PHP - Get User Id

Hi,

I am getting frustrated beyond belief at the moment with trying to get a very simple script to run, I am using PHP 5.3.3 and MySQL 5.1 on a Win2k8 server with IIS7.5. Basically my script is connecting to a local database, running a single select query, returning those rows and building up a string from them.

The problem is that I am receiving complete BS responses from PHP that the access is denied for the user being specified. This is complete rubbish since the user can connect via mysql, sqlyog, ASP.NET MVC without issue but for some bizarre reason it is not working via PHP.

The code for the script is here :

Code: [Select]
<?php

$mysql = mysql_connect('127.0.0.1:3306', 'myuser', 'mypass', 'mydatabase');


if (!$mysql) {
  die(mysql_error());
  $content = "<nobr></nobr>";
} else {
  
  $result = mysql_query('SELECT * FROM tblEventGroup'); 
  $content = "<nobr>";
  
  if ($result) {     
      while($row = mysql_fetch_assoc($result)) {
       $content .= "<span>";
       $content .= $row['GroupName'];
       $content .= "</span>";
       $content .= "<a href=\"../Event/EventSearch?groupid=";
       $content .= $row['GroupId'];
       $content .= "\" target=\"_blank\">Book here</a> ";
      }
  }
  
  mysql_close($mysql);
  $content .= "</nobr>";

}

?>
I cannot for the life of me understand what the problem is, the return error is

Access denied for user 'myuser'@'localhost' (using password: YES)

Hello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well.

So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically.

the index file looks like this:
Code: [Select]
<?php
include('./inc/config.php');
include('./inc/functions.php');
include('./lang/'.$language.'.lng');
$id = addslashes($_REQUEST["id"]);
$user = addslashes($_REQUEST["username"]);
$pass = addslashes($_REQUEST["password"]);
$language = strtolower($language);
if(empty($id)) $id =1;
$file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"');
if(mysql_num_rows($file)>0)
$file = mysql_fetch_array($file);
else
$file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"'));

if(!empty($user) AND !empty($pass))
{$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"');
if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';}
else $error = 'Username oder Passwort ist falsch.';}

include('./designe/'.$designe.'/head.tpl');
include('./designe/'.$designe.'/navi.php');
include('./designe/'.$designe.'/middle.tpl');

if(file_exists('./pages/'.$file["file"]))
{echo'<h1>'.ucfirst($file["title"]).'</h1>';
include('./pages/'.$file["file"]);}
if(!empty($error)) echo '<font color="red">'.$error.'</font>'; 

include('./designe/'.$designe.'/foot.tpl');
?>

Now i tried alot of things including adding:
Code: [Select]
session_start();
$_SESSION["username"] = "peter";
$_SESSION["user"] = "peter";
$_SESSION["id"] = "1";
$_SESSION["pass"] = "peter";
$_SESSION["password"] = "peter";
or
Code: [Select]
$id = "1";
$user = "peter";
$username = "peter";
$pass = "peter";
$password = "peter";
also a combination of both, nothing works, but i don't understand why ? Any help is appreciated.

/Edit, i tried adding it to the paymentmodule .php aswell, but no luck.

Hallo everybody, i have the following code. but i get allways this error while the user exist in the database. User not found! what do i do wrong?   thank you very much for your help Rafal

<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>

Edited by rafal, 21 September 2014 - 04:33 PM.

Hallo everybody, the user is in the table, but i get error (user not found!).   thank you very much for your help Rafal

<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>

hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance

I have a database which contains three users. But I can only access one of the user through PHP. When I try to enter other username I get a blank message. Anyone knows why??

Hi, I'm having some problems with this code. I have a password reset utility code which works and encrypts the password with md5 by using the password recovery page.
But in order for a user with a reset password to login I have to use this code in my page.
Code: [Select]
$username = addslashes($_POST['username']);
   $salt = 'random_stuff_15545';
       $password = md5($_POST['password'].$salt);
But when I have this code above the users that have NOT reset their passwords can NOT log in.

So for these users who have not reset their password i use this code[But with this code the users that reset their pass cannot log in]:
Code: [Select]
$username = addslashes($_POST['username']);
       $password = md5($_POST['password']);
How can I allow both types of users to log in? Cheers

Hey guys im making a script which allows a user to log in.
Then view some data from an SQL file, then click to a log out page and log out...
However i cant seem to destroy the session.
Any help?

Heres logout.php
<?php
$_SESSION['adminlogin'];
session_start();
$_SESSION = array();
session_destroy();
?>
<!DOCTYPE HTML>
<html lang="en-GB">
<head>
            <meta charset="utf-8">
            <!--Search Engine Meta Tags--> 
            <meta name="author" content="Worldwide Lighthouses">
            <meta name="keywords" content="Lighthouses,Lightships,Trinity House,Fog Signals,Fog Horns,Fresnel">
            <meta name="description" content="Worldwide Lighthouses is the number 1 source of information, pictures and videos on the Subject of Lighthouses and Lightships">
            <!--Stylesheets/Javascript-->
            <link rel="stylesheet" href="../../Page-Layout.css" media="screen and (min-width: 481px)">
            <link rel="stylesheet" href="../../Mobile-Page-Layout.css" media="only screen and (max-width:480px)">
            <!--Mobile Browser Support-->
            <meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">
            <!--IE Support-->
            <!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <link rel="stylesheet" href="../Page-Layout.css"><![endif]-->
<meta name="application-name" content="Worldwide Lighthouses"> 
<meta name="msapplication-starturl" content="http://worldwidelighthouses.com/"> 
         <meta name="msapplication-tooltip" content="Worldwide Lighthouses: Your number one source of Lighthouse Information, Videos and Pictures"> 
         <meta name="msapplication-task" content="name=Lighthouses;action-uri=http://worldwidelighthouses.com/Lighthouses.php;icon-uri=http://worldwidelighthouses.com/IE9/Lighthouses.ico"> 
         <meta name="msapplication-task" content="name=Lightships;action-uri=http://worldwidelighthouses.com/Lightships.php;icon-uri=http://worldwidelighthouses.com/IE9/Lightships.ico"> 
<meta name="msapplication-task" content="name=Fog Signals;action-uri=http://worldwidelighthouses.com/Fog-Signals.php;icon-uri=http://worldwidelighthouses.com/IE9/Fog-Signals.ico"> 
        <meta name="msapplication-task" content="name=Glossary;action-uri=http://worldwidelighthouses.com/Glossary.php;icon-uri=http://worldwidelighthouses.com/IE9/Glossary.ico">
             <title>Mailing List Administration | Worldwide Lighthouses</title> 
            </head>
<body>
  <header>
  <h1 id="WWLH">Worldwide Lighthouses</h1>
<form method="get" action="http://www.worldwidelighthouses.com/Search/search.php" id="Search-Box">
<input type="search" placeholder="Search Worldwide Lighthouses" name="query" id="query" size="30" value="" autocomplete="off">
<input type="submit" value="Search">
            <input type="hidden" name="search" value="1"> 
   </form>
</header>  <nav>
   <ul id="Nav">
  <li class="MenuButton" id="Index"><a href="../Index.php"><p class="Nav">Home</p></a></li>
        <li class="MenuButton" id="Lighthouses"><a href="../Lighthouses.php"><p class="Nav">Lighthouses</p></a></li>
        <li class="MenuButton" id="Lightships"><a href="../Lightships.php"><p class="Nav">Lightships</p></a></li>
        <li class="MenuButton" id="FogSignals"><a href="../Fog-Signals.php"><p class="Nav">Fog Signals</p></a></li>
            <li class="MenuButton" id="Daymarks"><a href="../Daymarks.php"><p class="Nav">Daymarks</p></a></li>
            <li class="MenuButton" id="Buoys"><a href="../Buoys.php"><p class="Nav">Buoys</p></a></li>
        <li id="MenuButtonLast"><a href="../Glossary.php"><p class="Nav">Glossary</p></a></li>
</ul>
</nav>
<article>
<?php
echo '<h1 class="Title">Successfully Logged Out</h1>';
?>
</article>
    <footer>
    <ul>
     <li><a href="../About.php">About</a></li>
        <li><a href="../Contact-us.php">Contact</a></li>
        <li><a href="../Use-Our-Media.php">Use our media</a></li>
        <li><a href="../Search/search.php">Search</a></li>
        <li><a href="../Social-Networking.php">Social</a></li>
        <li><a href="#Top">Back to top</a></li>
    </ul>
    <br>
    <br>
     &#38;#169; Worldwide Lighthouses <?php echo date("Y"); ?>
</footer>
</body>

If you need any of the other files, ask and ill provide.
Thanks in advance.

Danny

I am having a bit of a problem with my log on scrip sense i moved to a different host. Users are able to log in but most of there info isn't passed. The way I have it set up right now if your logged in the home page says "You are signed in as: 'user'". But all its showing is "You are signed in as:". The only thing I can tell that is getting passed is there user rank. There are other areas where the email is not showing up ether. Here is what i have.

This is on every page unless your logged in
Code: [Select]
<form name="form1" method="post" action="checklogin.php">
<span class="rulesub">Username:</span><input name="myusername" type="text" id="myusername" />
<span class="rulesub">Password:</span><input name="mypassword" type="password" id="mypassword" />
<input type="submit" name="Submit" value="Login" />
<div align="center">Not a member? <a class="nav" href="new_user.php">Sign up.</a>
</form>

This is my check log in script
Code: [Select]
<?php
ob_start();
include"scripts/connect.php" ;

mysql_connect('localhost',$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$encrypted_password=md5($mypassword);

$sql="SELECT * FROM user WHERE username='$myusername' and password='$encrypted_password' and active=1";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
$row = mysql_fetch_assoc($result);
    $rank = $row['rank'];
$loggedinusername = $row['username'];
$loggedinuseremail = $row['email'];

if($count==1){
session_start();
$_SESSION['login'] = "1"; 
$_SESSION['rank'] = $rank;
$_SESSION['loggedinusername'] = $loggedinusername;
$_SESSION['loggedinuseremail'] = $loggedinuseremail;
header ("Location:index.php");
} else { 
$errorMessage = "Invalid Login"; 
session_start(); 
$_SESSION['login'] = '';
header ("Location:login.php");
} 
?>

This is what i have for the session part on every page
Code: [Select]
<?php  session_start(); 
$_SESSION['login'];
$_SESSION['rank'];
$_SESSION['loggedinusername'] = $loggedinusername;
$_SESSION['loggedinuseremail'] = $loggedinuseremail;
$rank=$_SESSION['rank'];
$loggedinusername=$_SESSION['loggedinusername'];
$loggedinuseremail=$_SESSION['loggedinuseremail'];
?>

And this is what I am using to show the user name.
Code: [Select]
<?php
if($rank>=1){
?>
<p class="rulesub">
You are signed in as: <?php echo $loggedinusername; ?>
<br /><a class="nav" href="logout.php" title="Log out" target="_self">Log Out</a>
</p>
<?php
}?>

Thanks in advance

I have had a problem with people attacking my site and trying to gain access to users accounts so i beefed up security, however now users are complaining they keep getting logged out.

Here are the variables i use to validate the users and i dont want to strip them down any more can anyone give me any ideas for changing them so its still secure but not so strict as to keep logging the users out?

1. Username & password is encrypted into a cookie and verified on every page they visit.
2. There ip address is recorded on login and is checked against there current ip, on every page they visit via MySql.
3. When the user logs in a unix time stamp (mySql) is generated an updated of every page they visit and if it has not been updated in the last 60 mins the user is logged out.
4.I also generate a random key which is stored in the DB and is passed on every page via GET.
5.If a user tries to login and fails an email is sent to them and if 3 unsuccessful attempts user is locked out for 30mins.
 
 

I am having trouble finding a tutorial on how to have a login system like facebook and many other sites where when you login you get taken to your own profile with your own information using PHP and Mysql.

Any help would be much appreciated.

Thanks

Hi,
I am creating an application that manages movie information. I was wondering if there was a way of letting a user navigate to a directory and select it as their default movie directory. i will then scan the sub directory names and compare them to a table in the Db. This latter part I can manage, its letting a user define their own default directory that is causing me problems.
Any examples I have found are relating to file uploading similar to this

Code: [Select]
<form name="file_uploader" action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" name="data"><br />
<input type="submit" name="upload" value="Upload File">
</form>
Thanks for your time and consideration.

Ok. I would like to be able to do this  ::  http://webdeveloper.50webs.com/js.login.htm   in PHP and with a database. I know it may look like a simple login script, but I would like it to redirect to a specific URL based on each user. I.E. "http://example.com/users/index.php" is the login page, and once the user logs in, it would redirect them to "http://example.com/users/username/" Unless someone has a better idea. I know this isn't secure (because someone could just change the url to a different username, and they now have access to that users account.) The only reason I would like to do it this way, is because I have an upload script, and because of the way it uploads, the files are placed in a folder (So username/files is were the files are stored) and I have a file browser (username/browser.php) And I don't know how to display only the files the user has uploaded. (I.E. if I had one main file that the users see once they login, they would all see everyones uploads.) I would forfeit a tiny bit of security if users had there files not publicly visible. (People still have to login to see the files, and they would have to know the URL to a specific username.) So basically what I would like to do, is have a database (I.E. "Users") and have a table in that database with "username" "password" "email" "URL" and the PHP script looks up the database, and checks the username, and the password, and if they match, looks at the URL and sees were its supposed to redirect the user. I have attached the PHP code I have found, and use. If anyone knows how to do this, please let me know!

Thanks in advance!
Cheers!

------
Anders

Can somebody put a code that would show all the people that are online on the website?

I'm new to this forum, and PHP in general. So, hello to everyone!

I'm having a problem verifying whether or not my authentication script works. I'm not new to programming...just PHP.

Here it is..
<?php
//check if user is already logged in
if(isset($_session['username']))
{
    //init database information
    $db_server = "";
    $db_user = "";
    $db_password = "";
    $db_name = "";

    //connect to the database
    $connection = mysql_connect($db_server, $db_user, $db_password);
    if(!$connection)
    {
        die('Failed to connect: ' . mysql_error());
    }
    mysql_select_db($db_name, $connection);
        
    //verify login information
    $username = $_POST['username'];
    $password = $_POST['password'];
    $query = mysql_query("SELECT * FROM users WHERE username='$username'");
    if($query)
    {
        $array = mysql_fetch_array($query);
        if($_POST['password'] = $array['password'])
        {
            $_session['username'] = $array['username'];
            $_session['email'] = $array['email'];
            $_session['user_level'] = $array['user_level'];
            $_session['ip'] = $array['ip'];
            $_session['date_registered'] = $array['date_registered'];
            echo $_session['username'];
        }
        else
        {
            echo 'Bad Login Information!';
        }
    }
    else
    {
        die('Failed to login: ' . mysql_error());
    }
}
?>

<form action="auth.php" method="post">
<input name="username" type="text" size="20" maxlength="16">
<input name="password" type="text" size="20" maxlength="20">
<input name="submit" type="submit" value="Submit">
</form>