PHP - How To Have Same Userid For Member And Supplier

There is  something wrong with my statement it is not returning sql queries  results based on matching the url based based userid to match with the table user_id and get the Ablum id  and Album name:

Please hlep:

Code: [Select]
if(isset($_GET['userid']))
{
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
        $id = $user->id;


$album_id = $_GET['userid'];
$query = 'SELECT user_id, id, format_id, year, name FROM #__muscol_albums WHERE user_id = ' . $album_id;
//$query = 'SELECT user_id FROM #__muscol_albums WHERE id = ' . $album_id ;
$result = mysql_query($query) or die('Error, No Album Search failed');
list($name, $user_id, $id, $year) = mysql_fetch_array($result);


echo $id;

//exit;
}

Hello,

Have a question that i hope some one can help me answer.

I have started creating a facebook app that will translate lovepoems.

The problem im having is that facebook redirects everything wrong, which makes my life a living hell. So what i thought is it's possible to while submitting the form and the user gets redirected to the facebook allow app page, wait with submitting the form or maybe bring the post id with me and then post the content to the db liked to the post from a different page.

simply so i don't have to make the accept form and then go to the actual content?


So I'm using Wordpress as default CMS system if that helps.

This is the code.

Code: [Select]
<?php
/*
Template Name: Febuary Love testing app 
*/
?>

<SCRIPT LANGUAGE="JavaScript">
<!-- Original:  Wayne Nolting (w.nolting@home.com) -->

<!-- This script and many more are available free online at -->
<!-- The JavaScript Source!! http://javascript.internet.com -->

<!-- Begin
function verify() {
var themessage = "You are required to complete the following fields: ";
if (document.form.title.value=="") {
themessage = themessage + " - Title";
}
if (document.form.description.value=="") {
themessage = themessage + " -  Poem";
}
if (document.form.post_tags.value=="") {
themessage = themessage + " -  Keywords";
}
//alert if fields are empty and cancel form submit
if (themessage == "You are required to complete the following fields: ") {
document.form.submit();
}
else {
alert(themessage);
return false;
   }
}
//  End -->
</script>

<?php
add_filter('fb_php_sdk_load','your_filter');
function your_filter($array)
{
    $array[] = '2.1.2'; //exact version number you need
    return $array;
}

$facebook = new Facebook(array(
'appId' => '179200268852090',
'secret' => '3b62bc6b207e4038aa56a28bfc5ed368',
'cookie' => true,  

));

$session = $facebook->getUser();

if (!empty($session))
{
try{
$user = $facebook->getUser();
$user = $facebook->api('/me');
}
catch (Exception $e){
}


if (!empty($user))
{
 
}
else
die ("An error occured");
}
else{
$loginUrl = $facebook->getLoginUrl(array(
    'canvas' => 1,
    'fbconnect' => 0,
    'scope' => 'offline_access, publish_stream'
));
echo "<a href='".$loginUrl."'>Click </a> to add the Copypanther Facebook application";
} 
?>

<?php
$user = $facebook->getUser();
if($user){
    $access_token = $facebook->getAccessToken();

}
?>


<?php
if( 'POST' == $_SERVER['REQUEST_METHOD'] && !empty( $_POST['action'] ) &&  $_POST['action'] == "new_post") {

// Do some minor form validation to make sure there is content
if (isset ($_POST['title'])) {
$title =  $_POST['title'];
} else {
echo 'Please enter the Poem name';
}
if (isset ($_POST['description'])) {
$description = $_POST['description'];
} else {
echo 'Please enter some notes';
}

$tags = $_POST['post_tags'];
$access_token = $_POST['access_token'];
$user = $_POST['user'];

// ADD THE FORM INPUT TO $new_post ARRAY
$new_post = array(
'post_title' => $title,
'post_content' => $description,
'post_category' => array($_POST['cat']),  // Usable for custom taxonomies too
'tags_input' => array($tags),
'post_status' => 'draft',           // Choose: publish, preview, future, draft, etc.
'post_type' => 'post',  //'post',page' or use a custom post type if you want to
'access_token' => $access_token,
'user' => $user,
);

//SAVE THE POST
$pid = wp_insert_post($new_post);
add_post_meta($pid, 'access_token', $access_token, true);
add_post_meta($pid, 'user', $user, true);

    //SET OUR TAGS UP PROPERLY
wp_set_post_tags($pid, $_POST['post_tags']);

//REDIRECT TO THE NEW POST ON SAVE
$link = get_permalink( $pid );
wp_redirect('http://www.ngee.se');

} // END THE IF STATEMENT THAT STARTED THE WHOLE FORM

//POST THE POST YO
do_action('wp_insert_post', 'wp_insert_post');

get_header(); ?>


<?php if ( have_posts() ) while ( have_posts() ) : the_post(); ?>


                    <div class="form-content">
                        <?php the_content(); ?>

<!-- WINE RATING FORM -->

<div class="wpcf7">
<h2>Share some February Love!</h2>
<p>Although the 14th of February might and should be dedicated to your loved one, we think that friends, bosses and coworkers deserve some affection, too. So between the 1st and 13th of February we will translate a poem or message from you to them <em>for free</em></p>
<form id="new_post" name="new_post" method="post" action="" class="wpcf7-form" enctype="multipart/form-data">
<!-- post name -->
<fieldset name="name">
<label for="title">Love poem name:</label>
<input type="text" id="title" value="" tabindex="5" name="title" />
</fieldset>

<!-- post Category -->
<fieldset class="category">
<label for="cat">Translate to:</label>
<?php wp_dropdown_categories( 'tab_index=10&taxonomy=category&hide_empty=0' ); ?>
</fieldset>

<!-- post Content -->
<fieldset class="content">
<label for="description">Love poem:</label>
<textarea id="description" tabindex="15" name="description" cols="80" rows="10"></textarea>
</fieldset>

<!-- post tags -->
<fieldset class="tags">
<label for="post_tags">Keywords (comma separated):</label>
<input type="text" value="" tabindex="35" name="post_tags" id="post_tags" />
</fieldset>
<SCRIPT LANGUAGE="JavaScript">
function testResults (form) {
var TestVar = form.submit();
}
</SCRIPT>
<fieldset class="submit">
<input type=button value="Send" value="Send" tabindex="40" id="submit" name="submit" onclick="verify();">
</fieldset>

<fieldset class="access_token">
<label for="access_token"></label>
<input type="text" value="<?php echo $access_token;?>" id="access_token" name="access_token"/>
</feildset>

<fieldset class="user">
<label for="user"></label>
<input type="text" value="<?php echo $user;?>" id="user" name="user" />
</feildset>

<input type="hidden" name="action" value="new_post" />
<?php wp_nonce_field( 'new-post' ); ?>
</form>
</div> <!-- END WPCF7 -->

                        <?php wp_link_pages( array( 'before' => '<div class="page-link">' . __( 'Pages:', 'twentyten' ), 'after' => '</div>' ) ); ?>
                        <?php edit_post_link( __( 'Edit', 'twentyten' ), '<span class="edit-link">', '</span>' ); ?>
                    </div><!-- .entry-content -->
                </div><!-- #post-## -->

<?php endwhile; // end of the loop. ?>

<?php get_footer(); ?>

Any one have any idea about how i can solve this problem ?

Answers most appreciated!

Best Regards
GrundeLL


EDIT ***

I'm using facebook PHP SDK

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=315930.0

CREATE TABLE posts (
postId INT(11) NOT NULL UNIQUE AUTO_INCREMENT,	
title VARCHAR(255) NOT NULL,
author VARCHAR(24) NOT NULL,	
description TEXT NOT NULL,       
createdAt TIMESTAMP,
PRIMARY KEY (postId)    
);
CREATE TABLE comments(
commentId INT(11) NOT NULL UNIQUE AUTO_INCREMENT,    
comment  TEXT NOT NULL,
postId INT(11),
userId INT(11),
createdAt TIMESTAMP,	
PRIMARY KEY (commentId),
FOREIGN KEY (userId) REFERENCES users(userId),
FOREIGN KEY (postId) REFERENCES posts(postId)   
);
CREATE TABLE replies (
repId INT(11) NOT NULL UNIQUE AUTO_INCREMENT,   
reply  TEXT NOT NULL,
userId INT(11),
commentId INT(11), 	
createdAt TIMESTAMP,     
PRIMARY KEY (repId),
FOREIGN KEY (userId) REFERENCES users(userId),
FOREIGN KEY (commentId) REFERENCES comments(commentId)     
);
CREATE TABLE users (
userId INT(11) NOT NULL UNIQUE AUTO_INCREMENT,
userName VARCHAR(100) NOT NULL,,	          
email VARCHAR(100) NOT NULL,
PRIMARY KEY (userId)
);

how to retrive userName,comment, and createdAt from users and comments table while I have used userId as a  Foreign key on the comment table

if it isn't correct, correct me please

Hi, I'm new here. I used to have a coworker to do the PHP stuff, but now I've gotta try to learn it.  Thanks!

New member to this forum. However, I've been working with PHP/MySQL for a couple years.    Looking to learn some new things as well as contribute when possible. 

hey i was trying to make a new login system with member area the problem is that i wanted to add point system which i can add points manual to members by creating a new column called 'points' and add the following code to member area echo 'you got , '.$_SESSION['points']; but it didn`t work here is my member.php page any tip or advice would be helpful much appreciated ♥

<?php  session_start();

Hey, i was wondering if anyone knew how i could make a script so when i register a new account... There will be made a link in members.php and when you go there you see the new registered (and the old ones) name... And once you click it you get into their page (their page should be created when registering a new account).

Im pretty blank how to do it so ill ask you guys :/

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=322218.0

I have a header as a include at the top of each page. When a member is NOT logged in, it displays a header with login option and some non member links, when member IS logged in it displays a header with member options. That part of the script works fine, however when i log in on that page and the member header is displayed.. If i visit another page or refresh that page it loses the session like its been logged out and just displays the standard header. Any help would be greatly appreciated.

index.php
Code: [Select]
<?php 
session_start();
$path = (isset($_SESSION['LOGINID']) ) ? 'memberheader.php' : 'header_tmp.php';

include( $path ); 

?>
this is the auth script included in the member header
memberheader.php
Code: [Select]
<?php
require_once('scripts/auth.php');
?>
auth.php (the actual auth script)
Code: [Select]
<?php
//Start session
session_start();{


}


if(!isset($_SESSION['LOGINID'])) {
header("location: access-denied.php");
exit();
}
?>
I didn't include login page because the login script works fine on each page except the ones with the multi header include. The pages that only include the memberheader works fine

Hey everybody, please help a newba out........

I am trying to allow users to create a favorites list.

Basically there will be a list of links users can access, and I want them to be able to add individual links to their own  favorites list. I'm pretty new to php and mysql, but here's what i'm thinking...

User registers.
User gets added to table "users", and a new table is created "new_user_1 favorites"
User clicks "add to my favorites", next to a link they like.
Link is added to "new_user_1 favorites".
Table "new_user_1 favorites" is displayed under link "My Favorites".

How does this sound? Is this the way to do it, or is there something i'm missing? Do I really need a individual table for each users favorites, or is there an more efficient way?

Any input would be appreciated. Thanks folks.

hi
i have set up my1 st member area (www.sittonjewelryshop.com). everything works fine except of 1 thing with the checkuser and the verify php files. i have set it up that if some one is trying to go directly to the member area without register it wont let him and send him to the login area but for some reasson it doesnt work. if you write www.sittonjewelryshop.com/member/login_success.php it takes you directly to the membera area.
was trying to manipulate verify.php and register.php but could find the problem.
any suggestion?
tnx.

Hi guys i've spent 3 whole days trying to get this to work but it dosent. My issue is very similar almost the same as: http://www.phpfreaks.com/forums/index.php?topic=296100.15 but with the code i have.

Basically i have custom member pages. member1.php member2.php the design and content will be custom to each member, they also have their own login page.

Each member should be able to access their page and simply view their secure area. They should not be able to log into another users area if they dont have the username or password for it.

Now the problem is, i have this entire script setup and it works, however i fear there is something wrong with the sessions which allows other members to access other members pages with their own passwords and usernames because they share the same database. So the script executes thinking its a valid user and lets them in.

Here is my login checker once the user is validated they are sent to their own folder header("Location: ../{$loginusername}/index.php"); and are able to view the page.


Code: [Select]
<?php
require_once('../config.php');

// Connect to the server and select the database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db")or die("Unable to select database");

// The username and password sent from login.php
$loginusername=$_POST['username'];
$loginpassword=$_POST['password'];

//The following bit of coding protects from MySQL injection attacks
$loginusername = stripslashes($loginusername);
$loginpassword = stripslashes($loginpassword);
$loginusername = mysql_real_escape_string($loginusername);
$loginpassword = mysql_real_escape_string($loginpassword);

$sql="SELECT * FROM $tbl WHERE username='$loginusername' and password='$loginpassword'";
$result=mysql_query($sql);

// Count how many results were pulled from the table
$count=mysql_num_rows($result);

// If the result equals 1, continue
if($count==1){

session_start();
$_SESSION["loginusername"] = $loginusername;
$_SESSION['user1'] = $username; // store session data
//echo "User: = ". $_SESSION['loginusername']; //retrieve data
header("Location: ../{$loginusername}/index.php");

}
// If not successful, inform the user of error
else {
echo "Wrong Username or Password";
}
?>


Now here is the secure page sample:

Code: [Select]
<?php
session_start(); 
if (!$_SESSION['user1']){ 
header("Location: login.php"); 
}else{
print "its working!";
}

?>

<html>
<body>
Login Successful for

</body>
</html>

For each login page i have given each user it's own session.. this works, however if user1 logs in and simply changes the url to user2 and enters his user2 password he is granted access giving him new sessions which means he has access to everything.

Im pretty sure im missing something really small any help would be appreciated.

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=357281.0

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=352032.0