|
PHP - Online Multiplayer Game With Php/mysql
I currently making a relatively simple turn-based strategy game (kind of like a rock, paper, scissors game) in flash and I have no idea as to what I should use as a socket (or like a socket) to relay players' interactions from one client to another. I have researched various APIs like nonoba and SmartFoxServer, etc but they either force their own interface on you or charge an arm and a leg. I've read that java would achieve what I want, but I just don't know enough about java, sockets or networking to make sense of any of it, let alone trying to utilize it.
So I am thinking about using php and a mysql database since I am familiar with them, but I'm concerned about performance even though the game would not be very demanding as it is basically just passing values from client to client via php/mysql. Little info on the game: 3-6 players per room. I have no idea as to how many rooms would be necessary, of course that will be determined by its popularity. The timing is what will concern me, as it must be accurate -1 min intervals or less if all of the players make their selections sooner, but they must all be in sync. I only see about 6-10, small (<20 characters/per) variables needing to be passed per player - so if it were 10 variables, in a room with six players, player 1 would send 10 variables and receive 50 back Another option, that I admittedly haven't researched yet, is an xml socket, but I have no idea how to accomplish this and am concern with performance with that as well - probably just because I'm ignorant about it. So what do you guys think? Think php/mysql could handle this? Or do I need to learn another language/API? Any input would be greatly appreciated. Similar TutorialsHello, I am building an online game(users make a character and move on a map and so on...)
All user data is stored in a mySQL database and I want the users to interact in real-time, but there can be a 1-3 second delay between the communication, but not exceed 3 seconds even if 500 players are playing at the same time.
But for the purpose of the question let's say the users can only chat between one another, if I'll have a solution for that then I can use the same method for more parts of the game.
I can't use websockets because my webhost doesn't support it( I don't want to use pusher.com).
I know I can make real-time apps with ajax long polling, but I think that with 500 players playing at the same time it's not the best solution.
So, finally:
How can I make user interaction as close as possible to a real-time game?
(Without too much load on the hosting server)
(I am sorry if some of my terms are not correct - I am just getting back to coding after a long time...)
Edited by Mythion, 17 August 2014 - 02:34 AM. I've been looking for a simple script that would connect to a game server to see if it is still online. I've found many, but not one of them work. They will permanently send back the text "Online", or "Offline". This is the simplest code I have found: <?php $ip = "66.79.190.40"; $port = "27960"; if (! $sock = @fsockopen($ip, $port, $num, $error, 5)) echo '<B><FONT COLOR=red>Offline</b></FONT>'; else{ echo '<B><FONT COLOR=lime>Online</b></FONT>'; fclose($sock); } ?> I'm also looking into getting it to pull the map name and player-list, but I should be able to figure that out on my own once I get this working. If it helps, this script is supposed to connect to the original Quake games(One, two, and three). I'm in the process of writing an online movie trivia game in PHP, Ajax and jQuery, I have completed about 65 percent in what I want to achieve. I have it where users can add their own movie questions and once they are approved by me they will appear in the game. I eventually want to make the game play better and have where a person can log on via social media (Facebook, Google+, etc). Here's the link to the website: https://www.pepster.com/
Everything is original or have permission to use, I converted an old Flash trivia game that I developed in college and I have been spending the last month or two developing this website (along with my main website). I know haven't critique other websites, but I have notice there isn't much activity going on here lately, but I promise I will in the future. I'm look for input on game play, new features that you might like to see and over website design.
Best Regards,
John
Hello, Is it even feasible to create a multiplayer online poker or bingo site with PHP and AJAX? What type of architecture and programming languages are normally used for apps like that? Hey everyone, I'm currently working on a friends online script and i have a slight problem that i need help with. Basically the code first searches "TBL_Friends" to see if you have any friends added. If it returns results it then turns your friends ID's into a variable. It then searches "TBL_Users_Online" to see if any body is logged based on the friend's ID it returned before. The first bit of the code works and it retrieves all the friends i got added. The second half is odd, if i have one or two friends added it will show that one is online. If i have more then three friends added it returns no results. I know my code is a bit sloppy and probably not the best way of writing it, im still learning PHP. Anyways this is the code, any help is appreciated. Code: [Select] <?php $FriendsOnline = mysql_query("SELECT Sender_ID FROM TBL_User_Friends WHERE Reciever_ID = $UserID"); while($fo=mysql_fetch_array($FriendsOnline)) { $FriendsOnlineID = $fo[Sender_ID]; $FriendsOnlineNumber = mysql_query("SELECT * FROM TBL_Users_Online WHERE User_ID = $FriendsOnlineID"); $FriendsNumber = mysql_num_rows($FriendsOnlineNumber); echo $FriendsNumber; } ?> $SenderID = Friends ID $Reciever_ID = User ID $UserID = User ID Hello. I just inherited a game stats system but it's not working properly. I'm gonna post the entire script:
<?php
error_reporting(E_ERROR | E_WARNING | E_PARSE);
$servername = "127.0.0.1";
$username = "";
$password = "";
$dbname = "";
$addresses = Array();
$nicknames = Array();
$servers = Array();
$times = Array();
$find_ip = $_GET["ip"];
$find_name = $_GET["nick"];
if(isset($_GET["format"]))
{
$format = $_GET["format"];
}
else
{
$format = "include";
}
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error)
{
ReturnError("NO_CONNECTION");
}
function ReturnError($error)
{
global $format;
if($format == "mod")
die("!DATA!ERROR:" .$error. "!DATA!");
else
die("ERROR:" . $error);
}
function ReturnData($data)
{
global $format;
if($format == "mod")
die("!DATA!SUCCESS:" .$data. "!DATA!");
else
die("SUCCESS:" .$data);
}
function GetServerIP()
{
if (!empty($_SERVER['HTTP_CLIENT_IP']))
return $_SERVER['HTTP_CLIENT_IP'];
else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
return $_SERVER['HTTP_X_FORWARDED_FOR'];
else
return $_SERVER['REMOTE_ADDR'];
}
function GetTimestamp()
{
$now = DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''));
$now->format("m-d-Y H:i:s.u");
$local = $now->setTimeZone(new DateTimeZone('Europe/Prague'));
return $local->getTimestamp();
}
function GetFormatedTime()
{
$now = DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''));
$now->format("m-d-Y H:i:s.u");
$local = $now->setTimeZone(new DateTimeZone('Europe/Prague'));
return $local->format("Y-m-d H:i:s.u");
}
function AddAddress($addr)
{
global $addresses;
if(in_array($addr, $addresses, true))
{
return false;
}
else
{
array_push($addresses, $addr);
return true;
}
}
function AddTime($time)
{
global $times;
if(in_array($time, $times, true))
{
return false;
}
else
{
array_push($times, $time);
return true;
}
}
function AddNickname($nick)
{
global $nicknames;
if(in_array($nick, $nicknames, true))
{
return false;
}
else
{
array_push($nicknames, $nick, true);
return true;
}
}
function AddServer($server)
{
global $servers;
if(in_array($server, $servers, true))
{
return false;
}
else
{
array_push($servers, $server, true);
return true;
}
}
function LookForIPs($ip)
{
global $conn;
$sql = "SELECT * FROM `connections` WHERE `IP` = '".$ip."'";
$result = $conn->query($sql);
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc())
{
AddAddress($row["IP"]);
AddServer($row["serverIP"]);
AddTime(Array($row["datestamp"], $row["datestring"], $row["serverIP"]));
if(AddNickname($row["nickname"]) && $row["nickname"] != "Player" && $row["nickname"] != "A_Edition_V2")
{
LookForNicknames($row["nickname"]);
}
}
return true;
}
else
{
return false;
}
}
function LookForNicknames($nick)
{
global $conn;
$sql = "SELECT * FROM `connections` WHERE `nickname` LIKE '".$nick."'";
$result = $conn->query($sql);
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc())
{
AddNickname($row["nickname"]);
AddServer($row["serverIP"]);
AddTime(Array($row["datestamp"], $row["datestring"], $row["serverIP"]));
if(AddAddress($row["IP"]))
{
LookForIPs($row["IP"]);
}
}
return true;
}
else
{
return false;
}
}
function SortTimes()
{
global $times;
$good = false;
while($good == false)
{
$good = true;
for($i = 0; $i < count($times); $i++)
{
if($i+1 == count($times))
continue;
if($times[$i][0] < $times[$i + 1][0])
{
$tmp = $times[$i];
$times[$i] = $times[$i + 1];
$times[$i+1] = $tmp;
$good = false;
}
}
}
}
function GenerateLastSeenString($fromTime)
{
$time_now = GetTimestamp();
if($time_now < $fromTime)
{
return "N/A";
}
if($fromTime == 0 || $fromTime =="")
{
return "N/A";
}
$ss = $time_now - $fromTime;
$seconds = $ss%60;
$minutes = floor(($ss%3600)/60);
$hours = floor(($ss%86400)/3600);
$days = floor(($ss%2592000)/86400);
$months = floor($ss/2592000);
$str = "";
if($months != 0)
{
if($str != "")
$str = $str . " ";
if($days == 1)
$str = $str . $months . " month";
else
$str = $str . $months . " months";
}
if($days != 0)
{
if($str != "")
$str = $str . " ";
if($days == 1)
$str = $str . $days . " day";
else
$str = $str . $days . " days";
}
if($hours != 0)
{
if($str != "")
$str = $str . " ";
if($hours == 1)
$str = $str . $hours . " hour";
else
$str = $str . $hours . " hours";
}
if($minutes != 0)
{
if($str != "")
$str = $str . " ";
if($minutes == 1)
$str = $str . $minutes . " minute";
else
$str = $str . $minutes . " minutes";
}
if($seconds != 0)
{
if($str != "")
$str = $str . " ";
if($seconds == 1)
$str = $str . $seconds . " second";
else
$str = $str . $seconds . " seconds";
}
return $str. " ago";
}
function ClearResult($arr)
{
for($i = 0; $i < count($arr); $i++)
{
if(gettype($arr[$i]) == "boolean")
{
//echo "Found bool at $i";
array_splice($arr, $i, 1);
}
}
return $arr;
}
function PrintArray($arr)
{
for($i = 0; $i < count($arr); $i++)
{
echo $arr[$i];
if($i + 1 != count($arr))
{
echo ", ";
}
}
}
if($format == "mod")
{
LookForNicknames($find_name);
LookForIPs($find_ip);
$nicknames = ClearResult($nicknames);
$addresses = ClearResult($addresses);
$servers = ClearResult($servers);
$conn->close();
/*if (!filter_var($find_ip, FILTER_VALIDATE_EMAIL) && $find_ip != "")
{
$find_ip = $addresses[0];
}*/
if($find_ip == "")
{
$find_ip = $addresses[0];
}
if($find_ip == "")
{
$find_ip = "0.0.0.0";
}
if(count($nicknames) == 0 && count($addresses) == 0)
{
ReturnError("NOT_FOUND");
}
echo "!DATA!";
echo "Nicknames used: "; PrintArray($nicknames); echo "*-*";
echo "Total IPs used: "; echo count($addresses); echo "*-*";
echo "Location: "; echo file_get_contents("http://127.0.0.1/db/getlocation.php?ip=$find_ip"); echo "*-*";
echo "Connected: "; echo count($times); echo " times*-*";
SortTimes();
if(GetTimestamp() - $times[0][0] < 60 * 60)
echo "Last seen: " . GenerateLastSeenString($times[1][0]) . "*-*";
else
echo "Last seen: " . GenerateLastSeenString($times[0][0]) . "*-*";
echo "First seen: " . GenerateLastSeenString($times[count($times)-1][0]);
echo "!DATA!";
}
else if($format == "debug")
{
LookForNicknames($find_name);
LookForIPs($find_ip);
$nicknames = ClearResult($nicknames);
$addresses = ClearResult($addresses);
$servers = ClearResult($servers);
$conn->close();
/*if (!filter_var($find_ip, FILTER_VALIDATE_EMAIL) && $find_ip != "")
{
$find_ip = $addresses[0];
}*/
if($find_ip == "")
{
$find_ip = $addresses[0];
}
if($find_ip == "")
{
$find_ip = "0.0.0.0";
}
if(count($nicknames) == 0 && count($addresses) == 0)
{
ReturnError("NOT_FOUND");
}
echo "Nicknames used: "; PrintArray($nicknames); echo "<br>";
echo "IPs used: "; PrintArray($addresses); echo "<br>";
echo "Location: "; echo file_get_contents("http://127.0.0.1/db/getlocation.php?ip=$find_ip"); echo "<br>";
echo "Connected: "; echo count($times); echo " times<br>";
SortTimes();
echo "Last seen: " . GenerateLastSeenString($times[0][0]) . "<br>";
echo "First seen: " . GenerateLastSeenString($times[count($times)-1][0]) . "<br>";
echo $find_name;
}
?>
The problem is that for some nicknames it returns a proper output which should look like this:
But sometimes it just returns lots and lots of data even if the nickname I ask for is unique enough:
Here's how the database looks:
I don't know what's wrong with the script because I'm a PHP beginner. If someone could take a look at it and tell me what's the issue I'd appreciate. Edited September 22, 2020 by jevgienijIs it possible to simply fetch from the server(mySql) and then dump it online through a PHP page? Is there some link that you can share? im creating a members website and i want to show how many people are logging, in my database i have a col named online every time somone logs in there online goes from 0 to 1 and when thay log out it goes back to 0. i need to know how to show the total people that have 1 in there online part of the data base iv tryed this code and its not working <?php $result = mysql_query("SELECT online FROM `members` WHERE online='1'"); $row = mysql_fetch_row($result); echo $row; ?> this works in the sql console in phpmyadmin And we're back online... again! It may have taken 3-4 days, but we're back.
ok well i have this is online script that starts at the login page where it sets a session. well it echos that that person is online even if they are not, i will have all of the code only for the online script so it will be in peaces. ok so here is the login page where the session is started login.php Code: [Select] <?php //ok so if they submit the page and its all right and they login , here is the session that is set for the person, again its just the piece of the script . $_SESSION['logedin'] = $_POST['email']; mysql_query("UPDATE myMembers SET last_activity=now() WHERE id='$id'"); ?> now here is where i call on the session and see if there online , the profile.php is set up to where it sees if it is your profile or not so $logoptions_id is the id that they are logged in as. profile.php Code: [Select] <?php // this is on top of the page , where the session is called and if they are logged in it updates the database where there id is. if( isset($_SESSION['logedin']) ) { mysql_query("UPDATE myMembers SET last_activity=now() WHERE id='$logOptions_id'");// there is where $logOptions_id comes in. } // now this is further down the page(script) where we see if they are logged in or not. $age= 60; //set a variable called age, assign an integer of 60 to it. if( isset($_SESSION['logedin']) ) { $q = 'SELECT id=`$id`, DATE_FORMAT(`last_activity`,"%a, %b %e %T") as `last_activity`,UNIX_TIMESTAMP(`last_activity`) as `last_activity_stamp`FROM `mymembers`WHERE `$id` <> \''.($_SESSION['logedin']).'\''; $isonlinecheck = mysql_query($q); $row = mysql_fetch_assoc($isonlinecheck); if (($row['last_activity_stamp'] + $age)< time()){ $isonline = "is <font color='green'>online!</font>";} else { $isonline = "is<font color='red'> offline!</font>"; } } ?> i wana thank all who helps! your all greatly appreciated it displays is online no matter what! please help me! here is the login.php where the session is started . login.php Code: [Select] <?php // Start Session to enable creating the session variables below when they log in session_start(); // Force script errors and warnings to show on page in case php.ini file is set to not display them error_reporting(E_ALL); ini_set('display_errors', '1'); //----------------------------------------------------------------------------------------------------------------------------------- include 'scripts/connect_to_mysql.php'; // Connect to the database // Initialize some vars $errorMsg = ''; $email = ''; $pass = ''; $remember = ''; if (isset($_POST['email'])) { $email = $_POST['email']; $pass = $_POST['pass']; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } $email = stripslashes($email); $pass = stripslashes($pass); $email = strip_tags($email); $pass = strip_tags($pass); // error handling conditional checks go here if ((!$email) || (!$pass)) { $errorMsg = '<font color="red">Please fill in both fields</font>'; } else { // Error handling is complete so process the info if no errors $email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query $pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it // Make the SQL query $sql = mysql_query("SELECT * FROM myMembers WHERE email='$email' AND password='$pass' AND email_activated='1'"); $login_check = mysql_num_rows($sql); // If login check number is greater than 0 (meaning they do exist and are activated) if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and // he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0 thru 5.3+) // Create session var for their raw id $id = $row["id"]; $_SESSION['id'] = $id; // Create the idx session var $_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id"); // Create session var for their username $username = $row["username"]; $_SESSION['username'] = $username; //THIS IS WHERE I EDITED THE SESSION TO SAY IF THERE LOGGED IN OR NOT $_SESSION['logedin'] = $_POST['email']; mysql_query("UPDATE myMembers SET last_activity=now() WHERE id='$id'"); mysql_query("UPDATE myMembers SET last_log_date=now() WHERE id='$id' LIMIT 1"); // THIS WAS JUST A TEST BUT WONT UPDATE UNTILL THEY LOGOUT } // close while // Remember Me Section if($remember == "yes"){ $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id"); setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days } // All good they are logged in, send them to homepage then exit script header("location: /socialtscripts/home.php?test=$id"); exit(); } else { // Run this code if login_check is equal to 0 meaning they do not exist $errorMsg = "<h3><font color='red'>Email/Password invalid<br /></font></h3><a href='forgot_pass.php'>Forgot password?</a><div align='right'> <br> Forget to activate you account?</div>"; } } // Close else after error checks } //Close if (isset ($_POST['uname'])){ ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <link href="style/main.css" rel="stylesheet" type="text/css" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <title>Log In</title> <title>Login Page</title> <style type="text/css"> #stage { top: 0px; left: 0px; z-index: 100; } .stage { position: absolute; top: 0; left: 0; width: 100%; min-width: 900px; height: 1359px; overflow: hidden; } #bg { background: #aedfe5 url(images/sky1.png) 0 0 repeat-x; } #clouds { background: transparent url(images/cloud.png) 305px 10px repeat-x; } #sun { background: url(images/land_sun.gif)0 0 no-repeat; } #hillbottom { background: url(images/hill2.png)0 1270px repeat-x; } </style> <link rel="stylesheet" type="text/css" href="css/loginstyle.css" /></head> <body> <!-- IE6 fixes are found in styles/ie6.css --> <!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="css/ie6.css" /><![endif]--> <script src="js/jquery-1.3.2.min.js" type="text/javascript"></script> <script src="js/jquery-ui-1.7.2.spritely.custom.min.js" type="text/javascript"></script> <script src="js/jquery.spritely-0.5.js" type="text/javascript"></script> <script type="text/javascript"> (function($) { $(document).ready(function() { var direction = 'left'; $('#clouds').pan({fps: 40, speed: 0.5, dir: direction, depth: 10}); }); })(jQuery); </script><div id="bg" class="stage"></div> <div id="container"> <div id="sun" class="stage"></div> <div id="clouds" class="stage"> <div id="stage" class="stage"> <body> <div id="behindform"> <form id="signinform" action="login.php" method="post" enctype="multipart/form-data" name="signinform"> <fieldset> <legend>Log in</legend> <label for="login">Email</label> <input type="text" id="email" name="email" /> <div class="clear"></div> <label for="password">Password</label> <input type="password" id="password" name="pass" /> <div class="clear"></div> <label for="remember_me" style="padding: 0;">Remember me?</label> <input type="checkbox" id="remember" style="position: relative; top: 3px; margin: 0; " name="remember"/ value="yes" checked="checked"> <div class="clear"></div> <br /> <input type="submit" style="margin: -20px 0 0 287px;" class="button" name="commit" value="Sign In"/> </fieldset><?php print "$errorMsg"; ?> </form> </div> </div> </div><div id="hillbottom" class="stage"> </div> </body> </html>and then this is the profile.php where i see if there online , i could only put sertian areas , script is too big profile.php Code: [Select] <?php //on top of the page where it checks the session and updates the time // This updates the database correctly if( isset($_SESSION['logedin']) ) { mysql_query("UPDATE myMembers SET last_activity=now() WHERE id='$logOptions_id'"); // this is where it selects the users id but it wont work , it says online for every user! $age= 60; if( isset($_SESSION['logedin']) ) { $q = mysql_query('SELECT id=`$logOptions_id`, DATE_FORMAT(`last_activity`,"%a, %b %e %T") as `last_activity`,UNIX_TIMESTAMP(`last_activity`) as `last_activity_stamp`FROM `mymembers`WHERE `$logOptions_id` <> "'.($_SESSION['logedin']).'"'); $isonlinecheck = mysql_query($q); if ($isonlinecheck ="last_activity_stamp" + $age < time()){ $isonline = "is <font color='green'>online!</font>";} else { $online = "is<font color='red'> offline!</font>"; } } ?> PLEASE HELP ME im trying to count and display the number on users on my site this is the coding im using cant see where im going wrong, its inserted into the data base correctly but wont delete after 60 seconds, cheers matt $session=session_id(); $time=time(); $time_check=$time-60; $sql="SELECT * FROM onlineusers WHERE session='$session'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count=="0"){ $sql1="INSERT INTO onlineusers(session, time, username)VALUES('$session', '$time', '$username')"; $result1=mysql_query($sql1); } else { "$sql2=UPDATE onlineusers SET time='$time' WHERE session = '$session'"; $result2=mysql_query($sql2); } $sql3="SELECT * FROM onlineusers"; $result3=mysql_query($sql3); $count_user_online=mysql_num_rows($result3); $sql4="DELETE FROM onlineusers WHERE time<$time_check"; $result4=mysql_query($sql4); I am quite inexperienced when it comes to coding and I obtained a template for an online form submission that I butchered to meet my needs. Our clients are attempting to send the form, and there are times that it transmits correctly, and times that it won't. There is verification code to try and eliminate bots from filing and submitting bogus forms. Can anyone spend the time to review my code and attempt to tell you where my issue may lie? You may view my form at http://www.damageana..._assignment.php
<?php
session_start();
function getRealIp() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) { //check ip from share internet
$ip=$_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { //to check ip is pass from proxy
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
function writeLog($where) {
$ip = getRealIp(); // Get the IP from superglobal
$host = gethostbyaddr($ip); // Try to locate the host of the attack
$date = date("d M Y");
// create a logging message with php heredoc syntax
$logging = <<<LOG
\n
<< Start of Message >>
There was a hacking attempt on your form. \n
Date of Attack: {$date}
IP-Adress: {$ip} \n
Host of Attacker: {$host}
Point of Attack: {$where}
<< End of Message >>
LOG;
// Awkward but LOG must be flush left
// open log file
if($handle = fopen('hacklog.log', 'a')) {
fputs($handle, $logging); // write the Data to file
fclose($handle); // close the file
} else { // if first method is not working, for example because of wrong file permissions, email the data
$to = 'aserio@damageana.com';
$subject = 'HACK ATTEMPT';
$header = 'From: aserio@damageana.com';
if (mail($to, $subject, $logging, $header)) {
echo "Sent notice to admin.";
}
}
}
function verifyFormToken($form) {
// check if a session is started and a token is transmitted, if not return an error
if(!isset($_SESSION[$form.'_token'])) {
return false;
}
// check if the form is sent with token in it
if(!isset($_POST['token'])) {
return false;
}
// compare the tokens against each other if they are still the same
if ($_SESSION[$form.'_token'] !== $_POST['token']) {
return false;
}
return true;
}
function generateFormToken($form) {
// generate a token from an unique value, took from microtime, you can also use salt-values, other crypting methods...
$token = md5(uniqid(microtime(), true));
// Write the generated token to the session variable to check it against the hidden field when the form is sent
$_SESSION[$form.'_token'] = $token;
return $token;
}
// VERIFY LEGITIMACY OF TOKEN
if (verifyFormToken('form1')) {
// CHECK TO SEE IF THIS IS A MAIL POST
if (isset($_POST['req-name'])) {
// Building a whitelist array with keys which will send through the form, no others would be accepted later on
$whitelist = array('token','req-company','req-email','req-name','req-phone','ext','fax','assign_type','loss_type','req-claim','policy','ded','dol','Clmt-Own','insd','insd_add','insd_city','insd_st','insd-zip','insd-home','insd-work','insd-cell','insd-other','clmt','clmt_add','clmt_city','clmt_st','clmt-zip','clmt-home','clmt-work','clmt-cell','clmt-other','VIN','veh-year','veh-make','veh-model','veh-model','veh-color','lic_pl','location','loc-name','loc-add','loc-city','loc-st','loc-zip','loc-con','loc-phone','desc-loss','desc-dmg','spec-inst','save-company','save-email','save-name','save-phone');
// Building an array with the $_POST-superglobal
foreach ($_POST as $key=>$item) {
// Check if the value $key (fieldname from $_POST) can be found in the whitelisting array, if not, die with a short message to the hacker
if (!in_array($key, $whitelist)) {
writeLog('Unknown form fields');
die("Hack-Attempt detected. Please use only the fields in the form");
}
}
// SAVE INFO AS COOKIE, if user wants name and email saved
$saveCompany = $_POST['save-company'];
if ($saveCompany == 'on') {
setcookie("NA-Company", $_POST['req-company'], time()+60*60*24*365);
}
$saveName = $_POST['save-name'];
if ($saveName == 'on') {
setcookie("NA-Name", $_POST['req-name'], time()+60*60*24*365);
}
$saveEmail = $_POST['save-email'];
if ($saveEmail =='on') {
setcookie("NA-Email", $_POST['req-email'], time()+60*60*24*365);
}
$savePhone = $_POST['save-phone'];
if ($savePhone =='on') {
setcookie("NA-Phone", $_POST['req-phone'], time()+60*60*24*365);
}
// PREPARE THE BODY OF THE MESSAGE
$message = '<html><body>';
$message .= '<img src="http://www.damageana.com/images/DANA_NA_header.png" alt="Assignment Request" />';
$message .= '<table rules="all" style="border-color: #666;" cellpadding="10">';
$message .= "<tr style='background: #eee;'><td><strong>Company:</strong> </td><td>" . strip_tags($_POST['req-company']) . "</td></tr>";
$message .= "<tr><td><strong>Adjuster:</strong> </td><td>" . strip_tags($_POST['req-name']) . "</td></tr>";
$message .= "<tr><td><strong>Email:</strong> </td><td>" . strip_tags($_POST['req-email']) . "</td></tr>";
$message .= "<tr><td><strong>Phone:</strong> </td><td>" . strip_tags($_POST['req-phone']) . "</td></tr>";
if($_POST['ext'] !='') {$message .= "<tr><td><strong>Extension:</strong> </td><td>" . strip_tags($_POST['ext']) . "</td></tr>";}
if($_POST['fax'] !='') {$message .= "<tr><td><strong>Fax:</strong> </td><td>" . strip_tags($_POST['fax']) . "</td></tr>";}
$message .= "<tr><td><strong>Assignment Type:</strong> </td><td>" . strip_tags($_POST['assign_type']) . "</td></tr>";
if($_POST['loss_type'] !='') {$message .= "<tr><td><strong>Type of Loss:</strong> </td><td>" . strip_tags($_POST['loss_type']) . "</td></tr>";}
$message .= "<tr><td><strong>Claim #:</strong> </td><td>" . strip_tags($_POST['req-claim']) . "</td></tr>";
if($_POST['policy'] !='') {$message .= "<tr><td><strong>Policy #:</strong> </td><td>" . strip_tags($_POST['policy']) . "</td></tr>";}
if($_POST['ded'] !='') {$message .= "<tr><td><strong>Deductible:</strong> </td><td> $" . strip_tags($_POST['ded']) . "</td></tr>";}
if($_POST['dol'] !='') {$message .= "<tr><td><strong>Date of Loss:</strong> </td><td>" . strip_tags($_POST['dol']) . "</td></tr>";}
if($_POST['insd'] !='') {$message .= "<tr><td><strong>Insured:</strong> </td><td>" . strip_tags($_POST['insd']) . "</td></tr>";}
if($_POST['insd_add'] !='') {$message .= "<tr><td><strong>Insured's Address:</strong> </td><td>" . strip_tags($_POST['insd_add']) . "</td></tr>";}
if($_POST['insd_city'] !='') {$message .= "<tr><td><strong>Insured's City:</strong> </td><td>" . strip_tags($_POST['insd_city']) . "</td></tr>";}
if($_POST['insd_st'] !='') {$message .= "<tr><td><strong>Insured's State:</strong> </td><td>" . strip_tags($_POST['insd_st']) . "</td></tr>";}
if($_POST['insd-zip'] !='') {$message .= "<tr><td><strong>Insured's Zip:</strong> </td><td>" . strip_tags($_POST['insd-zip']) . "</td></tr>";}
if($_POST['insd-home'] !='') {$message .= "<tr><td><strong>Insured's Home Phone:</strong> </td><td>" . strip_tags($_POST['insd-home']) . "</td></tr>";}
if($_POST['insd-work'] !='') {$message .= "<tr><td><strong>Insured's Work Phone:</strong> </td><td>" . strip_tags($_POST['insd-work']) . "</td></tr>";}
if($_POST['insd-cell'] !='') {$message .= "<tr><td><strong>Insured's Mobile Phone:</strong> </td><td>" . strip_tags($_POST['insd-cell']) . "</td></tr>";}
if($_POST['insd-other'] !='') {$message .= "<tr><td><strong>Insured's Other Phone:</strong> </td><td>" . strip_tags($_POST['insd-other']) . "</td></tr>";}
if($_POST['clmt'] !='') {$message .= "<tr><td><strong>Claimant:</strong> </td><td>" . strip_tags($_POST['clmt']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Address:</strong> </td><td>" . strip_tags($_POST['clmt_add']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's City:</strong> </td><td>" . strip_tags($_POST['clmt_city']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's State:</strong> </td><td>" . strip_tags($_POST['clmt_st']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Zip:</strong> </td><td>" . strip_tags($_POST['clmt-zip']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Home Phone:</strong> </td><td>" . strip_tags($_POST['clmt-home']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Work Phone:</strong> </td><td>" . strip_tags($_POST['clmt-work']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Mobile Phone:</strong> </td><td>" . strip_tags($_POST['clmt-cell']) . "</td></tr>";
$message .= "<tr><td><strong>Claimant's Other Phone:</strong> </td><td>" . strip_tags($_POST['clmt-other']) . "</td></tr>";}
if($_POST['VIN'] !='') {$message .= "<tr><td><strong>VIN:</strong> </td><td>" . strip_tags($_POST['VIN']) . "</td></tr>";}
if($_POST['veh-year'] !='') {$message .= "<tr><td><strong>Year:</strong> </td><td>" . strip_tags($_POST['veh-year']) . "</td></tr>";}
if($_POST['veh-make'] !='') {$message .= "<tr><td><strong>Make:</strong> </td><td>" . strip_tags($_POST['veh-make']) . "</td></tr>";}
if($_POST['veh-model'] !='') {$message .= "<tr><td><strong>Model:</strong> </td><td>" . strip_tags($_POST['veh-model']) . "</td></tr>";}
if($_POST['veh-color'] !='') {$message .= "<tr><td><strong>Color:</strong> </td><td>" . strip_tags($_POST['veh-color']) . "</td></tr>";}
if($_POST['lic_pl'] !='') {$message .= "<tr><td><strong>License Plate:</strong> </td><td>" . strip_tags($_POST['lic_pl']) . "</td></tr>";}
$message .= "<tr><td><strong>Unit Location:</strong> </td><td>" . strip_tags($_POST['location']) . "</td></tr>";
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location Name:</strong> </td><td>" . strip_tags($_POST['loc-name']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location Address:</strong> </td><td>" . strip_tags($_POST['loc-add']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location City:</strong> </td><td>" . strip_tags($_POST['loc-city']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location State:</strong> </td><td>" . strip_tags($_POST['loc-st']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location Zip:</strong> </td><td>" . strip_tags($_POST['loc-zip']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location Contact:</strong> </td><td>" . strip_tags($_POST['loc-con']) . "</td></tr>";}
if($_POST['location'] =='At Another Location') {$message .= "<tr><td><strong>Location Phone:</strong> </td><td>" . strip_tags($_POST['loc-phone']) . "</td></tr>";}
if($_POST['desc-loss'] !='') {$message .= "<tr><td><strong>Description of Loss:</strong> </td><td>" . htmlentities($_POST['desc-loss']) . "</td></tr>";}
if($_POST['desc-dmg'] !='') {$message .= "<tr><td><strong>Description of Damage:</strong> </td><td>" . htmlentities($_POST['desc-dmg']) . "</td></tr>";}
if($_POST['spec-inst'] !='') {$message .= "<tr><td><strong>Special Instructions:</strong> </td><td>" . htmlentities($_POST['spec-inst']) . "</td></tr>";}
$message .= "</table>";
$message .= "</body></html>";
// MAKE SURE THE "FROM" EMAIL ADDRESS DOESN'T HAVE ANY NASTY STUFF IN IT
$pattern = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i";
if (preg_match($pattern, trim(strip_tags($_POST['req-email'])))) {
$cleanedFrom = trim(strip_tags($_POST['req-email']));
} else {
return "The email address you entered was invalid. Please try again!";
}
// CHANGE THE BELOW VARIABLES TO YOUR NEEDS
$to = 'office@damageana.com';
$subject = 'New Assignment Request';
$headers = "From: " . $cleanedFrom . "\r\n";
$headers .= "Reply-To: ". strip_tags($_POST['req-email']) . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
if (mail($to, $subject, $message, $headers)) {
echo 'Your message has been sent.';
} else {
echo 'There was a problem sending the email.';
}
// DON'T BOTHER CONTINUING TO THE HTML...
die();
}
} else {
if (!isset($_SESSION[$form.'_token'])) {
} else {
echo "Hack-Attempt detected. Got ya!.";
writeLog('Formtoken');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>New Assignment Request Form</title>
<link rel="stylesheet" href="css/jqtransform.css" type="text/css" media="all" />
<link rel="stylesheet" href="css/style.css" type="text/css" media="all" />
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load("jquery", "1.3.2");
</script>
<script type="text/javascript" src="js/jquery.jqtransform.js"></script>
<script type="text/javascript" src="js/jquery.validate.js"></script>
<script type="text/javascript" src="js/jquery.form.js"></script>
<script type="text/javascript" src="js/websitechange.js"></script>
</head>
<?php
// generate a new token for the $_SESSION superglobal and put them in a hidden field
$newToken = generateFormToken('form1');
?>
<body>
<div id="page-wrap">
<img src="http://www.damageana.com/images/logo.png" alt="DANA_logo" width="750" height="70" />
<h1>New Assignment Request Form</h1>
<form action="new_assignment.php" method="post" id="change-form">
<h4>IMPORTANT - PLEASE READ.</h4>
<h3>
-Please provide us with as much information as possible to aide us in setting up a new appraisal for you.
<br>
<br>
-Please be sure to provide as least one good contact number for the vehicle owner.
<br>
<br>
-Once submitted, you will receive an acknowledgement in your e-mail with information regarding the appraisal for your claim.
<br>
<br>
-If submitted before 3 PM, and no acknowledgement is received by 5 PM, please call our office to confirm we received the request.</h3>
<input type="hidden" name="token" value="<?php echo $newToken; ?>">
<div class="rowElem">
<label for="req-company">Company*:</label>
<input type="text" id="req-company" name="req-company" class="required" minlength="2" value="<?php echo $_COOKIE["NA-Company"]; ?>" />
</div>
<div class="rowElem">
<label for="req-name">Adjuster*:</label>
<input type="text" id="req-name" name="req-name" class="required" minlength="2" value="<?php echo $_COOKIE["NA-Name"]; ?>" />
</div>
<div class="rowElem">
<label for="req-email">E-mail*:</label>
<input type="text" name="req-email" class="required email" value="<?php echo $_COOKIE["NA-Email"]; ?>" />
</div>
<div class="rowElem">
<label for="req-phone">Phone*:</label>
<input type"text" id="req-phone" name="req-phone" class="required" maxlength="12" value="<?php echo $_COOKIE["NA-Phone"]; ?>" />
</div>
<div class="rowElem">
<label for="ext">Extension:</label>
<input type="text" id="ext" />
</div>
<div class="rowElem">
<label for="fax">Fax:</label>
<input type="text" id"fax" />
</div>
<h2>Claim Info</h2>
<div class="rowElemSelect">
<label for="assign_type">Assignment Type*:</label>
<select name="assign_type" class="required">
<option value="Automobile">Automobile</option>
<option value="Recreational">Recreational</option>
<option value="Heavy Equipment">Heavy Equipment</option>
<option value="Property">Minor Property</option>
<option value="Estimate Audit">Estimate Audit</option>
<option value="Scene Investigation">Scene Investigation</option>
<option value="Arbitration">Arbitration</option>
<option value="DRP Inspection">DRP Quality Control Inspection</option>
<option value="Photos Only">Photos Only</option>
</select>
</div>
<br>
<div class"rowElemSelect">
<label for="loss_type">Type of Loss:</label>
<select name="loss_type" id="loss_type">
<option value="Collision">Collision</option>
<option value="Comprehensive">Comprehensive</option>
<option value="Other">Other</option>
</select>
</div>
<div class="rowElem">
<label for="req-claim">Claim #*:</label>
<input type="text" id="req-claim" name="req-claim" class="required">
</div>
<div class="rowElem">
<label for"policy">Policy #:</label>
<input type="text" id="policy" name="policy">
</div>
<div class="rowElem">
<label for="ded">Deductible:</label>
<input type="text" id="ded" name="ded">
</div>
<div class="rowElem">
<label for="dol">Date of Loss:</label>
<input type="date" id="dol" name="dol">
</div>
<div class="rowElem">
<label for="Clmt-Own">Claimant Vehicle?</label>
<input type="checkbox" name="Clmt-Own" id="ClmtCheck" />
</div>
<h2>Insured Info</h2>
<div class="rowElem">
<label for="insd">Insured:</label>
<input type="text" id="insd" name="insd">
</div>
<div class ="rowElem">
<label for="insd_add">Address:</label>
<input type="text" id="insd_add" name="insd_add">
</div>
<div class="rowElem">
<label for="insd_city">City:</label>
<input type="text" id="insd_city" name="insd_city">
</div>
<br>
<div class="rowElem">
<label for="insd_st">State:</label>
<select name="insd_st" id="insd_st">
<option value="AL">AL</option>
<option value="AK">AK</option>
<option value="AZ">AZ</option>
<option value="AR">AR</option>
<option value="CA">CA</option>
<option value="CO">CO</option>
<option value="CT">CT</option>
<option value="DE">DE</option>
<option value="FL">FL</option>
<option value="GA">GA</option>
<option value="HI">HI</option>
<option value="ID">ID</option>
<option value="IL">IL</option>
<option value="IN">IN</option>
<option value="IA">IA</option>
<option value="KS">KS</option>
<option value="KY">KY</option>
<option value="LA">LA</option>
<option value="ME">ME</option>
<option value="MD">MD</option>
<option value="MA">MA</option>
<option value="MI" selected="selected">MI</option>
<option value="MN">MN</option>
<option value="MS">MS</option>
<option value="MO">MO</option>
<option value="MT">MT</option>
<option value="NE">NE</option>
<option value="NV">NV</option>
<option value="NH">NH</option>
<option value="NJ">NJ</option>
<option value="NM">NM</option>
<option value="NY">NY</option>
<option value="NC">NC</option>
<option value="ND">ND</option>
<option value="OH">OH</option>
<option value="OK">OK</option>
<option value="OR">OR</option>
<option value="PA">PA</option>
<option value="RI">RI</option>
<option value="SC">SC</option>
<option value="SD">SD</option>
<option value="TN">TN</option>
<option value="TX">TX</option>
<option value="UT">UT</option>
<option value="VT">VT</option>
<option value="VA">VA</option>
<option value="WA">WA</option>
<option value="WV">WV</option>
<option value="WI">WI</option>
<option value="WY">WY</option>
</select>
</div>
<div class="rowElem">
<label for="insd-zip">Zip Code:</label>
<input type="text" name="insd-zip" id="insd-zip" minlength="5" maxlength="10">
</div>
<div class="rowElem">
<label for="insd-home">Home Phone:</label>
<input type="text" name="insd-home" id="insd-home" maxlength="12">
</div>
<div class="rowElem">
<label for="insd-work">Work Phone:</label>
<input type="text" name="insd-work" id="insd-work" maxlength="12">
</div>
<div class="rowElem">
<label for="insd-cell">Mobile Phone:</label>
<input type="text" name="insd-cell" id="insd-cell" maxlength="12">
</div>
<div class="rowElem">
<label for="insd-other">Other Phone:</label>
<input type="text" name="insd-other" id="insd-other" maxlength="12">
</div>
<br>
<div id="Clmt-Info">
<h2>Claimant Info</h2>
<div class="rowElem">
<label for="clmt">Claimant:</label>
<input type="text" id="clmt" name="clmt">
</div>
<div class ="rowElem">
<label for="clmt_add">Address:</label>
<input type="text" id="clmt_add" name="clmt_add">
</div>
<div class="rowElem">
<label for="clmt_city">City:</label>
<input type="text" id="clmt_city" name="clmt_city">
</div>
<br>
<div class="rowElem">
<label for="clmt_st">State:</label>
<select name="clmt_st" id="clmt_st">
<option value="AL">AL</option>
<option value="AK">AK</option>
<option value="AZ">AZ</option>
<option value="AR">AR</option>
<option value="CA">CA</option>
<option value="CO">CO</option>
<option value="CT">CT</option>
<option value="DE">DE</option>
<option value="FL">FL</option>
<option value="GA">GA</option>
<option value="HI">HI</option>
<option value="ID">ID</option>
<option value="IL">IL</option>
<option value="IN">IN</option>
<option value="IA">IA</option>
<option value="KS">KS</option>
<option value="KY">KY</option>
<option value="LA">LA</option>
<option value="ME">ME</option>
<option value="MD">MD</option>
<option value="MA">MA</option>
<option value="MI" selected="selected">MI</option>
<option value="MN">MN</option>
<option value="MS">MS</option>
<option value="MO">MO</option>
<option value="MT">MT</option>
<option value="NE">NE</option>
<option value="NV">NV</option>
<option value="NH">NH</option>
<option value="NJ">NJ</option>
<option value="NM">NM</option>
<option value="NY">NY</option>
<option value="NC">NC</option>
<option value="ND">ND</option>
<option value="OH">OH</option>
<option value="OK">OK</option>
<option value="OR">OR</option>
<option value="PA">PA</option>
<option value="RI">RI</option>
<option value="SC">SC</option>
<option value="SD">SD</option>
<option value="TN">TN</option>
<option value="TX">TX</option>
<option value="UT">UT</option>
<option value="VT">VT</option>
<option value="VA">VA</option>
<option value="WA">WA</option>
<option value="WV">WV</option>
<option value="WI">WI</option>
<option value="WY">WY</option>
</select>
</div>
<div class="rowElem">
<label for="clmt-zip">Zip Code:</label>
<input type="text" name="clmt-zip" id="clmt-zip" minlength="5" maxlength="10">
</div>
<div class="rowElem">
<label for="clmt-home">Home Phone:</label>
<input type="text" name="clmt-home" id="clmt-home" maxlength="12">
</div>
<div class="rowElem">
<label for="clmt-work">Work Phone:</label>
<input type="text" name="clmt-work" id="clmt-work" maxlength="12">
</div>
<div class="rowElem">
<label for="clmt-cell">Mobile Phone:</label>
<input type="text" name="clmt-cell" id="clmt-cell" maxlength="12">
</div>
<div class="rowElem">
<label for="clmt-other">Other Phone:</label>
<input type="text" name="clmt-other" id="clmt-other" maxlength="12">
</div>
</div>
<br>
<h2>Damaged Unit Information</h2>
<div class="rowElem">
<label for="VIN">VIN:</label>
<input type="text" name="VIN" id="VIN" maxlength="17">
</div>
<div class="rowElem">
<label for="veh-year">Year:</label>
<input type="text" name="veh-year" id="veh-year" maxlength="4">
</div>
<div class="rowElem">
<label for="veh-make">Make:</label>
<input type="text" name="veh-make" id="veh-make">
</div>
<div class="rowElem">
<label for="veh-model">Model:</label>
<input type="text" name="veh-model" id="veh-model">
</div>
<div class="rowElem">
<label for="lic_pl">License Plate:</label>
<input type="text" name="lic_pl" id"lic_pl">
</div>
<div class="rowElem">
<label for="veh-color">Color:</label>
<input type="text" name="veh-color" id="veh-color">
</div>
<div class="rowElem">
<label>Unit Location:</label>
<div id="changeLocation">
<input type="radio" name="location" id="owner" value="With the Owner" checked="checked" />
<label for="owner">With the Owner</label>
<div class="clear"></div>
<label></label>
<input type="radio" name="location" id="alt-loc" name="loc" value="At Another Location" />
<label for="alt-loc">At Another Location (i.e. Body Shop, Tow Yard, Workplace)</label>
</div>
</div>
<br>
<div class="clear"></div>
<br>
<br>
<div id="loc-info">
<div class="rowElem">
<label for="loc-name">Location Name:</label>
<input type="text" name="loc-name" id="loc-name">
</div>
<div class="rowElem">
<label for="loc-add">Location Address:</label>
<input type="text" name="loc-add" id="loc-add">
</div>
<div class="rowElem">
<label for="loc-city">Location City:</label>
<input type="text" name="loc-city" id="loc-city">
</div>
<div class="rowElem">
<label for="loc-st">State:</label>
<select name="loc-st" id="loc-st">
<option value="AL">AL</option>
<option value="AK">AK</option>
<option value="AZ">AZ</option>
<option value="AR">AR</option>
<option value="CA">CA</option>
<option value="CO">CO</option>
<option value="CT">CT</option>
<option value="DE">DE</option>
<option value="FL">FL</option>
<option value="GA">GA</option>
<option value="HI">HI</option>
<option value="ID">ID</option>
<option value="IL">IL</option>
<option value="IN">IN</option>
<option value="IA">IA</option>
<option value="KS">KS</option>
<option value="KY">KY</option>
<option value="LA">LA</option>
<option value="ME">ME</option>
<option value="MD">MD</option>
<option value="MA">MA</option>
<option value="MI" selected="selected">MI</option>
<option value="MN">MN</option>
<option value="MS">MS</option>
<option value="MO">MO</option>
<option value="MT">MT</option>
<option value="NE">NE</option>
<option value="NV">NV</option>
<option value="NH">NH</option>
<option value="NJ">NJ</option>
<option value="NM">NM</option>
<option value="NY">NY</option>
<option value="NC">NC</option>
<option value="ND">ND</option>
<option value="OH">OH</option>
<option value="OK">OK</option>
<option value="OR">OR</option>
<option value="PA">PA</option>
<option value="RI">RI</option>
<option value="SC">SC</option>
<option value="SD">SD</option>
<option value="TN">TN</option>
<option value="TX">TX</option>
<option value="UT">UT</option>
<option value="VT">VT</option>
<option value="VA">VA</option>
<option value="WA">WA</option>
<option value="WV">WV</option>
<option value="WI">WI</option>
<option value="WY">WY</option>
</select>
</div>
<div class="rowElem">
<label for="loc-zip">Location Zip:</label>
<input type="text" name="loc-zip" id="loc-zip" minlength="5" maxlength="10">
</div>
<div class="rowElem">
<label for="loc-con">Location Contact:</label>
<input type="text" name="loc-con" id="loc-con">
</div>
<div class="rowElem">
<label for="loc-phone">Location Phone:</label>
<input type="text" name="loc-phone" id="loc-phone" maxlength="12">
</div>
</div>
<br>
<div class="rowElem">
<label for="desc-loss">Description of Loss:</label>
<textarea cols="40" rows="8" name="desc-loss"></textarea>
</div>
<div class="rowElem">
<label for="desc-dmg">Description of Damage:</label>
<textarea cols="40" rows="8" name="desc-dmg"></textarea>
</div>
<div class="rowElem">
<label for="spec-inst">Special Instructions:</label>
<textarea cols="40" rows="8" name="spec-inst"></textarea>
</div>
<div class="rowElem">
<label> </label>
<input type="submit" value="Submit Request" />
</div>
<div class="rowElem">
<label> </label>
<input type="reset" value="Reset" />
</div>
<div id="rowElem">
<label>Click to Save:</label>
<input type="checkbox" name="save-company" />
<label for="save-company">Company Name</label>
</div>
<div class="clear"></div>
<div id="rowElem">
<label> </label>
<input type="checkbox" name="save-name" />
<label for="save-name">Adjuster's Name</label>
</div>
<div class="clear"></div>
<div id="rowElem">
<label> </label>
<input type="checkbox" name="save-email" />
<label for="save-email">Adjuster's E-mail</label>
</div>
<div class="clear"></div>
<div id="rowElem">
<label> </label>
<input type="checkbox" name="save-phone" />
<label for="save-phone">Adjuster's Phone</label>
</div>
</form>
</div>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("UA-68528-29");
pageTracker._initData();
pageTracker._trackPageview();
</script>
</body>
</html>
i got my user login and register working with my sql but now if a non logged in user tries to access the shoutbox i want it to redirect them to the register page. <?PHP session_start(); if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) { header ("Location: /login/main.php"); } ?> im using that code but even if im logged in, it redirects me to the register page? my main site is on the root of the site. the login page and the logged in page is in "/login/ Hiya, What's the best way of finding out and displaying the total number of users currently online, along a breakdown of how many of these users are members or guests? I also wish to find out and display the total number of users who were online today, along with a breakdown of how many of these users are members or guests. I've noticed that users of the same computer could of course use a different browser preference to another user of the same computer. What should happen in this situation? Any help is much appreciated. Cheers! ok i want to make it to where when you look at there profile it will tell you if they are online or not! how would i do that ? here is my php script that has some modifications on the profile page but wont show if other users are online! here is the login script where i put the session and the profile page. login.php Code: [Select] <?php // Start Session to enable creating the session variables below when they log in session_start(); // Force script errors and warnings to show on page in case php.ini file is set to not display them error_reporting(E_ALL); ini_set('display_errors', '1'); //----------------------------------------------------------------------------------------------------------------------------------- // Initialize some vars $errorMsg = ''; $email = ''; $pass = ''; $remember = ''; if (isset($_POST['email'])) { $email = $_POST['email']; $pass = $_POST['pass']; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } $email = stripslashes($email); $pass = stripslashes($pass); $email = strip_tags($email); $pass = strip_tags($pass); // error handling conditional checks go here if ((!$email) || (!$pass)) { $errorMsg = '<font color="red">Please fill in both fields</font>'; } else { // Error handling is complete so process the info if no errors include 'scripts/connect_to_mysql.php'; // Connect to the database $email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query $pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it // Make the SQL query $sql = mysql_query("SELECT * FROM myMembers WHERE email='$email' AND password='$pass' AND email_activated='1'"); $login_check = mysql_num_rows($sql); // If login check number is greater than 0 (meaning they do exist and are activated) if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and // he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0 thru 5.3+) // Create session var for their raw id $id = $row["id"]; $_SESSION['id'] = $id; // Create the idx session var $_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id"); // Create session var for their username $username = $row["username"]; $_SESSION['username'] = $username; //THIS IS WHERE I EDITED THE SESSION TO SAY IF THERE LOGGED IN OR NOT $logedin = $row['id']; $_SESSION['islogedin']=$logedin; mysql_query("UPDATE myMembers SET last_log_date=now() WHERE id='$id' LIMIT 1"); // THIS WAS JUST A TEST BUT WONT UPDATE UNTILL THEY LOGOUT mysql_query("UPDATE myMembers SET online='online' WHERE id='$id' LIMIT 1"); } // close while // Remember Me Section if($remember == "yes"){ $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id"); setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days } // All good they are logged in, send them to homepage then exit script header("location: home.php?test=$id"); exit(); } else { // Run this code if login_check is equal to 0 meaning they do not exist $errorMsg = "<h3><font color='red'>Email/Password invalid<br /></font></h3><a href='forgot_pass.php'>Forgot password?</a><div align='right'> <br> Forget to activate you account?</div>"; } } // Close else after error checks } //Close if (isset ($_POST['uname'])){ ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <link href="style/main.css" rel="stylesheet" type="text/css" /> <script src="js/jquery-1.4.2.js" type="text/javascript"></script> <title>Log In</title> <title>Login Page</title> <style type="text/css"> #stage { top: 0px; left: 0px; z-index: 100; } .stage { position: absolute; top: 0; left: 0; width: 100%; min-width: 900px; height: 1359px; overflow: hidden; } #bg { background: #aedfe5 url(images/sky1.png) 0 0 repeat-x; } #clouds { background: transparent url(images/cloud.png) 305px 10px repeat-x; } #sun { background: url(images/land_sun.gif)0 0 no-repeat; } #hillbottom { background: url(images/hill2.png)0 1270px repeat-x; } </style> <link rel="stylesheet" type="text/css" href="css/loginstyle.css" /></head> <body> <!-- IE6 fixes are found in styles/ie6.css --> <!--[if lte IE 6]><link rel="stylesheet" type="text/css" href="css/ie6.css" /><![endif]--> <script src="js/jquery-1.3.2.min.js" type="text/javascript"></script> <script src="js/jquery-ui-1.7.2.spritely.custom.min.js" type="text/javascript"></script> <script src="js/jquery.spritely-0.5.js" type="text/javascript"></script> <script type="text/javascript"> (function($) { $(document).ready(function() { var direction = 'left'; $('#clouds').pan({fps: 40, speed: 0.5, dir: direction, depth: 10}); }); })(jQuery); </script><div id="bg" class="stage"></div> <div id="container"> <div id="sun" class="stage"></div> <div id="clouds" class="stage"> <div id="stage" class="stage"> <body> <div id="behindform"> <form id="signinform" action="login.php" method="post" enctype="multipart/form-data" name="signinform"> <fieldset> <legend>Log in</legend> <label for="login">Email</label> <input type="text" id="email" name="email" /> <div class="clear"></div> <label for="password">Password</label> <input type="password" id="password" name="pass" /> <div class="clear"></div> <label for="remember_me" style="padding: 0;">Remember me?</label> <input type="checkbox" id="remember" style="position: relative; top: 3px; margin: 0; " name="remember"/ value="yes" checked="checked"> <div class="clear"></div> <br /> <input type="submit" style="margin: -20px 0 0 287px;" class="button" name="commit" value="Sign In"/> </fieldset><?php print "$errorMsg"; ?> </form> </div> </div> </div><div id="hillbottom" class="stage"> </div> </body> </html> profile.php This is only a part where i try. but when i putt it on , it wont echo the other peoples on , like it doesnt get the other sessions or somethig Code: [Select] //HERE IS WHERE I STARTED , BUT dONT KNOW WHAT TO DO ! if (isset($_SESSION['islogedin']) && $logOptions_id != $id) { $isonline = "<font color='green'>online</font>"; } else{ $isonline = "<font color='red'>offline</font>"; } // This is to Check if user is online or not! needs editing //$isonline = mysql_query("SELECT online FROM myMembers WHERE id='$logOptions_id'AND online='online'"); //$isonlinecheck=mysql_query($isonline); //if ($isonlinecheck ="online"){ //$online = "is <font color='green'>online!</font>";} //else { // $online = "is<font color='red'> offline!</font>"; //} // End to Check if user is online or not! ?> I want to know how can i check wether the user is online on my website or not.... Can somebody put a code that would show all the people that are online on the website? i want online quiz in php mysql Hi, i'm trying to create some detailed statistics about customer activity, i have entries in my mysql db when the customer has been active for the last time and want to create some statistics about that, basically a "online last 24 hours" but from specific countries. Now i've tried this: Code: [Select] $time = date('Y-m-d H:i:s'); $time24 = date("Y-m-d H:i:s", time()-((60*60)*24)); $query = "SELECT COUNT(*) as Anzahl FROM customers WHERE country = 'de' AND time BETWEEN '$time' AND '$time24' "; to get the current date and select all customers that have been available from the current date minus 24 hours, what's my mistake here, as this doesn't seem to work! Thanks |
|||||||