PHP - Sessions And Id Not Continuing
Can someone help me with this error message...I tried another layout but I think I am getting the same problem where it is not recognizing the next page of the sessions and including the id for a member to continue
Invalid query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #4' at line 1 Whole query:Resource id #4 This is the page. <?php session_start(); ?> <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> </head> <body> <?php /* Program: login.php * Desc: Displays the new member welcome page. Greets * member by name and gives a choice to enter * restricted section or go back to main page. */ include('Connections/connect_to_mysql.php'); $id = ''; $firstname = ''; $lastname = ''; $country = ''; $email = ''; //Formulate Query //This is the best way to perform an SQL query $query = mysql_query("SELECT id,firstname FROM `Members` WHERE id='%s' AND firstname='%s'"); //Perform Query $result = mysql_query($query); //Check result //This shows the actual query sent to MySQL and the error. Useful for debugging. if(!$result){ $message = 'Invalid query:' . mysql_error() . "\n"; $message .= 'Whole query:' . $query; die($message); } //Use result //Attempting to print $result won't allow access to information in the resource //One of the mysql result functions must be used //See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc. while($row=mysql_fetch_assoc($result)){ echo Welcome, $row['firstname']; } //Free the resources associated with the result set mysql_free_result($result); ?> <p>Your new Member accounts lets you enter the members only section of our web site. You'll find special discounts, a profile of matches, live advise from experts, and much more.</p> <p>Your new Member ID and password were emailed to you. Store them carefully for future use.</p> <div style="text-align: center"> <p style="margin-top: .5in; font-weight: bold"> Glad you could join us!</p> <form action="profile.php" method="post"> <input type="submit" value="Enter the Members Only Section"> </form> <form action="index.php" method="post"> <input type="submit" value="Go to Main Page"> </form> </div> </body> </html> Similar TutorialsI have this one issue. While logging in into our system, we call a routine called getToken(). This calls a routine on another server (used to be able to securely access documents). The issue we have is if that other server goes down, this call fails, and the user isn't able to login. I want to make it so that even if the other server goes down, users can still login and access our system (just not documents). I know that I can't prevent fatal errors or even ignore them, correct (even with set_error_handler)? Any thoughts? It's a simple call, here's all it is: require_once('include/utils.php'); $token=getToken(); Please are going to start hating me about this haha. Hey guys i have been trying to do this for a few hours and my brain is hurting haha hope someone can help. Ok here is what i am trying to do. I have been making a website that allows users to make friends below is my friends table:: NAME: member_friends id friend_id << Person who has been sent the friend request my_id << Person who sent the friend request friend_since << when did they become friends is_friend << is set to 0 then friend request pending and this is the member_topics message_id member_id << this stores the id of the member from the members table message_contents << stores their message message_date message_reported << if set to 1 the message has been reported Ok basically i want the messages to be displayed on the members home page if they are friends, so if my name is JamesDean and i befriended a person called Harry if i post a message i want harry to see this and any other friends i may have. Same goes for their messages. Sorry if im confusing you stay with me. Ok here is what i am trying to do (did i mention im fairly new to php so please if im doing something wrong dont hurt me (: ) $query = mysql_query("SELECT * FROM member_friends"); while($row = mysql_fetch_array($query)){ $friend_id = $row['friend_id']; // Ok this is where i want the while loop to loop through all of my friends // Ok set up the new filter im gunna get lost here now $sql = mysql_query("SELECT a.*,b.* FROM member_topics as a, member_friends as b WHERE (a.member_id = b.my_id OR a.member_id = b.my_id) AND ((b.friend_id = '$friend_id') AND b.my_id = '$my_id') ORDER BY a.message_id DESC"); // $my_id is a variable created from session so thats ok and the $friend_id i want that to change fromt he first loop so the statement changes for all of my friends. // Sorry for the query above i have tried that many i dont even know my gender anymore // So while loop in a while loop i think while($row = mysql_fetch_array($sql)){ $message_id = $row['message_id']; $member_id = $row['member_id']; $message_contents = $row['message_contents']; $message_date = $row['message_date']; $message_type = $row['message_type']; $message_reported = $row['message_reported]; } } something like this hope someone can point me in the right direction before my brain fails thanks in advanced!!!!!!! Now this one is a bit of a shit head. I am using a really comprehensive class i found on on the web for upload / re-size / crop but i want to be able to override it's error handling and i am not good enough to start modifying the code in the class with out fucking it up. Firstly i will show you how i have invoked the class. Code: [Select] if( isset($_FILES['image'] ) ) { //Class includes include("../scrips/php/cms/database.insert.class.php"); include ("../scrips/php/cms/img.upload.resize.crop.class.php.php"); //----------|Start: upload, resize & save $your_image = new _image; //----------| Upload orginal image $your_image->uploadTo = 'uploads/'; $upload = $your_image->upload($_FILES['image']); //----------| Resize and upload small thumbnail $your_image->newPath = 'thums/'; $your_image->newWidth = 50; $your_image->newHeight = 50; $resized = $your_image->resize(); //----------| Resize and upload medium thumbnail $your_image->newPath = 'thums2/'; $your_image->newWidth = 100; $your_image->newHeight = 100; $resized = $your_image->resize(); //----------| Getting the image name to insert into the database futher on in the code $name = $resized; $img_str = explode("/",$name); $final_img_name = $img_str['1']; echo "Article has been added!"; //----------------|end //----------------| Start database insert (class manipulation) $table = "blog_posts"; $title = "'".$_POST['ArticleTitle']."',"; $img = "'".$final_img_name."',"; $post = "'".$_POST['ArticleBody']."',"; $aurthor_id = "'1',"; $category_id = "'".$_POST['Category']."',"; $date_posted = "NOW()"; $values = array("$title","$img","$post","$aurthor_id","$category_id","$date_posted"); $fields = array('title,','img,','post,','aurthor_id,','category_id,','date_posted'); $obj= new DatabaseInsert; $obj->DatabaseConnectionRequire(); $obj->ArticleInsert($values,$fields,$table); //----------------|end } As you can see it's fairly basic. What i want to do is before it runs this script and starts including/invoking the class etc, i want to be able to check to see if there is a value been posted from a FILE FORM OBJECT and if there is to proceed with this script, alternatively i want it to execute another code which will handle it in regards to the concept of my page. A simple javascript alert with be ok providing it reloaded the page to it's default state. If any one can help me here i would appreciate it a lot. Thanks Code: [Select] <? $out = preg_replace('/^(.{701}[^.]*).*/i','$1.',$detrsltnewsrow[news_desc]); echo $out; ?> </td></tr><tr><td colspan="2" class="para" style="padding-left:10px;"> <?= substr(stripslashes(trim($detrsltnewsrow[news_desc])),701) ?> </td></tr> I have the above snippet.. The first php statement, basically grasp the first 701 characters with the closet next stop "." character and out puts it. then out puts the HTML tags I have a problem with the second statement. I want to output anything after what has been outputted by: Code: [Select] <? $out = preg_replace('/^(.{701}[^.]*).*/i','$1.',$detrsltnewsrow[news_desc]); echo $out; ?> So need the correct syntax for Code: [Select] <?= substr(stripslashes(trim($detrsltnewsrow[news_desc])),701) ?> Currently it breaks at exactly the 701 character, want it to continue from the sentence the first code ended in. I have a simple php script that starts sessions. On every page, I include : if(isset($_SESSION['sessionname'])){ //The rest of the page } else { die("Not logged in"); } I always include the session start and always regenerate the session id after <?php. The code works fine withevery browser except for a certain version of Internet Explorer 8. Even though the browser does enable cookies, it doesn`t seem to allow the ones in my script. In fact, every time I change page, it ives the error message "Not logged in". I have tried it on two different compters with the exact same version of IE and the result was the same. Thank you for your time! Basically I am trying to make a login with sessions but its just not working. Can someone look and see for any errors in what I wrote or snippet suggestions? <?php //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $username = clean($_POST['username']); $password = clean($_POST['password']); //Input Validations if($username == '') { $errmsg_arr[] = 'Username missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login.php"); exit(); } //Create query $qry="SELECT * FROM users WHERE AND username='$username' AND password='$password'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_USERNAME'] = $member['username']; $_SESSION['SESS_EMAIL'] = $member['email']; $_SESSION['SESS_BETAKEY'] = $member['betakey']; $_SESSION['SESS_PIN'] = $member['pin']; session_write_close(); header("location: member-index.php"); exit(); }else { //Login failed $errmsg_arr[] = 'Username/Password Invalid'; $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login.php"); exit(); } }else { die("Query failed"); } ?> When using sessions, must there be a session_start() in each page for the browser to be considered part of the session? Can a user browse to a page without session_start() and still have that part of the original session that he/she began with?? I haven't used sessions much until now, so this is probably due to my ignorance. I have a page that sets the session variable, and if I print from that page, the session variable (an array) is correct. But when I move to the next page, the same session variable has old, old, wrong data. The $arrAttendeeList is an exploded list from a textarea on a form turned into an array. Example: This page, let's call it page1.php, sets the variable: Code: [Select] <?php $_SESSION['arrAttendeeList'] = $arrAttendeeList; foreach ($_SESSION['arrAttendeeList'] as $temp) { print "$temp <br />"; } exit; ?> Results: Smithers, Waylon Bouvier, Selma Brockman, Kent But the next page, page2.php, when I call the same variable: Code: [Select] <?php foreach ($_SESSION['arrAttendeeList'] as $temp) { print "<br />$temp <br>"; } ?> I get yesterday's data: Smithers, Waylon Bouvier, Selma I've tried setting the session var to null but with the same results. Do I need to kill the session var before setting it to something else? Thanks - Hi Something strange is happening and I can't understand it. A user can access an availability page of accommodation and book ita room, this works fine, and goes from availability to the booking form and back quite well, carrying the room id of the accommdation and room/s selected in a session. If they close the browser down and open the availability page again all the rooms are there as before, but when they select a room and go to the booking form the session of the room id and the rooms selected are empty. If I do a session destroy and open the browser up again everything works fine again. I have tried this in Chrome and Firefox and it seems to work fine Any help would be appreciated I am trying to create a blog and visitor log, where I should be able to log in as admin and add the item and see the visitor log. I want a password protected administration section and I want to use sessions on the administration section. When I for example click on add post, I want it to log in and go to page addpost.php where I can enter my text. This is what I've done so far. I would like to know what I have done wrong and how I should do to accomplish what I have mentioned above. <?php session_start(); if(isset($_POST['btnLogin']) || isset($_POST['addpost'])){ $txtUserId = $_REQUEST['txtUserId']; $txtPassword = $_REQUEST['txtPassword']; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === 'admin' && $_POST['txtPassword'] === 'abc123') { //$_SESSION['basic_is_logged_in'] = true; echo "you are logged in"; } elseif (empty($txtUserId) || empty($txtPassword)) { echo "fill in username and password"; } elseif ($_POST['txtUserId'] != 'admin'){ echo "wrong username"; } elseif ($_POST['txtPassword'] != 'abc123'){ echo "wrong password"; } } } ?> <?php //if (!isset($_SESSION['basic_is_logged_in']) // || $_SESSION['basic_is_logged_in'] !== true) ?> <html> <head> <title>Main User Page</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <form method="post" name="frmLogin" id="frmLogin" action="main.php"> <table width="400" border="1" align="center" cellpadding="2" cellspacing="2"> <tr> <td width="150">User Id</td> <td><input name="txtUserId" type="text" id="txtUserId"></td> </tr> <tr> <td width="150">Password</td> <td><input name="txtPassword" type="password" id="txtPassword"></td> </tr> <tr> <td><input type="submit" name="btnLogin" value="Login"></td> </tr> <tr> <td><input type="submit" name="addpost" value="add post" /></td> </tr> <tr> <td><input type="submit" name="showstat" value="Show visitors log" /></td> </tr> <tr> <td><input type="submit" name="blogg" value="To blog (logout)" /></td> </tr> </table> </form> </body> </html> Hello, Is there a problem in destroying a session and then starting it in the same file, for example: session_name(); session_start(); session_destroy(); And lastly, if I create a variable $_SESSION['user'] under a session called 'one' i.e. session_name("one") and then create another variable $_SESSION['user'] under a session called 'two' i.e. session_name("two"). Are these two variables the same? I have an "Email a Friend" form that captures the referring url and saves it in a session. The problem is that if someone decides not to send the form and navigates away from the page, and then decides to email another page, it saves the previous url. How can I have it so that it clears the previous url and uses the new one? Code: [Select] if(!isset($_SESSION['referrer'])){ //get the referrer if ($_SERVER['HTTP_REFERER']){ $referrer = $_SERVER['HTTP_REFERER']; } else{ $referrer = "http://www.mcse-training-classes.com"; } //save it in a session $_SESSION['referrer'] = $referrer; } I there. I am making a small game, either you or the computer win depending on who's life hit 0 first I am using sessions to hold the health values, however I need a little bit of help. How do I make it actually go down after each move until one hits 0? Here is my script and thanks in advance... Code: [Select] <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Fighting Game</title> </head> <body> <form action="fighting_game.php" method="post"> <select name='move_choice' id='move_choice'> <option value='punch'>Punch</option> <option value='kick'>Kick</option> </select> <input type='submit' name='submitbtn' value='Continue' id='submitbtn'> </form> <div id='matchdiv'> <?php $_SESSION['ai_health'] = 100; $_SESSION['player_health'] = 100; $moves_ai = array("Computer punches you in the face!","Computer kicks you in the gut!"); $moves_player = array("You punch Computer in the face!","You kick computer in the gut!"); $move_damage = array(2,10); $move_dam_multiplier_player = array(rand(1,5),rand(5,10)); $move_dam_multiplier_ai = array(rand(1,5),rand(5,10)); if($_POST['submitbtn']){ $choice = $_POST['move_choice']; } if($choice == "punch"){ $total_dam_ai=($move_damage[0]*$move_dam_multiplier_ai[0]); $total_dam_player=($move_damage[0]*$move_dam_multiplier_player[0]); echo"$moves_player[1]"." Causing ".$total_dam_player." damage!<br>"; echo"Computers current health is ". ($_SESSION['ai_health']-$move_damage[0]*$move_dam_multiplier_player[0]); echo"<br>$moves_ai[1]"." Causing ".$total_dam_ai." damage!<br>"; echo"Your current health is ". ($_SESSION['player_health']-$move_damage[0]*$move_dam_multiplier_ai[0]); } elseif($choice == "kick"){ $total_dam_ai=($move_damage[1]*$move_dam_multiplier_ai[1]); $total_dam_player=($move_damage[1]*$move_dam_multiplier_player[1]); echo"$moves_player[1]"." Causing ".$total_dam_player." damage!<br>"; echo"Computers current health is ". ($_SESSION['ai_health']-$move_damage[1]*$move_dam_multiplier_player[1]); echo"<br>$moves_ai[1]"." Causing ".$total_dam_ai." damage!<br>"; echo"Your current health is ". $new_player_health=($_SESSION['player_health']-$move_damage[1]*$move_dam_multiplier_ai[1]); } if($_SESSION['ai_health']<=0 && $_SESSION['player_health']>=0){ echo"<br>Computer falls to the ground! He is knocked out! You win!"; } if($_SESSION['player_health']<=0 && $_SESSION['ai_health'] >= 0){ echo"<br>You fall to the ground! You are knocked out! You lose!"; } if($_SESSION['player_health']<=0 && $_SESSION['ai_health'] <=0){ echo"<br>You both fall to the ground! You are both knocked out! It's a draw!"; } ?> </div> </body> </html> I am new to SESSIONS and have a quick question about them. I want to use sesssions on my site but was wondering if they would work for the follow senario. Say a customer visits my url: http://www.mysite.com/?id=2 Now what i am doing is taking the id out of the URL using sessions and redirecting the user to http://www.mysite.com while my session ($_SESSION['id']) holds the value 2 in it. I have this working great, i believe it just looks better. Now if my customer decides to buy my product via paypal and is directed off my site while he/she is paying for said item on paypal when they return could i still use some of the information that i stored in my session?? I know i could use post and get to pass through paypal but unfortunately i have to use sessions for what i am trying to do. Hi guys, I have come across a problem when working with session data, I have been storing data from a textarea in a session, but the problem is when I retrieve the data and display it back in a textarea or to mysql it saves the carriage returns and line breaks as \r\n not converting it to actual line breaks. e.g saving the following from a text area; Line 1 Line 2 Line 3 will actually show as: Line 1 \r\nLine 2 \r\nLine3 How do I get it to show properly as intended? I have tried str_replace('\r\n', '\n'); with double and single quotes any helpful suggestions would be much appreciated. Thanks.. So I'm trying to understand Sessions and how to store a variable within a session. What I want to t do, is start a session, check if variable is set, if not, set the variable. So with the code below, I start the session, i check the variable, if not set, i set it. But when i refrsh the page, it has the same session id but it didn't store the session variable from the previous load. Please, what am I missing? Code: [Select] <?php session_start(); echo "Session ID: ".session_id()."<br>"; echo "<br>chktrack P ".$_session['chktrack'].""; if ($_session['chktrack'] != 1){ $_session['chktrack']=1; } echo "<br>chktrack Post: ".$_session['chktrack'].""; echo "<br><a href='index.php'>Index</a>"; ?> Thanks in advance for your help. I am in the process of opening my web site to the general public. Right now you have to have a username and password to see anything on the site. What I am looking to do is make it so anyone can see most things on the site. There will still be user accounts for things like admins and submitting ideas. What i have now is some links that look at the user rank and only show up if you are higher then a rank. What I need to do is make it so you don't need to log in to see the site but you still need to log in to edit things. Here is my sessions scrip Code: [Select] <?php session_start(); if(!$_SESSION['login']){ $_SESSION['rank']; $_SESSION['loggedinusername'] = $loggedinusername; $_SESSION['loggedinuseremail'] = $loggedinuseremail; header("location:login.php"); } $rank=$_SESSION['rank']; $loggedinusername=$_SESSION['loggedinusername']; $loggedinuseremail=$_SESSION['loggedinuseremail']; ?> How do I edit this so you are free to move around the site even if your not logged in? Thanks Hey Guys, Me again! Still working on this bloody database! Okay, so I have a site that people can add a record to a database. This record is filled using a form and the form contains an image that can be uploaded. This works fine. Then there's the ability to search a record based on a boolean search which displays a table with the record data and displays a thumbnail of the photo. This also works fine. Then I have a script that (once it's working) will allow you to edit the record. This is where I'm having issues. Here's my process for the form: User searches for the record by using a boolean search Search finds the record and displays a form containing the original values in the database User changes some parts of the original record using the form Form then updates the database with the new values The problem I'm having is with the photo function. If there's no photo attached, I was getting an error saying that the photo field could not be empty. So I used the following process: User searches for the record using edit.php Form is displayed using edit_process.php edit_process.php is posted to update.php that has conditions to check if the file upload field is empty or not If the field is empty, then it requires updatenophoto.php If the field has a new image, it uses updatephoto.php When I submit the form to the update.php script, it does nothing and gives me a blank page. Here's my code for each of the parts (hit the character limit, code in comments): Hi, I have an admin area to update users detials etc.. I want this area to be secure so only admins can access it, Currently anyone and everyone can access the page. Code: [Select] <?PHP session_start(); /* really need to use a session variable to insure authorized to be here */ include ('db.php'); /* ======================================== 99% of the time it is better to put your query in a string. It makes debugging much easier ======================================== */ $query = "SELECT * FROM companies"; $result = mysql_query($query ) or die("SELECT Error: ".mysql_error()); $num_rows = mysql_num_rows($result); /* ======================================== I find it easier to locate problems if I indent code properly and drop out of PHP if there are large sections of html ======================================== */ ?> <br><br><br>There are <?PHP echo $num_rows; ?> removalspace users so far.<P> <table width="819" height="114"> <tr> <th>Company Name</th> <th>Contact Name</th> <th>Contact Number</th> <th>Email</th> <th>Address Line 1</th> <th>Address Line 2</th> <th>Location</th> <th>Postcode</th> <th>Basic Members</th> <th>Upgraded Users</th> <th>Company Logo</th> <th>Approved</th> </tr> <tr> <td colspan="6"></td> </tr> <?PHP while ( $row = mysql_fetch_array($result, MYSQL_ASSOC )) { ?> <tr> <td><?PHP echo $row['company_name']; ?></td> <td><?PHP echo $row['contact_name']; ?></td> <td><?PHP echo $row['phone']; ?></td> <td><?PHP echo $row['email']; ?></td> <td><?PHP echo $row['street1']; ?></td> <td><?PHP echo $row['street2']; ?></td> <td><?PHP echo $row['location']; ?></td> <td><?PHP echo $row['postcode']; ?></td> <td><?PHP echo $row['basicpackage_description']; ?></td> <td><?PHP echo $row['premiumuser_description']; ?></td> <?PHP /* ======================================== I presume you want to show the thumb version here ======================================== */ ?> <td><img src="images/thumbs/<?PHP echo $row['upload']; ?>" alt="logo"/></td> </tr> <tr> <td colspan="10"> <table> <tr> <td>Current level = <?PHP echo $row['approved']; ?></td> <td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=1">Level 1 - Free</a></td> <td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=2">Level 2 - Basic</a></td> <td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=3">Level 3 - Premium</a></td> <td><a href="admin02.php?id=<?PHP echo $row['id']; ?>&level=0">Level 0 - Do Not Display</a></td> </tr> </table> </tr> <?PHP } echo "</table>"; ?></table> i know it's something like: <?php session_start(); if(isset($_SESSION " but dont know how to finish it correctly? " ?> |