PHP - Session Was Not Destroy Even After Logging Out

Hi guys,

I'm having a problem with destroying Cookies in IE8 (maybe other versions of IE but this is the one I'm testing on).

I am checking to see if the referrer of the site is not itself, and if not, delete all cookies with the cookie domain.

if ($_COOKIE['exp_last_visit'] < mktime("23", "59", "59", "12", "03", "2010")) {
if (!strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
foreach ($_COOKIE as $key => $value) {
setcookie($key, $value, time()-10000, "/", ".domain.com");
}
}
}

This works in Chrome and FF, but of course, not IE8.
If anyone could shed any light on this I'd be really grateful!

hey guys im having a spot of botter unsetting, destroying a session which has been given a cookie lifetime...i know it is possible to destroy all sessions using session_destroy() but i want to destory a particials session and not all of them.  here is my method if anyone can give some advice on how i could do this please...thank you

	public function destroy($name = null)
	{
		$namespace = $this->_namespace;
		$sessions  = $_SESSION[$namespace];
		
		if ($name == null)
		{
			foreach ($sessions as $name => $value)
			{
				$session = $sessions[$name];
				
				unset($sesion);
				
				if (isset($session))
				{
					// sessions with lifetime
					
					ini_set('session.cookie_lifetime', 0);
					ini_set('session.gc_max_lifetime', 0);
					ini_set('session.gc_probability', 1);
					ini_set('session.gc_divisor', 1);
					
					$session;
				}
			}
		}
		else 
		{
			unset($sessions[$name]);
		}
		
		session_regenerate_id(true);
	}

My code below, i already imagedestroy($newimage)... but i'm not sure if i should be destroying $oldimg as well? Any thoughts?


$newimg = imagecreatetruecolor($sizeA,$sizeA) or die('Problem In Creating image');

$background = imagecolorallocate($newimg, 255, 255, 255);

imagefilledrectangle($newimg, 0, 0, $sizeA, $sizeA, $background);

$oldimg = imagecreatefromjpeg($source)or die('Problem In opening Source Image');

imagecopyresampled($newimg,$oldimg,0,$move,0,0,$sizeA,$new_height,ImageSX($oldimg),ImageSY($oldimg)) or die('Problem In resizing');

imagejpeg($newimg,$s1DIR,90) or die('Problem In saving');

imagedestroy($newimg);

Hey guy's i have a script i did a few months ago and now noticed that it is doing its job but keeps the old file ..so i got the image a few times but on a different angle...

 

how can i optimize this code to delete the old image when doing the rotation?

 

<?php
session_start();
include_once 'dbconnect.php';
if (!isset($_SESSION['userSession'])) {
	header("Location: index.php");
}

$degrees = -270;
$path = $_GET['Folder'];
$file =$_GET['Pic'];
$fileid =$_GET['id'];

$image = $path.'/'.$file;
$imageN = $path.'/New_'.$file;
//load the image
$source = imagecreatefromjpeg($image);

//rotate the image
$rotate = imagerotate($source, $degrees, 0);

$NewImg='New_'.$file ;

//set the Content type
//header('Content-type: image/jpeg');

//display the rotated image on the browser
//imagejpeg($rotate);
imagejpeg($rotate,$imageN,100);
//free the memory
imagedestroy($source);
imagedestroy($rotate);
$sql = "UPDATE Coupon_list SET product_image_thumb = '$NewImg' WHERE id = '$fileid'";

if (mysqli_query($DBcon, $sql)) {
   echo "Rotation ok";
echo('<script language="Javascript">opener.window.location.reload(false); window.close();</script>');

} else {
   echo "Error Rotating: " . mysqli_error($DBcon);
}
mysqli_close($DBcon);
?>

<img src="gears.gif" alt="" />

 

I am using a WordPress theme that uses some of its own functions besides WP functions.

Let me make clear from the start that when I say "Multiple Checkboxes" in the paragraphs below I am NOT talking about checkboxes that each hold a single value.  I am talking about one Checkbox field that allows multiple values to be selected and puts those values into an array with one Name value and stores the output in a string in a single mysql table field.

Right up front, what I need during the Edit Ad functions is the inbuilt function that will Delete the previous Array of values in any multiple checkbox when the ad is updated. Right now updating the ad works for every situation except NO values selected or for Unchecking all previously selected values in a Multiple Checkbox.  If I have, for example, 4 checkboxes selected and unselect all of them before submitting the edited ad it will return the last saved array of values but not an Empty array with no checkboxes selected.

This theme has a Form Builder with a Custom fields builder used by the admin to create forms for a classified ads website. According to which category of ad the Ad creation procedure will show different forms, with different fields.

I had to manually create the capability to generate multiple checkboxes...so that the different multiple checkboxes when selected and updated to the mysql table might hold a variety of values in a comma-delimited array. That works fine.

When the Ad is edited on its own page, (outside of the Wordpress admin dashboard) the problem is that if a user would uncheck all checkboxes in a particular multiple checkbox then the unselected state does not overwrite the previous array of values. What returns after editing is the previous selected values.

I have tried jquery functions but none of them are working the way I had hoped.

so one type of checkbox might have a hypothetical value like this  "name="cp_checkbox_help[]" and if three options are selected then on submit the value could be--- name="cp_checkbox_help[Sunday,Monday,Tuesday]"

I use implode and explode to store the array as comma separated and retrieve the array for editing or display.

I guess I need to create a Null or empty value as a default that only changes when selections are made.

But, since I use implode and explode to make the array "pretty" I don't know if simply specifying nothing will erase a whole array on update.

Here is some of the code used to see how I get what I get--

This displays the checkboxes that I create and name and fill with different values--


case 'checkbox':
 ?>
<?php 
$options = explode(',', $result->field_values);
 echo '<div id="checkboxes"><table width="100%" border="0" cellspacing="0" cellpadding="5">
  <tr>
    <th colspan="2" scope="col">' . $result->field_label. '</th>
  </tr>';
$myvals= explode(',', $post_meta_val);
foreach ($options as $option) {
 {
 ?> 
              
              <tr>
    <td width="4%"><input style="display:inline-block; float:left;" type="<?php echo $result->field_type; ?>" name="<?php echo $result->field_name; ?>[]" class="checkbox<?php if($result->field_req) echo ' required'?>" id="<?php echo $field_label; ?>" value="<?php echo $option; ?>" <?php foreach ($myvals as $myval)
{ if (in_array($myval, array($option), true)) {echo 'checked="yes"';}}?>/></td>
    <td width="96%"style="vertical-align:top; text-indent: 7px; text-align: left;" ><?php echo $option . '</td>
  </tr> ' ?>   



<?php
             }     } echo '  </tr>
</table></div><div class="clr"></div>';
 break; 



Following is the main part of the code that updates the Ad form--



  // update the ad and return the ad id
    $post_id = wp_update_post($update_ad);



    if($post_id) {

        // now update all the custom fields
        foreach($_POST as $meta_key => $meta_value) {
            if (cp_str_starts_with($meta_key, 'cp_'))
if (cp_str_starts_with($meta_key, 'cp_checkbox_charley'))
$meta_value= implode(',', $_POST['cp_checkbox_charley']);
if (cp_str_starts_with($meta_key, 'cp_checkbox_help'))
$meta_value = implode(',', $_POST['cp_checkbox_help']);
if (cp_str_starts_with($meta_key, 'cp_checkbox_hello'))
$meta_value= implode(',', $_POST['cp_checkbox_hello']);
                //echo $meta_key . ' <--metakey <br/>' . $meta_value . ' <--metavalue<br/><br/>'; // for debugging
                update_post_meta($post_id, $meta_key, $meta_value);
        }

        $errmsg = '<div class="box-yellow"><b>' . __('Your ad has been successfully updated.','cp') . '</b> <a href="' . CP_DASHBOARD_URL . '">' . __('Return to my dashboard','cp') . '</a></div>';

    } else {
        // the ad wasn't updated so throw an error
        $errmsg = '<div class="box-red"><b>' . __('There was an error trying to update your ad.','cp') . '</b></div>';

    }

    return $errmsg;

}

Back on the Edit Ad page this is the Submit


                        <p class="submit center">
                            <input type="button" class="btn_orange" onclick="window.location.href='<?php echo CP_DASHBOARD_URL ?>'" value="<?php _e('Cancel', 'cp')?>" />&nbsp;&nbsp;
                            <input type="submit" class="btn_orange" value="<?php _e('Update Ad &raquo;','cp') ?>" name="submit" />

I have a feeling what I need is just a couple of lines to detect no posted values and then... but if one checkbox array has 6 values in it and another checkbox array has only 3 values, for example, do I need to count each specific checkbox for number of values and then overwrite or will one function completely delete the previous array and its commas?

I would really appreciate some expert assistance here!

I can seem to login it tells me to check my password and username but i dont know the username and password are correct here is my whole code 

<?php
	//start the sessoin
	session_start();
	
	//connect to db
	require "scripts/connect.php";
	
	$username = $_POST['username'];
	$password = $_POST['password'];
	
	$username = mysqli_real_escape_string($db,$username);
	$password = mysqli_real_escape_string($db,$password);

	if(isset($_POST['loginbtn'])){

	if(!empty($username) && !empty($password)){
	
	//sql command
	$getstaff = "SELECT * FROM `users` WHERE `username` = '$username'";
	
	//execute the query 
	$query = mysqli_query($db,$getstaff);
	
	//get the number of rows
	$num_rows = mysqli_num_rows($query);
	
	if($num_rows != 0){
	
	//get the info
	$rows = mysqli_fetch_assoc($query);
	
	//setting the data in indivaul variables
	$dbusername = $rows['username'];
	$dbpassword = $rows['password'];
	
	//getting the password the user enter and making it hash
	//in order for it to match in the database
	$password = md5($password);

	if($dbusername === $username && $dbpassword === $password){
	
		//create the session
		$_SESSION['username'] = $username;
		//redircet them to the control panel
		header("location: controlpanel.php");
	
	}else
		$msg = "Please check your username or password";
	}else
		$msg = "User does not exist";
	}else
		$msg = "Please enter your username and password";
	}
?>

This is where it is giving me a hard time

	if($dbusername === $username && $dbpassword === $password){
	
		//create the session
		$_SESSION['username'] = $username;
		//redircet them to the control panel
		header("location: controlpanel.php");
	
	}else
		$msg = "Please check your username or password";

Any ideas why its not letting me enter

After getting my site hacked, I'm not really up for learning PhP, so I'm trying to use uMScript.   On the demo site, and when I just load up the files on my server, it will redirect upon log in. But when I then use my styling, for some reason the login_submit.php gives me a blank page and does not redirect, nor does it log the user in. I don't change anything except the positioning of the forum and the container around it, no PhP or JS changes, weird?


I can not seem to get a hold of the creator, nor can I find a user script that matches what I'm looking for. Heck, I'm so close to going mad, I'm even willing to pay someone to do the user PhP for me haha       Has anyone used this script successfully?     You can try it out he  http://mod-universe.com/index.php   Demo: http://www.ventureha.../demo/index.php (I couldn't get the demo credentials to log in, created a new user = Okriani, kieran09)

will the following code work to log any php errors i may have on the page this code is included?

Code: [Select]
ini_set('error_reporting', E_ALL);
error_reporting(E_ALL);
ini_set('log_errors',TRUE);
ini_set('html_errors',FALSE);
ini_set('error_log','./error_log.txt');
ini_set('display_errors',FALSE);

Hi guys,

I got a little bit of an issue. I have a register page, which works fine and submits to itsself, however i also have a login page which currently has no errors but doesnt allow any1 to log in.

If some1 can see why that will be great, as this is causing so many issues. This is the last step i cant get past.

Here is the code
Code: [Select]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Forensics E-learning Package</title>
    <script type="text/javascript" src="start.js"></script>

<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<div id="wrapper">
<div id="header">
<div id="toplinks">
   

</div>
  </div>
<div id="menu">
<ul>
<li><a class="selected" href="index.html">Home</a></li>
<li><a href="index.php">Initial Quiz</a></li>
<li><a href="about.php">About</a></li>
            <li><a href="member.php">Member Section</a></li>
     

</ul>
  </div>
<div id="content">
<div id="main">

<h1>Forensics E-Learning Package</h1><BR /></head>
            Login to the User Profiled E-Learning Course which is specifically aimed to raise awareness in computer forensics. 
<?php
$submit =&$_POST['submit'];


if(isset($submit))
{
if($username && sha1($password))
{
$username =&$_POST['username'];
$password =&$_POST['password'];

$_SESSION['$username'] = $username;
$_SESSION['$password'] = sha1($password);

$connect = mysql_connect("localhost","root", "") or die ("Couldn't Connect!");
mysql_select_db("userlogin", $connect) or die("Couldn't find db");

//$con = mysql_connect('userscores.db.7767668.hostedresource.com','userscores','L3tt3r09');
//mysql_select_db('userscores', $con);

$query = mysql_query("SELECT * FROM users WHERE username=' $username'");
$numrows = mysql_num_rows($query);

if ($numrows!=0)
{
//code to login
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
$dbscore = $row['score'];
$dbdclty = $row['dclty'];
$dbid = $row['id'];
$dbnewdclty = $row['newdclty'];
}

$_SESSION['id'] = $dbid;
$_SESSION['PreviousScore'] = $dbscore;
$_SESSION['dclty'] = $dbdclty;
$_SESSION['newdclty'] = $dbnewdclty;



if ($username==$dbusername&&sha1($password)==$dbpassword)
{
$username==$dbusername;
}
else
{
echo ("Incorrect Password!");
}
}
else
{
echo("That user doesn't exist!");

}


}
else
{
echo("Please enter a username and password!");
}

echo ("You Successfully Logged In!");
}
else
{
?><BR /><BR /><?php
echo("Please Log In!");

}
if ($submit)
echo "Logged In Successfully!";
?>

<BR /><BR />

<form action='index.php' method='POST'>
        Username:
          <input type='text' name='username'><BR />
        Password:
         <input type='password' name='password'><BR />
        <input type='submit' value='Log In'>
    </form> <p><BR /><BR />
    <a class="button" href='register.php'><span><button class="button" id="save">Register</button></span></a>

</div>
<div id="right">
<h2>Right Menu</h2>
<div class="rightitem">
<ul>
<li><a class="selected" href="index.html">Home</a></li>
<li><a href="index.php">Initial Quiz</a></li>
<li><a href="about.php">About</a></li>
            <li><a href="member.php">Members Area</a></li>
            <li><a href="contact.php">Leave Feedback</a></li>
</ul>
</div>
</div>
  </div>
<div class="clearbottom"></div>
<div id="footer"></div></div>
</body>
</html>
Thanks for any help

Lance

First time poster so please bear with me.  Is there a script that will show me the process of my php program as it runs, maybe log it to a log file each step so I can see what is happening.  Fairly new to php so there maybe something that I can set there.  I can read the code and follow it there but I'd like to see it in a log after each step or after each process completes.  I have done this in the old days of dbase and it really helps with the errors that can develop. 

Thanks in advance and what a great forum.

Hi,
I've been semi-teaching myself curl, and I decided to try logging into Facebook with it.
This is what I have so far...

<?PHP
$Email = strip_tags(str_replace(' ', '', $_POST['email']));
$Password = strip_tags(str_replace(' ', '', $_POST['password']));

$FBlogin = 'https://www.facebook.com/login.php?login_attempt=1';

$MoreData = "charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=u2nsf&locale=en_US&email=".urlencode($Email)."&pass=".urlencode($Password)."&default_persistent=0&charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=u2nsf";
$Cookie = "cookie.txt";

$fp = fopen($Cookie,'wb');   

$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7";
//login to facebook
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$FBlogin);   
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_COOKIEFILE, $Cookie);
curl_setopt($ch, CURLOPT_COOKIEJAR, $Cookie);
curl_setopt($ch, CURLOPT_REFERER, $FBlogin);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, $MoreData);
       
$Excecute = curl_exec($ch);
echo $Excecute;
?>


Right now I have it echo'ing out to see what's going wrong. I'm getting cookie errors from facebook saying that "I must have cookies enabled".
What could be wrong in my script that would trip such an error?
Thanks.

I have built a simple website to share photos with people at work.  And it is based on code - known to work - from a larger website that I built a few years ago.

When you land on the site, you have a login screen, and if the username/password match what is hardcoded, then I set $_SESSION['loggedIn'] = TRUE; and I redirect to the menu.php page.

If your credentials do not match, then I redirect the user to an access-denied.php (403) page.

Here is the problem...

Occasionally, when you try to log in you will get routed to the access-denied page.  But then if you try a second time you end on on the menu page.

I uploaded my otherwise working code to my hosted webserver, and now I can never seem to log in.

It seems to me that something is getting screwed up with the session variable?

Any ideas what could be causing this strange behavior?

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=353007.0

I am looking for some help or direction or maybe someone can  point me to a tutorial some where. 

I am looking at adding a program to my website but it requires the user to also be logged in to use it. I would like to know how I can set it up so my users only have to log into my website once and it will automatically log them into this program using the same log in credentials.  I am sure this is common and simple but I am a newbie programmer.

Thank You for any advice.

Hi guys, have a little problem here, when you login first it seems to work fine, and redirects back to index.php showing your username etc, but then when I click on another page which checks if session is set, it asks me to login again, so I do that, get redirected back to index.php again and click on the same page and then it works.. but almost every time it asks me to login twice.. and not sure why?

Logging in / creating the session :
Code: [Select]
<?php
// Login
  session_start();
  $_SESSION['username'] = htmlspecialchars($username); // htmlspecialchars() sanitises XSS

header( 'Location: index.php' ) ;
?>

then on index.php:

Code: [Select]
<?php
include 'connect.php';
session_start();
$username = $_SESSION['username'];
?>

And on another page:

Code: [Select]
<?php
include 'connect.php';
include_once "markdown.php";
session_start();
if(!isset($_SESSION['username']))
{
//code
}
?>