PHP - Embeding Login Page To Site

I am a newbie. I need some guidance for logging onto an existing site, and downloading files.

Some tips what I should be looking for?

Thanks.

Not sure if I'm trying to achieve something totally crazy here, or if this is something pretty standard. Didn't have much luck with searching as I'm not fully down with all the terms.

(A) I have one site providing an RSS feed.
(B) I have one site I want to search, once for each of the items in the feed A.
(C) I want the results of the search in (B) to be displayed on page (C).

So for example, the feed on (A) says;

apples
bananas
oranges
cheese

I want site (B) to search for each of those terms (by passing the item in the feed (A) to the ?search= part of the URL of that page) and then show the results from THAT search on page C. Bit of a complex one, let me know if you need me to clarify. Thanks for any help! 

Hey guys,

I'm kind of a n00b with PHP and i'm trying to practice by building a mock e-comm site, but i'm having a problem with my admin login form. When the information is submitted the form just clears and doesn't redirect me to the index.php file i have set-up. My knowledge of php isn't where i'd like it to be yet, so i'm here for help! I'll post the code for bpoth the admin login page and the index.php file.

ADMIN LOGIN PAGE
            |
            |
            V
<?php
session_start();
if (isset($_SESSION["username"])) {
    header("location: index.php");
    exit();
}

?>
<?php

if (isset($_POST["username"]) && isset($_POST["password"])){

   $username = $_POST["username"]; // filter everything but numbers and letters
    $password = $_POST["password"]; // filter everything but numbers and letters

    include "../storescripts/connect_to_mysql.php";
    $sql = mysql_query("SELECT id FROM admin WHERE username='$username' AND password='$password' LIMIT 1");

    $existCount = mysql_num_rows($sql); // count the row nums
    if ($existCount == 1) { // evaluate the count
        while($row = mysql_fetch_array($sql)){
             $id = $row["id"];
       }
       $_SESSION["id"] = $id;
       $_SESSION["username"] = $username;
       $_SESSION["password"] = $password;
       header("location: index.php");
         exit();
    } else {
      echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
      exit();
   }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <title>Store Admin Area</title>
        <link rel="stylesheet" type="text/css" href="../css/main_style.css" />
   </head>

   <body>
           <div id="wrapper">
                  <div id="text"><br />
                     <div align="left" style="margin-left:100px; margin-top:100px;">
                        <h2>Please Login To Manage The Store</h2>
                        <br /><br />
                        <form id="form1" name="form1" method="post" action="admin_login.php">
                        <strong>Username</strong>
                           <input name="username" type="text" id="username" size="40" />
                        <br /><br />
                        <strong>Password</strong>
                           <input name="password" type="password" id="password" size="40" />
                        <br />
                        <br />
                           <input type="submit" name="button" id="button" value="Login" />
                        </form>
                     </div>
           </div><!--closes wrapper-->
   </body>
</html>



INDEX.PHP FILE
           |
           |
           V

<?php
session_start();
if (!isset($_SESSION["username"])) {
    header("location: admin_login.php");
    exit();
}

$usernameID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]);
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$usernameID' AND username='$username' AND password='$password' LIMIT 1"); // query the person

$existCount = mysql_num_rows($sql); // count the row nums
if ($existCount == 0) { // evaluate the count
    echo "Your login session data is not on record in the database.";
     exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <title>Store Admin Area</title>
        <link rel="stylesheet" type="text/css" href="../css/main_style.css" />
   </head>

   <body>
          <div id="wrapper">
                  <div id="text"><br />
                     <div align="left" style="margin-left:100px; margin-top:100px;">
                        <h2>Hello store manager, what would you like to do today?</h2>
                        <p><a href="inventory_list.php">Manage Inventory</a><br />
                        <a href="#">Manage Blah Blah </a></p>
                     </div>
                     <br />
                  <br />
                  <br />
                </div><!--closes wrapper-->
   </body>
</html>

Any help and suggestions are greatly appreciated! Thanks!

Hi guys, what I'm struggling to do is

1) Users land on https://www.mysite.com/login.php
2) Users type their email and password
3) POST data submitted to http://www.3rdparty.com/login.php with cURL
4) Users redirected to http://www.3rdparty.com/index.php (logged in).

I've been using this simple form to POST directly to the 3rd party site.

Code: [Select]
<form name="loginform" method="post" target="_blank" action="http://www.3rdparty.com/login.php">
Email <input name="email" type="text">
Password<input name="password" type="password">
<input name="submit" type="submit" id="loginbutton" value="login"></form>
This works great. But now I've installed a SSL on my site and I've just realised that using the form above, the data is still POSTed as a plain text because the 3rd party site is not https.
So I want to submit the form to my login.php form and let this form take the users to the 3rd party site. So at least the user inputs to my site is encrypted.
My new code looks like this.

Code: [Select]
<form name="loginform" method="post" target="_blank" action="login.php">
Email <input name="email" type="text">
Password<input name="password" type="password">
<input name="submit" type="submit" id="loginbutton" value="login"></form>
<?php
 if(isset($_POST['email']))     $email= $_POST['email'];
 if(isset($_POST['password']))   $password= $_POST['password'];
 if(isset($_POST['submit']))   $submit   = $_POST['submit'];
 
 $Curl_Session = curl_init('http://www.3rdparty.com/login.php');
 curl_setopt ($Curl_Session, CURLOPT_POST, 1);
 curl_setopt ($Curl_Session, CURLOPT_POSTFIELDS, "email=$email&password=$password&submit=$submit");
 curl_setopt ($Curl_Session, CURLOPT_FOLLOWLOCATION, 1);
 $result =  curl_exec ($Curl_Session);
 curl_exec ($Curl_Session);
 curl_close ($Curl_Session);

print $result;
?>

What this code is doing now is it's just rendering the www.3rdparty.com's login page (not logged in) on my site.
When I type wrong values, it renders www.3rdparty.com's login page with an error message on it.
So I think at least the values are being POSTed but it doesn't log me in.
All of the cURL codes available out there seem to POST the data and fetch some results back not redirecting the users to another site.
My ultimate goal is to POST the form and redirect the users to the 3rd party site's member area as well.
I tried header("Location: http://www.3rdparty.com/index.php"); but it just takes user to that page without being logged in.

Could anyone give me some hints?

Hi,

Having completed a site migration this am everything went well aside from issues with logging into and out of our site where two files are used and appear as white pages.

When logging into our site, proc_login.php is used and when logging out proc_logout.php is used.

Both processes result in a white "blank" page instead of the php files forwarding on.

I've no idea about php generally and have been trying my best to find useful and similar information online to attempt to resolve the problem.  I am now stuck.

The site works perfectly on my local web server, and what is really baffling me is the site also works perfectly on Domain B on the exact same server I'm trying to get the site running under as Domain A.  In other words as both Domain A & B are configured on the same host server I'm thinking all the inherited php/apache/mysql settings should be identical (or pretty much thereabouts) and therefore am more confused than ever! 

I simply don't know where to start therefore in resolving this problem.  I've tried looking in the error log file and have also played around with turning on error enabling on those specific php files to try and follow any errors, however the "errors" generated are no different than the ones present on sites where the login/logout process works just fine.

I've hopefully attached both files and if anyone could assist in helping me narrow down my search for a solution I'd be very appreciative.

Thanks.

Hi,

I am a php newbie, who has a page that relies on some php scripts, and to which I am trying to add a login page written in php.  I took the example from he

http://www.howtodothings.com/computers-internet/how-to-make-a-login-system-for-your-website

Basically it consists of adding:

<?
require("log.php");
?>

to the top of any page I want to protect, a log.php file which performs the actions of the form, linking to a mySQL database, and a login.php file which contains the form.

I have the login working fine, but it breaks one of the PHP scripts on the page that is protected.  It is an upload script, called Weaverbox, based on FancyUpload.  The uploads which are handled by a file called upload.php, aren't happening.  The progress shows that they are being uploaded, but nothing is uploaded, and there is no success message.  As soon as I remove the code from the top of the page requiring log.php all works fine again.

I think I may have to add some rules/extensions to resolve this conflict, but I don't know how to go about this.  Would someone be able to help me get it sorted?

Thanks

Nick

Can someoneplease help, I need to setup an error page like IF Username and Password are wrong then show an error also if there is no username or password in the fields and I just click LOGIN, I get a blank page?!

Can someone please help me here or point me to a relevant tutorial?

thanks

here is my page:
http://www.retroandvintage.co.uk/default.php

here is my  code:
Code: [Select]
<?php
session_start();
include_once("config.php");

$ebits = ini_get('error_reporting');
error_reporting($ebits ^ E_NOTICE);
/*
Login script:
This script does the following:

Checks that the user is NOT already logged in - if they are they
are redirected to the members page by the 'checkLoggedIn()' function.

Checks if the login form has been submitted - if so, the 'login' and
'password' fields are checked to ensure they are of the correct format and length.
If there are any problems here an error is added to the $messages array and
then the script executes the 'doIndex()' function - this function basically
outputs the main 'index' page for this script - ie the login form.

If there are no problems with the previous step, the 'login' and 'password'
field data is passed to the 'checkPass' function to check that an entry
exists in the 'users' table for that login/password pair.
If nothing is returned from the 'checkPass()' function, an error is
added to the $messages array and the 'doIndex()' function is called as above.

If a row of data is returned from the 'users' table, the data is passed to
the 'cleanMemberSession()' function - which initializes session variables and
logs the user in.  The user is then forwarded to the members page.

If the form hasn't yet been submitted, then the 'doIndex()' function is called
and the login page is displayed.
*/
// Check user not logged in already:
checkLoggedIn("no");

// Page title:
$title="Member Login Page";

// if $submit variable set, login info submitted:
if(isset($_POST["submit"])) {
//
// Check fields were filled in
//
// login must be between 4 and 15 chars containing alphanumeric chars only:
field_validator("rsUser", $_POST["rsUser"], "alphanumeric", 4, 15);
// password must be between 4 and 15 chars - any characters can be used:
field_validator("rsPass", $_POST["rsPass"], "string", 4, 15);

// if there are $messages, errors were found in validating form data
// show the index page (where the messages will be displayed):
if($messages){
doIndex();
// note we have to explicity 'exit' from the script, otherwise
// the lines below will be processed:
exit;
}

// OK if we got this far the form field data was of the right format;
// now check the user/pass pair match those stored in the db:
/*
If checkPass() is successful (ie the login and password are ok),
then $row contains an array of data containing the login name and
password of the user.
If checkPass() is unsuccessful however, $row will simply contain
the value 'false' - and so in that case an error message is
stored in the $messages array which will be displayed to the user.
*/
    if( !($row = checkPass($_POST["rsUser"], $_POST["rsPass"])) ) {
// login/passwd string not correct, create an error message:
        $messages[]="Incorrect login/password, try again";
    }

/*
If there are error $messages, errors were found in validating form data above.
Call the 'doIndex()' function (which displays the login form) and exit.
*/
if($messages){
doIndex();
exit;
}

/*
If we got to this point, there were no errors - start a session using the info
returned from the db:
*/
cleanMemberSession($row["rsUser"], $row["rsPass"]);

// and finally forward user to members page (populating the session id in the URL):
header("Location: main.php");
} else {
// The login form wasn't filled out yet, display the login form for the user to fill in:
doIndex();
}

/*
This function displays the default 'index' page for this script.  This consists of just a simple
login form for the user to submit their username and password.
*/
function doIndex() {
/*
Import the global $messages array.
If any errors were detected above, they will be stored in the $messages array:
*/
global $messages;

/*
also import the $title for the page - note you can normally just declare all globals on one line
- ie:
global $messages, $title;
*/
global $title;
}
// drop out of PHP mode to display the plain HTML:
?>
<!doctype html>
<html>
<head>
<title>List of Pubs and Bars in the UK</title>
<meta name="description" content="Pubs and bars in the UK, nightlife for food and drink" />
<meta name="keywords" content="Pubs, bars, List, uk, nightlife, drinking, drinks, beer, lager, food" />
<meta name="Content-Language" content="en-gb" />
<meta name="robots" content="FOLLOW,INDEX" />
<meta name="revisit-after" content="2 days" />
<meta name="copyright" content="jbiddulph.com" />
<meta name="author" content="John Biddulph - Professional web site design and development in the south of england mainly worthing and brighton" />
<meta name="distribution" content="Global" />
<meta name="resource-type" content="document" />
<link rel="stylesheet" type="text/css" href="css/reset.css" />
<link rel="stylesheet" type="text/css" href="css/ui-lightness/jquery-ui-1.8.6.custom.css" title="default" />
<link rel="alternate stylesheet" type="text/css" href="css/south-street/jquery-ui-1.8.6.custom.css" title="1" />
<link rel="alternate stylesheet" type="text/css" href="css/redmond/jquery-ui-1.8.6.custom.css" title="2" />
<script type="text/javascript" src="js/stylechanger.js"></script>
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/jquery-ui-1.8.6.custom.min.js"></script>
<script type="text/javascript">
$(function(){

// Accordion
$("#accordion").accordion({ header: "h3" });

// Tabs
$('#tabs').tabs();


// Dialog
$('#dialog').dialog({
autoOpen: false,
width: 600,
buttons: {
"Ok": function() {
$(this).dialog("close");
},
"Cancel": function() {
$(this).dialog("close");
}
}
});

// Dialog Link
$('#dialog_link').click(function(){
$('#dialog').dialog('open');
return false;
});

// Datepicker
$('#datepicker').datepicker({
inline: true
});


//hover states on the static widgets
$('#dialog_link, ul#icons li').hover(
function() { $(this).addClass('ui-state-hover'); },
function() { $(this).removeClass('ui-state-hover'); }
);

});
</script>
<script type="text/javascript">
function lookup(inputString) {
if(inputString.length == 0) {
// Hide the suggestion box.
$('#suggestions').hide();
} else {
$.post("rpc.php", {queryString: ""+inputString+""}, function(data){
if(data.length >0) {
$('#suggestions').show();
$('#autoSuggestionsList').html(data);
}
});
}
} // lookup

function fill(thisValue) {
$('#inputString').val(thisValue);
setTimeout("$('#suggestions').hide();", 200);
}
</script>
</head>
<body>
<?php if($messages) { displayErrors($messages); }?>
<header>
<div id="title">
<h1>My Pub Space
<a href="#" onClick="setActiveStyleSheet('default'); return false;"><img src="images/0.gif" width="15" height="15" border="0" alt="css style" /></a>&nbsp;<a href="#" onClick="setActiveStyleSheet('1'); return false;"><img src="images/1.gif" width="15" height="15" border="0" alt="css style" /></a>&nbsp;<a href="#" onClick="setActiveStyleSheet('2'); return false;"><img src="images/2.gif" width="15" height="15" border="0" alt="css style" /></a>
<span>
<form method="post" class="textbox" action="search.php">
Town/City:&nbsp;<input type="text" size="26" class="searchbox" value="" name="rsTown" id="inputString" onKeyUp="lookup(this.value);" onBlur="fill();" />

<div class="suggestionsBox" id="suggestions" style="display: none;">
<img src="images/upArrow.png" style="position: relative; top: -36px; left: 105px; z-index:1;" alt="upArrow" />
<div class="suggestionList" id="autoSuggestionsList">
&nbsp; </div>
</div>
<input type="image" src="images/go.png" height="30" with="30" value="GO" />
</form>
</span>
  </h1>
</div>
</header>
<nav>
<ul>
<li class="selected"><a href="default.php">Home</a></li>
<li><a href="#">Pubs</a></li>
<li><a href="#">Members</a></li>
<li><a href="#">Events</a></li>
<li><a href="register.php">Register</a></li>
</ul>
</nav>
<section id="intro">
<header>
<h2>Your social guide to going down the pub, online!</h2>
</header>
<p>Stuck in town with nowhere to go? Not sure if up the road or down the street is best? Need to be somewhere warm, cosy and friendly. Need a drink?....<br />You've come to the right place, mypubspace has it all!</p>
<img src="images/pub.jpg" alt="pub" /> </section>
<div id="content">
<div id="mainContent">
<section>
<article class="blogPost">
<header>
<h2>Pubs and Bars UK Listing</h2>

</header>
<?php

$tableName="pubs";
$targetpage = "default.php"; 
$limit = 20; 

$query = "SELECT COUNT(*) as num FROM $tableName";
$total_pages = mysql_fetch_array(mysql_query($query));
$total_pages = $total_pages['num'];

$stages = 3;
$page = mysql_escape_string($_REQUEST['page']);
if( isset($_REQUEST['page']) && ctype_digit($_REQUEST['page']) ) {
      $page = (int) $_GET['page'];
      $start = ($page - 1) * $limit;
}else{
      $start = 0;   
}

    // Get page data
$query1 = "SELECT * FROM $tableName LIMIT $start, $limit";
$result = mysql_query($query1);

// Initial page num setup
if ($page == 0){$page = 1;}
$prev = $page - 1;
$next = $page + 1;
$lastpage = ceil($total_pages/$limit);
$LastPagem1 = $lastpage - 1;


$paginate = '';
if($lastpage > 1)
{




$paginate .= "<div class='paginate'>";
// Previous
if ($page > 1){
$paginate.= "<a href='$targetpage?page=$prev'>previous</a>";
}else{
$paginate.= "<span class='disabled'>previous</span>"; }



// Pages
if ($lastpage < 7 + ($stages * 2)) // Not enough pages to breaking it up
{
for ($counter = 1; $counter <= $lastpage; $counter++)
{
if ($counter == $page){
$paginate.= "<span class='current'>$counter</span>";
}else{
$paginate.= "<a href='$targetpage?page=$counter'>$counter</a>";}
}
}
elseif($lastpage > 5 + ($stages * 2)) // Enough pages to hide a few?
{
// Beginning only hide later pages
if($page < 1 + ($stages * 2))
{
for ($counter = 1; $counter < 4 + ($stages * 2); $counter++)
{
if ($counter == $page){
$paginate.= "<span class='current'>$counter</span>";
}else{
$paginate.= "<a href='$targetpage?page=$counter'>$counter</a>";}
}
$paginate.= "...";
$paginate.= "<a href='$targetpage?page=$LastPagem1'>$LastPagem1</a>";
$paginate.= "<a href='$targetpage?page=$lastpage'>$lastpage</a>";
}
// Middle hide some front and some back
elseif($lastpage - ($stages * 2) > $page && $page > ($stages * 2))
{
$paginate.= "<a href='$targetpage?page=1'>1</a>";
$paginate.= "<a href='$targetpage?page=2'>2</a>";
$paginate.= "...";
for ($counter = $page - $stages; $counter <= $page + $stages; $counter++)
{
if ($counter == $page){
$paginate.= "<span class='current'>$counter</span>";
}else{
$paginate.= "<a href='$targetpage?page=$counter'>$counter</a>";}
}
$paginate.= "...";
$paginate.= "<a href='$targetpage?page=$LastPagem1'>$LastPagem1</a>";
$paginate.= "<a href='$targetpage?page=$lastpage'>$lastpage</a>";
}
// End only hide early pages
else
{
$paginate.= "<a href='$targetpage?page=1'>1</a>";
$paginate.= "<a href='$targetpage?page=2'>2</a>";
$paginate.= "...";
for ($counter = $lastpage - (2 + ($stages * 2)); $counter <= $lastpage; $counter++)
{
if ($counter == $page){
$paginate.= "<span class='current'>$counter</span>";
}else{
$paginate.= "<a href='$targetpage?page=$counter'>$counter</a>";}
}
}
}

// Next
if ($page < $counter - 1){ 
$paginate.= "<a href='$targetpage?page=$next'>next</a>";
}else{
$paginate.= "<span class='disabled'>next</span>";
}

$paginate.= "</div>";


}
 echo $total_pages.' Results';
 // pagination
 echo $paginate;
?>

<div id="accordion">
<?php 
 

while($row = mysql_fetch_array($result))
{

echo '<div><h3><a href=\"#\">'.$row['rsPubName'].'</a></h3><div>'.$row['rsAddress'].'<br />'.$row['rsTown'].', '.$row['rsCounty'].'<br />'.$row['rsPostCode'].'<br /><br />Region: '.$row['Region'].'<br /><br />Telephone: '.$row['rsTel'].'</div></div>';

}

?>
</div>
</article>
</section>

</div>
<aside>
<section>
<header>
<h3>Members Login Area</h3>
</header>
<form method="post" class="textbox" action="<?php print $_SERVER["PHP_SELF"]; ?>">
Username:&nbsp;<br />
<input type="text" class="textbox" name="rsUser" value="<?php print isset($_POST["rsUser"]) ? $_POST["rsUser"] : "" ; ?>">
Password:&nbsp;<br />
<input type="password" class="textbox" name="rsPass">
<br />
<br />
<input name="submit" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only" type="submit" value="Login">
<br />
</form>
<ul>
<li><button id="button" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only" role="button" aria-disabled="false"><span class="ui-button-text"><a href="register.php">Sign up</a></span></button></li>
<li><button id="button" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only" role="button" aria-disabled="false"><span class="ui-button-text"><a href="forgot.php">Forgot Password</a></span></button></li>
</ul>
</section>
<section>
<header>
<h3>Quick Search</h3>
</header>
<ul>
<li><a href="#">Coming Soon!</a></li>
</ul>
</section>
</aside>
</div>
<footer>
<div>
<section id="about">
<header>
<h3>About</h3>
</header>
<p>My Pub Space is one of the largest and newest UK Pubs and Bars Listing sites online. It is not just a list of pubs, we have added a touch of interactive social pubbing experience online! Once registered, you can view information on pubs in your area, write reviews, organise your evenings out!</p>
</section>
<section id="blogroll">
<header>
<h3>Links</h3>
</header>
<ul>
<li><a href="#">Coming Soon!</a></li>
</ul>
</section>
<section id="popular">
<header>
<h3>Popular</h3>
</header>
<ul>
<li><a href="#">Coming Soon!</a></li>
</ul>
</section>
</div>
</footer>
</body>
</html>

ONE of my SESSION values isn't remaining after login while others do.

This works fine on my localhost, it's on the live site that there is a problem and it just started yesterday. Before that it worked great.

Out of the four SESSIONs made I can only echo three values on other pages, member id the most important doesn't transfered to other pages

Notes: all these files are in the same folder, there is a SESSION started for the member id on the login page, you can see that it is used in the redirect below and the redirect works fine with the redirect going to the correct page " $home/member/index.php?user=$id_mem "

Here is the login page
// Here's the basic login page info
<?php # login.php
session_start();
ob_start() 
...connect to db & header called...
...Form validation.....

if ($e && $p) { // If everything's OK.
// Query the database:
$q = "SELECT id_mem, display_name, mem_group FROM sn_members WHERE (email='$e' AND password=SHA1('$p')) AND active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
//  or die("Error: ".mysqli_error($dbc));

if (@mysqli_num_rows($r) == 1) { // If a match was made.

// Register the values & redirect:
// Give SELECTED elements a session
$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
mysqli_free_result($r);

// Update db for last login
$id_mem = $_SESSION['id_mem']; // <<< SESSION member id has a value here because it's used in the redirect below
$ip = $_SERVER['REMOTE_ADDR']; // Get ip address of person logging in
$q = "UPDATE sn_members SET last_login = Now(), ip = '$ip' WHERE id_mem = '$id_mem' LIMIT 1";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

header("Location: $home/member/index.php?user=$id_mem");
exit(); // Quit the script.

}
?>


Here is the main page that a user would be redirect to above
<?php // /member/ all member info is through this folder
session_start();
ob_start();

if (isset($_GET['user']) && is_numeric($_GET['user'])) {
$user = $_GET['user'];
$user = $user;
if ($user < 0) {
header("Location: $home/index.php");
exit();
}
}

if ((!isset($_SESSION['id_mem']))  && (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])))){
// If not a logged in member redirect
header("Location: $home/index.php");
exit(); // Quit the script.
}
?>

Thanks in advance for the help
SJ

Hello, I am once again desperately asking for your help,

I am working on a simple login page and I am having trouble actually getting it  to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now

 

This is the code any suggestions would be greatly appreciated

<?php
    /*
    Name: Deanna Slotegraaf 
    Course Code: WEBD3201
    Date: 2020-09-22
    */

    $file = "sign-in.php";
    $date = "2020-09-22";
    $title = "WEBD3201 Login Page";
    $description = "This page was created for WEBD3201 as a login page for a real estate website";
    $banner = "Login Page";
    require 'header.php';

    $error = "";

    if($_SERVER["REQUEST_METHOD"] == "GET")
    {
        $username = "";
        $password = "";
        $lastaccess = "";        
        $error = "";
        $result = "";
        $validUser = "";
    }
    else if($_SERVER["REQUEST_METHOD"] == "POST")
    {        
    	$conn;
        $username = trim($_POST['username']); //Remove trailing white space
        $password = trim($_POST['password']); //Remove trailing white space

    if (!isset($username) || $username == "") {
      $error .= "<br/>Username is required";
    }
    if (!isset($password) || $password == ""){
      $error .= "<br/>Password is required";
    }
    if ($error == "") {
      $password = md5($password);
      $query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'";
      $results = pg_query($conn, $query);
      //$_SESSION['username'] = $username;
        //$_SESSION['success'] = "You are now logged in";
        header('location: dashboard.php');
      }else {
        $error .= "Username and/or Password is incorrect";
      }

}

?>

<div class = "form-signin">
    <?php
             echo "<h2 style='color:red; font-size:20px'>".$error."</h2>";
    ?>
<form action = "<?php echo $_SERVER['PHP_SELF'];  ?>" method="post">

      <label for="uname"><b>Login ID</b></label>
      <input type="text" name="username" value="<?php echo $username; ?>"/>
      <br/>
      <label for="psw"><b>Password</b></label>
      <input type="password" name="password" value="<?php echo $password; ?>"/>
      <br/>
        <button type="submit" name="login_user">Login</button>
        <button type="reset">Reset</button></div>
</form>
</div>

<?php require "footer.php"; ?>

 

I placed car-dealer-website, a web application from car-dealer-website.org , in a subdirectory on my host mysite.com/car. Wordpress is public_html (mysite.com).

What I am trying to do is embed mysite.com/car in Wordpress. I tried iframe and it is ugly. I looked for a php css options,using a code I found online, it didnt work but I saw hope and think php and css is the solution.

What I am asking for is direction on using php and css to embed in Wordpress. I want to write code no plugins. I hope to learn some php coding. Thank you in advance for your suggestions, tutorials, different methods.

How can i embed variables into an email message.
Eg. If i want to add the result of mysql query, would i do somthing similiar to this;
mail( "email@domain.co.uk", "Header","$message $result" ); ?
Obviously this doesn't work.  In fact i get the message from my html form, followed by 'Resource id #2'.
Im learning php at the moment.  If anyone could help me with this, or point me in the right direction this would be great.  Iv'e looked at w3schools but I cant find anything specific like this.


mysql_connect("db.hostedresource.com","treesurgery","password here"); 
mysql_select_db("treesurgery") or die("Unable to select database"); 
$code = $_GET['postcode'];
$message = $_GET['message'];
$result = mysql_query("SELECT email FROM treesurgeons WHERE postcode LIKE '%$code%' ORDER BY companyName LIMIT 3")
or die(mysql_error());  

echo "<h2>Business Names:</h2>";
while ($row = mysql_fetch_array( $result ))
{
echo " ".$row['email'] . "<br>";
}
echo "<br>";
echo $message;

mail( "email@domain.co.uk", "Header","$message" );

  echo "Thank you for using our mail form.";

How can this be written in PHP?

Code: [Select]
echo '<IMG alt="" src=".$row['id']/thumb.png">';

Hi im trying to create a sign up page for my website that contains different paths dependin on the membership that you select. I am an unexperienced programmer and need help as nothing is working at the moment. I would appreciate if people could reply to this post as soon as possible as I need it sorted today! Below is my code! Can you please send me suggestive improvement? Thanks 

<?php



if (isset ($_POST['firstname'])){

   

   //grab data from the form

   
    $username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers
    $firstname = preg_replace('#[^A-Za-z]#i', '', $_POST['firstname']); // filter everything but Letters
    $lastname = preg_replace('#[^A-Za-z]#i', '', $_POST['lastname']); // filter everything but Letters
    $phone = preg_replace('#[^0-9]#i', '', $_POST['phone']); // filter everything but numbers
    $address= preg_replace('#[^A-Za-z]#i', '', $_POST['address']); // filter everything but Letters
    $postcode= preg_replace('#[^A-Za-z]#i', '', $_POST['postcode']); // filter everything but Letters
    $town= preg_replace('#[^A-Za-z]#i', '', $_POST['town']); // filter everything but Letters
    $housenumber= preg_replace('#[^0-9]#i', '', $_POST['housenumber']); // filter everything but numbers
   
    $b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); // filter everything but numbers
     $b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); // filter everything but numbers
    $b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); // filter everything but numbers
   

    $email1 = $_POST['email1'];
     $email2 = $_POST['email2'];
     $pass1 = $_POST['pass1'];
     $pass2 = $_POST['pass2'];
   
   

     $email1 = stripslashes($email1);
     $pass1 = stripslashes($pass1);
     $email2 = stripslashes($email2);
     $pass2 = stripslashes($pass2);
   
     $email1 = strip_tags($email1);
     $pass1 = strip_tags($pass1);
     $email2 = strip_tags($email2);
     $pass2 = strip_tags($pass2);
   
   
   //connect to db
   $connection = mysql_connect('linuxproj.ecs.soton.ac.uk', 'db_alw3g08', 'pasta');
   $db = mysql_select_db('db_alw3g08', $connection);

    $emailCHecker = mysql_real_escape_string($email1);
    $emailCHecker = str_replace("`", "", $emailCHecker);
    // Database duplicate username check setup for use below in the error handling if else conditionals
    $sql_uname_check = mysql_query("SELECT username FROM Members WHERE username='$username'");
     $uname_check = mysql_num_rows($sql_uname_check);
     // Database duplicate e-mail check setup for use below in the error handling if else conditionals
     $sql_email_check = mysql_query("SELECT email FROM Members WHERE email='$emailCHecker'");
     $email_check = mysql_num_rows($sql_email_check);
   
   
   // Error handling for missing data
     if ((!$username) || (!$firstname) || (!$lastname) || (!$address) || (!$postcode) || (!$town) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$email2) || (!$pass1) || (!$pass2)) {
   
   $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
 
     if(!$username){
       $errorMsg .= ' * User Name<br />';
     }
     if(!$firstname){
       $errorMsg .= ' * First Name<br />';
     }    
     if(!$lastname){
       $errorMsg .= ' * Last Name<br />';
     }    
    if(!$address){
       $errorMsg .= ' * Address<br />';
     }    
    if(!$postcode){
       $errorMsg .= ' * postcode<br />';
     }    
    if(!$town){
       $errorMsg .= ' * town<br />';
     }    
    if(!$b_m){
       $errorMsg .= ' * Birth Month<br />';     
     }
    if(!$b_d){
       $errorMsg .= ' * Birth Day<br />';       
     }
    if(!$b_y){
       $errorMsg .= ' * Birth year<br />';       
     }       
    if(!$email1){
       $errorMsg .= ' * Email Address<br />';     
     }
    if(!$email2){
       $errorMsg .= ' * Confirm Email Address<br />';       
     }    
    if(!$pass1){
       $errorMsg .= ' * Login Password<br />';     
     }
    if(!$pass2){
       $errorMsg .= ' * Confirm Login Password<br />';       
     }    
   
   } else if ($email1 != $email2) {
              $errorMsg = 'ERROR: Your Email fields below do not match<br />';
     } else if ($pass1 != $pass2) {
              $errorMsg = 'ERROR: Your Password fields below do not match<br />';
     } else if (strlen($username) < 6) {
              $errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 6 - 20 characters please.<br />";
     } else if (strlen($username) > 20) {
              $errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 6 - 20 characters please.<br />";
     } else if ($uname_check > 0){
              $errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
     } else if ($email_check > 0){
              $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
     } else {
   
    // Error handling is ended, process the data and add member to database
   
    $email1 = mysql_real_escape_string($email1);
     $pass1 = mysql_real_escape_string($pass1);
   
     // Add MD5 Hash to the password variable
     $password = md5($pass1);
   
    // Convert Birthday to a DATE field type format(YYYY-MM-DD) out of the month, day, and year supplied
    $dateofbirth = "$b_y-$b_m-$b_d";
   
   // Add user info into the database table for the main site table
     $sql = mysql_query("INSERT INTO members (username, firstname, lastname, email, password, dateofbirth, phone, lastlogin)
     VALUES('$username','$firstname','$lastname','$email1','$password', '$dateofbirth','$phone', now())") 
   
     or die (mysql_error());
   
   $sql = mysql_query("INSERT INTO address (address, postcode, town, housenumber)
     VALUES('$adress','$postcode,'$town','$housenumber'") 
   
   or die (mysql_error());
   
   $id = mysql_insert_id()
   
   
   
   
   } else { // if the form is not posted with variables, place default empty variables so no warnings or errors show
    
     $errorMsg = "";
      $username = "";
     $firstname = "";
     $lastname = "";
     $phone = "";
     $address = "";
     $postcode = "";
     $town = "";
     $housenumber = "";
     $b_m = "";
     $b_d = "";
     $b_y = "";
     $email1 = "";
     $email2 = "";
     $pass1 = "";
     $pass2 = "";

   
}   
   
   

Hey guys i have a few question with this login script im trying to make. Ok so first im using php myadmin and i've created a simple login here that works fine but i want to tweak it so when i login i can login to a specific site where i've created tables and stuff. Is there anyone out there that can help me im a little stumped on how to do this. Thanks in regards. Here are my two scripts im using


show_login.html
Code: [Select]
<html>
<head>
<title>Login Form</title>
<h1>Login to Authorized Area</h1>
<form method= "post" action= "login.php">

<br> Username: <input type= "text" name= "username"> <br>
<br> Password: <input type= "password" name= "password"> <br>

<p> <input type= "submit" name= "submit" value= "Login" </p><br>
</html>
</form>

login.php
Code: [Select]
<?

if ((!$_POST['username']) || (!$_POST['password'])) {
header("Location: show_login.html");
exit;

}

$db_name="ryan";
$table_name="auth_users4";

$connection=@mysql_connect("localhost","RyanH","test1234")or die(mysql_error());

$db =@mysql_select_db($db_name, $connection)or die(mysql_error());

$sql= "SELECT * FROM $table_name WHERE username ='$_POST[username]' AND password = password('$_POST[password]')";
$result = @mysql_query($sql,$connection) or die(mysql_error());

$num=mysql_num_rows($result);

if ($num != 0) {
echo "<P>Congratulations, you're authorized!</p>";
}else{
echo "<P>You are not authorized to use this site</p>";
echo'<br/><a href="show_login.html">Try Again</a>';

exit;

}

?>

Please help with Ajax call, when clicking login button nothing happens when it should go to mainpageloggedin.php

deano