|
PHP - Personalized Web Pages For Multiple Users, Using Php And Sessions
I'm am somewhat new to PHP and am trying to set up a website for my cousin's wedding. Her idea is to have the guests sign in with a user/pass that she provides, and once they sign in, they will be taken to a page that has their name on it (i.e. "Mr. and Mrs. So and So, you are invited...). I have come to the conclusion that I will need to make an image for each guest's name (she wants to use a font for their names that nobody will have on their computer) so what I need to know is:
How do I link each user name to their own personalized webpage, where the image of their name on the next page will change based on what username is entered? I have been told to use Sessions (which I don't yet have in this code), but I'm clueless as to how to make that work for multiple users. Where do I put the coding, what does the coding look like, etc. Thanks in advance for any help! The php code I have right now is this (i'm sorry it's so long, I just don't want to leave anything out that might be important): Code: [Select] $LOGIN_INFORMATION = array( 'steve' => 'password', 'rick' => 'password', 'tom'=> 'password' ); // request login? true - show login and password boxes, false - password box only define('USE_USERNAME', true); // User will be redirected to this page after logout define('LOGOUT_URL', 'http://www.example.com/'); // time out after NN minutes of inactivity. Set to 0 to not timeout define('TIMEOUT_MINUTES', 0); // This parameter is only useful when TIMEOUT_MINUTES is not zero // true - timeout time from last activity, false - timeout time from login define('TIMEOUT_CHECK_ACTIVITY', true); ################################################################## # SETTINGS END ################################################################## /////////////////////////////////////////////////////// // do not change code below /////////////////////////////////////////////////////// // show usage example if(isset($_GET['help'])) { die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>'); } // timeout in seconds $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); // logout? if(isset($_GET['logout'])) { setcookie("verify", '', $timeout, '/'); // clear password; header('Location: ' . LOGOUT_URL); exit(); } if(!function_exists('showLoginPasswordProtect')) { // show login form function showLoginPasswordProtect($error_msg) { ?> <html> <head> <title>Please enter password to access this page</title> <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <style type="text/css"> body,td,th { font-family: Verdana, Geneva, sans-serif; font-size: 10px; color: #666; } body { background-color: #FFFFFB; } </style> </head> <body> <div align="center"> <style> input { border: 1px solid black; } </style> <div style="width:600px; margin-left:auto; margin-right:auto; text-align:center"> <form method="post"> <h4>Please sign in using the information provided on the invitation</h4> <font color="red"><?php echo $error_msg; ?></font><br /> <?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?> <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" /> </form> <br /> <a style="font-size:9px; color: #B0B0B0; font-family: Verdana, Arial;" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Password Protector">Powered by Password Protect</a> </div> </body> </html> <?php // stop at this point die(); } } // user provided password if (isset($_POST['access_password'])) { $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; $pass = $_POST['access_password']; if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) ) { showLoginPasswordProtect("Incorrect password."); } else { // set cookie if password was validated setcookie("verify", md5($login.'%'.$pass), $timeout, '/'); // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed // So need to clear password protector variables unset($_POST['access_login']); unset($_POST['access_password']); unset($_POST['Submit']); } } else { // check if password cookie is set if (!isset($_COOKIE['verify'])) { showLoginPasswordProtect(""); } // check if cookie is good $found = false; foreach($LOGIN_INFORMATION as $key=>$val) { $lp = (USE_USERNAME ? $key : '') .'%'.$val; if ($_COOKIE['verify'] == md5($lp)) { $found = true; // prolong timeout if (TIMEOUT_CHECK_ACTIVITY) { setcookie("verify", md5($lp), $timeout, '/'); } break; } } if (!$found) { showLoginPasswordProtect(""); } } ?> Similar TutorialsI am trying to build my own custom login script. What I am trying to achieve is once a user has logged in depending on wether they have checked the keep me logged in checkbox they have two options. If they haven't checked it then it creates session variables only, and if they have checked it it also creates cookie variable as well as the session variables. If they then close their browser / tab without logging out and then revisit the site they will get redirected to login page because the active session variable is no longer there. As soon as they land on the loggin page, it automatically checks for the cookie variable and if it exists, it uses it to login and redirect them automatically. However the problem that I am facing is that the session variable is still being trashed after a default amount of idle time and forcing a login. My goal is that the user shouldn't have to re-login unless they have either clicked the logout button. Can someone please have a look through my solution and advise me as to wether this is the correct method that I am implementing, if there is an easier way to achieve what I want, and is this a secure way to handle user logins. Thanks in advance. Andrew Here is the check code I have placed at the top of each admin page. Code: [Select] <?php session_start(); $url = (!empty($_SERVER['HTTPS'])) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'] : "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; $uid = $_SESSION['uid']; if (!isset($uid)) { header('location:login.php?redirect='.$url); exit(); } ?> Next we have the code for the login.php file. Code: [Select] <?php include ('functions.php'); ?> <?php get_header('login'); ?> <div id="login-result"> <?php connect(); $redirect = htmlspecialchars(mysql_real_escape_string(addslashes($_GET['redirect']))); if(isset($_COOKIE['remembered'])){ $username = htmlspecialchars(mysql_real_escape_string(addslashes($_COOKIE['remembered']['username']))); $password = htmlspecialchars(mysql_real_escape_string(addslashes($_COOKIE['remembered']['password']))); $sql = "SELECT * FROM usersT WHERE username='$username' AND password='$password'"; $result = mysql_query($sql); $count = mysql_num_rows($result); $row = mysql_fetch_array($result); $uid = $row['uid']; $fname = $row['firstname']; $lname = $row['lastname']; $role = $row['role']; if($count==1){ $sql2 = "UPDATE usersT SET status = '1' WHERE uid = '$uid'"; $result2 = mysql_query($sql2); if($result2){ session_register("uid"); session_register("uname"); session_register("ulevel"); $_SESSION["uid"] = $uid; $_SESSION["uname"] = $fname; $_SESSION["ufullname"] = $fname . " " .$lname; $_SESSION["urole"] = $role; $home = get_option('home'); if(!empty($redirect)) { header( 'Location: '. $redirect ) ; exit(); } else { header( $home ) ; exit(); } } } else { echo "<div class=\"error rounded5 shadow\">Invalid username or password!</div>"; } } else if (isset($_POST['admin_login'])){ if(isset($_POST["username"]) && isset($_POST["password"])){ $username_p = htmlspecialchars(mysql_real_escape_string(addslashes($_POST["username"]))); $password_p = htmlspecialchars(mysql_real_escape_string(addslashes($_POST["password"]))); $psw = md5($password_p); $sql3 = "SELECT * FROM usersT WHERE username='$username_p' AND password='$psw'"; $result3 = mysql_query($sql3); $count3 = mysql_num_rows($result3); $row3 = mysql_fetch_array($result3); $uid = $row3['uid']; $fname = $row3['firstname']; $lname = $row3['lastname']; $role = $row3['role']; if($count3==1){ $sql4 = "UPDATE usersT SET status = '1' WHERE uid = '$uid'"; $result4 = mysql_query($sql4); if($result4){ session_register("uid"); session_register("uname"); session_register("ulevel"); $_SESSION["uid"] = $uid; $_SESSION["uname"] = $fname; $_SESSION["ufullname"] = $fname . " " .$lname; $_SESSION["urole"] = $role; $home = get_option('home'); if(isset($_POST['remember'])) { setcookie("remembered[username]", $username, time() + 86400 * 365 * 2); setcookie("remembered[password]", $psw, time() + 86400 * 365 * 2); } if(!empty($redirect)) { header( 'Location: '. $redirect ) ; exit(); } else { header( $home ) ; exit(); } } } else { echo "<div class=\"error rounded5 shadow\">Invalid username or password!</div>"; } } } ?> </div><!-- / login-results --> <div id="login" class="rounded5 shadow"> <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label for="username">Username<br> <input type="text" name="username" id="username" class="rounded5" value="<?php echo $username_p; ?>" size="20" tabindex="10" /></label> </p> <p> <label for="password">Password<br> <input type="password" name="password" id="password" class="rounded5" value="<?php echo $password_p; ?>" size="20" tabindex="20" /></label> </p> <p class="submit"> Keep me logged in<input type="checkbox" name="remember" id="remember" /><br /><br /><a href="" class="left">Lost your password?</a> <input type="submit" name="admin_login" id="admin_login" class="btn rounded10 right" value="Log In" tabindex="100" /> </p> <div class="cleaner"></div><!-- / cleaner --> </form> </div><!-- / login--> <?php get_footer('login'); ?> Finally here is the code I am using for the logout.php page. Code: [Select] <?php session_start(); include ('functions.php'); connect(); $uid = mysql_real_escape_string($_SESSION['uid']); $sql = "UPDATE usersT SET status = '0' WHERE uid = '$uid'"; $result = mysql_query($sql); if($result) { session_unset(); session_destroy(); if(isset($_COOKIE['remembered'])){ setcookie("remembered[username]", $username, time() - 3600); setcookie("remembered[password]", $psw, time() - 3600); header("location: login.php"); } exit(); } else { echo "You couldn't be logged out at this time."; } ?> I have this code which logs in a user to my site but it only directs them to the login success page. i need to direct users to 3 different pages depending on their access level eg levels 1,2,4 but i dont know how to do this, can any one help or point me in the right direction?? thanks //Form <form name="form1" method="post" action="checklogin.php"> <strong>Member Login </strong> Username: <input name="UsersID" type="text" id="UsersID" /> Password: <input name="U_Password" type="password" id="U_Password" /> <input type="submit" name="Submit" value="Login" /></form> <?php $host="localhost"; // Host name $username=""; // username $password=""; // password $db_name="test"; // Database name $tbl_name="members"; // Table name // Replace database connect functions depending on database you are using. mysql_connect("$host", "$username", "$password"); mysql_select_db("$db_name"); //submitting query // username and password sent from form //NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection! $mUsersIDe=mysql_real_escape_string($_POST['UsersID']); $U_Password=mysql_real_escape_string($_POST['U_Password']); $sql="SELECT * FROM $Users WHERE UsersID='$UsersID' and U_Password='$U_Password'"; $result=mysql_query($sql); //checking results // Replace counting function based on database you are using. $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row //Direct Userbased on result if($count==1){ // Register $UsersID, $U_Password and redirect to file "login_success.php" session_register("UsersID"); session_register("U_Password"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } Here is my dilemma... I basically have a script which by means of CURL posts to a 3rd party website to perform a login and then makes another post to update a users details based on that login session. Now as my site is getting busy I have multiple users doing the same thing and it seems that on occasion curl is getting confused and updating one users details with a different users information. This is causing real problems. It seems to be that the cookie which is being used by a user after one login is being shared by other users and they end up logging in with the same cookie - confusing the 3rd party system. My code is posted below and I need to use the cookiefile and cookiejar to maintain the php session to allow me to do what I need to do. But it seems like the same cookie is being reused by all users.... Does that make sense? Is there anything I can do to change this? Please advise.... Thanks so much! Below is the code i use to both login and post the user update function hitForm($postURL, $postFields, $referer="", $showerr = FALSE, $ispost = TRUE) { global $islocal, $path_escape; $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt"); curl_setopt($ch, CURLOPT_URL, $postURL); if ($ispost) curl_setopt($ch, CURLOPT_POST, 1); else curl_setopt($ch, CURLOPT_HTTPGET, 1); curl_setopt($ch, CURLOPT_REFERER, $referer); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); $ret = curl_exec($ch); if ($error = curl_error($ch)) { if ($showerr) echo 'ERROR: ' . $error; return -1; exit; } $CU_header = curl_getinfo($ch); $CU_header["err"] = curl_errno($ch); $CU_header["errmsg"] = curl_error($ch); curl_close($ch); $returnout = $ret; //for debugging purposes for now we are logging all form posts SaveLog("hitform", "F[".$this->curruserid." - ".$this->currfunc." - ".date("d-m-y h:i:s")."]".$postFields); return $ret; } I am basically done with my entire site. I just realized...what happens if 10 users are trying to fwrite to one file at once? that is how i store my usernames passwords signatures and all that jazz. If users cant all fwrite at once my site is not going to work AT ALL. and I might just have to give up haha. good news or bad news? Hey guys. So I'm about to start developing a Private Messaging system for a CMS that I already have set up and working fine, and I had a problem I would like to solve before I start. I would like to add a feature that allows users to send the message to one or more users at a time. Whether it be by typing in the different usernames seperated by commas in the input field or another method, I have no idea how I'd handle submitting this into the database. I don't want it to be like a group conversation though, I want it to submit the message seperately for each user they included in the receptitents field. Any suggestions on how to go about doing this? Gathering it'd be like an array of some sort but I have very little experience with arrays from forms and how to seperate them. Hello PHP mates! I am having some doubts and I am going to share them with you so maybe someone can help. Okay, I know how to make signup and login page. And here is the problem. How to make signup page for multiple types of users? For example, type A user has its own signup form, user type B also has its own and same goes for C type of user. How can I make that? Thanks in advance PHP freaks! Hi
I come from a desktop (vb.net) background and have used oridinary text files for my databases. I use file locking to prevent other processes from writing to the same file simultaneously.
Now I am moving over the PHP/MySQL - what precautions should I take to stop a simultaneous processes from writing to a table at the same time.?
Do I need to lock the table before writing to it?
Does MySQL deal with this automatically and just block my process until the table becomes free?
(I am talking about a single table here, not multiple dependant tables - I know that is another issue)
Thanks
Nigel
HY I have index.php and pictures.php. In index.php I have 3 columns: - left (for menu) - right (for advertising) - center (where I want to include pictures.php) What is the best way to include pictures.php in center of index.php Code: [Select] if($_get[pictures]){ include ("pictures.php"); } I ask this because I have multiple variable like "pictures" and I will have multiple "If". Or to include in DB all this variables "pictures" and just add ".php" extension. It is secure in this way ? Thanks I've read through a few examples of how to paginate query results, but with my currently php skills I don't understand them, or they do not fit into my code. I wondered if I could make my own, and the logic behind this code makes sense to me, but it's still not working. Here is the code: <?php if (!$Start) { $Start = 0; } else { $Start=$_POST['Start']; } $crittercount = 120; $numpages = $crittercount / 30; $pagei = 1; $pagereit = 1; echo '<p><center> <FORM method=POST action=testpagination.php> <SELECT NAME="Start"> <OPTION>Page 1'; while ($pagereit < $numpages) { $pagei = $pagei + 30; echo '<OPTION value='.$pagei.'>'; $pagereit = $pagereit + 1; echo "Page: " .$pagereit; } echo '</SELECT>'; echo'<input type=submit value=Go></FORM><p>'; echo $Start; ?> The test site is he http://lab-lib.com/felishorns/Felishorns/websitetest/testpagination.php $crittercount is a variable that changes depending on the main $query. This query is invisible, and is used to pull a count for all the results in total. I am modifying it with $Start to create a second query which the viewer sees. $queryF = $query . " LIMIT " . $Start . ", 30"; The idea is that $Start changes depending on the value selected, thereby changing the query. In this test code, I've simply echoed the $Start value of that page, to see if the code is working, and it's not changing. What's wrong with this code? Is it not possible to have a form lead to the same link of the page it's on? Does the variable not become updated? Thanks in advance. Hey guys, how is everyone today? I am needing a little help with this one. I have a database that updates itself and the display page for it with every form submission on the website. I am wondering how I go about getting it to display across multiple pages? For example, once it hits 25 submissions, it would make a page 2, once page two hits 25 submissions, it creates page 3, etc. etc. Much like you see on something like a forum, it hits so many replies before it creates a new page, to limit one long page of results. Thanks in advance!! Hello. I'm coding myself an small webpage, In the internet you can see that there is pages like index.php?id=223923 <- for example or index.php?=news. So, I'm trying to create similar to that myself. I tried googling and searching youtube how to do this but didn't really find anything. I figured it out that it needs some database etc. I tried myself doing some table in my mysql db. And in the table some 'id, title, content' and in the id would be the url, (index.php?='id') the title would be the <title> </title> and the content would be all the code inside the webpage. I got no idea how to link these to an php or whatever it should be done So would anyone kindly tell me howto do this or give some link to an tutorial? I am creating a webpage for my golf league and some of the information(variables) such as Name, Address and email, must be reused across multiple pages for different outputs. May question is "Can I, or is there a way to reUse variables across multiple pages. "Do I need to create a session and make everything session variables"? "Should I link to a database and call the information when needed"? Any explanation would be greatly appreciated. Hello Everyone was wondering if I could get some help with the following code? I am querying a database for results of listings that are in a database these listings are displayed on the page in a form. I am wanting each listing to be on a different page. Below is my code. Code: [Select] $lim=1; if (!isset($s) || $s < 1 || !is_numeric($s)) { $s = 1; } $start = ($s - 1) * $lim; $sql = "select id,bussimg,imagewidth,imageheight,email,usridm,company,businesscategory,address1,address2,state,city,zip,website,email,repname,description,phonenumber,country,status from $approvecheckbusinesses where usridm='$user_id'"; $result=db_query($sql); $countpages = $sql; $sql = $sql . " order by id asc limit $start, $lim"; $result=db_query($sql); $pages = ceil(mysql_num_rows(mysql_query($countpages)) / $lim); $result=db_query($sql); for ($i = 0; $i < mysql_num_rows($result); $i++) { $Listid= mysql_result($result, $i, "id"); $usridm= mysql_result($result, $i, "usridm"); $CompanyName= mysql_result($result, $i, "company"); $realname= mysql_result($result, $i, "repname"); $email= mysql_result($result, $i, "email"); $BusinessCategory= mysql_result($result, $i, "businesscategory"); $status= mysql_result($result, $i, "status"); echo ("FORM IS TO BE DISPLAYED HERE"); } if ($pages > 1) { echo("<p align=left style='font-size: 85% color=white'>"); for ($i = 1; $i <= $pages; $i++) { echo("["); if ($i == $s) {echo("<b>");} else {echo("<a id=home_offerLink href='index.html?EditMemberListing&user_id=$user_id&s=$i'>");} echo("Page $i"); if ($i == $s) {echo("</b>");} else {echo("</a>");} echo("] "); } echo("</p>") Page Numbers here using the above code.. The problem I seem to be running into is that it only displats the first record. The page numbers show up page 1 page 3 page 2 and three are blank there is no mysql error or anything for some reason I only get that first result out of three Hi guys, I have a php file that will go to a site and scrape the data I need. However this site is setup to use pagination so when I try to scrape all the players names I have to do separate queries to search each page. Is there a way to find out by using code how many pages there are and query all the pages at same time? I use this code Code: [Select] <?php //first page //turn error reporting on libxml_use_internal_errors(true); //get data from this page $dom = new DOMDocument; $dom->loadHTMLFile('http://www.gametracker.com/server_info/76.73.3.42:1716/top_players/?searchipp=50#search'); $xpath = new DOMXPath($dom); // Get the total player count $rows2 = $xpath->query('//div[@class="block774"]/div'); // Get the rows from the search list $rows = $xpath->query('//table[@class="table_lst table_lst_spn"]/tr'); for ($i=1; $i<$rows->length-1; $i++) { $row = $rows->item($i); // Get the columns for a row $cols = $row->getElementsByTagName('td'); // Get the player rank (1st column) echo 'Rank:'.trim($cols->item(0)->textContent).PHP_EOL; // Get the player name (2nd column) echo 'Name:'.trim($cols->item(1)->textContent).PHP_EOL; // Get the player score (3rd column, actually 4th but number 3 is hidden) echo 'Sco '.trim($cols->item(3)->textContent).PHP_EOL; echo "<br />"; } ?> <?php //secondpage //turn error reporting on libxml_use_internal_errors(true); //get data from this page $dom = new DOMDocument; $dom->loadHTMLFile('http://www.gametracker.com/server_info/76.73.3.42:1716/top_players/?searchipp=50&searchpge=2#search'); $xpath = new DOMXPath($dom); // Get the rows from the search list $rows = $xpath->query('//table[@class="table_lst table_lst_spn"]/tr'); for ($i=1; $i<$rows->length-1; $i++) { $row = $rows->item($i); // Get the columns for a row $cols = $row->getElementsByTagName('td'); // Get the player rank (1st column) echo 'Rank:'.trim($cols->item(0)->textContent).PHP_EOL; // Get the player name (2nd column) echo 'Name:'.trim($cols->item(1)->textContent).PHP_EOL; // Get the player score (3rd column) echo 'Sco '.trim($cols->item(3)->textContent).PHP_EOL; echo "<br />"; } ?> I also have to go to that website first to see how many pages there are so I can have enough queries. Hi, I have some code which scrapes data from a page. However there are around 1200 product pages on the site I need to scrape, when I attempt to loop through all the pages I get a server timeout. I can only get to around 40 without timeout. Has anyone else had this problem? Hey Im always trying to remove code and cut corners to reduce work in the long run, soIim wondering how I could link my menu bar from say a template to ALL my php pages for my site so I don't have to write/change links on every page when I need to. Thanks |
|||||||