DEAR rproffitt....
THANK YOU!!!
I initially felt th name and the way form was used in the code was weird. I tried deleting it from one place and that half fixed it so then you pointed out the form name and i tinkered with that for a while, then i realized that if i just delete the form name line from each of the if statements then BLAME! all is right with rain!
AHHAHA! YES i just wanted to let everyone know that i figured out what my issue was, i was appending a newly generated salt on the end of my compared hash and then doing the comparison, all i had to do was NOT hash the stored values from the database and then just hash once the values from the given input. Then i just compared the hashes and VOILA i have my magical hashy goodness. Finally i also figured out that my checkbrute fucntion was backwards, i had it set to true always so it wouldnt even make it through to the next if statement, that was my bad. Now its working great and i have some tighter security on my program, THANK YOU EVERYONE for all of you excellent assistance!!!
lol with enough time and effort the solution can be found, and while this solution isnt the best it works just fine, though it may be a little hard to read without some commenting since this is a very unique solution to this problem. I am not promoting this solution as the only way this is simply the method i figured out through lots of reading and running through example code.
here is the script inside my html, this is ajax but has been modified to be generated inside a loop since the note system i had in place is for multiple users inside a table.
<script>
function no_redirect<?php echo $u;?>(){
// var note_text=$('#note_text').val();
// var cnotes=$('#cnotes').val();
// var formData = "note_text="+note_text+"&cnotes="+cnotes;
var xhr;
if (window.XMLHttpRequest) {
xhr = new XMLHttpRequest();
}
else if (window.ActiveXObject) {
xhr = new ActiveXObject("Msxml2.XMLHTTP");
}
else {
throw new Error("Ajax is not supported by this browser");
}
var datanote<?php echo $u;?> = $("#note_form<?php echo $u;?>").serialize(); // gets all data from your form
$.ajax({
url : "addnote.php",
type: "POST",
// data : formData,
data: datanote<?php echo $u;?>,
success: function(data, textStatus, jqXHR)
{
//data - response from server
alert(data);
},
});
}
</script>
below is the php code i used, it works but is definitly a rough solution, use with caution.
$con = mysqli_connect($host,$uname,$pass,$database) or die(mysqli_error($con));
$customer_notes = NULL;
$row = NULL;
$totalrow = NULL;
$totalrow = $_POST['totalrow']; // get total row for the number of times the loop below needs to run …NOPE NOPE NOPE i apologize for wasting your time jstfsklh211 this was a stupid error and i should have seen it but i simply was not paying enough attention, NOW TO MAKE UP FOR IT!
ill explain what i did wrong and how i fixed this, you see when i echo out the value in the html part of the form it was actually not echoing anything because i was missing THIS ";" at the end of my line, this method entirely works now that i have managed to fix it but yeah that was my ONLY issue. again sorry for the mix up, but regardless jstfsklh211 thank you for you assistence.
YES! with enough time and concentration the answer can be found, and i would be delighted to share this solution to help any wondering php'ers that happen across this by any chance.
FIRSTLY turns out this CAN be done in php, or at least the logic, you are still going to use javascript like bootstrap and jquery to call classes so it will know what to do with said php logic. Here is what i have.
<tr data-toggle="collapse" data-target="#row<?php echo $loopcounter; ?>" class="accordion-toggle">
<td><center>
<span class="arrow">▼</span>
</center></td>
<td><?php echo @$row['status'] ?></td>
<td><?php echo @$row['username'] ?></td>
<td><?php echo @$row['last_6_vin'] ?></td>
<td><?php echo @$row['account'] ?></td>
<td><?php echo @$row['repo_sale_date'] ?></td>
</tr>
Notice what i did here, i still declared the id as row for the data-target to work properly with jquery BUT i added that php loopcounter in there, the loop counter is used in the while loop when creating the php table, like below.
<?php
$query=mysqli_query($con, "SELECT * FROM users")or die(mysqli_error($con));
$loopcounter = 0;
while($row=mysqli_fetch_array($query)){
$loopcounter++;
$id=$row['id'];
?>
simply initialize the loopcounter and then in teh while loop add one each time and this will become your individualized row ID for making each table entry open and close. I am NOW in the process of figuring out how to get them to open and close singularly so as to not open so many at the same time but that one is for a later date. I hope this helps anyone who struggles with this as i have and …
This is perfect, i have also been looking into cereals idea as well. Honestly eithe rof these solutions will work for me but i may end up looking into cereals a bit more, i just need to read up mainly. My question diafol is will i be able ot use your code as a stand alone application, like maybe set it up and then package it using cereals idea, so that i can include it to be able to set up this whole project instantly, basically like an installer but simply moves the files to the correct place.
Also i just wanted to mention that i truly appreciate everything you guys have done. This has been more informative than anything a college class could offer and i thank you for that. The internet is a great place to learn but can be meaningless without the proper guidance.
If there is anything i can do for you guys in the future please dont hesitate to PM me, i will be honered to assist!
god i am sorry i wasted your time, there was never an issue to begin with this is working perfectly fine, although flawed in the security department as diafol pointed out, it is after further testing working fine. For some reason after i cleared my browsing cache in chrome it then began working flawlessly, not sure exactly what happened there but i am happy now.
Also thank you diafol for linking me to such excellent password verification, my new project is securing my program even further now that i know i can make it easily much better. This has been an incredible learning experience, again thank you so much!
one more small question, do either of you know of a way to package xampp projects into executable files, preferably on windows and linux as these are typical hosting evironments for web based/network based solutions
Thanks for all the help and support, idk how id get any of this without you guys :D