|
PHP - Php Login Form With Odbc Connection Toms Access
So I'm doing a project and I need to make a successful login form, where it checks in MS Access if the username and password are correct, and if they are the user is taken to a new page. If they are wrong, a message comes up and they stay on the same page.
The user should first just see a blank form, but after submit is pressed, it should check if the username and password are correct. IF they are should be taken to a new page. It's been a while since I used php last, so I wasn't quite sure how to tackle this issue. I was wondering if someone could please help me? here is my code. Code: [Select] <html> <head> <style type="text/css"> </style> </head> <body style="text-align:center"> <div id='title'> </div> <?php print_r ($_POST) ; if (isset($_POST['submit'])) { if(isset($_POST['username'])){ $username= $_POST['username'] ; } if(isset($_POST['password'])){ $TABLE= $_POST['password'] ; } $username = null ; $password = null ; $connection = odbc_connect('Olympics', '', ''); if (!$connection) {exit("Conection Failed: " . $connection);} $username = stripslashes($username); $password = stripslashes($password); $sql = "select * from users where users = '$username' and passwords = '$password'"; $rs=odbc_exec($connection,$sql); $count=odbc_num_rows($rs); if ($count == 1) { $_SESSION['loggedIn'] = "true"; header("Location: searchpage.php"); } else { $_SESSION['loggedIn'] = "false"; header("Location: index.php"); echo "Login failed" ; } } echo "<form action='index.php' method='post'> \n" ; echo" Please enter your username and password if you wish. <br/> \n" ; echo "Username: <input type='text' name='username' > \n " ; echo "Password: <input type='password' name='password' > \n" ; echo "<input type='submit' value='Login' name='submit'> <br/> \n" ; echo "<input type='submit' value='You may also continue you as a guest.'> \n" ; ?> </body> </html> Similar TutorialsSo basically my project is one where the user can log onto my website, and the page then checks if the ID and password are in my table in my microsoft access file. If the username and password are the same, the user continues, if it isnt, then it stays on the same page and says something like "username and/or password are incorrect" or something along the lines of that. the problem is right now im not sure how to make it say "ERROR username and/or password is incorrect" if the username and password dont match. Can someone help me with this? and also make sure if the username and password are correct that it goes to the next page, entitled searchpage.php here is the code Code: [Select] <html> <head> <style type="text/css"> </style> </head> <body style="text-align:center"> <div id='title'> </div> <?php print_r ($_POST) ; if if (isset($_POST['Login'])) { if(isset($_POST['username'])){ $username= $_POST['username'] ; } if(isset($_POST['password'])){ $TABLE= $_POST['password'] ; } $username = null ; $password = null ; $connection = odbc_connect('Olympics', '', ''); if (!$connection) {exit("Conection Failed: " . $connection);} $username = stripslashes($username); $password = stripslashes($password); $sql = "select * from users where users = '$username' and passwords = '$password'"; $rs=odbc_exec($connection,$sql); $count=odbc_num_rows($rs); if ($count == 1) { $_SESSION['loggedIn'] = "true"; header("Location: searchpage.php"); } else { $_SESSION['loggedIn'] = "false"; header("Location: index.php"); echo "Login failed" ; } } echo "<form action='index.php' method='post'> \n" ; echo" Please enter your username and password if you wish. <br/> \n" ; echo "Username: <input type='text' name='username' > \n " ; echo "Password: <input type='password' name='password' > \n" ; echo "<input type='submit' value='Login' name='Login'> <br/> \n" ; echo "<input type='submit' value='You may also continue you as a guest.'> \n" ; echo "</form>" ; ?> </body> </html> Hello, I'm new at PHP programming. I'm creating a simple application. I created a form where users can fill in some data. One of the fields is a username. This is a drop down list. This list is build up with data from SQL Server 2005 R2. I created the code in PHPDesigner7. The ODBC connection is working fine in PHPDesigner7. When I try to run it on the localhost I get no connection The code I used : <?php $conn=odbc_connect('MyDataBase','',''); echo "connectie ".$conn; if (!$conn) {exit("Connection Failed: ". $conn);} $sql="SELECT Id, [Name] FROM Names"; $rs=odbc_exec($conn,$sql); $options=""; echo "<br />"; echo "User : "; echo "<select name='QCT_name'>"; while ($row=odbc_fetch_array($rs)) { $id= $row["Id"]; $Controleur = $row["Name"]; echo "<option value='".$row['Id']."'>".$row['Name']."</option>"; } echo "</select>"; echo "<br />"; ?> Has anybody any clue what I'm doing wrong? can anyone give me an example of how to establish an ODBC connection with PHP. I have a MS ACCESS database i want to open and read from thanks Hi I'm a beginner and I would like to create a simple login form by using PDO connection. I wrote all these codes but nothing happened. The only thing I know is my PDO connection is working. Any help I appreciate that. login form:
<!DOCTYPE html>
<form method="post" action="loginaccess.php"> </form>
<?php
?> </html>
Hi, I hope you guys can help me out. I only know basic PHP and also SQL. I haven't tried using connecting database yet. My problem is that I'm trying to INSERT a data into an existing table using access but when it reaches $rs = odbc_exec(); it returns an error that the query was empty. Here is the code: Code: [Select] $conn=odbc_connect('trial','',''); if (!$conn) {exit("Connection Failed: " . $conn);} $sql = "INSERT INTO Data (FirstName, LastName, BusinessName) VALUES ('$fname', '$lname', '$bname')"; $rs=odbc_exec($sql, $conn); $rs = @odbc_exec($conn,$sqlstring); if (!$rs) { echo "An error has occured. Please try again", odbc_errormsg($conn); } else { echo "The record was successfully inserted."; } odbc_close($conn); and here is the error: Quote An error has occured. Please try again[MySQL][ODBC 5.1 Driver][mysqld-5.5.20]Query was empty I really hope you could help me out. Thanks. Hi, I found a tutorial in building a poll, however it detects IP, so people can't vote multiple times, so I dissected the code into sections while removing the IP blocking, while still inserting the IP address into the database, the problem is that I get: Access denied for user 'ODBC'@'localhost' for the second page, I don't know where I went wrong, could anyone help me? I also attached the code and .sql file so that people can hack it and check where it got wrong. Thanks here is the original poll code <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])){ $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid=(SELECT pid FROM questions WHERE id='".$_POST['questions']."' LIMIT 1)"); if(mysql_num_rows($query) == 0){ $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else { $error = 'You Already Voted'; } } else if(!isset($_POST['questions']) && isset($_POST['vote'])){ $error = 'Please select a response'; } ?> <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); //echo "SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"; $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> <?php } else { ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); if($questions > 0){ ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action=""> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php if(isset($error)){ ?> <tr> <td valign="top" colspan="2" align="center" style="padding: 0px 0px 10px 0px;"><?php echo $error; ?></td> </tr> <?php } ?> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> <?php } ?> </table> <?php } ?> Here are the sectioned codes insert.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php include('config.php'); //Validation to check if the user has voted or not. If not yet voted, then insert the data to the database, otherwise //tell the user they voted if(isset($_POST['vote']) && isset($_POST['questions'])) { //insert the vote to the database $query = mysql_query("INSERT INTO responses (qid, ip) VALUES ('".$_POST['questions']."', '".$_SERVER['REMOTE_ADDR']."')"); } else if(!isset($_POST['questions']) && isset($_POST['vote'])) { echo 'Please select a response'; } include('results.php'); ?> results.php <?php //The poll script $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); if($rows > 0){ $poll = mysql_fetch_array($query); $title = $poll['name']; } else { $title = 'No Poll Yet'; } $me=array(); $query = mysql_query("SELECT COUNT(id) as hits FROM responses GROUP BY qid"); while($row = mysql_fetch_array($query)){ $me[] = $row['hits']; } $max = max($me); $query = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND responses.ip='".$_SERVER['REMOTE_ADDR']."' AND pid='".$poll['id']."'"); if(mysql_num_rows($query) > 0){ $total = mysql_query("SELECT questions.pid FROM responses, questions WHERE responses.qid=questions.id AND pid='".$poll['id']."'"); $total = mysql_num_rows($total); ?> <table width="300" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <tr> <td valign="top" align="center" class="title"><h1><?php echo $title; ?></h1></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); //vote results ?> <tr> <td valign="top" style="padding: 5px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php while($question = mysql_fetch_array($query)){ $responses = mysql_query("SELECT count(id) as total FROM responses WHERE qid='".$question['id']."'"); $responses = mysql_fetch_array($responses); if($total > 0 && $responses['total'] > 0){ $percentage = round(($responses['total'] / $max) * 100); } else { $percentage = 0; } $percentage2 = 100 - $percentage; ?> <tr> <td valign="top" nowrap="nowrap"><?php echo $question['question']; ?></td> <td valign="top" height="10" width="100%" style="padding: 0px 10px;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td valign="top" width="<?php echo $percentage ; ?>%" <?php if($percentage > 0){?>style="background: url('images/bar.jpg') repeat-x;"<?php } ?>><img src="images/dot.gif" width="1" height="19" /></td> <td valign="top" width="<?php echo $percentage2; ?>%"></td> </tr> </table> </td> <td valign="top"><?php echo $responses['total']; ?></td> </tr> <?php } ?> <tr> <td valign="top" colspan="3" align="center" style="padding: 10px 0px 0px 0px;">Total Votes: <?php echo $total; ?></td> </tr> </table> </td> </tr> <?php } ?> </table> vote.php <?php include('config.php'); //vote starts here ?> <table width="400" cellpadding="0" cellspacing="0" border="0" class="maintable" align="center"> <th>Declaration of Faith</th> <tr> <td valign="top" align="center" class="title"><?php echo $title; ?></td> </tr> <?php $query = mysql_query("SELECT * FROM questions WHERE pid='".$poll['id']."' ORDER BY id"); $questions = mysql_num_rows($query); ?> <tr> <td valign="top" style="padding: 5px;"> <form name="poll" method="post" action="results.php"> <table width="100%" cellpadding="0" cellspacing="0" border="0" class="question"> <?php $x=0; while($question = mysql_fetch_array($query)){ ?> <tr> <?php if ($x==0){ ?> <td width="43%" rowspan=2 align="center"><span style="padding: 10px 0px 0px 0px;"> <input type="submit" id="submit" name="vote" value="Declare" /> </span></td> <?php }//if statement closing ?> <td valign="top" width="56%"><input type="radio" name="questions" value="<?php echo $question['id']; ?>" /><?php echo $question['question']; ?></td> </tr> <?php $x=$x+1; } ?> <tr> <td valign="top" align="center" style="padding: 10px 0px 0px 0px;"><br /></td> <td width="1%"> </td> </tr> <tr> <td colspan="2" align="center" id="note">Please answer only once per person</td> </tr> </table> </form> </td> </tr> </table> config.php <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <?php //database settings $hostname = 'localhost'; $username = 'root'; $password = ''; $dbname = 'poll1'; $connect = mysql_connect($hostname, $username, $password); mysql_select_db($dbname); $query = mysql_query("SELECT * FROM poll ORDER BY id DESC LIMIT 1"); $rows = mysql_num_rows($query); $poll = mysql_fetch_array($query); $title = $poll['name']; ?> config.php file does the problem lie here it wont seem to connect to the database and gives me the code above <?php define( "DB_DSN", "mysql: host=vega.soi.city.ac.uk;dbname=abhr428"); define( "DB_USERNAME", "abhr428" ); define( "DB_PASSWORD", " i have taken password out" ); define( "PAGE_SIZE", 5 ); define( "TBL_USERS", "users" ); define( "TBL_ACCESS_LOG", "accesslog" ); ?> This has been an ongoing issue from the start. When I try to login I enter the username and password and click login, then get taken back to the login page to reenter the same details and the second time I click login I get logged in. Now if I then log out and close window and wait a few seconds, restart again and try to log in, I get in first time. I believe this could be a session issue but I thought unsetting the unset($_SESSION['admin']); would cause the session to be lost and have to start again. I just can not get my head around what is causing it. Can anyone tell me what I might be doing wrong ? I have a redirect to originating page, so if I was to view a previous page within the admin area I have to log in and then once loggeed in it will redirect to the page I was on before. Here are my scripts.
<?php
session_set_cookie_params(0, '/', '.****.com'); session_start(); error_reporting(-1);
define('site_title', 'Admin ');
define('pageTitle', 'Admin ');
$_SESSION['loginRedirect'] = "adminCreateCampaign.php";
include("functions-for-email.php");
$checkAdminStatus = checkAdminStatus($mysqli);
if(!isset($_SESSION['admin']) || $checkAdminStatus == "NOACCESS") {
$_SESSION['error'] = 'You must be logged in to view that page. (el.S1)';
//$_SESSION['loginRedirect'] = "showStats.php";
//echo("You must be logged in to view that page. (el.S1)<br>"); exit;
@mysqli_close($mysqli);
header('Location: ' . adminFullWebAddress . '/index.php'); exit;
} else {
if($_SESSION['admin']['account_type'] != 'admin') {
$_SESSION['error'] = 'You do not have the priviledges to view that page. (el.S2)';
@mysqli_close($mysqli);
header('Location: ' . adminFullWebAddress . '/index.php'); exit;
}
}
?>
<!DOCTYPE>
<html>
<head>
<link href="adminstyle.css" rel="stylesheet" type="text/css" />
<title><?php echo(site_title); ?></title>
</head>
<body>
<div id="container">
<div class="containerInner">
<div id="leftInner100">
<?php // start of leftInner ?>
<?php menu(); ?>
<h1 class="middleTitle">Admin </h1>
<?php
if(isset($thisError)) { echo '<div class="errorDiv">',$thisError,'</div>'; unset($thisError); }
if(isset($thisSuccess)) { echo '<div class="successDiv">',$thisSuccess,'</div>'; unset($thisSuccess); }
?>
<br><br>
</div><?php // end of leftInner ?>
</div><?php // end of containerInner ?>
<div class="clearfix"></div>
</div><?php // container ?>
</body>
</html>
<?php @mysqli_close($mysqli); ?>
<?php
session_set_cookie_params(0, '/', '.****.com'); session_start(); error_reporting(-1);
include("functions.php");
$checkAdminStatus = checkAdminStatus($mysqli);
//$_SESSION['loginRedirect'] = adminFullWebAddress . "/index.php";
$fromlink4 = isset($_SERVER['REMOTE_ADDR']) ? (gethostbyaddr($_SERVER['REMOTE_ADDR'])) : "empty";
$ipAddress = $_SERVER['REMOTE_ADDR'];
if(isset($_POST['email'])) { $email = $_POST['email']; $email = strip_tags($email); } else { $email = ""; }
if(isset($_POST['pass'])) { $password = $_POST['pass']; $pass = $_POST['pass']; } else { $pass = ""; }
if(isset($_POST['login']) && trim($_POST['login']) == 'Login') {
$checkEmail = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1");
$checkBanned = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' AND `suspended` = 'Yes' LIMIT 1");
$failedLoginCounter = 0;
if(!$email) {
$thisError = 'Please enter your e-mail address.';
} else if(! $checkEmail->num_rows) {
$thisError = 'Either the email address, password or both were not entered correctly.';
} else if(!$password) {
$thisError = 'Please enter your password.';
} else if($checkBanned->num_rows) {
$thisError = 'Your account has been suspended by Admin.';
} else {
$password = md5($password);
$checkAccount = db_query($mysqli, "SELECT * FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' AND `password` = '" . $mysqli->real_escape_string($password) . "' LIMIT 1");
if($checkAccount->num_rows) {
$saveChanges = db_query($mysqli, "UPDATE `admins` SET `lastlogindatetime` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastAccessSinceLogin` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastloginip` = '" . $mysqli->real_escape_string($ipAddress) . "', `failedLoginCounter` = 0 WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1");
// set lastlogindatetime
$_SESSION['admin'] = $checkAccount->fetch_assoc();
$loginRedirect = isset($_SESSION['loginRedirect']) ? $_SESSION['loginRedirect'] : "";
$_SESSION['success'] = 'You are now logged in. (ok.L2) ' . $loginRedirect;
header('Location: ' . adminFullWebAddress . '/' . $loginRedirect); exit;
} else {
$thisError = 'Your e-mail address and/or password is incorrect.<br>If you still face issues, you can <a href="startresetpw.php">reset your password</a>';
$saveChanges = db_query($mysqli, "UPDATE `admins` SET `failedLoginCounter` = `failedLoginCounter` + 1, `lastloginfailedip` = '" . $mysqli->real_escape_string($ipAddress) . "', `lastlogindatetimeFailed` = '" . $mysqli->real_escape_string(datetimenow) . "' WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1"); // set lastlogindatetimeFailed
}
}
}
if(!isset($_SESSION['admin'])) {
define('site_title', 'Login');
define('pageTitle', 'Login');
} else {
define('site_title', 'Home');
define('pageTitle', 'Home');
}
?>
<!DOCTYPE>
<html>
<head>
<link href="adminstyle.css" rel="stylesheet" type="text/css" />
<title><?php echo(site_title); ?></title>
</head>
<body>
<div id="container">
<div class="containerInner">
<div id="leftInner100">
<?php // start of leftInner ?>
<div id="mainphoto"><?php //specialMessage($mysqli); mainPageImage(""); ?></div>
<div class="clear"></div><?php
if(isset($_SESSION['admin'])) {
menu();
}
if(isset($thisError)) { echo '<div class="errorDiv">',$thisError,'</div>'; }
if(isset($thisSuccess)) { echo '<div class="successDiv">',$thisSuccess,'</div>'; }
unset($thisError); unset($thisSuccess);
if(!isset($_SESSION['admin'])) { ?>
<div style="width: 100%; margin: 0em auto; text-align: center;">
<form method="POST" action="index.php" style="width: 15em; text-align: center;">
<div class="field"> E-mail Address </div>
<div class="value"> <input type="text" name="email" value="<?php if(isset($_POST['email'])) { echo $email; } ?>" style="width: 12.5em;" title="email"> </div>
<div class="field"> Password<br><span style="font-size: 0.8em;"><?php
if (isset($_POST['pass'])) { echo('<strong style="color: red;">'); } ?>(Please note: your password may be CaSe SeNSitIvE)<?php if (isset($_POST['pass'])) { echo('</strong>'); } ?></span>
</div>
<div class="value"> <input type="password" name="pass" value="" style="width: 12.5em;" title="pass"> </div>
<div><br><input type="submit" name="login" value="Login"> <input type="reset" value="Clear"><br></div>
</form><br>
<div class="clearFloat"></div>
</div>
<?php
} else { ?>logged in<?php } ?>
<br><br>
</div><?php // end of leftInner ?>
</div><?php // end of containerInner ?>
<div class="clearfix"></div>
</div><?php // container ?>
</body>
</html>
<?php
@mysqli_close($mysqli); ?>
functions.php
<?php
define('showOutput', 0);
include("/home/****/db_login_functions.php");
define('db_table_name', 'clientList');
define('mailHost', 'mail.****.com');
define('mailUsername', 'noreply@****.com');
define('mailPW', '****');
define('bounce', 'bounce@****.com');
define('fullDomain', 'https://www.admin.****.com');
define('adminFullWebAddress', 'https://www.admin.****.com');
define('adminEmail', 'admin@****.com');
define('fromEmail', 'noreply@****.com');
define('fromName', 'DO NOT REPLY');
define('REMOTEADDR', isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '');
define('PHPSELF', $_SERVER['PHP_SELF']);
define('HTTPREFERER', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "not set");
define('unsub', 'https://www.****.com/unsub.php'); define('securityhash', 'abc'); // NEVER change this securityhash.
date_default_timezone_set('Europe/London');
define('datetimenow', date("Y-m-d H:i:s"));
/* check if user is allowed to access a certain page or not. */
function checkAdminStatus($mysqli) { $yesNo = "";
if(isset($_GET['action']) && $_GET['action'] == 'logout') {
unset($_SESSION['admin']);
$_SESSION['success'] = 'You have successfully logged out. (lo.1)';
header('Location: index.php'); exit;
}
if(isset($_SESSION['admin']) ) {
// need to add in code to check if logged in for more than 1 hour, if so log out on next refresh of page.
if ($_SESSION['admin']['lastAccessSinceLogin'] < date( 'Y-m-d H:i:s', strtotime("-5 minutes") )) { unset($_SESSION['admin']);
$_SESSION['error'] = 'You were logged out due to no activity, please login again to view that page. (lo.2)';
header('Location: index.php'); exit;
}
$checkBanned = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($_SESSION['admin']['email']) . "' AND `suspended` = 'Yes' LIMIT 1");
if($checkBanned->num_rows) { $yesNo = "NOACCESS"; //$_SESSION['error'] = 'You must be logged in to view that page.';
} else { $yesNo = "ACCESS"; // if logged in, update `users`.`lastAccessSinceLogin` with current datetime.
$updateLastAccessSinceLogin = db_query($mysqli, "UPDATE `admins` SET `lastAccessSinceLogin` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastloginip` = '" . $mysqli->real_escape_string(REMOTEADDR) . "', `failedLoginCounter` = 0 WHERE `email` = '" . $mysqli->real_escape_string($_SESSION['admin']['email']) . "' LIMIT 1");
$_SESSION['admin']['lastAccessSinceLogin'] = datetimenow;
}
}
return $yesNo;
}
function menu() {
echo('<a href="index.php?action=logout">Log Out</a> ');
echo('
<a href="adminCreateCampaign.php">Create Campaign</a><br><br><br>');
}
?>
.htaccess (within the admin folder)
Header set Access-Control-Allow-Origin "*"
RewriteEngine On
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
### DON'T DELETE!! Below entry is MUST for your PHP sites like wordpress,joomla and etc to work properly.
suPHP_ConfigPath /home/****/php.ini
.htaccess (within the root folder)
Header set Access-Control-Allow-Origin "*"
RewriteEngine On
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
### DON'T DELETE!! Below entry is MUST for your PHP sites like wordpress,joomla and etc to work properly.
suPHP_ConfigPath /home/****/php.ini
the php.ini file allow_url_fopen = on allow_irl_include = on date.timezone = Europe/London safe_mode = off upload_max_filesize = 20M post_max_size = 20M upload_tmp_dir = "/home/****/tmp" session.save_path = "/home/****/sessions" session.use_only_cookies = on error_reporting = E_ALL log_errors = On display_errors = Off track_errors = On error_log = "/home/****/errors.log" sendmail_from = "server@****.com"
We have setup a member login page in CS5 using a myphpadmin database. We want to give members access to particular areas of our site depending on what username and password they enter. ie member 1 only requires access to specific documents/webpages - member 2 requires access to other documents/webpages. Not sure how to do this. hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hi all, I have been working on this and maybe you guys can help. All I need to do is be able to open a access form with php. I have tried a couple of diffrent things but nothing is working. What I have right now is $app = new COM("Access.Application"); $app->OpenCurrentDatabase("C:\Documents and Settings\Ian\Desktop\TestData.accdb"); $app->Application->Run("OpenAccForm"); //$app->DoCmd->OpenForm("Test Data"); //$app->Visible = "Yes"; print "Loaded Access, version {$app->Visible}\n"; Any help is appreciated. Right now It opens access but is not viable. I know it is opening access because it is in the processes tab in task manager. I have a sign up form to send the activation code to the new user via email.My question is how to restrict the user who is not a member using activation form page in PHP unless their use a sign up form first?
here is my sign up form and activation form:
sign up form
<style type="text/css"> <!-- .style1 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12; } .style5 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 16px; font-weight: bold; } .style7 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; } --> </style> <form name="form1" method="post" action="email-activation-script.php"> <div align="center"> <p class="style5"> Form Registration </p> <table width="35%" border="0"> <tr> <td class="style7">Username</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="username" type="text" id="username"> </label> </span></td> </tr> <tr> <td class="style7"> Email </td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="email" type="text" id="email"> </label> </span></td> </tr> <tr> <td class="style7">Password</td> <td class="style7">:</td> <td class="style1"><span class="style7"> <label> <input name="password" type="password" id="password"> </label> </span></td> </tr> <tr> <td class="style7"> </td> <td class="style7"> </td> <td class="style1"><span class="style7"> <label> <input type="submit" name="Submit" value="Register"> <input type="reset" name="Submit2" value="Cancel"> </label> </span></td> </tr> </table> </div> </form> activation form: <form name="form1" method="post" action="check-activation-script.php"> <div align="center"> <table width="35%" border="0"> <tr> <td>Username</td> <td>:</td> <td><label> <input name="username" type="text" id="username"> </label></td> </tr> <tr> <td>Activation Code </td> <td><label>:</label></td> <td><input name="activation_code" type="text" id="activation_code"></td> </tr> <tr> <td> </td> <td> </td> <td><label> <input type="submit" name="Submit" value="Submit"> <input type="reset" name="Submit2" value="Cancel"> </label></td> </tr> </table> </div> </form> I want to perform a php process initiated by AJAX according to the method described in http://www.w3schools.com/PHP/php_ajax_database.asp with this line Code: [Select] xmlhttp.open("GET","getuser.php?q="+str,true); the php process in getuser.php is initiated. But how I can restrict direct access to getuser.php? If someone visit getuser.php?q=something; the process will be started for "something". I want to run the getuser.php process only and only when it is initiated from my main page. I have an index.php file which includes my form and code to move the user's uploaded file to s3. My HTML form calls a js function sendEmails() which makes an AJAX request to another php script dbSystem() to validate the emails input and add it to a database. Everything is working except that the php code in my index.php file (at the very bottom) does not execute. It's supposed to execute when the user uploads a file and presses submit but it doesn't go into the if statement. I tried putting the $fileName = basename($_FILES["fileName"]["name"]) statement before the if statement but I get an undefined index error. I put my a comment in my code to show which if statement I am talking about. This is my HTML code in index.php:
<form action="javascript:void(0)" method="POST" id="files" enctype="multipart/form-data">
<label class="col-md-4 col-form-label text-md-right">Select File: <span class="text-danger">*</span></label>
<input type="file" id="userFile" name="fileName" style="cursor: pointer; max-width: 170px;" onchange="enableBtn()">
<label class="col-md-4 col-form-label text-md-right">Authorized Users: <span class="text-danger">*</span></label>
<input placeholder="Enter e-mail(s) here..." id="req" autocomplete="off"/>
<button id="submitBtn" name="submitBtn" class="<?php echo SUBMIT_BUTTON_STYLE; ?>" onclick="return sendEmails()" disabled>Submit</button>
</form>
This is my php code in index.php:
<?php
$conn = new mysqli($servername, $username, $password, $db);
$sql = "SELECT sender_id, sender_email, receiver_emails, receiver_ids, file_name from filedrop_logs";
$result = mysqli_query($conn, $sql);
if ($result) {
echo "<div class='outputDiv'>";
echo "<table id='sharedOthers'>";
echo "<thead><tr class='headings'>";
echo "<th class='files'>Files</th>";
echo "<th class='users'>Users</th>";
echo "</tr></thead>";
while ($row = mysqli_fetch_assoc($result)) {
$receiverEmails = $row['receiver_emails'];
$fileName = $row['file_name'];
echo "<tbody id='bodyOthers'>";
echo "<tr id='rowOthers'>";
echo "<td>$fileName<br>";
$objects = getListofObjects('FileDrop');
foreach ($objects as $object) {
$file = $object['Key'];
$splits = explode('/', $file);
if (end($splits) !== '') {
$presignedUrl = getPresignedUrlForPrivateFile($object['Key'], '+20 minutes');
$link = '<a href="'.$presignedUrl.'">Download</a>';
echo $link;
}
}
echo " <a href=''>Delete</a></td>";
echo "<td>$receiverEmails</td>";
echo "</tr></tbody>";
}
echo "</table></div>";
}
?>
<?php
//the if statement below doesn't execute
if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES["fileName"])) {
$fileName = basename($_FILES["fileName"]["name"]);
$error = $_FILES["fileName"]["error"];
$tmpName = $_FILES["fileName"]["tmp_name"];
if (isset(fileName) && $fileName != '' && $tmpName != '' && sys_get_temp_dir()) {
$separator = DIRECTORY_SEPARATOR;
$newDir = sys_get_temp_dir() . $separator . "FileDrop" . microtime(true);
if (!file_exists($newDir)) {
mkdir($newDir, 0777, true); // creates temp FileDrop directory
$tempFilePath = $newDir . $separator . $fileName; // creates temp file inside FileDrop directory
if (move_uploaded_file($tmpName, $tempFilePath)) { // moves file to tmp folder
$s3FileName = "FileDrop" . substr($newDir, 4) . $separator . $fileName;
$result = putFileToS3($s3FileName, $tempFilePath, 'public-read');
deleteDir($newDir);
}
}
}
}
?>
This is my js code in case you want to see it:
function sendEmails() {
var fileData = $('#userFile').prop('files')[0];
var formData = new FormData();
formData.append('tags', JSON.stringify(tags));
formData.append('fileName', fileData);
$.ajax({
type: "POST",
url: "../FileDrop/dbSystem.php",
processData: false,
contentType: false,
data: formData,
success: function(result) {
result = JSON.parse(result);
if (result.validity === "valid emails") {
location.reload();
resetInputs(); //IMPORTANT
$(".outputDiv").show();
}
else {
var tagsBrackets = result.emails.toString().replace(/[\[\]']+/g,'');
var tagsQuotes = tagsBrackets.replace(/['"]+/g, '');
var tagsInvalid = tagsQuotes.replace(/,/g, ", ");
$('#alertModal').modal({show:true});
document.getElementById('invalid').textContent = tagsInvalid;
}
}
});
return false;
}
I've been stuck on this for so long, so I'd really appreciate the help!! Hello, A named field in an html form e.g. <input type="text" name="time"> is accessed as $_GET['time'] or $_POST['time'] by the processing script. What about an unnamed field like the one below: <input type="text" value="" id="1" /> How do I harvest this field's input as a variable from my php processing script? Thanks in advance I'm not sure why, but once I added a search form in my nav menu, it made my other forms on the website such as login and signup form take them to where the search button would take them. any ideas??? I could really use some help, I'm a new programmer so I'm open to any advice or ideas, but we've created a VFP program and here's what I need... I need to make an HTML page for people to input information about a contract and then upload files that are associated with that contract. This all needs to be done over the internet of course and I'm not sure if there's a software that would help with this or if ODBC is even the way to go? Right now I'm coming up awfully blank with ODBC... Any suggestions? Hi Have an issue with a script that connects to multiple Access databases to extract data. There is one master database and then numerous small databases (I take no responsibility for the design!). The master is opened and then the sub databases are looped around, opened process and closed in turn. However after about 20 connections I get the error [ODBC Microsoft Access Driver] Too many client tasks for any new connections. It is related to the number of connections rather than the number of operations on databases (ie, if I comment out one of the pieces of SQL run on each database it makes no difference). I am closing the connection and unsetting the variable that stores the connection. As such there shouldn't be an excess of connections open at any one time. Any suggestions? All the best Keith I have "UPC" setup as a system dsn, type "CodeBaseOdbcStand", and I can connect to it from access. However, I am not having success yet using php. This is a connection to .dbf /.cdx files for data associated with our inventory program. ERROR Code: [Select] PHP Warning: odbc_connect() [<a href='function.odbc-connect'>function.odbc-connect</a>]: SQL error: [Simba][SimbaEngine ODBC Driver][DRM File Library]No such database., SQL state 08004 in SQLConnect in C:\Inetpub\wwwroot\test.php on line 6 CODE Code: [Select] <html> <body> <?php $conn=odbc_connect('UPC','',''); if (!$conn) {exit("Connection Failed: " . $conn);} $sql="SELECT * FROM ARUPC"; $rs=odbc_exec($conn,$sql); if (!$rs) {exit("Error in SQL");} echo "<table><tr>"; echo "<th>UPC</th>"; echo "<th>ITEM</th></tr>"; while (odbc_fetch_row($rs)) { $UPC=odbc_result($rs,"UPC"); $ITEM=odbc_result($rs,"ITEM"); echo "<tr><td>$UPC</td>"; echo "<td>$ITEM</td></tr>"; } odbc_close($conn); echo "</table>"; ?> </body> </html> |
|||||||