|
PHP - User Access 9.00 Am To 6.00 Pm Monday To Friday
Im using the script to let users login in to our site from 9.00 am to 6.00 pm from Monday To friday, timing is working fine but the day part don't, any ideas why, here is the top of the script is on the login.php page
Code: [Select] <? $hour = date('H');//hour 1-24 $dayofweek = date('N');//numeric day of week 1=mon, 7=sun if($hour < 6 || $hour > 15 || $dayofweek > 5) { header( "Location:Messages.php?msg=12" ); }else { //login code session_start(); if(isset($_GET['reg'])){ $reg=$_GET['reg']; }else{ $reg=""; } if($reg==1){ $msg1="<font color=\"#FF6600\">Your details have been added, please login</font>"; }elseif($reg==2){ $msg1="<font color=\"#FF6600\">You have been successfully logged out.</font>"; } if(isset($_POST['submit'])){ if( empty($_POST['uname']) && (empty($_POST['upass']))){ header( "Location:Messages.php?msg=1" ); exit(); } //transfer to shorter var $n=$_POST['uname']; $p=$_POST['upass']; //connect to db include('config.php'); $query="SELECT * FROM user WHERE uname = '".$_POST['uname']."' AND pw = PASSWORD('".$_POST[upass]."')"; $result=mysql_query($query); $num=mysql_num_rows($result); if($num>0 ){ //put in session vars $mytime=time(); $mytime=date("H:i:s A",$mytime); $_SESSION['time'] = $mytime; $_SESSION['status'] = 'logged'; $_SESSION['username'] = $n; //goto next page header("location:Welcome.php"); exit; }else{ $_SESSION['status'] = 'not logged'; header( "Location:Messages.php?msg=2" ); exit(); } } } ?> Similar TutorialsHi, I am getting frustrated beyond belief at the moment with trying to get a very simple script to run, I am using PHP 5.3.3 and MySQL 5.1 on a Win2k8 server with IIS7.5. Basically my script is connecting to a local database, running a single select query, returning those rows and building up a string from them. The problem is that I am receiving complete BS responses from PHP that the access is denied for the user being specified. This is complete rubbish since the user can connect via mysql, sqlyog, ASP.NET MVC without issue but for some bizarre reason it is not working via PHP. The code for the script is here : Code: [Select] <?php $mysql = mysql_connect('127.0.0.1:3306', 'myuser', 'mypass', 'mydatabase'); if (!$mysql) { die(mysql_error()); $content = "<nobr></nobr>"; } else { $result = mysql_query('SELECT * FROM tblEventGroup'); $content = "<nobr>"; if ($result) { while($row = mysql_fetch_assoc($result)) { $content .= "<span>"; $content .= $row['GroupName']; $content .= "</span>"; $content .= "<a href=\"../Event/EventSearch?groupid="; $content .= $row['GroupId']; $content .= "\" target=\"_blank\">Book here</a> "; } } mysql_close($mysql); $content .= "</nobr>"; } ?> I cannot for the life of me understand what the problem is, the return error is Access denied for user 'myuser'@'localhost' (using password: YES) Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta I have just set up MAMP on my new MacBook Pro and I am having trouble getting my MySQL connection working. When I use the following code: Code: [Select] $mysqli = new mysqli('localhost', 'application', 'application', 'dorset'); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (".$mysqli-errno.") ".$mysqli->connect_error; } I get this error: Failed to connect to MySQL: () Access denied for user 'application'@'localhost' (using password: YES) However if I use the old mysql_connect() function, it doesnt throw back any errors?! Any ideas? Okay, I am going to try to explain this the best I can, I appreciate and thank you for your help in advance! Okay, this is what I am wanting to do. I want to create a user area on my website. I don't need a common page that every user see's but each user to have there own unique page that they are brought to once they log-in, where they will have there own content that I will change and update often. As for the usernames and passwords, I will be creating these when needed and giving them to the corresponding user, so I am not in need of a registration option. I am needing assistance on how to setup the MySQL database and the PHP coding for this. Remember, I am going to need to be able to add new users w/ passwords when needed. Thanks for your help! I am working on an application and part of the requirements is to restrict the number of users that can log in based on a license. So on install, I will provide a license that allows for 10 user accounts to be created.
If the client requires 50, a different license will be provided that allows 50.
Regards Hi there, I am trying to write a simple piece of code that will display a little text phrase on every Friday 13th in any year. How would I best go about doing this? Thank you. i have this code to set a date to the 1st of the previous month -- SELECT DATE_FORMAT(DATE_SUB(tbl_col, INTERVAL 1 MONTH), '%Y-%m-01') FROM table can it be changed to set date to first Monday in that month...? Hi, I found a tutorial in building a poll, however it detects IP, so people can't vote multiple times, so I dissected the code into sections while removing the IP blocking, while still inserting the IP address into the database, the problem is that I get: Access denied for user 'ODBC'@'localhost' for the second page, I don't know where I went wrong, could anyone help me? I also attached the code and .sql file so that people can hack it and check where it got wrong. Thanks here is the original poll code <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])){ $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid=(SELECT pid FROM questions WHERE id='".$_POST['questions']."' LIMIT 1)"); if(mysql_num_rows($query) == 0){ $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else { $error = 'You Already Voted'; } } else if(!isset($_POST['questions']) && isset($_POST['vote'])){ $error = 'Please select a response'; } ?> <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); //echo "SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"; $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> <?php } else { ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action=""> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php if(isset($error)){ ?> <tr> <td valign="top" colspan="2" align="center" style="padding: 0px 0px 10px 0px;"><?php echo $error; ?></td> </tr> <?php } ?> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> <?php } ?> </table> <?php } ?> Here are the sectioned codes insert.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php include('config.php'); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])) { //insert the vote to the database $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else if(!isset($_POST['questions']) && isset($_POST['vote'])) { echo 'Please select a response'; } include('results.php'); ?> results.php <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); //vote results ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> vote.php <?php include('config.php'); //vote starts here ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action="results.php"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> </table> config.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); $poll = mysql_fetch_array($query); $title = $poll['name']; ?> is this a good way of doing a simple admin different rights e.g if secret word then go to adminpage.php Code: [Select] session_start(); $captcha = $_POST["captcha"] ; $secretword = $_SESSION["secretword"] ; if (strcmp( $captcha, $secretword )) { // it's a bot } else { // matched -- it's a human } Hi everyone! I'm getting the error "Access denied for user ''@'localhost' to database 'crystalair'" (crystalair is the name of my database) whenever I submit my form which inserts a new row to the database table "order". The same happens when I try to retrieve data from the table using select query. However, I can successfully perform operations (select, insert) in my other pages which involves another database table "user". If this is a connection error, how can I successfully perform operations with another table? Also, my connection query does not return an error. I have also checked to make sure my user has been granted "All Privileges" in the phpmyadmin. I've run out of ideas. Can you please help? Thanks a lot. Hi guys, in my database i have the table called users, where i have 5 fields (id, username, email, password, user_level) - for the user_level field i have 2 options administrator and editor.
What i want to do is that when the user who is logged in have administrator in the user_level field to see all the pages from backend, and the user who have in the user_level field editor to see only some of the pages from the backend such as newsletter, or messages.
I hope you understand what i'm asking if not fell free to ask me if you need more specific details.
I tried to make a php page called access.php wher i put the following code, but not working
<?php
session_start();
$sql = $mysqli->query("SELECT user_level FROM imobiliare_users WHERE id=$id");
$user_level = $mysqli->query($sql);
echo $user_level;
if ($user_level !="administrator") {
echo "You are not the proper user type to view this page";
die();
}
?>
Hope you can help me. Thx in advance for help.
config.php file does the problem lie here it wont seem to connect to the database and gives me the code above <?php define( "DB_DSN", "mysql: host=vega.soi.city.ac.uk;dbname=abhr428"); define( "DB_USERNAME", "abhr428" ); define( "DB_PASSWORD", " i have taken password out" ); define( "PAGE_SIZE", 5 ); define( "TBL_USERS", "users" ); define( "TBL_ACCESS_LOG", "accesslog" ); ?> I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Hallo everybody,
i have the following code.
but i get allways this error while the user exist in the database.
User not found!
what do i do wrong?
thank you very much for your help
Rafal
<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>
Edited by rafal, 21 September 2014 - 04:33 PM. Hello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. Hallo everybody,
the user is in the table, but i get error (user not found!).
thank you very much for your help
Rafal
<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>
|
|||||||