|
PHP - Help To Change Login Function Required Please
Hello All
I currently have a function that takes in user input from form fields $email & $password. If all is well the function logs the user in, if not redirects back to the login form. What I require is two things. 1) Allow the user to login with either "email" or "username" (entered in the $email form field). 2) Allow the system to have a "master" password and if that is entered with a valid email or user from above then log that user in. Here is my current function, any help is greatly received. Regards function loginMember($email,$password,$returnURL){ if ($email != "" && $password != ""){ $result = mysql_query("SELECT mid,memberid,forename,surname FROM tbl001_member WHERE emailaddress='$email' AND password='".$password."' AND online=1"); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); $_SESSION["logged_user"] = $row[2]." ".$row[3]; $_SESSION["logged_id"] = $row[0]; $_SESSION["logged_memid"] = $row[1]; session_unregister('wrong_email'); if (isset($_SESSION["logged_user"])) { header('Location:'.$returnURL); exit; } } else { session_register('wrong_email'); $_SESSION['wrong_email'] = $email; return "* There is no registered account with typed email & password."; } } else { session_register('wrong_email'); $_SESSION['wrong_email'] = $email; return "* Please input email and password correctly."; } } Similar TutorialsOkay, so below I have posted my code, the problem I am having is not knowing how PDO works that well. So what I have attempted to do here is use SQL to check if the user and password are correct, but I'm not sure how to carry on. I realize I have to determine if the database found the matching password and/or username but I have no idea how, any help will be much appreciated. <html> <head> <title>Database login</title> <?php if (isset($_POST['submit'])) { print_r($_POST); $password = md5($_POST['password']); echo'<p>'.$password.'</p>'; $username = ($_POST['username']); echo'<p>'.$username.'</p>'; } ?> </head> <body> <?php $db = new PDO('sqlite:login.sqlite'); $login = 'SELECT * FROM login WHERE userid="'.$username.'" AND password="'.$password.'";'; echo'<p>'.$login.'</p>'; $attempt = $db->query($login); ?> <form method="post" action="Db_login.php"> <p>Username:<br /><input type="text" name="username" /> </p> <p>Password:<br /><input type="password" name="password" /></p> <p><input type="submit" name="submit" value="Log In!" /></p> </body> </html> I have a login page that after logging in it sets a session Code: [Select] $_SESSION['user_info'] = $_POST['username']; and takes me to a start page (and checks for the session) which all works wonderfully. The problem is that no matter what link is clicked on that page it takes me to the login page again after checking to see if that same session is set Code: [Select] session_start(); if(!isset($_SESSION['user_info'])){ header("Location: http://website.com/folder/log_in.php"); } After logging in a second time every link on that same start page works wonderfully. If it works the second time why not the first? Hi all, I'm trying to scrape the contents of a page that is behind a login screen; namely: http://my.mail.ru/apps. Here's my code. It almost works, but doesn't appear to be properly logging in -- I just get a login screen on the url download. Any ideas? Thanks much. Here's my code <?php $ch=login(); $html=downloadUrl('http://my.mail.ru/apps', $ch); echo $html; function downloadUrl($Url, $ch){ curl_setopt($ch, CURLOPT_URL, $Url); curl_setopt($ch, CURLOPT_POST, 0); curl_setopt($ch, CURLOPT_REFERER, "http://my.mail.ru/cgi-bin/login?noclear=1&page=http%3a%2f%2fmy.mail.ru%2fapps%2f"); curl_setopt($ch, CURLOPT_USERAGENT, "MozillaXYZ/1.0"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $output = curl_exec($ch); return $output; } function login(){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://my.mail.ru/cgi-bin/login?noclear=1&page=http%3a%2f%2fmy.mail.ru%2fapps%2f'); //login URL curl_setopt ($ch, CURLOPT_POST, 1); $postData=' page=http%3A%2F%2Fmy.mail.ru%2Fapps%2F &Login=username &Domain=mail.ru &Password=password'; curl_setopt ($ch, CURLOPT_POSTFIELDS, $postData); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt ($ch, CURLOPT_FOLLOWLOCATION,1); curl_setopt ($ch, CURLOPT_MAXREDIRS, 10); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $store = curl_exec ($ch); return $ch; } ?>
I have a php file with a bunch of variables declared. I now need a function to put data on a separate page that pulls variables from the required page.
<?php
function getplayer($position)
{ // start function
//$new_position = "$" . $position;
$new_position = $position;
$file = "their.php";
require "$file";
//echo $qb1; this displays the name John Doe...as $qb1 is declared in the required file
$db_select_their = "bschultz_their";
$servername = "localhost";
$username = "user";
$password = "pass";
$dbname = "db_name";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM (select number as position_number, name as position_name, pronunciation as position_pronunciation, pos as position_pos, height as position_height, weight as position_weight, year as position_year, city as position_city, state as position_state, notes as position_notes FROM $db_select_their WHERE name = '$new_position') as position";
//$sql = "SELECT * FROM bschultz_their WHERE name = $new_position";
echo $sql; //exit;
/*
this displays this text... SELECT * FROM (select number as position_number, name as position_name, pronunciation as position_pronunciation, pos as position_pos, height as position_height, weight as position_weight, year as position_year, city as position_city, state as position_state, notes as position_notes FROM bschultz_their WHERE name = '') as position
The name is empty
*/
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "#: " . $position_number . " - Name: " . $position_name . "";
}
} else {
echo "0 results";
}
} // end function
getplayer("${$qb1}");
$conn->close();
?>
Edited September 8, 2019 by bschultz
I have this function completely written in my class file that I am working on. The point to this function is to be able to check the login of a user or administrator for either of the control panels associated with my site. It will check the session intime as well as the page / module referenced. Once it passes all those checks, it will check and ensure the emailaddress/password stored in the current session still holds true and the account is still active... if the account is still active it will update the lastActivity as well as update all of the session variables with what is currently in the database. What I am looking for is basically a look at the function, see if it looks good.. If there is any part to it that could create security holes for the site just off the login function itself... Usage: $q->validUser($_SESSION['user'], $_mod); <?php function validUser($sess, $p) { if ($sess['inTime'] == '' && $p != 'login' && $p != 'logout') { session_destroy(); $login = '0'; $_int = ''; return $login; } else if ($sess['inTime'] < time()-3600 && $p != 'login') { $sess['inTime'] = ''; session_destroy(); $this->check_login($sess, $p); } else { $this->user = $sess['emailAddress']; $this->pass = $sess['password']; $login = $this->sql_query("SELECT * FROM users WHERE emailAddress = '".$this->user."' AND password = '".$this->pass."' AND status = '1' LIMIT '1'"); if ($login = $this->sql_numrows($login) < 1) { $sess['inTime'] == ''; session_destroy(); $login = '0'; } else { // logged in, lets update the database for last_activity AND the session. $this->sql_query("UDATE users SET lastActivity = '".now()."' WHERE emailAddress = '".$this->user."'"); $login = $this->sql_query("SELECT * FROM users WHERE emailAddress = '".$this->user."' AND password = '".$this->pass."' AND status = '1' LIMIT '1'"); $login = mysql_fetch_assoc($login); foreach ($login as $key => $value) { $sess[$key] = $value; } $sess['inTime'] = time(); $login = '1'; } return $login; } } ?> That is the main function, sql_query and sql_numrows is: <?php function sql_query($query = "", $transaction = FALSE) { unset($this->query_result); if ($query != "") { $this->num_queries++; if ($transation == BEGIN_TRANSACTION && !$this->in_transation) { $result = mysql_query("BEGIN", $this->db_connect_id); if (!$result) { return false; } $this->in_transaction = TRUE; } $this->query_result = mysql_query($query, $this->db_connect_id); } else { if ($transaction == END_TRANSACTION && $this->in_transaction ) { $result = mysql_query("COMMIT", $this->db_connect_id); } } if ($this->query_result) { unset($this->row[$this->query_result]); unset($this->rowset[$this->query_result]); if ($transaction == END_TRANSACTION && $this->in_transaction ) { $this->in_transaction = FALSE; if (!mysql_query("COMMIT", $this->db_connect_id)) { mysql_query("ROLLBACK", $this->db_connect_id); return false; } } return $this->query_result; } else { if ($this->in_transaction ) { mysql_query("ROLLBACK", $this->db_connect_id); $this->in_transaction = FALSE; } return false; } } function sql_numrows($query_id = 0) { if(!$query_id) { $query_id = $this->query_result; } return ($query_id) ? mysql_num_rows($query_id) : false; } ?> Any insight that can help to benefit these functions would be appreciated. I can not handle with this function, will allways return 0 mysql_num_rows and i`m not able to login. Code: [Select] <?php session_start(); mysql_connect("localhost", "root", ""); mysql_select_db("proiect"); include("inc/functii.php"); echo "<form method='post' name='login'> <table cellspacing='1' cellpadding='2' border='0' > <tr> <td colspan='2' align='center' height='55'> Admin Login </td> </tr> <tr> <td id='paddingbot' colspan='2'> Username </td> </tr> <tr> <td id='paddingtop' colspan='2'><input type='text' name='username' size='33'/></td> </tr> <tr> <td colspan='2'></td> </tr> <tr> <td id='paddingbot' colspan='2'> Password </td> </tr> <tr> <td id='paddingtop' colspan='2'><input type='password' name='password' size='33' /></td> </tr> <tr> <td id='rem_me'><input type='checkbox' name='remember_me' /></td> <td> Remember me </td> </tr> <tr> <td align='right' colspan='2'><input type='submit' name='login' value='Login >' /></td> </tr> <tr> <td colspan='2' align='center'>"; checkLogin(); echo "</tr> </table> </form>"; ?> Code: [Select] <?php function checkLogin () { if (isset($_POST['login'])) if (($_POST['username']) == '') { echo "Please, complete the field for username."; } elseif (($_POST['password']) == '') { echo "Please, complete the field for password."; } elseif (($_POST['username'] !== '') && ($_POST['password']) !== '') { $username = $_POST['username']; $password = md5($_POST['password']); $result = mysql_query("SELECT * FROM admin WHERE username='".$username."' AND password='".$password."'") or die ("Error:".mysql_error()); $nr = mysql_num_rows($result); if ($nr < 1) { echo $nr; } else { $_SESSION['username'] = $username; $_SESSION['password'] = $password; echo "Welcome".$username; } } } ?> Hi, My login form is running correctly.i want to add remind me function.please help me.
<form class="form-signin" role="form" id="form1" method="post" action="log.php">
<h2 class="form-signin-heading text-center bluetxt">Sign In</h2>
<input type="text" id="email1" class="form-control" name="email1" placeholder="Email address" autofocus /><br />
<input type="text" id="pwd1" class="form-control" name="pwd1" placeholder="Password" value=""/><br/>
<label class="checkbox">
<input type="checkbox" value="remember" name="remember"> Remember me
</label>
<input type="submit" value="Login" onclick="ValidationLog()" style="color:#FFF;" class="btn btn-lg btn-primary btn-block"/>
</form>
<?php
$mail = $_POST['email1'];
$pwd = $_POST['pwd1'];
$con = mysql_connect("localhost","root","");
if(!$con)
{
die('Could not connect:'.mysql_error());
}
mysql_select_db("biz",$con);
if((($mail)&&($pwd))==""){
header( 'Location:index.php' );
}else{
$result = mysql_query("SELECT mail,pw FROM reg WHERE mail = '$mail' AND pw = '$pwd'");
$num_rows = mysql_num_rows($result);
mysql_close($con);
if($num_rows == 0)
{
}
else{
header( 'Location:user/' );
}
}
?>
Hi guy, Does any know how to add a variable value to the name of a function in a loop e.g. Code: [Select] $i=1; while($qryRowName = mysql_fetch_assoc($qryName)){ $i++; function test$i(){ ***** } Is this possible? Please any help will be very much aprreciated Thanks } Hi there I'm a newbie to all of this so please be gentle! I am starting up my own online business and I am feeling my way through PHP. I have been doing ok so far but I'm having problems with the "change your password" function. I change the password, I receive a reactivation email, but when I try to log in with the new password it hasnt changed. Code I'm using as follows: <?php // process.php include 'config.php'; if(isset($_POST['changepassword'])) { $current = trim($_POST['current']); $new = trim($_POST['new']); $confirm = trim($_POST['confirm']); $pw = md5($current); $query = mysql_query("SELECT * FROM Users WHERE Password = '$pw' LIMIT 1") or die(mysql_error()); if(mysql_num_rows($query) > 0) { while($row = mysql_fetch_array($query)) { if ( $_POST['new'] == $_POST['confirm'] ) {}else{ echo '<script>alert("Your passwords were not the same, please enter the same password in each field.");</script>'; echo '<script>history.back(1);</script>'; exit; } $password = md5($new); $do = mysql_query("UPDATE Users SET Password = '$password' WHERE Password = '$pw' LIMIT 1") or die(mysql_error()); $dotwo = mysql_query("UPDATE Users SET Activated = 0 WHERE Password = '$password' LIMIT 1") or die(mysql_error()); $send = mail($row['Email'] , "Password changed" , "Your password has been changed to: ".trim($_POST['new'])."\n\nYou can change it again via the members only panel, but first you must re-activate your account:\nhttp://www.infinite-monkey.co.uk/activate.php?id=".$row['Actkey']."\n\nDo not reply to this email, it is automated. Thanks." , "From: auto@mailer.com"); if((($do)&&($dotwo)&&($send))) { echo '<script>alert("Password changed. You will now be logged out and you must re-activate your account, check your email, a confirmation email has been sent.");</script>'; echo '<script>location.replace("logout.php");</script>'; exit; } else { echo '<script>alert("There appears to have been an error in the script. 1 or 2 of 3 things may have happened:\n\n• Your password could have been reset/changed\n• Your account could have been deactivated, see the resend validation email page\n• Your email may not have been sent.\n\nYou will now be logged out, if you are not able to login, reset your password using the form, or resend the validation email to activate your account again.\n\nWe are sorry for the inconvenience.");</script>'; echo '<script>location.replace("logout.php");</script>'; exit; } } } else { echo '<script>alert("Incorrect password.");</script>'; echo '<script>history.back(1);</script>'; exit; This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=330989.0 I wrote a bunch of code just to realize that there's a huge security hole in my script. Here's a how I've built it: 1. first you enter the new email address into the input box and click submit 2. an email gets sent to you where you have to click on an activation link to confirm the change, and of course the email gets send to the inbox to make sure it's a valid email the activation link looks as follows: Code: [Select] http://localhost/changeemail_confirm.php?id=$dbuser_id&email=$user_email The dbuser_id gets taken from the session variable, and the user email is the new entered user email. 3. After clicking the link you get directed to an activation page, I thought about letting the user enter his password and letting it match with the password in the database as added security, so he can't just change the user_id in the link so that the email of another user gets changed. the query on the activation page looks like this: "UPDATE user SET email = '$user_email' WHERE nickname = '$dbuser_name' AND WHERE user_id = '$id'"; The $id is being taking from the activation link per GET, and the $dbuser_name is being taking from the session variable. And now this is the problem where I'm stuck, even though I've added a bunch of security, and even the necessary to enter a password there's still a major security hole, which is the user can easily change the email in the activation link to something else, something that is not a valid email. E.g. this Code: [Select] http://localhost/changeemail_confirm.php?id=35&email=mail@phpmail.local can become to this, when the user manually edits the url and pastes it into his browser: Code: [Select] http://localhost/changeemail_confirm.php?id=35&email=MAIL@ANYTHING.com How can I prevent this, is there any way I could tell the script the CONFIRMED and VALID email, with a more secure way? BTW this script works as it is, it's just that the user can manually change the email to something else what makes this script worthless for now. Hi all , here is a question about a disabled button . If I have a button: Code: [Select] <input id='submit' type='submit' disabled='disabled' value='submit'> Is it possible to change the "disabled=true" through php function ? such as Code: [Select] function change_button(){ echo "<script language=\"javascript\">"; echo "document.getElementById('submit').disabled=true;"; echo "</script>"; } I tried it , not working...is this function possible or have I make any mistake ? Thanks for every reply . I used the move_uploaded_file function to upload files to my server ,but the function changes the Arabic names of files because most of my files are Arabic named
how can I fix that ?
Hi all Would like to ask for help . Generally I would like to run a webpage which will display actual price + price movements of selected cryptocurrencies.
I´m recieving data from extrernal API. (JSON) This is how code looks like:
<?php
$json = file_get_contents('https://api.coingecko.com/api/v3/simple/price?ids=bitcoin&vs_currencies=usd&include_market_cap=true;include_24hr_vol=true;include_24hr_change=true');
$bitcoinPrice = json_decode($json);
$json = file_get_contents('https://api.coingecko.com/api/v3/simple/price?ids=dash&vs_currencies=usd&include_market_cap=true;include_24hr_vol=true;include_24hr_change=true');
$dashPrice = json_decode($json);
$json = file_get_contents('https://api.coingecko.com/api/v3/simple/price?ids=netchain&vs_currencies=usd&include_market_cap=true;include_24hr_vol=true;include_24hr_change=true');
$netchainPrice = json_decode($json);
$json = file_get_contents('https://api.coingecko.com/api/v3/simple/price?ids=pivx&vs_currencies=usd&include_market_cap=true;include_24hr_vol=true;include_24hr_change=true');
$pivxPrice = json_decode($json);
function formatter($amount) {
// $formatter = new NumberFormatter('en_US', NumberFormatter::CURRENCY);
return '$'.number_format($amount, 2);;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<title>Masternodes monitor</title>
<!-- Font Awesome -->
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.2/css/all.css">
<!-- Bootstrap core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<!-- Material Design Bootstrap -->
<link href="css/mdb.min.css" rel="stylesheet">
<!-- Your custom styles (optional) -->
<link href="css/style.css" rel="stylesheet">
<!-- MDBootstrap Datatables -->
<link href="css/addons/datatables.min.css" rel="stylesheet">
</head>
<body>
<table id="dtBasicExample" class="table table-striped table-bordered table-sm" cellspacing="0" width="100%">
<thead>
<tr>
<th class="th-sm">Coin name
</th>
<th class="th-sm">ROI
</th>
<th class="th-sm">Daily income
</th>
<th class="th-sm">Price
</th>
<th class="th-sm">24 change
</th>
<th class="th-sm">Volume
</th>
<th class="th-sm">Marketcap
</th>
<th class="th-sm">Node price
</th>
<th class="th-sm">Coins for MN
</th>
<th class="th-sm">Nodes
</th>
</tr>
</thead>
<tbody>
<tr>
<td><img src="/img/btc.png" width="15" height="15" title="Bitcoin logo" alt="Bitcoin logo" /> Bitcoin (BTC)
</td>
<td>Unknown</td>
<td>Unknown</td>
<td><?=formatter($bitcoinPrice->bitcoin->usd) ?></td>
<td><?=formatter($bitcoinPrice->bitcoin->usd_24h_change) ?></td>
<td><?=formatter($bitcoinPrice->bitcoin->usd_24h_vol) ?></td>
<td><?=formatter($bitcoinPrice->bitcoin->usd_market_cap) ?></td>
<td>Unknown</td>
<td>Unknown</td>
<td>Unknown</td>
</tr>
<tr>
<td><img src="/img/pivx.png" width="15" height="15" title="Pivx logo" alt="Pivx logo" /> Pivx (PIVX)</td>
<td>Unknown</td>
<td>Unknown</td>
<td><?=formatter($pivxPrice->pivx->usd) ?></td>
<td><?=formatter($pivxPrice->pivx->usd_24h_change) ?></td>
<td><?=formatter($pivxPrice->pivx->usd_24h_vol) ?></td>
<td><?=formatter($pivxPrice->pivx->usd_market_cap) ?></td>
<td>Unknown</td>
<td>10,000</td>
<td>1,536</td>
</tr>
<tr>
<td><img src="/img/dash.png" width="15" height="15" title="Dash logo" alt="Dash logo" /> Dash (DASH)</td>
<td>7.5%</td>
<td>14,40 $</td>
<td><?=formatter($dashPrice->dash->usd) ?></td>
<td><?=formatter($dashPrice->dash->usd_24h_change) ?></td>
<td><?=formatter($dashPrice->dash->usd_24h_vol) ?></td>
<td><?=formatter($dashPrice->dash->usd_market_cap) ?></td>
<td>$69,696.22</td>
<td>1000</td>
<td>4001</td>
</tr>
<tr>
<td><img src="/img/ntx.png" width="15" height="15" title="Netchain logo" alt="Netchain logo" /> Netchain (NTX) </td>
<td>350%</td>
<td>0,12 $</td>
<td>$0.00004</td>
<td><?=formatter($netchainPrice->netchain->usd_24h_change) ?></td>
<td><?=formatter($netchainPrice->netchain->usd_24h_vol) ?></td>
<td><?=formatter($netchainPrice->netchain->usd_market_cap) ?></td>
<td>$7</td>
<td>100.000</td>
<td>55</td>
</tr>
</tbody>
<tfoot>
<tr>
<th>Coin name
</th>
<th>ROI
</th>
<th>Daily income
</th>
<th>Price
</th>
<th>24 change
</th>
<th>Volume
</th>
<th>Marketcap
</th>
<th>Node price
</th>
<th>Coins for MN
</th>
<th>Nodes
</th>
</tr>
</tfoot>
</table>
<!-- SCRIPTS -->
<!-- JQuery -->
<script type="text/javascript" src="js/jquery-3.4.1.min.js"></script>
<!-- Bootstrap tooltips -->
<script type="text/javascript" src="js/popper.min.js"></script>
<!-- Bootstrap core JavaScript -->
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<!-- MDB core JavaScript -->
<script type="text/javascript" src="js/mdb.min.js"></script>
<!-- MDBootstrap Datatables -->
<script type="text/javascript" src="js/addons/datatables.min.js"></script>
<script>
$(document).ready(function () {
$('#dtBasicExample').DataTable();
$('.dataTables_length').addClass('bs-select');
setTimeout(function() {
location.reload();
}, 900000);
});
</script>
</body>
</html>
I need section usd_24h_change in percent %. I tryed : <td><($bitcoinPrice->dash->usd_24h_change) ? % ></td> <td><($dashPrice->dash->usd_24h_change) ? % ></td> <td><($netchainPrice->dash->usd_24h_change) ? % ></td> <td><($pivxPrice->dash->usd_24h_change) ? % ></td> But it doesn´t work… Please help Edited October 26, 2019 by Netchainhi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks How to add the ability to login with username or email for login?
<?php
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
if ($row = mysqli_fetch_array($result)) {
$_SESSION['user_id'] = $row['uid'];
$_SESSION['user_name'] = $row['user'];
$_SESSION['user_email'] = $row['email'];
header("Location: ../dashboard");
} else {
$error_message = "Incorrect Email or Password!!!";
}
}
?>
Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> Hi Friends, I am trying to do an API with oracle database. The JSON request from 3rd party will look like below. {
"contact_id": "1",
"serial_no": "100",
"name": "baby",
"inv_date": "2018-06-27",
"due_date": "2018-06-27",
"currency": "KD",
"subtotal": "143",
"tax_total": "13",
"shipment_data": [
{
"serial_no": "33",
"master_no": "55",
"house_no": "77",
"cost_revenue_items": [
{
"charge_ref": "rr",
"currency": "INR",
"quantity": "2",
"selling_rate": "45",
"exchange_rate": "7",
"taxes": [
{
"serial_no": "1",
"ref": "INR",
"voiding_remarks": "oo"
},{
"serial_no": "2",
"ref": "KWD",
"voiding_remarks": "asd"
}
]
}
]
}
]
}
how to handle request for JSON in which master is updated (PUT) and child record is (Either INSERTED, UPDATED or DELETED) ? |
|||||||