($result)) {
$hoursAndMinutes = date('g:ia', $row['message_time']);
$mycontent=$row['message_content'];
$myfile=$row['message_file'];
$playfile="<A href=upload/$myfile> $myfile </A>";
/*************************************************************************************************/
echo '<i><p style="font-family:arial;color:purple;font-size:15px;"><strong>' . $row['username']. '</strong>: <em>(' . $hoursAndMinutes . ')</em> ' . $playfile . $mycontent.'</i></p>';
}
?>
Assuming that $username and your column username contains a userID: Check if $username is the same as $row['username']. If it is, your message is from the sender.
if ($row['username'] == $username)
$color = 'red';
else
$color = 'purple';
echo '<i><p style="font-family:arial;color:'.$color.';font-size:15px;"><strong>' . $row['username']. '</strong>: <em>(' . $hoursAndMinutes . ')</em> ' . $playfile . $mycontent.'</i></p>';
Also: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
http://www.php.net/manual/en/function.mysql-query.php
you need to know when the sendername is the same people who has the session open if the sendername else is the receiver
I have built a Facebook app for a client, this app allows the user to enter their details and guess a figure to be entered into a competition. The app is run via an iframe.
Is there any possible way of only letting the user submit the form 5 times maximum within 24 hours (preferably by facebook profile or IP address), then echo an error if they try to enter a 6th time. I have a php script that gathers the data and exports it to a csv file.
PHP form code:
<?php
if($_POST['formSubmit'] == "Submit")
{
$errorMessage = "";
if(empty($_POST['formName']))
{
$errorMessage .= "<li>You forgot to enter your name.</li>";
}
if(empty($_POST['formTown']))
{
$errorMessage .= "<li>You forgot to enter your town.</li>";
}
if(empty($_POST['formEmail']))
{
$errorMessage .= "<li>You forgot to enter your email.</li>";
}
$varName = $_POST['formName'];
$varTown = $_POST['formTown'];
$varAge = $_POST['formAge'];
$varEmail = $_POST['formEmail'];
$varOne = $_POST['hidden-one'];
$varTwo = $_POST['hidden-two'];
$varThree = $_POST['hidden-three'];
$varFour = $_POST['hidden-four'];
$varFive = $_POST['hidden-five'];
if(empty($errorMessage))
{
$fs = fopen("mydata.csv","a");
fwrite($fs,"\n" . $varName . ", " . $varTown . ", " . $varAge . ", " . $varEmail . ", " . $varOne . $varTwo . $varThree . $varFour . $varFive);
fclose($fs);
header("Location: thankyou.php");
exit;
}
}
?>
The obvious solution is to log form submits to a database. For each submit you log the time and an identifier for the user (IP address, Facebook account, etc). This data can be used to check how many times the user submitted the form in the last 24 hours. If this is more than X times, you do not store the data and inform the user.
But this solution assumes you have access to a database.