The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. October 16, 2019, 04:32:01 AM

Login with username, password and session length


Pages: [1] 2 3
  Print  
Author Topic: OK guys some help needed - PHP and mysql  (Read 8475 times)
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« on: July 08, 2008, 03:33:58 AM »

Hey

As I said in my initial post in the welcome section I am a complete newbie when it comes to coding php and mysql and do not have the slightest idea as to where to start, however I want to build something for one of my WH sites.

Basically I have a discount codes website based on wordpress which I am going to revamp and make more like a cms - I believe I can do this through the use of some plug ins and so on - however the big issue I have is that if I carry on as I have been doing which is displaying the discount code on the site then people will just get the code and go directly to the retailer - without using my aff link.

I could be naughty and stuff cookies - which I don't want to do in this instance so instead I want to do the following:

Have a use promo button on my post / page - this will then open another browser window or tab within which the merchant site is loaded - however over the top of the merchant site (and using css / js) I will display a 'pop up' with the promo code inserted in there - this means people can only get the code once the cookie has been dropped on opening of the merchant site.

I have the code for the css and js already so can do that part but the bit I am struggling with is the dynamic generation of the content to insert into that 'pop up' etc

So here is what I am thinking that I need:

A password protected admin section on my site
In this area I am able to enter  -through a web based form - certain pieces of information such as meta keywords, voucher details, actual promo code etc
This data is then written to a DB and has a unique reference
Insert php tags into a merchant load page - i.e. www.mydomain.com/merchantload.php?merchant_id=XX
When this page is then loaded it opens the merchant site in the background and then shows the css pop up on top with the voucher code dynamically inserted

I could do this manually for each one but this takes a lot of time and ultimately I want to be able to do it through a web based admin interface and have the data inserted on the fly when the page is called.

I am sure for a php / mysql newbie like myself this is a fairly big project to undertake but I want to be able to have a go at it so would welcome some initial inspiration / thoughts from people as to where to start.

Cheers for reading this far!!
Logged

No links in signatures please
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #1 on: July 08, 2008, 06:27:43 AM »

actually the project doesnt need to be that hard if you are willing to simplify and keep it inflexible.
A lot of noobs get stuck on the idea that they need to do everything correctly the first time. In reality, you just need to DO IT.
just like BH...

Once you know how to do it, then its a matter of doing it right. Like sex. but not as fun. so not like sex. but you get my point.

login for example. dont bother with one of these crazy ass login systems with multi permissions etc etc if you dont need it. just use my ghetto login as a starting point, or even go simpler if you want.

for the most part, stupid simple will help you succeed. features will kill you as a noob.
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
vsloathe
vim ftw!
Global Moderator
Lifer
*****
Offline Offline

Posts: 1669



View Profile
« Reply #2 on: July 08, 2008, 06:51:11 AM »

Need more information.

Sounds like an awfully complicated way of doing it though.
Logged

hai
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #3 on: July 08, 2008, 07:09:28 AM »

Thanks for the response guys

Like I said I am just finding my way with this stuff  - Vsloathe have sent you a pm with the site I have got the idea from - and based on my very 'simple' view of these things - it was my assumption that what I had outlined in my post above was the best way to do things

But you guys are the experts!!

Cheers KK
Logged

No links in signatures please
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #4 on: July 08, 2008, 08:04:57 AM »

Hey Kops -

Let's just tackle the "CRUD" part of the job first - (Create/Read/Update/Delete) - does this have to be a custom piece of code? I mean, if you have a table with an autoincrementing integer as the primary key (call it "ID" or something) then as you enter new items you'd automatically get a unique id. If you manage this all with phpMyAdmin then you have a nice web interface that can be set up to require a password everytime and you've nailed the first half of your job, no?
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #5 on: July 08, 2008, 08:12:38 AM »

Hey perks

Yes that would be perfect, I have been doing some further reading today to try and get more upto speed with things!
Logged

No links in signatures please
vsloathe
vim ftw!
Global Moderator
Lifer
*****
Offline Offline

Posts: 1669



View Profile
« Reply #6 on: July 08, 2008, 08:13:21 AM »

Thanks for the link to the site KK.

What you're looking for is some pretty tricky javascript. The PHP and database part is relatively simple, and I'm sure we could help you tackle it. PM some of the more guru-esque javascript guys like Nutballs or Perk for help with the javascript to do what he's doing on that page you sent me. There is a bit of XSS restriction to overcome there.
Logged

hai
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #7 on: July 09, 2008, 06:59:45 AM »

Quick update on where we are!

Thanks to Nutballs, Vsloathe and Perks for their replies and PM's so far, looks like I am biting something off that is a lot more than I can chew right now but what the hell!!

Anyway have broken it down into its component parts and story boarded what I want it to do.

Took some time last night with a php and mysql tutorial and built a very very simple form to input data into my db - so am quite proud of that so far! - a small step but an important one!!!
Logged

No links in signatures please
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #8 on: July 09, 2008, 07:45:19 AM »

right on kops - you go man!

looking forward to hearing of the progress. ping as you need it.

/p
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #9 on: July 09, 2008, 08:00:23 AM »

Cheers Perks

Got a quick question - I am going to have a play around tonight with inserting data from the DB into a page - just while I start to get a feel for getting individual pieces of data from the Db rather than whole rows

I have managed to get information displaying individually by using the following code:

<?
   
$id = "2";

   # setup SQL statement
   
$SQL = " SELECT * FROM discount_codes ";
   $SQL = $SQL . " WHERE id = '$id' ";

   

# execute SQL statement
   

$retid = mysql_db_query($db, $SQL, $cid);

   

# check for errors
   if (!$retid) { echo( mysql_error()); }
   else {

      

# display results
      

      while ($row = mysql_fetch_array($retid)) {
         $affurl = $row["affurl"];
         $disccode = $row["disccode"];

         echo ("<DD><A HREF='$affurl'>$disccode[/url]</DD>\n");
      }

   
}

?>

However I am having to individually write the ID of the row into the bit of code: $id = "2"; - ie. in this case row 2

Ultimately I want to retrieve that bit of info from the url - i.e. www.mydomain.com/discountcodeoffer.php?affid=2

Is it possible to select a specific piece of info from a url to do that? - I have had a scout around today and some sites are advising to use $_Get but my attempts at using this have proved fruitless so far - any thoughts?

I want to get a feel for all the bits that I have to do and have a play around with it before I really get my teeth stuck into the main bit of the project!

KK
Logged

No links in signatures please
nutballs
Administrator
Lifer
*****
Offline Offline

Posts: 5627


Back in my day we had 9 planets


View Profile
« Reply #10 on: July 09, 2008, 08:15:46 AM »

change this line: 
$id = "2";

to this:

$id = $_GET['affid'];

assuming affid is what is actually in the querystring or course. also make sure GET is all caps.

that at least gets you to pulling the database entry, based upon the ID in the URL like you want. The next step will be verifying that its actually an integer, since I could fuck your site 10 ways from sunday without it.

if (!is_int($_GET['affid'])
{
die("fuck off hacker.");
}
Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #11 on: July 09, 2008, 08:22:06 AM »

Cheers Nutballs - appreciate it
Logged

No links in signatures please
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #12 on: July 09, 2008, 08:23:30 AM »

(Dang it, NBs just got in here quicker)

Consider this snippet:

Code:
<?

$id = $_GET['theparam'];

if ($retid = mysql_db_query($db, "SELECT * FROM discount_codes where id=$id", $cid))
{
while ($row = mysql_fetch_array($retid))
echo ("<DD><A HREF='{$row["affurl"]}'>$row["disccode"]</A></DD>\n");
} else echo mysql_error();

?>

I wrote this kind of "squishy" so that you could see some different ways to handle strings and control blocks.

However I am having to individually write the ID of the row into the bit of code: $id = "2"; - ie. in this case row 2
Ultimately I want to retrieve that bit of info from the url - i.e. www.mydomain.com/discountcodeoffer.php?affid=2
Is it possible to select a specific piece of info from a url to do that? - I have had a scout around today and some sites are advising to use $_Get but my attempts at using this have proved fruitless so far - any thoughts?
The problem is that PHP is case sensitive for variables and $_Get is not the same as $_GET ... change as listed and as Nuts says. Also, Nuts' is_int() call is an excellent way to start protecting yourself - I was gonna comment as well on the sql-insertion vector you are opening up here. That's a good start.
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
vsloathe
vim ftw!
Global Moderator
Lifer
*****
Offline Offline

Posts: 1669



View Profile
« Reply #13 on: July 09, 2008, 12:58:57 PM »

if (!is_int($_GET['affid'])
{
die("fuck off hacker.");
}

You'll need to do a little more than this.

At least do
Code:
if (!is_int($_GET['affid'] || strlen($_GET['affid']) > 10)
{
die("fuck off hacker.");
}

There are always ways of doing clever things with integers, given enough of them to work with. LOL
Logged

hai
kopkingmeister
Rookie
**
Offline Offline

Posts: 16


View Profile
« Reply #14 on: July 09, 2008, 01:04:48 PM »

OK hit a brick wall!!!

I keep getting the following error when trying to run the code:

Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/xxxxxxxxxx.php on line 40

done some searching to try and find a way around it and for the life of me cannot get it change!- if I remove anything then i just get other errors in the code!

Perk followed your code above and it is throwing the error everytime - looks like it is something to do with this line:

echo ("<DD><A HREF='{$row["affurl"]}'>$row["disccode"][/url]</DD>\n");

Logged

No links in signatures please
Pages: [1] 2 3
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!