|
PHP - Check Db For New Entry And Alert User
Hi
I have a live chat integrated into my website that uses Ajax, PHP and MySQL. When two people have the chat window open they can chat and it works fine. How can I send an alert to the person being requested to chat with, or for the chat.php page to popup automatically. It prob needs to be some function constantly running in the background check the DB for new message entries. Thanks Jay Similar TutorialsAlright, wasn't quite sure how to summarize this in the title, but I want to: Check if a user status is "active" or not based on the UserName input. I have a table witch holds: Code: [Select] VarChar Username Var CharPassWord int Active Ted TedsPW 1 something like the above(assuming it formatted correctly. In my php script I will want to input a variable for Username to check for: inputUN in this example would be "Ted". $UserNameToCheck = $_GET['inputUN']; Then I want to check for that UserName in the database, if it exists, I want pull the value for the "Active" field for just that UserName and echo it. Thanks for any help. I tried adding a group field to my user table so I can show different content to different users but when I do the check and then if/else the required info it doesn't seem to do it. I think I've got a mistake in my query: <?php include ('header.php'); ?> </center> <?php $username = mysql_real_escape_string($_POST['username']); $checkadmin = mysql_query("SELECT Group FROM users WHERE Username = '".$username."'"); if('$checkadmin' == GroupA) { ?> Welcome Admin! <?php } else { ?> You are not authorised. <?php } include ('footer.php') ?> Whats wrong with it? Cheers. I am adding new entries into a MySQL table via a php script. The script works fine, but I want to prevent duplicate entries. How can I check if an entry already exists on the table before initiating the query to write to the table. It is for a user registration type of system. The php script rights "AccountName" and "PassWord" to the table called "Accounts". This was my attempt to check if it exists: $query = "INSERT INTO Accounts(AccountName, Password)VALUES ('".$Accn."','".$Pwwd."')"; $Check = mysql_query("SELECT * FROM Accounts"); while($row = mysql_fetch_array($Check)) { $Account = $row['AccountName']; } if($accn != Account) { mysql_query($query); } Where $accn = the new accountname entered. I am trying to compare the new AccountName(accn) that was entered with the array of all AccountNames already in the database, and if does not already exists, then add it. Hi, I was just trying to post form data to MySQL and trying to also post value of logged in user? but that code below doesnt work..Do you see a typo? or is it done some other way?
$uid =$_SESSION[ "uid" ]; $sql = "INSERT INTO Date (uid) VALUES (:uid)"; $query= $conn->prepare( $sql ); $query->execute( array( ':uid'=>$uid) );
This topic has been FUS RO DAHed to PHP Regex. http://www.phpfreaks.com/forums/index.php?topic=358571.0 (I've got Skyrim open on the other monitor) Am trying to get an email address from the DB and send an alert but it's not working..
$search3 = mysql_query("SELECT email FROM users WHERE department = '$department' AND (position = '$position')") or die(mysql_error()); $acct1 = mysql_fetch_array($search3); $email = $acct1['email']; $to = $email; $subject = 'New Requisition Alert'; $message = 'You have a new message'; $headers = 'From: server@test.com' . "\r\n" . 'Reply-To: admin@test.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); I'm making a login area for the hotels in a booking system, where they enter their hotels' information, policy, and room rates but I want to make the room rates when it appears for clients, it appears with a percentage (commission) added to what the Hotel representative will enter So what's better? it should be added in the admin area of the hotels and gets saved in the database with the commission or I should add it in the booking form so the code grab the rate from the database, multiply it by the percentage and echo the result? I'm creating a newsletter and the unsubscribe isn't deleting the database entry like I'm asking it to. Everything else works fine, it even successfully says the user has been removed, but it doesn't actually delete the database entry. I've spent two days trying to figure out why. Here's the code:
Newsletter sign up:
<?php
//DB Connect Info
$servername = "";
$database = "";
$username = "";
$password = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
/*$createTable = $conn->prepare ("CREATE TABLE IF NOT EXISTS email_user (
id int(11) NOT NULL AUTO_INCREMENT,
email varchar(200) NOT NULL,
hash varchar(250) NOT NULL,
PRIMARY KEY (id)
)");
$createTable->execute();
*/
function input_security($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$email = input_security($_POST['email']);
$insertData = input_security($insertData);
if(isset($_POST['submit']))
{
extract($_POST);
if($email!="") :
$email=mysqli_real_escape_string($conn,$email);
$emailval = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/';
if(preg_match($emailval, $email)) :
$db_check=$conn->query("SELECT * FROM email_user WHERE email='$email'");
$count=mysqli_num_rows($db_check);
if($count< 1) :
$hash=md5($email.time());
$link = '/unsubscribe.php?key='.$hash;
// Change your domain
$fetch=$conn->query("INSERT INTO email_user(email,hash) VALUES('$email','$hash')");
$to="$email"; //change to ur mail address
$strSubject="Maintenance Fee Relief, LLC | Email Subscription";
$message = '<p>Thank you for subscribing with us.</p>' ;
$message .= '<p>Click here to unsubscribe your email : <a href="'.$link.'">unsubscribe</p>' ;
$headers = 'MIME-Version: 1.0'."\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1'."\r\n";
$headers .= "From: info@";
$mail_sent=mail($to, $strSubject, $message, $headers);
$msg_sucess="Your request has been accepted!.";
else :
$msg="This $email email address is already subscribe with us.";
endif;
else :
$msg="Please enter your valid email id";
endif;
else :
$msg="Please fill all mandatory fields";
endif;
}
?>
<div class="newsletter-sign-up-header-form">
<div id="logerror"><?php echo @$msg; ?><?php echo @$msg_sucess; ?></div>
<form method="post">
<span><input type="email" name="email" placeholder="Email Address - Join Newsletter" class="newsletter-sign-up-header-email" required></span>
<span><button name="submit" value="submit" title="Submit" class="newsletter-sign-up-header-submit-button">Submit</button></span>
</form>
</div>
<?php
//DB Connect Info
$servername = "";
$database = "";
$username = "";
$password = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
<?php
if(@$_GET['key']!=""):
$hash=mysqli_real_escape_string($conn,$_GET['key']);
$fetch=$conn->query("SELECT * FROM email_user WHERE hash = '$hash'");
$count=mysqli_num_rows($fetch);
if($count==1) :
$row=mysqli_fetch_array($fetch);
$conn->query("DELETE email_user WHERE id='$user_id'");
$msg="Your email id unsubscribe with us";
else :
$msg="Please click valid link.";
endif;
else :
header("Location:404.php");
endif;
?>
<!doctype html>
<html lang="en">
<head>
<title>Unsubscribe</title>
</head>
<body>
<div align="center">
<h2><?php echo $msg; ?></h2>
<a href="https://www.--.com">--.com</a>
</div>
Quote
Hi there,
I've been searching the internet for the best way to check if the user has been logged in. Some codes have security breaches. So I'm not sure where to start.
Here's what I've come up with:
The user logs in and is checked whether he/she is a valid user, if not return false and if true carry on and create session, I read the post that Jacques1 made about session feedback and implemented what he said. After that the session variables are assigned and then the user id, session_id and a unique identifier to check against on each page load are inserted into a database and then the user is logged in.
Here's my code: (please note this is in a class and only shows the login function)
function Login($username, $password)
{
try
{
$db = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";charset=utf8", DB_USERNAME, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch(PDOException $ex)
{
echo "Unable to connect to DB";
error_log($ex->getMessage());
}
try
{
$User_Info = $db->prepare("SELECT * FROM users WHERE username=:username");
$User_Info->bindValue(":username", $username, PDO::PARAM_STR);
$User_Info->execute();
$Info = $User_Info->fetchAll(PDO::FETCH_ASSOC);
$salt = $Info['salt'];
$password = $salt . $password;
$password = $this->CreateHash($password);
$unique_key = $this->GenerateRandom();
$unique_key = $this->CreateHash($unique_key);
$Check_User = $db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");
$Check_User->bindValue(":username", $username, PDO::PARAM_STR);
$Check_User->bindValue(":password", $password, PDO::PARAM_STR);
$Check_User->execute();
if($Check_User->rowCount() > 0)
{
while($row = $Check_User->fetchAll(PDO::FETCH_ASSOC))
{
session_destroy();
session_start();
$_SESSION = array();
session_regenerate_id(true);
$_SESSION['username'] = $row['username'];
$session_id = session_id();
$user_id = $row['id'];
$Check_Logged_In = $db->prepare("DELETE FROM logged_in_users WHERE user_id=:userid");
$Check_Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Check_Logged_In->execute();
$has_changed = $Check_Logged_In->rowCount();
if($has_changed > 0)
{
$Logged_In = $db->prepare("INSERT INTO logged_in_users (id, user_id, session_id, unique_key) VALUES (NULL, :user_id, :session_id, :unique_key)");
$Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Logged_In->bindValue(":session_id", $session_id, PDO::PARAM_STR);
$Logged_In->bindValue(":unique_key", $unique_key, PDO::PARAM_STR);
$Logged_In->execute();
$affected_rows = $Logged_In->rowCount();
if($affected_rows > 0)
{
return true;
}
}
return false;
}
}
return false;
}
catch(PDOException $ex)
{
echo "Unable to complete query";
error_log($ex->getMessage());
}
}
Thanks
Hey guys, How do I check to see if the user has been login on the page that they are on? I have a login and I want users to login before then can go to other pages. thanks guys, hi, how can i check if a username exists? i tried this
$usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$usrres = mysql_query($usrsql);
$usrcount = mysql_num_rows($usrres);
if($usrres && mysql_num_rows($usrcount)>0) {
die("Username is already taken!");
}
Hi, I want have this code (below), how would I check if a user is logged in? I want to make it so they can only see 500 chars, or the full thing if they're logged in. Thanks! Code: [Select] public function __construct( $data=array() ) { if ( isset( $data['id'] ) ) $this->id = (int) $data['id']; if ( isset( $data['publicationDate'] ) ) $this->publicationDate = (int) $data['publicationDate']; if ( isset( $data['title'] ) ) $this->title = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['title'] ); if ( isset( $data['summary'] ) ) $this->summary = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['summary'] ); if ( isset( $data['content'] ) ) $this->content = $data['content']; if ( isset( $data['tags'] ) ) $this->tags = $data['tags']; } So let's say if contact_name wants to add member_name as a friend, how would i make it say user is already pending? what variables to check? or should i make friends table and a friends_pending table? I would like to create a script to check wether a user has made a payment to access a members only area of my site, much like a check-login script that checks if the user has logged in, i need it do do a similar check only its not looking to see if the user is logged in but if they have ever paid and if not; send them to the payments page before the access is granted... What section(s) if any, do i need to modify from this check-login script to change it to check for their payments? Code: [Select] <?php ob_start(); // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> I have a site where the user must view a timed loader before playing an audio bible. I'm noticing some direct linking to the bible player instead of sitting through the loader... I need to check the previous page's url before actually loading the player. I through together a script last ween in javascript and people reported error, so I assumed it would be best server side anyway. I haven't coded anything in PHP since PHP3. So, I'm asking for your expert options and help... I haven't tested this yet, but is this the best method and are they any problems with this method (if it works). $realname = basename($_SERVER[loader], ".php"); if ($realname == 'loader.php') { return(); } else { // rediret to a notice to user that this isn't allow header( 'Location: http://www.yoursite.com/new_page.html' ) ; } on all my secured pages at the the very top the code is Code: [Select] <?php require ("u_check_login.php"); ?> and then the u_check_login.php code is Code: [Select] <?php require('database.php'); //Include DB connection information $ip = mysql_real_escape_string($_SERVER["REMOTE_ADDR"]); //Get user's IP Address $email = mysql_real_escape_string($_COOKIE['uemail']); //Get username stored in cookie $pp = mysql_real_escape_string($_COOKIE['pp']); if ($pp == 1){ $sessionid = mysql_real_escape_string($_COOKIE['sessionid']); //Get user's session ID $check = mysql_query("SELECT * FROM `users` WHERE `email` = '$email' AND `session_id` = '$sessionid' AND `login_ip` = '$ip' AND `pp` = '1' ") or die(mysql_error()); //Check if all information provided from the user is valid by checking in the DB $answer = mysql_num_rows($check); //Return number of results found. Equal to 0 if not logged in or 1 if logged in. if ($answer == 0 || $sessionid == '') { //Check if login is valid. If not redirect user to login page header('Location: ulogin.php'); exit(); } $row = mysql_fetch_array($check); $email = stripslashes($row['email']); }else{ header('Location: ulogin.php'); } ?> and this error is being displayed on my page that is supposed to not have let me on because i was not logged in Code: [Select] Warning: Cannot modify header information - headers already sent by (output started at /home/content/03/8587103/html/pinkpanthers/pinkpanthers.php:1) in /home/content/03/8587103/html/pinkpanthers/u_check_login.php on line 17 Hello people i have a system that takes people to generated pages from the database, the user has a field to input a video and others watching videos will get redirecting to tht video in time, what i want to know is how can i tell if a user viewed the page so to stop them getting redirected to it again by my random video query? The link always is video.php?id=blabla the id changes every refresh, so i can call that id to check if there on the page but how can i tell if they have been on it before. Hi Guys, Just a quick introduction I am NOT a student I am a IT Technician in a School in the South of the United Kingdom. I am trying to write a PHP Script with a Function that Checks if the user is logged in, if the user is logged in then it shows the user the content on the page but if they are not logged in then to show a blank page with a link to the Login Page. I need it to be simple. I just want it to check if a useer is logged in but if there not only show some content on a page. Can anyone help? My Users login into a php Session. Thanks for any help you can offer. Best Regards Thomas Hi, I'm trying to change an OpenSource software that is using PHP code, I'm somewhat new to PHP and am wanting to learn more on it, but I'm having trouble a couple of things. On rightcolumn.tpl, I include another file called login_rightside.tpl where it is a login box. What I want to do is if the user clicks "Register" and gets taken to "signup.php" then that login box on "login_rightside.tpl" should disappear. So basically my pseudocode is this: Code: [Select] if (current page = signup.php do nothing else {include file="login_leftside.tpl"} end if My problem is how to tell it that the current page is signup.php. If anyone can provide some help, I'd appreciate it. Hey, so I'm trying to check the database if the user and email already exists when registering.
<?php
include_once('includes/config.php');
if(isset($_POST['submit'])) {
$username = $_POST['username'] ? trim($_POST['username']) : null;
$password = md5($_POST['password']) ? trim($_POST['password']) : null;;
$email = ($_POST['email']);
$message = "";
if(empty($username) || empty($password) || empty($email)) {
$message = "All fields required";
} else {
$sql = "SELECT COUNT(username) AS userNum FROM users WHERE username = :username";
$sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['userNum'] >0) {
die("That username already exists!");
} elseif($row['emailNum'] > 0) {
die("That email already exists!");
}
$sql = "INSERT INTO users (username, password, email) VALUES (:username, :password, :email)";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->bindValue(':password', $password);
$stmt->bindValue(':email', $email);
$result = $stmt->execute();
if($result) {
$message = "Registration was successful";
}
}
}
?>
If I remove this line " $sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email"; the code works but only checks the username. How can I check both? |
|||||||