|
PHP - Change User Rank
Hi all, the other I coded a simular script to this which didnt work, so I re coded it but im having a problem with this one aswell, what its meant to do is just change the users rank to what is posted, but every time I hit submit on the form it locates me to a different place.
<?php session_start(); include ("../includes/db_connect.php"); include ("../includes/functions.php"); logincheck(); $username = $_SESSION['username']; $rankget = mysql_query ("SELECT * FROM users WHERE username='$username'"); $newrank = mysql_fetch_object($rankget); if ($_POST['change']){ if ($newrank->userlevel >= "2"){ $time = now(); $updateuser = $_POST['usernameone']; // User Posted $updaterank = $_POST['rankone']; // Rank posted if ($updateuser == NULL && $updaterank == NULL){ $message = "You must enter a user and rank"; }elseif ($updateuser == NULL){ $message = "You must enter a username"; }elseif ($updaterank == NULL){ $message = "You must enter a rank"; } mysql_query ("UPDATE users SET rank = '$updaterank' WHERE username='$updateuser'") or die (mysql_error()); mysql_query ("INSERT INTO logs (`id` , `who`, `action`, `time`) VALUES ('', '$username' , '$username Updated rank; $updateuser to $updaterank' , '$time')") or die (mysql_error()); mysql_query ("INSERT INTO inbox (`id` , `to` , `from` , `message` , `date` , `read` , `saved` , `event_id`) VALUES ('', '$updateuser', 'System', 'Your rank has been updated to $updaterank!', '$date', '0', '0', '')") or die (mysql_error()); echo ("Rank Changed!"); }} ?> <html> <head> <title>Change Rank</title> <link rel="stylesheet" href="../include/in.css" type="text/css"> <style type="text/css"> .infobg { font-family: Arial; font-weight:normal; font-size:12px; border-top: 1px solid #000000; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-left: 1px solid #000000; background: URL(textbg1.png); font-weight:300; } .button { font-size: 12px; background:url(button.png); vertical-align: middle; border-top: 1px solid #000000; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-left: 1px solid #000000; color: #FFFFCC; height:23px; font-weight:300; border-radius: 10px; padding-bottom:2px; } </style> </head> <body> <form action='' name='form1' id='form1' method='POST'> <table width='50%' cellpadding='0' align='center' cellspacing='0' border='1' bordercolor='#000000' bgcolor='#808080' style='border-collapse: collapse'> <tr> <td><?php echo ("$message"); ?></td> </tr> <tr> <td background='../header.jpg' colspan='2' align='center'>Change Rank</td> <tr> <td>Username:</td><td><input type='text' name='usernameone'></td> </tr> <tr> <td>Rank:</td><td><input type='text' name='rankone'></td> </tr> <tr> <td> </td><td><input type='submit' name='change' value='Change Rank!'></td> </tr> </table> </form> </body> </html> Anyone see why it locates me else? Thanks Similar TutorialsI am having trouble on user post = rank This is the rank table: ----------------- post | rank ----------------- 0 | Noob 10 | Member 50 | Metal 100 | Silver 200 | Gold $user_post="120"; $query_rank=mysql_query("SELECT * FROM rank WHERE post<='$user_post' OR post>='$user_post'") or die ("Error"); while ($row=mysql_fetch_assoc($query_rank)){ $rank=$row['rank']; } echo "User Rank: $rank"; The above code output: User Rank: Gold The right output should be: User Rank: Silver Please help It will be better if someone willing to share a better ranking code. Ever since I switched over to pagination, the ranks for the sites have been off. I use to have an $i++ increment that kept the ranks, but now with pagination, it just ranks those on the current page. Is there a way to bypass this? public function grabSites() { //amount of sites $amount = mysql_num_rows(mysql_query("SELECT * FROM sites")); if($amount > 0) { //amount per page $p_page = 13; //track page $start = $_GET['page']; //max_pages $max_pages = $amount / $p_page; //set default if(!$start) $start = 0; //new query $query = mysql_query("SELECT id,title,description,votes,date,outl,site_url FROM sites ORDER BY votes DESC LIMIT $start, $p_page"); while($fetch = mysql_fetch_assoc($query)) { ++$i; $i = $i + $p_page; echo " <div id='post-1' class='post'> <h2 class='title'><font color='white'>#". $i." ".$fetch['title'] ."</font></h2> <div class='entry'> <b>". $fetch['title'] ." currently has ". $fetch['votes'] ." votes. <a href='vote.php?id=". $fetch['id'] ."'>Vote now</a>.</b> <br/><br/> <p>". nl2br(stripslashes($fetch['description'])) ."</p> </div> <p class='meta'><a href='". $fetch['site_url'] ."'>Visit</a></p> </div> "; } //set back and forth variables $previous = $start - $p_page; $next = $start + $p_page; ?> <hr> <center> <?php if(!($start<=0)) echo "<a href='index.php?page=". $previous ."'><<</a>"; $i = 1; for($x = 0; $x < $amount; $x = $x + $p_page) { echo "<a href='index.php?page=". $x ."'> ". $i ." </a>"; $i++; } if(!($start>=$amount-$p_page)) echo "<a href='index.php?page=". $next ."'>>></a></center>"; ?> </center> <?php } else { echo " <div id='post-1' class='post'> <h2 class='title'><a href='#'>Oh NOEZ!</a></h2> <h3 class='date'>". date("M-d-Y") ."</h3> <div class='entry'> <p>There are currently no sites to display!</p> </div> <p class='meta'>View</p> </div> "; } } Hello everyone,
I'm create an application where I have member, admin, and superadmin
What I'm try to do is superadmin update member to admin, so they can have more privilege. The name of the table is member where I have member, admin account, and i have row call 'rank'. Rank 1 is for member they have access basic stuff and rank 2 they have more privilege. Want the superadmin to type the name of the member and change to rank 2.
This is what happening, if I dont put nothing on the text boxes, it said "Please check if you have put the right information." , if i put member and the rank i want to change is says ""User has upgrade to admin", but than when i check my database the member is still a member when i wanted to change to admin.
Can anyone see where I'm going home, or what should I change.
<form> </form>
<form action='<?php htmlentities($_SERVER['PHP_SELF']); ?>' method='POST' enctype='multipart/form-data '>
Username: <input class="fontsize" name='user' type='text'/>
Rank: <input class="fontsize" name='rank' type='text' /> <br><br>
<input class="button" type='submit' name='get' value='Upgrade' />
</form>
</h2>
<?php
if(isset($_POST['get']))
{
$username1 = $_POST['user'];
$sql_user = mysqli_real_escape_string ($connection, $username1);
$rank = $_POST['rank'];
$rank = mysqli_real_escape_string ($connection, $rank);
$query1 = mysqli_query($connection, "SELECT rank FROM member WHERE username='$sql_user'");
if ($row = mysqli_fetch_array($query1))
{
if ($rank == '1')
{
$data1 = mysqli_query($connection, "UPDATE member SET rank= '1' WHERE username='sql_user'") or die (mysql_error($connection));
echo "User has downgrade to member";
}
elseif ($rank == '2')
{
$data2 = mysqli_query($connection, "UPDATE member SET rank= '2' WHERE username ='sql_user'") or die (mysql_error($connection));
echo "User has upgrade to admin";
}
else
{
echo "Please check if you have put the right information.";
}
}
}
?>
Consider the following code; Code: [Select] <div class="blockrow"> <table cellpadding="10" align="center" border="0"> <tr> <td> <center> <font size=6>Donation Hall of Fame</font><br><br> <font size=2><b>Anonymous Donations are not Counted</b></font><br><br> <font size=3><a href="/donate">Get on This List</a></font> <br> <br> <?php //database connection $connectdb = mysql_connect ("localhost", "user", "pass") or die ('I cannot connect to the database because: ' . mysql_error()); mysql_select_db ("thatsact_donations"); //query setup $sql = "SELECT * FROM totals ORDER BY donation_total DESC LIMIT 100"; $result = mysql_query($sql) or die(mysql_error()); //initialize container $container = array(); //get entries from db while ($get = mysql_fetch_assoc($result)){ if(!$get[userid]=="0") { $username = "<b><a style=\"color:#00CC00\" href=/member.php/$get[userid]>$get[username]</a></b> donated <b>$$get[donation_total]</b> total so far!"; } $container[] = "<font size=3>$username</font>"; } //combine collected entries $output = implode("<br /><hr>",$container); echo $output; mysql_close($connectdb); ?> </center> </td> </tr> </table> </div> I would like to add a rank number to the container starting with one and going 23456 as each piece is echoed. How might I do this because I am very new to php. Example: 1. Username donated $5...... 2. Username donated $4........ 3. Username donated $3....... Thanks in advance. This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=312470.0 Hello everyone... My following code is supposed to order rank by from Greatest covertaction but for some reason it is ranking the greatest last eg. 900,000 Rank 1 900,001 Rank 2 900,002 Rank 3 Here is the code: Code: [Select] <?php $q = "SELECT * FROM `accountinfo_db` ORDER BY `covertaction`, `anticovertaction` ASC"; $res = mysql_query($q) or die(mysql_error()); $i = 1; while($player=mysql_fetch_array($res)){ $id = securevar($player['id']); $time = time(); $user = securevar($player['username']); $q = "UPDATE `accountinfo_db` SET `covertrank` = '$i', `lastTurnTime` = '$time' WHERE `id` = '$id'"; if(mysql_query($q)){ echo "Covert & Anti Covert Rank set to $user as ".number_format($i)."!<br />"; } else { // query failed with an error // put your error reporting/logging code here... } $i++; } ?> Any help will be appreciated! Brian hi i have a table like this rank xp 1 0 2 50 3 100 4 200 say my username has 75xp how would a select which rank i am not sure how i can do this? :S cheers matt I am trying to allow the user to update a variable he chooses by radio buttons, which they will then input text into a box, and submit, to change some attributes. I really need some help here. It works just fine until I add the second layer of variables on top of it, and I can't find the answer to this question anywhere. <?PHP require('connect.php'); ?> <form action ='' method='post'> <select name="id"> <?php $extract = mysql_query("SELECT * FROM cars"); while($row=mysql_fetch_assoc($extract)){ $id = $row['id']; $make= $row['make']; $model= $row['model']; $year= $row['year']; $color= $row['color']; echo "<option value=$id>$color $year $make $model</option> ";}?> </select> Which attribute would you like to change?<br /> <input type="radio" name="getchanged" value="make"/>Make<br /> <input type="radio" name="getchanged" value="model"/>Model<br /> <input type="radio" name="getchanged" value="year" />Year<br /> <input type="radio" name="getchanged" value="color" />Color<br /><br /> <br /><input type='text' value='' name='tochange'> <input type='submit' value='Change' name='submit'> </form> //This is where I need help... <?PHP if(isset($_POST['submit'])&&($_POST['tochange'])){ mysql_query(" UPDATE cars SET '$_POST[getchanged]'='$_POST[tochange]' where id = '$_POST[id]' ");}?> I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Hi, I am getting frustrated beyond belief at the moment with trying to get a very simple script to run, I am using PHP 5.3.3 and MySQL 5.1 on a Win2k8 server with IIS7.5. Basically my script is connecting to a local database, running a single select query, returning those rows and building up a string from them. The problem is that I am receiving complete BS responses from PHP that the access is denied for the user being specified. This is complete rubbish since the user can connect via mysql, sqlyog, ASP.NET MVC without issue but for some bizarre reason it is not working via PHP. The code for the script is here : Code: [Select] <?php $mysql = mysql_connect('127.0.0.1:3306', 'myuser', 'mypass', 'mydatabase'); if (!$mysql) { die(mysql_error()); $content = "<nobr></nobr>"; } else { $result = mysql_query('SELECT * FROM tblEventGroup'); $content = "<nobr>"; if ($result) { while($row = mysql_fetch_assoc($result)) { $content .= "<span>"; $content .= $row['GroupName']; $content .= "</span>"; $content .= "<a href=\"../Event/EventSearch?groupid="; $content .= $row['GroupId']; $content .= "\" target=\"_blank\">Book here</a> "; } } mysql_close($mysql); $content .= "</nobr>"; } ?> I cannot for the life of me understand what the problem is, the return error is Access denied for user 'myuser'@'localhost' (using password: YES) Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta Hello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. Hallo everybody,
i have the following code.
but i get allways this error while the user exist in the database.
User not found!
what do i do wrong?
thank you very much for your help
Rafal
<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>
Edited by rafal, 21 September 2014 - 04:33 PM. Hallo everybody,
the user is in the table, but i get error (user not found!).
thank you very much for your help
Rafal
<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>
hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance I have a database which contains three users. But I can only access one of the user through PHP. When I try to enter other username I get a blank message. Anyone knows why?? |
|||||||