PHP Member Pages... Need major help...
-
thebiostyle wrote:
Print "".$list['username']."</b></td><td bgcolor=\"#000000\" colspan=\"2\"></td><td class=\"alt\"><td class="alt"><center><b><u>Email</u></b></center></td><td><a href='mailto:".$list['email']."'>Send Message</a></td></tr><tr class="alt"><td class="alt"><center><b><u>Member Title</u></b></center></td><td><b>
".$list['title']."</b></td><td bgcolor=\"#000000\" colspan=\"2\"></td><td class=\"alt\"><td class="alt"><center><b><u>Country</u></b></center></td><td>".$list['country']."</td></tr><tr class="alt"><td class="alt"><center><b><u>Company</u></b></center></td><td><b>
".$list['company']."</b></td><td bgcolor=\"#000000\" colspan=\"2\"></td><td class=\"alt\"><td class="alt"><center><b><u>Website</u></b></center></td><td>".$list['www']."</td></tr><tr class="alt"><td class="alt"><center><b><u>Joined On: </u></b></center></td><td><b>
".$list['date']."</b></td><td bgcolor=\"#000000\" colspan=\"2\"></td><td class=\"alt\"><td class="alt"><center><b><u>Browser</u></b></center></td><td>".$list['browser']."</td></tr><br /><br /><br /><tr class="alt"><td class="alt"><center><b><u>About</u></b></center></td><td><b>
".$list['about']."</b></td><td bgcolor=\"#000000\" colspan=\"2\"></td><td class=\"alt\"><td class="alt"><center><b><u>Intrests</u></b></center></td><td>".$list['intrests']."</td></tr>";Graham gave you the solution earlier. You still have unescaped double quotes in your string,
<td class="alt">in particular.If at first you don't succeed, you're not Chuck Norris.
Okay... Thanks, it now shows the page and loads the information... But how do I fix the... "profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER" to "profile.php?user=IDOFCHOSENUSER" THANKS! EDIT: There is something... "humorously fatal" on the profile page... The first two "columns in the first row"... Are turning "Background Color = limegreen, Font Color = red"... Here is the code:
<td bgcolor=\"#FF0000\" color=\"#000000\"><center><b><u>Username</u></b></center></td><td bgcolor=\"#FF0000\" color=\"#000000\"><b>';
Print "".$list['username']."</b></td>So obviously somethings wrong... I can take a screenshot and post a link to it if ya'd like... Thanks.
modified on Saturday, January 23, 2010 4:16 PM
-
Okay... Thanks, it now shows the page and loads the information... But how do I fix the... "profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER" to "profile.php?user=IDOFCHOSENUSER" THANKS! EDIT: There is something... "humorously fatal" on the profile page... The first two "columns in the first row"... Are turning "Background Color = limegreen, Font Color = red"... Here is the code:
<td bgcolor=\"#FF0000\" color=\"#000000\"><center><b><u>Username</u></b></center></td><td bgcolor=\"#FF0000\" color=\"#000000\"><b>';
Print "".$list['username']."</b></td>So obviously somethings wrong... I can take a screenshot and post a link to it if ya'd like... Thanks.
modified on Saturday, January 23, 2010 4:16 PM
thebiostyle wrote:
Okay... Thanks, it now shows the page and loads the information... But how do I fix the... "profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER" to "profile.php?user=IDOFCHOSENUSER"
You change the link, obviously. eg.
<a href="profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER">Link</a>
Will be:
<a href="profile.php?user=IDOFCHOSENUSER">Link</a>
thebiostyle wrote:
<td bgcolor=\"#FF0000\" color=\"#000000\"><center><b><u>Username</u></b></center></td><td bgcolor=\"#FF0000\" color=\"#000000\"><b>';
Print "".$list['username']."</b></td>It's obviously not that line. Do you have any other styles affecting it i.e. from a Style Sheet?
If at first you don't succeed, you're not Chuck Norris.
-
thebiostyle wrote:
Okay... Thanks, it now shows the page and loads the information... But how do I fix the... "profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER" to "profile.php?user=IDOFCHOSENUSER"
You change the link, obviously. eg.
<a href="profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER">Link</a>
Will be:
<a href="profile.php?user=IDOFCHOSENUSER">Link</a>
thebiostyle wrote:
<td bgcolor=\"#FF0000\" color=\"#000000\"><center><b><u>Username</u></b></center></td><td bgcolor=\"#FF0000\" color=\"#000000\"><b>';
Print "".$list['username']."</b></td>It's obviously not that line. Do you have any other styles affecting it i.e. from a Style Sheet?
If at first you don't succeed, you're not Chuck Norris.
Well, when I took out that line it showed as BG=black FC=red, but I don't know, maybe you can find the mistake... Here is the code for "profile.php":
<?
include_once"CONFIGPAGE.php";$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_REQUEST['username']."'"));
$fetch_users_id = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'"));
?>
<html>
<head>
<title>Members - Profile - <? echo "".$fetch_users_data->username.""; ?> ~ Bio-Designs</title><style type="text/css"> <!-- a {color: #000000; text-decoration: none;}a:link {color: #000000} a:visited {color: #000000} a:hover {color:#000000; width:7em} body{color: #FF0000} .dockmenu{ text-align: center; height: 50px; position: relative;}a.dockItem { text-align: center; color: #000;font-weight: bold; text-decoration: none; width: 50px; position: absolute; display: block; bottom: 0;}.dockItem img { border: none; margin: 0 auto 5px auto; width: 75%;}.dockItem span { display: none; positon: absolute;}.dockmenuContainer { height: 50px; left: 76px; position: absolute; top: 40px;}font {color: FF0000;}<!--BODY { scrollbar-arrow-color:#000000; scrollbar-track-color:#000000; scrollbar-shadow-color:#000000; scrollbar-face-color:#FF0000; scrollbar-highlight-color:#FF0000; scrollbar-darkshadow-color:#000000; scrollbar-3dlight-color:#FF0000; } table, td, th{border:0px 1px 0px 1px dashed #FF0000; padding:2px 2px 2px 2px;} td.alt {font-size:14pt; color: #000000;} tr.alt { background-color: #FF0000; color: #000000; border: 1px dotted red;}//-->
</style><link rel="icon" type="image/gif" href="http://i248.photobucket.com/albums/gg195/Bio-Gfx/thebiostylefavicon.gif">
</head>
<body bgcolor="#000000" onload="$_GET['user']">
<br /><div> <div style="text-align: center;"> <img src="http://www.thebiostyle.com/biologoblackv1.0.png" /><br /><br /><div align="center">
<span style=\"font-size: 24pt; color: rgb(255, 0, 0);\"><font size=\"20pt\" color=\"#FF0000\"><u><b>Profile</b></u></font></span><br /><br />
<table cellspacing="4" cellpadding="4" style=" border:1px dotted red;">
<?
$list_memberinfo = mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'");
while($list = mysql_fetch_array( $list_memberinfo ))
{
Print '<tr class=\"alt\"><td class=\"alt -
Well, when I took out that line it showed as BG=black FC=red, but I don't know, maybe you can find the mistake... Here is the code for "profile.php":
<?
include_once"CONFIGPAGE.php";$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_REQUEST['username']."'"));
$fetch_users_id = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'"));
?>
<html>
<head>
<title>Members - Profile - <? echo "".$fetch_users_data->username.""; ?> ~ Bio-Designs</title><style type="text/css"> <!-- a {color: #000000; text-decoration: none;}a:link {color: #000000} a:visited {color: #000000} a:hover {color:#000000; width:7em} body{color: #FF0000} .dockmenu{ text-align: center; height: 50px; position: relative;}a.dockItem { text-align: center; color: #000;font-weight: bold; text-decoration: none; width: 50px; position: absolute; display: block; bottom: 0;}.dockItem img { border: none; margin: 0 auto 5px auto; width: 75%;}.dockItem span { display: none; positon: absolute;}.dockmenuContainer { height: 50px; left: 76px; position: absolute; top: 40px;}font {color: FF0000;}<!--BODY { scrollbar-arrow-color:#000000; scrollbar-track-color:#000000; scrollbar-shadow-color:#000000; scrollbar-face-color:#FF0000; scrollbar-highlight-color:#FF0000; scrollbar-darkshadow-color:#000000; scrollbar-3dlight-color:#FF0000; } table, td, th{border:0px 1px 0px 1px dashed #FF0000; padding:2px 2px 2px 2px;} td.alt {font-size:14pt; color: #000000;} tr.alt { background-color: #FF0000; color: #000000; border: 1px dotted red;}//-->
</style><link rel="icon" type="image/gif" href="http://i248.photobucket.com/albums/gg195/Bio-Gfx/thebiostylefavicon.gif">
</head>
<body bgcolor="#000000" onload="$_GET['user']">
<br /><div> <div style="text-align: center;"> <img src="http://www.thebiostyle.com/biologoblackv1.0.png" /><br /><br /><div align="center">
<span style=\"font-size: 24pt; color: rgb(255, 0, 0);\"><font size=\"20pt\" color=\"#FF0000\"><u><b>Profile</b></u></font></span><br /><br />
<table cellspacing="4" cellpadding="4" style=" border:1px dotted red;">
<?
$list_memberinfo = mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'");
while($list = mysql_fetch_array( $list_memberinfo ))
{
Print '<tr class=\"alt\"><td class=\"altthebiostyle wrote:
<form action='profile.php' method='GET'>
Do you know what the GET method of submitting a form actually does? Every input within the form, has their value displayed in the URL on the action page (the page the form is submited to). E.g.
<form action="submit.php" method="get">
<input type="hidden" name="fieldName" value="fieldValue" />
<input type="hidden" name="fieldName2" value="fieldValue2" />
</form>Would direct to
submit.php?fieldName=fieldValue&fieldName2=fieldValue2If at first you don't succeed, you're not Chuck Norris.
-
thebiostyle wrote:
<form action='profile.php' method='GET'>
Do you know what the GET method of submitting a form actually does? Every input within the form, has their value displayed in the URL on the action page (the page the form is submited to). E.g.
<form action="submit.php" method="get">
<input type="hidden" name="fieldName" value="fieldValue" />
<input type="hidden" name="fieldName2" value="fieldValue2" />
</form>Would direct to
submit.php?fieldName=fieldValue&fieldName2=fieldValue2If at first you don't succeed, you're not Chuck Norris.
-
Well, when I took out that line it showed as BG=black FC=red, but I don't know, maybe you can find the mistake... Here is the code for "profile.php":
<?
include_once"CONFIGPAGE.php";$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_REQUEST['username']."'"));
$fetch_users_id = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'"));
?>
<html>
<head>
<title>Members - Profile - <? echo "".$fetch_users_data->username.""; ?> ~ Bio-Designs</title><style type="text/css"> <!-- a {color: #000000; text-decoration: none;}a:link {color: #000000} a:visited {color: #000000} a:hover {color:#000000; width:7em} body{color: #FF0000} .dockmenu{ text-align: center; height: 50px; position: relative;}a.dockItem { text-align: center; color: #000;font-weight: bold; text-decoration: none; width: 50px; position: absolute; display: block; bottom: 0;}.dockItem img { border: none; margin: 0 auto 5px auto; width: 75%;}.dockItem span { display: none; positon: absolute;}.dockmenuContainer { height: 50px; left: 76px; position: absolute; top: 40px;}font {color: FF0000;}<!--BODY { scrollbar-arrow-color:#000000; scrollbar-track-color:#000000; scrollbar-shadow-color:#000000; scrollbar-face-color:#FF0000; scrollbar-highlight-color:#FF0000; scrollbar-darkshadow-color:#000000; scrollbar-3dlight-color:#FF0000; } table, td, th{border:0px 1px 0px 1px dashed #FF0000; padding:2px 2px 2px 2px;} td.alt {font-size:14pt; color: #000000;} tr.alt { background-color: #FF0000; color: #000000; border: 1px dotted red;}//-->
</style><link rel="icon" type="image/gif" href="http://i248.photobucket.com/albums/gg195/Bio-Gfx/thebiostylefavicon.gif">
</head>
<body bgcolor="#000000" onload="$_GET['user']">
<br /><div> <div style="text-align: center;"> <img src="http://www.thebiostyle.com/biologoblackv1.0.png" /><br /><br /><div align="center">
<span style=\"font-size: 24pt; color: rgb(255, 0, 0);\"><font size=\"20pt\" color=\"#FF0000\"><u><b>Profile</b></u></font></span><br /><br />
<table cellspacing="4" cellpadding="4" style=" border:1px dotted red;">
<?
$list_memberinfo = mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'");
while($list = mysql_fetch_array( $list_memberinfo ))
{
Print '<tr class=\"alt\"><td class=\"altBefore you continue, I suggest you tidy up your code and get into some good practices.
thebiostyle wrote:
include_once"CONFIGPAGE.php";
Encapsulate the target file in brackets:
include_once('CONFIGPAGE.php');. And use single quotes, as it is quicker.thebiostyle wrote:
$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_REQUEST['username']."'"));
$fetch_users_id = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'"));You need to check first whether or not 'user' and 'username' are set. If they aren't then it will throw errors.
$username = isset( $_REQUEST['username'] ) ? $_REQUEST['username'] : '';
$user = isset( $_GET['user'] ) ? $_GET['user'] : '';You seriously need to sanitise your data inputs to protect from SQL injection attacks. Use the mysql_real_escape_string[^] function.
$username = mysql_real_escape_string( $username );
$user = mysql_real_escape_string( $user );Then use those sanitized values as your SQL inputs.
thebiostyle wrote:
echo "".$fetch_users_data->username."";
There is no need for the
""around the value. It will work just fine without it:echo $fetch_users_data->username;thebiostyle wrote:
There is no need to have an onload attribute, with
$_GET['user']. It is also bad practice to use bgcolor. Use the style attribute instead, or better still use CSS classes.thebiostyle wrote:
</div>
</table>From what I can see you haven't opened a div; therefore there is no need to close one. Note that you should also have a DOCTYPE which you should work from. http://www.w3schools.com/tags/tag_DOCTYPE.asp[^]
If at first you don't succeed, you're not Chuck Norris.
-
Yes, I know that, but in an earlier post, it said that I was right to use the "GET" method. Also, Did you find anything out about the "color" issue...?
thebiostyle wrote:
Yes, I know that, but in an earlier post, it said that I was right to use the "GET" method.
thebiostyle wrote:
Okay... Thanks, it now shows the page and loads the information... But how do I fix the... "profile.php?username=USERNAMEOFCHOSENUSER&user=IDOFCHOSENUSER" to "profile.php?user=IDOFCHOSENUSER"
ALL the inputs in your form are sent to the URL, if you don't want them in the URL then don't have them in the form!
If at first you don't succeed, you're not Chuck Norris.
-
Before you continue, I suggest you tidy up your code and get into some good practices.
thebiostyle wrote:
include_once"CONFIGPAGE.php";
Encapsulate the target file in brackets:
include_once('CONFIGPAGE.php');. And use single quotes, as it is quicker.thebiostyle wrote:
$fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE username='".$_REQUEST['username']."'"));
$fetch_users_id = mysql_fetch_object(mysql_query("SELECT * FROM `members` WHERE id='".$_GET['user']."'"));You need to check first whether or not 'user' and 'username' are set. If they aren't then it will throw errors.
$username = isset( $_REQUEST['username'] ) ? $_REQUEST['username'] : '';
$user = isset( $_GET['user'] ) ? $_GET['user'] : '';You seriously need to sanitise your data inputs to protect from SQL injection attacks. Use the mysql_real_escape_string[^] function.
$username = mysql_real_escape_string( $username );
$user = mysql_real_escape_string( $user );Then use those sanitized values as your SQL inputs.
thebiostyle wrote:
echo "".$fetch_users_data->username."";
There is no need for the
""around the value. It will work just fine without it:echo $fetch_users_data->username;thebiostyle wrote:
There is no need to have an onload attribute, with
$_GET['user']. It is also bad practice to use bgcolor. Use the style attribute instead, or better still use CSS classes.thebiostyle wrote:
</div>
</table>From what I can see you haven't opened a div; therefore there is no need to close one. Note that you should also have a DOCTYPE which you should work from. http://www.w3schools.com/tags/tag_DOCTYPE.asp[^]
If at first you don't succeed, you're not Chuck Norris.
Okay, everything is fixed, except the color issue... With the DOCTYPE, I think it fixed the colors, but now they're BG=black and FC=red, when they need to be BG=red and FC=black..... BTW, the whole site is filled with errors, but it works for me, lol so it's okay. Though with the site being used for web design and computer graphic design, I will make sure not to include errors in any other page. Thanks!
-
Okay, everything is fixed, except the color issue... With the DOCTYPE, I think it fixed the colors, but now they're BG=black and FC=red, when they need to be BG=red and FC=black..... BTW, the whole site is filled with errors, but it works for me, lol so it's okay. Though with the site being used for web design and computer graphic design, I will make sure not to include errors in any other page. Thanks!
-
I'd really recommend removing all the
bgcolor=stuff (and thespan,center,b,utags)and putting it into the style sheet. You can apply multiple classes to an element if you want to, you just need to separate them with spaces, like this:<td class="alt dark">some stuff</td>
Where "dark" is your new class specifying the correct background and font colours:
td.dark {
background-color: #FF0000;
color: #000000;
font-size: 16pt;
text-align: center;
font-weight: bold;
text-decoration: underline
}If you move all the style information into the style sheet it becomes a lot easier to spot problems in the PHP and HTML.
-
I'd really recommend removing all the
bgcolor=stuff (and thespan,center,b,utags)and putting it into the style sheet. You can apply multiple classes to an element if you want to, you just need to separate them with spaces, like this:<td class="alt dark">some stuff</td>
Where "dark" is your new class specifying the correct background and font colours:
td.dark {
background-color: #FF0000;
color: #000000;
font-size: 16pt;
text-align: center;
font-weight: bold;
text-decoration: underline
}If you move all the style information into the style sheet it becomes a lot easier to spot problems in the PHP and HTML.
