|
PHP - Directing User Based On Password Entered (using Stristr)
Hi!
I'm attempting to do this and feel that I'm fairly close. Would you take a look and throw me any bones? PHP Code: Code: [Select] <?php if (isset($_POST['ppassword']) && (stristr($string,'') === TRUE)) { switch($_POST['ppassword']) { case "Google": header("Location: http://www.google.com"); exit(); case "Yahoo": header("Location: http://www.yahoo.com"); exit(); case "Bing": header("Location: http://www.bing.com"); exit(); } } ?> The Form: Code: [Select] <form name="portal" id="portal" method="post" action=""> <input name="ppassword" type="text" id="ppassword" maxlength="25" onfocus="this.select()" onblur="this.value=!this.value?'company name':this.value;" value="company name" onclick="this.value=''" /> <input name="login" type="submit" id="login" value="Continue" /> </form> I appreciate any of your help. I feel close and this part Code: [Select] (stristr($string,'') feels like the missing piece of the puzzle. Similar Tutorials
Query About How To Retrieve A Password From The Database And Compare To The One The User Has Entered
Hi, after following lots of advice and changing to MySqli I am running into a few probs. This is me just probably missing something stupid, I know what I want, but can't figure out what query I should use and where I should place it. All the queries I have tried have failed.
I just need a query that gets the $current_stored_password from the password field on the database, to confirm the last check
elseif
($current_password !== $current_stored_password) {
include 'includes/overall/header.php';
echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';
include 'includes/overall/header.php';
}
Here is the whole script.
<?php
session_start();
error_reporting(0);
//ini_set('display_errors', '1');
require( 'database.php' );
$username = $_SESSION['loggedinuser'];
$current_stored_password = $_SESSION['password'];
$current_password = $_POST['current_password'];
$password = mysqli_real_escape_string($con, md5( $_POST['password']));
$password_again = mysqli_real_escape_string($con, md5( $_POST['password_again']));
// Run checks
if (isset($_POST['current_password'], $_POST['password'], $_POST['password_again'])) {
if( strlen( $_POST['current_password'] ) < 8 )
{
include('includes/overall/header.php');
echo "Password Must Be 8 or More Characters.";
include('includes/overall/footer.php');
}
elseif( strlen( $_POST['password'] ) < 8 )
{
include('includes/overall/header.php');
echo "Password Must Be 8 or More Characters.";
include('includes/overall/footer.php');
}
elseif
( strlen( $_POST['password_again'] ) < 8 )
{
include('includes/overall/header.php');
echo "Password Must Be 8 or More Characters.";
include('includes/overall/footer.php');
}
elseif
($password !== $password_again) {
include 'includes/overall/header.php';
echo ' Password and password again do not match';
include 'includes/overall/header.php';
}
elseif
($current_password !== $current_stored_password) {
include 'includes/overall/header.php';
echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';
include 'includes/overall/header.php';
} else {
// Define a query to run
$query = "UPDATE `user` SET `password` = '$password' WHERE `username` = '$username'";
// Query the database
$result = mysqli_query($con,$query);
// Check if the query failed
if( !$result )
{
die('There was a problem executing the query ('.$query.'):<br>('.mysqli_errno($con).') '.mysqli_error($con));
}
else {
include 'includes/overall/header.php';
echo 'Password has been changed';
include 'includes/overall/footer.php';
}
}
}
// Close the connection
mysqli_close($con);
?>
At the moment the message displayed when the form is submitted is
echo $current_password . ' AND ' . $_POST['current_password'] . ' Password and password again do not match';How do I retrieve the password from the database to compare against the current password entered by the user? Any help is much appreciated. PS. Yes I know I have repeated code and that md5 is not secure, but I am just building onto a template I got and will be making changes to shorten the code and secure the password soon I'm building a php program that registers users onto a website. With the help of people from this thread http://www.phpfreaks.com/forums/index.php?topic=332260.15 I was able to accomplish the goal and now the signup works with conditions that check for a valid email, and if the password is strong enough. T he program correctly displays the the problem when a user does NOT enter a valid email, or a strong enough password, but the user has to re-enter the email and password everytime. I want to make it so that the fields remained populated with what the user entered previously, so he or she does not have to re-enter his or her email/password. Here is the code (its really ghetto) Code: [Select] <?php function check_email_address($email) { // First, we check that there's one @ symbol, and that the lengths are right if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) { // Email invalid because wrong number of characters in one section, or wrong number of @ symbols. return false; } // Split it into sections to make life easier $email_array = explode("@", $email); $local_array = explode(".", $email_array[0]); for ($i = 0; $i < sizeof($local_array); $i++) { if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) { return false; } } if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name $domain_array = explode(".", $email_array[1]); if (sizeof($domain_array) < 2) { return false; // Not enough parts to domain } for ($i = 0; $i < sizeof($domain_array); $i++) { if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) { return false; } } } return true; } define('DB_NAME', 'catch'); define('DB_USER', 'username'); define('DB_PASS', 'password'); define('DB_HOST', 'page.sqlserver.com'); // contact to database $connect = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('Error , check your server connection.'); mysql_select_db(DB_NAME); //Get data in local variable $v_name=$_POST['name']; $v_email=$_POST['email']; $v_msg=$_POST['msg']; if ( check_email_address($_POST['name']) == false) { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> You must enter a valid email. <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( $v_name == "" || $v_msg == "" ) // if name is empty or if pass is empty { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> You must enter an email and password. <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( strcspn( $_REQUEST['msg'], '0123456789' ) == strlen( $_REQUEST['msg'] ) ) // the above statement says if pass does not contain a number { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must contain a number.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if( strlen($_POST['msg']) < 8 ) // the above statement says if pass is not 8 characters long { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must be at least 8 characters long.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if ( $_POST['msg'] == strtolower($_POST['msg']) ) // the above statement says if pass is all lowercase { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must have at least one capital letter.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } if ( preg_replace("/[^a-zA-Z0-9\s]/", "", $_POST['msg']) == $_POST['msg'] ) // the above statement says if pass contains no special characters { $query = "INSERT INTO contact(name,email,msg) VALUES ('$v_name','$v_email','$v_msg')"; $result = mysql_query( $query ); if( !$result ) { die( mysql_error() ); } echo <<<EOD <head> <link rel="stylesheet" type="text/css" href="http://hedgezoo.com/signup.css"> </head> <h2>Free Registration</h2> <form action="contact_insert2.php" method="POST" id="insert"> <table> <tr> <td>Email</td> <td ><input type="text" size="40" name="name"></td> </tr> <tr> <td>Password</td> <td><input type="password" size="40" name="msg" ></td> </tr> <tr> <td colspan=2 id="sub"> <div style="color:red;">Your password must have at least one special character.</div> <br /> <input type="submit" name="submit" value="submit"> </td> </tr> </Table> </form> EOD; } else echo <<<EOD <B>GO FUCK YOURSELF</B> EOD; ?> Code what i made so far.
$inputText = 'This is testing http://www.youtube.com';
$allowedDomains = 'www.google.com
youtube.com/
http://www.test.org';
$array = preg_split('/[\s]+/', $allowedDomains);
$regex = '';//Need this line
if(preg_match($regex, $inputText)){
print 'Domain match!';
}else{
print 'Domain not match!';
}
Edited by jacob21, 16 October 2014 - 08:31 AM. Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Having trouble trying to validate a user name and password. This is my code: Code: [Select] //check username/password $user_name_check = mysql_query("SELECT * FROM users WHERE user_name=" . $_POST["user_name"] . "\" AND password=" . $_POST["password"] . "\""); if(mysql_num_rows($user_name_check)) { //Do stuff here... } But I get the following error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /xxxx/xxxxxxxx/xxxxx/xxxxxxxxxxxxx/xxxx.php on line 32 Any ideas as to why? $user_name_check is a result set right (which is what the mysql_num_rows() requires)?? I'm trying to write a script that changes my user passwords. I store the passwords in the DB as a md5 hash. My code is below, I keep getting error that the original username and password do not match. I require that the original credentials match so I can verify that I'm changing the password for the correct user. I suspect my problem is here but I'm not su Code: [Select] $result = mysql_query("SELECT password FROM $tbl_name WHERE username='$username' and password = '".md5($pass)."'"); Code: [Select] <?php $username = check_input($_POST['username']); $password = check_input($_POST['password']); $newpassword = check_input($_POST['newpassword']); $confirmpassword = check_input($_POST['confirmpassword']); if (!isset($_POST['submit'])) { // if page is not submitted to itself echo the form } else { $result = mysql_query("SELECT password FROM $tbl_name WHERE username='$username' and password = '".md5($pass)."'"); if(mysql_num_rows($result)){ if($newpassword==$confirmpassword){ $sql=mysql_query("UPDATE $tbl_name SET password='$newpassword' where username='$username'"); if($sql) { echo "Password Changed"; } else { // In case when problem while updating your new password echo "Error changing password, please email webmaster@mydomain.com"; } } else { // In case when new-password and retype-password do not match echo "New and confirmed password do not match please try again."; } } else { // In case of you have not correct User name and password echo "Current username and password do no match."; } } ?> <div class="pageContent"> <div id="main"> <div class="container"> <h1></h1> <h2>More text goes here.</h2> </div> <div class="container"> <!-- All protected data goes in here --> <?php if($_SESSION['id']){ echo '<form action="" method="post">'; echo '<h2>Username: </h2><input type="text" name="username" size="50" maxlength="255"><br/>'; echo '<h2>Password: </h2><input type="text" name="password" size="50" maxlength="255"><br/>'; echo '<h2>New Password: </h2><input type="text" name="newpassword" size="50" maxlength="255"><br/>'; echo '<h2>Confirm Password: </h2><input type="text" name="confirmpassword" size="50" maxlength="255"><br/>'; echo '<input type="submit" name="submit" value="Change Password">'; echo '</form>'; } else { echo '<h1>Please, <a href="index.php">login</a> and come back later!</h1>'; } ?> <!-- End: All protected data goes in here --> </div> <div class="container tutorial-info"> Footer goes here. </div> </div> </div> Any ideas? Alright, I've been assigned a project at work. I did not develop the application and the individual who did used CodeIgnited framework and mysql as the db.
Here's the problem, I'm not given much OT to do this and in our meeting the best way to proceed was to replicate the database for different parts of the organization. Basically we are a subsidiary and have been using an application that other groups within the organization want to use. Usually I would reconfigure the db schema and add org ids and in the user table add the appropriate organization to go to. However, they are not giving me enough time to do that.
So what I'm thinking is to just create a copy of the database we use (just the structure) and create a new database.
What I want to know is how to use mysql to check to see if a user exists in one database and if they don't then to go on to the next database. I understand this is a very sloppy way to do it, but it's the way we are moving forward.
I found the code to connect to the db in CodeIgnitor... how can I connect to a database, check to see if the user exists, then close that db connection and try the next database?
/**
* Select the database
*
* @access private called by the base class
* @return resource
*/
function db_select()
{
return @mysql_select_db($this->database, $this->conn_id);
}
Thanks in advance.
Hi, I want to create a forgotten password page, where the user enters in their email address, the script queries the database for that email address, creates a unique ID, stores that unique ID in the database, then emails the unique ID and the User ID off to the user in an HTML link e.g. http://somesite.com/reset-password.php?userId=2&uniqueId=132832189312978312. The reset page would then match the unique ID to the one in the database and let them enter in a new password into the form. Ok so I can do most of that so far except from the emailing to the user. I'm running an Ubuntu Server 10 at the moment as my test server which is on my local network. Do I need to set up a mail server on that for php mailing to work, or can I use some external SMTP for sending? I've had a play round with the PHP mail() function but it won't send anything at the moment. I'll also need some code for when the site is running in the hosted live environment as it will likely use their mail servers. What's the best way to go about doing this? Many thanks! I'm working on a new user submission form and I was wondering whether it's safe to send a confirmation letter to the user using their hashed password as their confirmation code? Since this is a hashed password it can't be decrypted (I believe), the password is useless because it's always hashed before login so it can't be used to login to the system, it's only being emailed to the user who's account is tied to the account, and it would save me the option of having to store a confirmation code field in my DB. Is this safe? Hi all, I've got a website for an event, each team have their details on a page which are recalled from a SQl database. But I'm wanting to create a password input box for each team, so when they enter the correct password they are taken to a page containing forms where they can edit the team details. Here is the page with the users details on where they anter the password: http://www.wharncliffenetwork.co.uk/wrc/entered/team.php?id=8 I'm not sure how to code it, Can an IF statement be used? Anyone got any pointers? I'f been unsuccessful in finding a tutorial or something similar. Hope that makes sense :S Cheers. When users register for the site, it posts the form to an https version of the site. If there's any errors, it'll stay on the https and I show the form with the fields prefilled in with their inputs and the errors shown. My question is: is it safe to also refill the password field? Anyone here know the answer for sure? I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time. I'd like a pointer towards the right/best thing to do should my code not be worthy. Thanks and heres my code:
<?php
$user_ip = $_SERVER['REMOTE_ADDR'];
$table_name = "loginattempts";
$query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($query) or die("Invalid Login");
while($row = mysql_fetch_array($result)){
$count = $row['attempts'];
}
if($count == 3){
echo("Your login attempt is completed");
}else{
$insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($insert);
$update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'";
$result = mysql_query($update);
}
$update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'";
$result = mysql_query($update);
?>
I have an array with the following elements define("LIST_OF_SCHOOLS", "st patricks,Piarsaigh,Phiarsaigh,St Vincents,Glanmire,Farranree,North Presentation,north mon,north monestrey,Scoil iosagain,St aidans,knocknaheeny,mon"); $schoolList = explode(',', LIST_OF_SCHOOLS); function checkForSchool($page, $schoolList) { preg_match('%(Studied at|Went to|Goes to) \\\u003ca href=\\\\"http:\\\/\\\/www.facebook.com\\\/pages\\\/[a-zA-Z-]*\\\/\d*\\\\" data-hovercard=\\\\"\\\/ajax\\\/hovercard\\\/page.php\?[a-zA-Z=0-9]*\\\\">([a-zA-Z\s]*)\\\u003c\\\/a>%', $page, $match); if($match && count($match)>0) { normal($match[2]); for($cnt=0; $cnt<count($schoolList); $cnt++) { $school = trim($schoolList[$cnt]); green(stristr($match[2],$school)); if($school!="" && stristr($match[2], $school)) { blue($match[2].": Match for school found"); unset($school); return true; } } } else { red("No school set on profile"); } unset($school); return false; How come my function is returning true for this match mond Community High School Inveralmond Community High School: Match for school found I only want it too return true if all the match corresponds with one of the element in the array $schoolList Is there a better way to specify the "if (strsistr...)" line? Suppose I want to check 4 or 5 file ext's instead of just 2? <?php if ($handle = opendir('pics')) { echo 'Directory handle: ' . $handle . '<br />'; echo 'Files: <br />'; while (false !== ($file = readdir($handle))) { if ( stristr($file,("jpg")) || stristr($file,("png")) ) { echo $file . '<br />'; } } closedir($handle); } ?> thanks, Keith I have a "Users" table. I would like to find out the average users sign up in total. This table has a "joined date" column so I can track how many users sign up in a single day. For e.g. August 16 - 10 users August 17 - 20 users Auguest 18 - 30 users The total average of user sign ups would be 20 users based on the above results. So I am wondering how can I create this function? This is my starting query.
$get_users = $db->prepare("SELECT user_id FROM users");
$get_users->execute();
$result_users = $get_users->fetchAll(PDO::FETCH_ASSOC);
if(count($result_users) > 0) {
foreach($result_users as $row) {
$user_id = $row['user_id'];
}
}
I manage to display data using below query that will show value for each month. How to calculate average value starting july onwards(based on user selection).
Let say the value for element 'A' are Jul=80, Aug= 80, Sep=90. If user select Aug then the average is 80 and if user select Sep then the average is 83.
Query:
$sql2 = "Select element, SUM(CASE WHEN Month = 'Jan' THEN total ELSE 0 END ) AS Jan, SUM(CASE WHEN Month = 'Feb' THEN total ELSE 0 END ) AS Feb, SUM(CASE WHEN Month = 'Mac' THEN total ELSE 0 END ) AS Mac, SUM(CASE WHEN Month = 'Apr' THEN total ELSE 0 END ) AS Apr, SUM(CASE WHEN Month = 'May' THEN total ELSE 0 END ) AS May, SUM(CASE WHEN Month = 'Jun' THEN total ELSE 0 END ) AS Jun, SUM(CASE WHEN Month = 'Jul' THEN total ELSE 0 END ) AS Jul, SUM(CASE WHEN Month = 'Aug' THEN total ELSE 0 END ) AS Aug, SUM(CASE WHEN Month = 'Sep' THEN total ELSE 0 END ) AS Sep, SUM(CASE WHEN Month = 'Oct' THEN total ELSE 0 END ) AS Oct, SUM(CASE WHEN Month = 'Nov' THEN total ELSE 0 END ) AS Nov, SUM(CASE WHEN Month = 'Dec' THEN total ELSE 0 END ) AS Dis FROM tbl_ma GROUP BY element"; $rs2 = mysql_query($sql2); $getRec2 = mysql_fetch_assoc($rs2);Below is how print the data:
<?php
while ($row = mysql_fetch_assoc($rs2)) {
?>
<tr>
<td style="color:black;background-color:#f5efef"><div align="left"><?php echo $row['element']; ?></div></td>
<?php if( $year != '2014' ){ ?>
<?php if( 1 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jan']; ?></div></td><?php endif; ?>
<?php if( 2 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Feb']; ?></div></td><?php endif; ?>
<?php if( 3 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Mac']; ?></div></td><?php endif; ?>
<?php if( 4 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Apr']; ?></div></td><?php endif; ?>
<?php if( 5 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['May']; ?></div></td><?php endif; ?>
<?php if( 6 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jun']; ?></div></td><?php endif; ?>
<?php } ?>
<?php if( 7 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jul']; ?></div></td><?php endif; ?>
<?php if( 8 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Aug']; ?></div></td><?php endif; ?>
<?php if( 9 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Sep']; ?></div></td><?php endif; ?>
<?php if( 10 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Oct']; ?></div></td><?php endif; ?>
<?php if( 11 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Nov']; ?></div></td><?php endif; ?>
<?php if( 12 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Dis']; ?></div></td><?php endif; ?>
<td><div align="center" style="color:black"><?php //echo average; ?></div></td>
</tr>
<?php } ?>
Hi, I want to update user information in the database but it doesn't do anything. No data entered upon form submission. Please anyone if you can help would be great. Thank you. Code: [Select] <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); $host = "";//edited out $database = ""; $username = ""; $password = ""; $tbl_name = "users"; $link = mysqli_connect($host, $username, $password); $conn = mysql_connect($host, $username, $password) or die("Could not connect: " . mysql_error()); mysql_select_db($database); session_start(); IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; echo $userid; } //$currentUser = $_SESSION['myusername']; //do some cleanup// IF (isset($_POST['submit'])){ $first = $_POST['first']; $last = $_POST['last']; $dob = $_POST['dob']; $gender = $_POST['gender']; $country = $_POST['country']; $state = $_POST['state']; $town = $_POST['town']; $zip = $_POST['zip']; $email = $_POST['email']; $first = mysql_real_escape_string( '$first'); $last = mysql_real_escape_string( '$last'); $dob = mysql_real_escape_string( '$dob'); $gender = mysql_real_escape_string( '$gender'); $country = mysql_real_escape_string( '$country'); $state = mysql_real_escape_string( '$state'); $town = mysql_real_escape_string( '$town'); $zip = mysql_real_escape_string( '$zip'); $email = mysql_real_escape_string( '$email'); }; IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; } ELSE{ $getuserid=mysql_query ("SELECT id FROM users ORDER BY id DESC limit 1") or die(mysql_error()); WHILE ($gtuserid = mysql_fetch_array($getuserid)) { $theuserid=$gtuserid['id']; $userid=$theuserid; $_SESSION['userid']=$theuserid; $userid=$_SESSION['userid']; }//$getuserid }// IF ELSE (isset($_SESSION['userid'])) /////UPDATE SECTION///// IF (isset($_POST['submit'])){ mysql_query ( "UPDATE users SET firstname='$first', lastname='$last', dob = '$dob', gender='$gender', country='$country', state='$state', town='$town', zip='$zip', email='$email' WHERE id=$userid") or die(mysql_error()); }//IF ($_POST['update']=="Update") ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Connection</title> <style type="text/css"> body { font-family:Calibri; font-size:1em; } .title { font-size:1.6em; font-weight:strong; } .links a{ font-size::1.2em; text-decoration:none; } .links a:hover{ font-size::1.2em; color:#0066FF; text-decoration:none; } </style> </head> <body> <p><span class="title">Add your personal information/span></p> <form action="thebeast.php" method="post"> <p> <input type="text" name="first" size="20" id="first" /> First name<br /> <input type="text" name="last" size="20" id="name" /> Last name<br /> <input name="dob" type="text" size="20" id="dob" ; } ?> Date of Birth<br /> <input type="text" name="gender" size="20" id="gender" /> Gender <br /> <input type="text" name="country" size="20" id="country" /> Country<br /> <input type="text" name="state" size="20" id="state" /> State<br /> <input type="text" name="town" size="20" id="town" /> Town<br /> <input type="text" name="zip" size="20" id="zip" /> Zip Code<br /> <input type="text" name="email" size="40" id="email" /> Email<br /> <br /> <input type="submit" name="submit" value="Add your information" /> </form> </body> </html> I'm not totally new to php but I'm no guru either. I'm building an intranet and have three seperate user roles, user - manager - admin. There are some menu items I don't want to allow simple users to see. This will expand later to give them different views of a page as well (some can view/others can edit). As it stands the login validation is holding they're user level in $SESSION. To give you an idea take a look at what I'm trying to do: Code: [Select] function usermenu($usermenu) { if($user_level=0) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); else($user_level=1,2) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="new.php">New Adviser</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); Any help would be great, thanks in advance. Jason I would really appreciate help and I hope my problem can be solved easily. I am attempting to display the date/time based on the user's location. I have installed the timezone.js plugin for help as well. Is there a way to convert the Jquery variable that displays the users timezone location and insert it inside the PHP date_default_timezone_set?
If there is an easier way to display the users timezone date and time please let me know otherwise this was the only solution I could find.
Thanks in advanced...
Here is my code
Header
<header>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>
<script src="Time/detect_timezone.js"></script>
<script src="Time/jquery.detect_timezone.js"></script>
<script>
$(document).ready(function(){
$('#tzvalue').set_timezone({'default' : 'America/Los_Angeles'});
});
</script>
</header>
Hi there, I found a Javascript with what I want, but I want it to be in PHP because if people don't have Javascript enabled, they won't see the login. Here is what I have, but I need it to be converted to PHP: Code: [Select] function loginArea() { val = document.loginForm.password.value; switch(val) { case "password1": document.location = 'http://www.google.com/password1-page/'; break; case "password2": document.location = 'http://www.google.com/password2-page/'; break; default: document.location ='http://www.google.com/sorry/'; break; } } Code: [Select] <form name="loginForm" id="loginForm" method="post" action=""> <input name="password" type="text" id="password" maxlength="5" /> <input name="login" type="button" id="login" value="Check" onclick="loginArea()" /> </form> Help? - Steph |
|||||||