WampServer

I'm trying to create a user-searchable database for contacts, and I keep getting an access denied page. In addition, on the localhost machine i get access denied to /sigmapiminnesota/inc< whereas others on the network get denied /inc<

the code for the php file was mostly taken from [php.about.com] and adopted to my username, password and table specifics.

i've tried some other codes as well and found that simply running a search through php without user input will return results. however, as soon as i try any code that has user input, i get the 403 error.

any clues?

// Otherwise we connect to our Database
mysql_connect("mysql.yourhost.com", "user_name", "password" or die(mysql_error());
mysql_select_db("database_name" or die(mysql_error());

Post this part of your code here

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides

mysql_connect("localhost", "root", "password" or die(mysql_error());
mysql_select_db("contact" or die(mysql_error());

I followed it pretty closely; the rest wasn't changed except to accomodate more columns.

EDIT: The error message was actually (...) sigmapiminnesota/inc/< not sigmapiminnesota/inc<
and /inc/< not /inc<



Edited 1 time(s). Last edit at 05/12/2008 01:26AM by dzdrazil.

Is "password" the real password you're using in the script? Did you actually have this db "contact"?

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides

is there a .htaccess file in either of those folders?

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

yfastud Wrote:
-------------------------------------------------------
> Is "password" the real password you're using in
> the script? Did you actually have this db
> "contact"?


The password is different, but i put the actual password into the code
Yes, contact exists- i made it via phpmyadmin. the code from the example here: [www.w3schools.com] works perfectly when adopted to my database; it's just when user input is required.

stevemartin99 Wrote:
_______________________________________________________
>is there a .htaccess file in either of those folders?

No... should there be? did i overlook something drastically simple and obvious?

ca. u postup thewhole script

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

i've taken out some of the comments from the tutorial as they were in the way when i was reworking the script; the rest i left in.

<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Search for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="fname">First Name</option>
<Option VALUE="lname">Last Name</option>
<Option VALUE="emali">Email Address</option>
<Option VALUE="gradyear">Graduation Year</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>

<?php
if ($searching =="yes"
{
echo "<h2>Results</h2><p>";
if ($find == ""
{
echo "<p>You forgot to enter a search term";
exit;
}

mysql_connect("localhost", "root", "password" or die(mysql_error());
mysql_select_db("contact" or die('Could not connect' . mysql_error());

// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM users WHERE upper($field) LIKE'%$find%'";

//Formats the results
while($result = mysql_fetch_array( $data ))
{
echo $result['fname'];
echo " ";
echo $result['lname'];
echo " ";
echo $result['phone'];
echo " ";
echo $result['email'];
echo " ";
echo $result['gradyear'];
echo " ";
echo "<br /><br />";
}

$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}

echo "<b>Searched For:</b> " .$find;
}
?>

I'm pretty sure i copied everything right; i've been changing things around a bit to find a solution.

="<?=$PHP_SELF?>">



this looks wrong.. <?=

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

It's supposed to return the results to the same page, but the form isn't in the php coding so i'm assuming that was meant to be parsed and was simply being returned as <
what if i were to buffer the entire page or enclose the form within the main php coding and have it sent to the same page that way?

no phpself is ok but that = is wrong. Just put the file name in there action='filename.php'

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

no phpself is ok but that = is wrong. Just put the file name in there action='filename.php'

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

no phpself is ok but that = is wrong. Just put the file name in there action='filename.php'

Steven Martin
stevenmartin99@gmail.com
stevenmartin99@hotmail.com
PampServer.com - [pampserver.com]

= is used for ASP and for PHP, it should be

<form name="search" method="post" action="<?php echo $PHP_SELF;?>">

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides



Edited 1 time(s). Last edit at 05/12/2008 05:21PM by yfastud.

Well, I no longer get an error, but when i hit 'search' i just get the blank form back- nothing changes on the screen.

Unfortunately, I must now leave for about a week or so, and i can't really bring my computer with me. I don't have remote access set up either, so I'll be taking a week off all-together. Here's my complete code so far; if you see an error, feel free to let me know and i'll get back to work in a week.

I am very grateful for your help thus far. THANK YOU!

<h2>Search</h2>
<form name="search" method="post" action="<?php echo $PHP_SELF;?>">
Search for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="fname">First Name</option>
<Option VALUE="lname">Last Name</option>
<Option VALUE="emali">Email Address</option>
<Option VALUE="pclass">Pledge Class</option>
<Option VALUE="gradyear">Graduation Year</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>

<?php
if ($searching =="yes"
{
echo "<h2>Results</h2><p>";
if ($find == ""
{
echo "<p>You forgot to enter a search term";
exit;
}

mysql_connect("localhost", "root", "1897" or die(mysql_error());
mysql_select_db("contact" or die('Could not connect' . mysql_error());

// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM users WHERE upper($field) LIKE'%$find%'";

//Formats the results
while($result = mysql_fetch_array( $data ))
{
echo $result['fname'];
echo " ";
echo $result['lname'];
echo " ";
echo $result['phone'];
echo " ";
echo $result['email'];
echo " ";
echo $result['pclass'];
echo " ";
echo $result['gradyear'];
echo " ";
echo "<br /><br />";
}

$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}

echo "<b>Searched For:</b> " .$find;
}
?>