|
PHP - User Log On Script
I am having a bit of a problem with my log on scrip sense i moved to a different host. Users are able to log in but most of there info isn't passed. The way I have it set up right now if your logged in the home page says "You are signed in as: 'user'". But all its showing is "You are signed in as:". The only thing I can tell that is getting passed is there user rank. There are other areas where the email is not showing up ether. Here is what i have.
This is on every page unless your logged in Code: [Select] <form name="form1" method="post" action="checklogin.php"> <span class="rulesub">Username:</span><input name="myusername" type="text" id="myusername" /> <span class="rulesub">Password:</span><input name="mypassword" type="password" id="mypassword" /> <input type="submit" name="Submit" value="Login" /> <div align="center">Not a member? <a class="nav" href="new_user.php">Sign up.</a> </form> This is my check log in script Code: [Select] <?php ob_start(); include"scripts/connect.php" ; mysql_connect('localhost',$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $encrypted_password=md5($mypassword); $sql="SELECT * FROM user WHERE username='$myusername' and password='$encrypted_password' and active=1"; $result=mysql_query($sql); $count=mysql_num_rows($result); $row = mysql_fetch_assoc($result); $rank = $row['rank']; $loggedinusername = $row['username']; $loggedinuseremail = $row['email']; if($count==1){ session_start(); $_SESSION['login'] = "1"; $_SESSION['rank'] = $rank; $_SESSION['loggedinusername'] = $loggedinusername; $_SESSION['loggedinuseremail'] = $loggedinuseremail; header ("Location:index.php"); } else { $errorMessage = "Invalid Login"; session_start(); $_SESSION['login'] = ''; header ("Location:login.php"); } ?> This is what i have for the session part on every page Code: [Select] <?php session_start(); $_SESSION['login']; $_SESSION['rank']; $_SESSION['loggedinusername'] = $loggedinusername; $_SESSION['loggedinuseremail'] = $loggedinuseremail; $rank=$_SESSION['rank']; $loggedinusername=$_SESSION['loggedinusername']; $loggedinuseremail=$_SESSION['loggedinuseremail']; ?> And this is what I am using to show the user name. Code: [Select] <?php if($rank>=1){ ?> <p class="rulesub"> You are signed in as: <?php echo $loggedinusername; ?> <br /><a class="nav" href="logout.php" title="Log out" target="_self">Log Out</a> </p> <?php }?> Thanks in advance Similar TutorialsI am trying to make a database application. I encounterd a problem that. suppose multiple users tryto access data it may cause problem. to clearly understand please see the attachment. How can I resolve it?
I can't find out whats the problem here, would appreciate some input in how to think building my "if".
The problem is that I don't seem to catch if an email exists, nor if user exists and neither can I create a new user :/.
Appreciate your help alot!
<?php
// Start the session in case of errors to display within the page of user creation
session_start();
$err_msg = array();
$errflag = false;
// Check if the submit button was pressed
if ($_SERVER['REQUEST_METHOD'] === 'POST'
&& $_POST['submit'] === 'Skapa')
{
// Crypt password
$options = ['cost' => 10];
$username = strip_tags($_POST['uname']);
$password = strip_tags(password_hash($_POST['pword'], PASSWORD_DEFAULT, $options));
$email = strip_tags($_POST['uname'], '@');
// Check so all the fields are filled
if ($_POST['uname'] == '' || $_POST['pword'] == '' || $_POST['pwordcheck'] == '')
{
$err_msg[] = 'Please enter all fields<br>';
$errflag = true;
}
// See if passwords and confirm matches
if ($_POST['pword'] !== $_POST['pwordcheck'])
{
$err_msg[] = 'Passwords doesn\'t match!<br>';
$errflag = true;
}
// Check password length, atleast 8 characters
if (strlen($_POST['pword']) < 7)
{
$err_msg[] = 'Password must be atleast 8 characters long';
$errflag = true;
}
// Check if email exists
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "SELECT COUNT(*) AS count FROM movies WHERE email = :emailadress";
$stmt = $db->prepare($sql);
$stmt->bindParam(':emailadress', $email);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row > 0)
{
$err_msg[] = 'Email already taken!';
$errflag = true;
$db = NULL;
}
// Check if user exists
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "SELECT uname FROM users WHERE uname = :username";
$stmt = $db->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row > 0)
{
$err_msg[] = 'User already exists';
$errflag = true;
$db = NULL;
}
if ($errflag = false)
{
// Everything passed, create the user!
include_once('../includes/db.inc.php');
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "INSERT INTO users (uname, pword, email) VALUES (:username, :password, :emailadress)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':emailadress');
$stmt->execute();
$_SESSION['uname'] = $username;
header('Location: ../template/header.php');
exit;
}
// If any error, send the user back and display messages
if ($errflag == true)
{
$_SESSION['err_msg'] = $err_msg;
session_write_close();
header('Location: ../user/create.php');
exit;
}
}
else
{
$_SESSION['err_msg'] = $err_msg;
session_write_close();
header('Location: ../user/create.php');
exit;
}
?>
So say I have a script, it calls for a text file in the script. Instead of putting the name of the text file is there a way I can run the script then type the name of the file in the CLI? please is there anyone who can help me with a working login script(code) for different user level(e.g admin and user). I would like to create a script to check wether a user has made a payment to access a members only area of my site, much like a check-login script that checks if the user has logged in, i need it do do a similar check only its not looking to see if the user is logged in but if they have ever paid and if not; send them to the payments page before the access is granted... What section(s) if any, do i need to modify from this check-login script to change it to check for their payments? Code: [Select] <?php ob_start(); // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=334044.0 Hi to all !
I would like to ask that :-
1. what is the best way to / or how to best test a multi-user login script.
2. The best way to test a multi user website that saves data from the users into a database.
Are there any tools that can hep me in testing my work locally on a localhost before I move them out to a website. ?
I have heard that testing routines can be written for such purposes to automate the testing. If so where should I begin to look for them? I have no idea at all about writing test routines / scripts. A tutorial , if any exists, would be a good place to start.
Thanks very much.
I'm creating a newsletter and the unsubscribe isn't deleting the database entry like I'm asking it to. Everything else works fine, it even successfully says the user has been removed, but it doesn't actually delete the database entry. I've spent two days trying to figure out why. Here's the code:
Newsletter sign up:
<?php
//DB Connect Info
$servername = "";
$database = "";
$username = "";
$password = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
/*$createTable = $conn->prepare ("CREATE TABLE IF NOT EXISTS email_user (
id int(11) NOT NULL AUTO_INCREMENT,
email varchar(200) NOT NULL,
hash varchar(250) NOT NULL,
PRIMARY KEY (id)
)");
$createTable->execute();
*/
function input_security($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$email = input_security($_POST['email']);
$insertData = input_security($insertData);
if(isset($_POST['submit']))
{
extract($_POST);
if($email!="") :
$email=mysqli_real_escape_string($conn,$email);
$emailval = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/';
if(preg_match($emailval, $email)) :
$db_check=$conn->query("SELECT * FROM email_user WHERE email='$email'");
$count=mysqli_num_rows($db_check);
if($count< 1) :
$hash=md5($email.time());
$link = '/unsubscribe.php?key='.$hash;
// Change your domain
$fetch=$conn->query("INSERT INTO email_user(email,hash) VALUES('$email','$hash')");
$to="$email"; //change to ur mail address
$strSubject="Maintenance Fee Relief, LLC | Email Subscription";
$message = '<p>Thank you for subscribing with us.</p>' ;
$message .= '<p>Click here to unsubscribe your email : <a href="'.$link.'">unsubscribe</p>' ;
$headers = 'MIME-Version: 1.0'."\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1'."\r\n";
$headers .= "From: info@";
$mail_sent=mail($to, $strSubject, $message, $headers);
$msg_sucess="Your request has been accepted!.";
else :
$msg="This $email email address is already subscribe with us.";
endif;
else :
$msg="Please enter your valid email id";
endif;
else :
$msg="Please fill all mandatory fields";
endif;
}
?>
<div class="newsletter-sign-up-header-form">
<div id="logerror"><?php echo @$msg; ?><?php echo @$msg_sucess; ?></div>
<form method="post">
<span><input type="email" name="email" placeholder="Email Address - Join Newsletter" class="newsletter-sign-up-header-email" required></span>
<span><button name="submit" value="submit" title="Submit" class="newsletter-sign-up-header-submit-button">Submit</button></span>
</form>
</div>
<?php
//DB Connect Info
$servername = "";
$database = "";
$username = "";
$password = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
<?php
if(@$_GET['key']!=""):
$hash=mysqli_real_escape_string($conn,$_GET['key']);
$fetch=$conn->query("SELECT * FROM email_user WHERE hash = '$hash'");
$count=mysqli_num_rows($fetch);
if($count==1) :
$row=mysqli_fetch_array($fetch);
$conn->query("DELETE email_user WHERE id='$user_id'");
$msg="Your email id unsubscribe with us";
else :
$msg="Please click valid link.";
endif;
else :
header("Location:404.php");
endif;
?>
<!doctype html>
<html lang="en">
<head>
<title>Unsubscribe</title>
</head>
<body>
<div align="center">
<h2><?php echo $msg; ?></h2>
<a href="https://www.--.com">--.com</a>
</div>
Quote
Before I get into my problem a couple of things. First, this is a work project. My organization cannot afford a full time developer so as a database guy I'm being asked to develop a web based data system using php/html/mysql/javacript/etc. So I am not asking anyone to help me cheat or violate an honor code for a school project. Also I am having to learn PHP on the fly, by the seat of my pants. Second, my organization is using a version of PHP older that 5.5.X and I am powerless to update the version. So I know that some of the syntax I am using has been deprecated in more recent PHP versions. I don't mean to sound snarky or ungrateful but I really need some help solving this problem versus unhelpful comments about deprecated code. Third I am adapting code from the guys at TechStream so H/T to them. Here is what I am trying to build. My office helps other offices in my large organization manage their records through the creation of a file plan. We are currently using a clunky, user-unfriendly Access database that was created back in 2009. I am tasked to transition that Access hoopty into a proper, web-based, user friendly system. The index.php form page consists of 2 parts. You can see the original TechStream demo he http://demo.techstre...ssing-with-PHP/ I've adapted the top part of the form ("Travel Information") for my users to enter information about their office such as Office Name, Office Code, Office Chief, Creator (the user), Status and date. I've adapted the bottom part of the form ("Passenger Details") to be "Folder Details". This is an html table where users can add up to 10000 rows to list all the folders for their office by entering the folder name in the text box and then assign descriptors to each folder using the drop down menus. I've changed the drop down menus to reflect the descriptors we need, i.e. file-series, classification, media type. The user needs the flexibility to add folders as the number of folders will vary between offices. This adding and deleting of folders is accomplished dynamically through a javascript script.js file. Now, here's my problem. When the user clicks submit button that fires a php script that runs an insert into query to place the array data into the backend mysql database. However, when the foreach loop is only inserting the office office from the top portion of the form with the first folder in the bottom portion of the form. In other words let's say the user fills out the top part with his office information and then adds 5 folders into the html table at the botton. The first folder will be inserted into the database table with both office information and folder information. However the subsequent 4 folders will have their folder information inserted into the table but the office information fields will be null. The office information needs to be inserted with each folder the user adds to the html table piece. I suspect that my foreach loop is only capturing that office information on the first iteration of the loop and then flushing or deleting the office information after the first loop. Also, I suspect there is some disconnect between the html table for entering individual folders and the top part of the form that is not in html format. Any help I can get is most welcome. Thanks in advance! Code is below. index.php <?php
session_start();
if(!isset($_SESSION['myusername'])) {
header('Location:index.php');
}
echo $_SESSION['myusername'];
echo '<a href="logout.php"><span>Logout</span></a></li>';
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Records Management File Plan Application</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link rel="stylesheet" type="text/css" href="css/default.css"/>
<script type="text/javascript" src="js/script.js"></script>
</head>
<body>
<form action="InsertFileDetailArraytoDB.php" class="register" method="POST">
<h1>Office File Plan Application/h1>
<fieldset class="row1">
<legend>Office Information</legend>
<p>
<label>Office Code *
</label>
<input name="officecode[]" type="text" required="required"/>
<label>Date*
</label>
<select class="date" name="day[]">
<option value="1">01
</option>
<option value="2">02
</option>
<option value="3">03
</option>
<option value="4">04
</option>
<option value="5">05
</option>
<option value="6">06
</option>
<option value="7">07
</option>
<option value="8">08
</option>
<option value="9">09
</option>
<option value="10">10
</option>
<option value="11">11
</option>
<option value="12">12
</option>
<option value="13">13
</option>
<option value="14">14
</option>
<option value="15">15
</option>
<option value="16">16
</option>
<option value="17">17
</option>
<option value="18">18
</option>
<option value="19">19
</option>
<option value="20">20
</option>
<option value="21">21
</option>
<option value="22">22
</option>
<option value="23">23
</option>
<option value="24">24
</option>
<option value="25">25
</option>
<option value="26">26
</option>
<option value="27">27
</option>
<option value="28">28
</option>
<option value="29">29
</option>
<option value="30">30
</option>
<option value="31">31
</option>
</select>
<select name="month[]">
<option value="1">January
</option>
<option value="2">February
</option>
<option value="3">March
</option>
<option value="4">April
</option>
<option value="5">May
</option>
<option value="6">June
</option>
<option value="7">July
</option>
<option value="8">August
</option>
<option value="9">September
</option>
<option value="10">October
</option>
<option value="11">November
</option>
<option value="12">December
</option>
</select>
<select name="year[]">
<option value="2013">2013
</option>
<option value="2014">2014
</option>
<option value="2015">2015
</option>
<option value="2016">2016
</option>
</select>
</p>
<p>
<label>Office Chief*
</label>
<input name="officechief[]" required="required" type="text"/>
<label>Status*
</label>
<select name="status[]">
<option value="Draft">Draft
</option>
<option value="Submitted">Submitted
</option>
<option value="Approved">Approved
</option>
</select>
</p>
<p>
<label>Creator *
</label>
<input name="creator[]" required="required" type="text"/>
</p>
<div class="clear"></div>
</fieldset>
<fieldset class="row2">
<legend>Folder Details</legend>
<p>
<input type="button" value="Add Folder" onClick="addRow('dataTable')" />
<input type="button" value="Remove Folder" onClick="deleteRow('dataTable')" />
<p>(All actions apply only to entries with check marked check boxes.)</p>
</p>
<table id="dataTable" class="form" border="1">
<tbody>
<tr>
<p>
<td><input type="checkbox" required="required" name="chk[]" checked="checked" /></td>
<td>
<label>Folder Name</label>
<input type="text" required="required" name="BX_NAME[]">
</td>
<td>
<label for="BX_fileseries">File Series</label>
<select id="BX_fileseries required="required" name="BX_fileseries[]">
<option>100-01-Inspection and Survey/PII-NO</option>
<option>200-02-Credit Card Purchases/PII-NO</option>
<option>300-07-Time and Attendance/PII-YES</option>
</td>
<td>
<label for="BX_classification">Classification</label>
<select id="BX_classification" name="BX_classification" required="required">
<option>Unclassified</option>
<option>Confidential</option>
<option>Secret</option>
<option>Top Secret</option>
<option>Ridiculous Top Secret</option>
<option>Ludicrous Top Secret</option>
</select>
</td>
<td>
<label for="BX_media">Media</label>
<select id="BX_media" name="BX_media" required="required">
<option>Paper</option>
<option>Shared Drive</option>
<option>Film</option>
<option>Floppy Disk</option>
<option>Mixed</option>
<option>Other</option>
</select>
</td>
</p>
</tr>
</tbody>
</table>
<div class="clear"></div>
</fieldset>
<input class="submit" type="submit" value="File Plan Complete »" />
<div class="clear"></div>
</form>
</body>
</html>
PHP script with foreach loop to loop through the array from index.php and insert into database: InsertFileDetailArrayToDB.php /*
When the user has finished entering their folders, reviewed the form inputs for accuracy and clicks the submit button, this will loop through all folder entries and using the SQL insert into query will place them in the database. When it completes data insertion it will redirect the user back to the file detail input form*/
<?php
/*this part requires the user to be logged in and allows their user name to be included in the insert into query.
If you remove the "ob_start();" piece it will screw up the header statement down at the botton.
See the comments by the header statement for an explanation of its purpose*/
ob_start();
session_start();
if(!isset($_SESSION['myusername'])) {
header('Location:index.php')
}
/*these two lines would ordinarily display the user name and a link a
allowing the user to log out. However this php script does not output anything
so the user will never it.*/
echo $_SESSION['myusername'];
echo '<a href="logout.php"><span>Logout</span></a></li>';
?>
<?php
/*this include statement connects this script to the MySQL database
so the user form inputs can be inserted into the file_plan_details
table*/
include ('database_connection.php');
foreach($_POST['BX_NAME'] as $row=>$BX_NAME)
{
$BX_NAME1 = mysql_real_escape_string($_POST['BX_NAME');
$officecode1 = mysql_real_escape_string($_POST['officecode'][$row]);
$username1 = mysql_real_escape_string($_SESSION['myusername'][$row]);
$day1 = mysql_real_escape_string($_POST['day'][$row]);
$month1 = mysql_real_escape_string($_POST['month'][$row]);
$year1 = mysql_real_escape_string($_POST['year'][$row]);
$creator1 = mysql_real_escape_string($_POST['creator'][$row]);
$officechief1 = mysql_real_escape_string($_POST['officechief'][$row]);
$status1 = mysql_real_escape_string($_POST['status'][$row]);
$BX_fileseries1 = mysql_real_escape_string($_POST['BX_fileseries'][$row]);
$BX_classification1 = mysql_real_escape_string($_POST['BX_classification'][$row]);
$BX_media1 = mysql_real_escape_string($_POST['BX_media'][$row]);
$fileplandetailinsert1 = "INSERT INTO file_plan_details (folder_name, office_code, user_name, day, month, year, creator, office_chief, status, file_series, classification, media)
VALUES ('$BX_NAME1','$officecode1','$username1','$day1','$month1','$year1','$creator1','$officechief1','$status1','$BX_fileseries1','$BX_classification1','$BX_media1')";
mysql_query($fileplandetailinsert1);
}
/*this header statement redirects the user back to the folder detail input form after it inserts data into the db
After I build a main navigation page, I will switch out index.php with whatever I name
the script that will produce the main navigation page*/
header('Location:index.php');
?>
script.js
function addRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
if(rowCount < 10000){ // limit the user from creating fields more than your limits
var row = table.insertRow(rowCount);
var colCount = table.rows[0].cells.length;
for(var i=0; i<colCount; i++) {
var newcell = row.insertCell(i);
newcell.innerHTML = table.rows[0].cells[i].innerHTML;
}
}else{
alert("Maximum Passenger per ticket is 5.");
}
}
function deleteRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
for(var i=0; i<rowCount; i++) {
var row = table.rows[i];
var chkbox = row.cells[0].childNodes[0];
if(null != chkbox && true == chkbox.checked) {
if(rowCount <= 1) { // limit the user from removing all the fields
alert("Cannot Remove all the Passenger.");
break;
}
table.deleteRow(i);
rowCount--;
i--;
}
}
}
Edited by mac_gyver, 17 December 2014 - 01:13 PM. code tags around posted code please My login script wont take my users to the restricted page and im not quite sure why it must be the header because it echos"wrong username or password" when i put in the wrong username or password here is my code: if($count==1 & $row['flight']=="vulcan"){ session_start(vmyusername); session_start(vmypassword); header("location:/vulcan/index.php"); }else if($count==1 & $row['flight']=="valiant"){ session_start(myusernamev); session_start(mypasswordv); header("location:valiant/index.php"); }else { echo "Wrong Username or Password"; } } ?> Any help would be much appriciated Thanks, Blink359 Hi I am trying to pass a csv file into a powershell script and then return the output and display it to the user. The file is a firewall checker. Any advice or solutions on where I am going wrong would be most appreciative, Thanks.
<?php hi im new to php
im using a script that i found at the link below:
http://forums.devshe...sql-891201.html
It works fine but i have added a couple of fields to the database : telephone and mobile_telephone
Ive change the register.php to include these fields but im struggling with the edit_account
Could anyone help please
Hi guy's, I'm having problems adjusting a script to add a level (user rights) function. When i login with a admin or normal user it gives a blank page (not redirecting to home.php). It even does'nt return an echo that user / pass is incorrect. I'm breaking my head over this for day's now. Can you help me out? Code: [Select] <?php session_start(); //Login form (index.php) include "db_connect.php"; if(!$_POST['submit']) { ?> <html> <head> <!--[if IE]> <link rel="stylesheet" type="text/css" href="style.css" /> <![endif]--> <![if !IE]> <link rel="stylesheet" type="text/css" href="firefox.css" /> <![endif]> </head> <body> <div id="wrapper"> <div id="header"> <?php include('header.php'); ?> </div> <div class="divider"> <strong>Login</strong> <form method="post" action="index.php"> <div class="formElm"> <label for="username">Klantnummer:</label> <input id="username" type="text" name="username" maxlength="16"> </div> <div class="formElm"> <label for="password">Wachtwoord:</label> <input type="password" name="password" maxlength="16"> </div> <input type="submit" name="submit" value="Login"> </form> </div> <div id="footer"> <?php include('footer.php'); ?> </div> </div> </html> <?php } else { $user = protect($_POST['username']); $pass = protect($_POST['password']); $level = protect($_POST['level']); if($user && $pass && $level) { $pass = md5($pass); //compare the encrypted password $sql1 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='1'"; $sql2 ="SELECT id,username FROM `users` WHERE `username`='$user' AND `password`='$pass' AND `level`='9'"; $queryN=mysql_query($sql1) or die(mysql_error()); $queryA=mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($queryN) == 1) { $resultN = mysql_fetch_assoc($queryN); $_SESSION['id'] = $resultN['id']; $_SESSION['username'] = $resultN['username']; header("location:home.php"); } elseif(mysql_num_rows($queryA) == 1) { $resultA = mysql_fetch_assoc($queryA); $_SESSION['id'] = $resultA['id']; $_SESSION['username'] = $resultA['username']; header("location:home.php"); } else{ echo "Wrong Username or Password"; } } } ?> and the mysql code: Code: [Select] CREATE TABLE `user` ( `id` int(4) unsigned NOT NULL auto_increment, `username` varchar(32) NOT NULL, `password` varchar(32) NOT NULL, `level` int(4) default '1', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; This script works well as far as getting the form information onto the database but for some reason the confirmation email is not being sent to the user. Could someone take a quick look at my script? Please? I've attached the included files as well. I guess I just need another set of eyes to look over this script. It would be much appreciated <?php // Created BY Adam Khoury @ www.developphp.com // let's initialize vars to be printed to page in the HTML section so our script does not return errors // they must be initialized in some server environments $errorMsg = ""; $firstname = ""; $lastname = ""; $country = ""; $state = ""; $city = ""; $zip = ""; $website = ""; $youtube = ""; $email1 = ""; $email2 = ""; $pass1 = ""; $pass2 = ""; // This code runs only if the form submit button is pressed if (isset ($_POST['firstname'])){ /* Example of cleaning variables in a loop $vars = ""; foreach ($_POST as $key => $value) { $value = stripslashes($value); $vars .= "$key = $value<br />"; } print "$vars"; exit(); */ $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $country = $_POST['country']; $state = $_POST['state']; $city = $_POST['city']; $zip = $_POST['zip']; $website = $_POST['website']; $youtube = $_POST['youtube']; $email1 = $_POST['email1']; $email2 = $_POST['email2']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $humancheck = $_POST['humancheck']; $firstname = stripslashes($firstname); $lastname = stripslashes($lastname); $state = stripslashes($state); $city = stripslashes($city); $zip = stripslashes($zip); $website = stripslashes($website); $youtube = stripslashes($youtube); $email1 = stripslashes($email1); $pass1 = stripslashes($pass1); $email2 = stripslashes($email2); $pass2 = stripslashes($pass2); $firstname = strip_tags($firstname); $lastname = strip_tags($lastname); $state = strip_tags($state); $city = strip_tags($city); $zip = strip_tags($zip); $website = strip_tags($website); $youtube = strip_tags($youtube); $email1 = strip_tags($email1); $pass1 = strip_tags($pass1); $email2 = strip_tags($email2); $pass2 = strip_tags($pass2); // Connect to database include_once "connect_to_mysql.php"; $emailCHecker = mysql_real_escape_string($email1); $emailCHecker = eregi_replace("`", "", $emailCHecker); // Database duplicate e-mail check setup for use below in the error handling if else conditionals mysql_select_db("perry100_users", $myConnection); $sql_email_check = mysql_query("SELECT email FROM myMembers WHERE email='$emailCHecker'", $myConnection); $email_check = mysql_num_rows($sql_email_check);// or die(mysql_error()); // Error handling for missing data if ((!$firstname) || (!$lastname) || (!$country) || (!$state) || (!$city) || (!$zip) || (!$email1) || (!$email2) || (!$pass1) || (!$pass2)) { $errorMsg = 'ERROR: You did not submit the following required information:<br /><br />'; if(!$firstname){ $errorMsg .= ' * First Name<br />'; } if(!$lastname){ $errorMsg .= ' * Last Name<br />'; } if(!$country){ $errorMsg .= ' * Country<br />'; } if(!$state){ $errorMsg .= ' * State or Provice<br />'; } if(!$city){ $errorMsg .= ' * City<br />'; } if(!$zip){ $errorMsg .= ' * Postal or Zip Code<br />'; } if(!$email1){ $errorMsg .= ' * Email Address<br />'; } if(!$email2){ $errorMsg .= ' * Confirm Email Address<br />'; } if(!$pass1){ $errorMsg .= ' * Login Password<br />'; } if(!$pass2){ $errorMsg .= ' * Confirm Login Password<br />'; } } else if ($email1 != $email2) { $errorMsg = 'ERROR: Your Email fields below do not match<br />'; } else if ($pass1 != $pass2) { $errorMsg = 'ERROR: Your Password fields below do not match<br />'; } else if ($humancheck != "") { $errorMsg = 'ERROR: The Human Check field must be cleared to be sure you are human<br />'; } else if ($email_check > 0){ $errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside our database. Please use another.<br />"; } else { // Error handling is ended, process the data and add member to database //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// $firstname = mysql_real_escape_string($firstname); $lastname = mysql_real_escape_string($lastname); $state = mysql_real_escape_string($state); $city = mysql_real_escape_string($city); $zip = mysql_real_escape_string($zip); $website = mysql_real_escape_string($website); $youtube = mysql_real_escape_string($youtube); $email1 = mysql_real_escape_string($email1); $pass1 = mysql_real_escape_string($pass1); $firstname = eregi_replace("`", "", $firstname); $lastname = eregi_replace("`", "", $lastname); $state = eregi_replace("`", "", $state); $city = eregi_replace("`", "", $city); $zip = eregi_replace("`", "", $zip); $website = eregi_replace("`", "", $website); $youtube = eregi_replace("`", "", $youtube); $email1 = eregi_replace("`", "", $email1); $pass1 = eregi_replace("`", "", $pass1); $website = eregi_replace("http://", "", $website); $youtube = eregi_replace("http://www.youtube.com/user/", "", $youtube); // Add MD5 Hash to the password variable $db_password = md5($pass1); // Add user info into the database table for the main site table(knirv.com) $sql = mysql_query("INSERT INTO myMembers (firstname, lastname, country, state, city, zip, email, password, sign_up_date, website, youtube) VALUES('$firstname','$lastname','$country','$state','$city','$zip','$email1','$db_password', now(),'$website','$youtube')") or die (mysql_error()); $id = mysql_insert_id(); // Create directory(folder) to hold each user's files(pics, MP3s, etc.) mkdir("members/$id", 0755); //!!!!!!!!!!!!!!!!!!!!!!!!! Email User the activation link !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! $myemail = "admin@knirv.com"; $emess = "First Name: $firstname\n"; $emess.= "Last Name: $lastname\n"; $emess.= "Email 1: $email1\n"; $emess.= "Email 2: $email2\n"; $emess.= "City: $city\nState: $state\nZip/Post Code:$zip\n"; $emess.= "Country: $scountry\n"; $emess.= "Phone number 1: $phone1\n"; $emess.= "Phone number 2: $phone2\n"; $emess.= "Phone number 3: $phone3\n"; $emess.= "Comments: $sendmail"; $ehead = "From: $myemail\r\n"; $subj = "Complete knirv.com registration!"; $mailsend=mail("$myemail","$subj","$emess","$ehead"); //Begin HTML Email Message $message = "Hi $firstname, Complete this step to activate your login identity at knirv.com. Click the line below to activate when ready. http://www.knirv.com/activation.php?id=$id&sequence=$db_password If the URL above is not an active link, please copy and paste it into your browser address bar Login after successful activation using your: E-mail Address: $email Password: $password See you on the site! admin@knirv.com"; //end of message unset($_GET['do']); header("Location: thank_you.php"); break; } $msgToUser = "<h2>One Last Step - Activate through Email</h2><h4>OK $firstname, one last step to verify your email identity:</h4><br /> In a moment you will be sent an Activation link to your email address.<br /><br /> <br /> <strong><font color=\"#990000\">VERY IMPORTANT:</font></strong> If you check your email with your host providers default email application, there may be issues with seeing the email contents. If this happens to you and you cannot read the message to activate, download the file and open using a text editor. If you still cannot see the activation link, contact site admin and briefly discuss the issue.<br /><br /> "; include_once 'msgToUser.php'; exit(); } // Close else after duplication checks else { // if the form is not posted with variables, place default empty variables $errorMsg = "Fields marked with an [ * ] are required"; $firstname = ""; $lastname = ""; $country = ""; $state = ""; $city = ""; $zip = ""; $website = ""; $youtube = ""; $email1 = ""; $email2 = ""; $pass1 = ""; $pass2 = ""; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="Kinetic Network" content="Register to knirv.com" /> <meta name="Knirv Registration" content="register, www.knirv.com" /> <meta name="rating" content="General" /> <title>Register Your Account</title> <link rel="icon" href="favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> <style type="text/css"> <!-- .style26 {color: #FF0000} .style28 {font-size: 14px} .brightRed { color: #F00; } .textSize_9px { font-size: 9px; } --> </style> <link href="CSS/site_layout.css" rel="stylesheet" type="text/css" /> </head> <body> <?php include_once "header_template.php"; if ($message) echo "<p>$message</p>"; ?> <table width="950" align="center"> <tr> <td width="758"> <blockquote> <h2><br /> Create Your Account Below </h2> </blockquote> <table width="600" align="center" cellpadding="5"> <form action="register.php" method="post" enctype="multipart/form-data"> <tr> <td width="125" class="style7"><div align="center"><strong>Please Do First →</strong></div></td> <td width="447" bgcolor="#FFFFFF">Add <a href="mailto:admin@yknirv.com"><u>admin@knirv.com</u></a> to your email white list or safe sender list now, or else you might not get the activation email that is necessary for logging in successfully. </td> </tr> <tr> <td colspan="2"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td> </tr> <tr> <td align="right" class="alignRt">First Name:<span class="brightRed"> *</span></td> <td><input name="firstname" type="text" class="formFields" id="firstname" value="<?php print "$firstname"; ?>" size="32" maxlength="20" /></td> </tr> <tr> <td align="right" class="alignRt">Last Name:<span class="brightRed"> *</span></td> <td><input name="lastname" type="text" class="formFields" id="lastname" value="<?php print "$lastname"; ?>" size="32" maxlength="20" /></td> </tr> <tr> <td align="right" class="alignRt">Country:<span class="brightRed"> *</span></td> <td> <select name="country" class="formFields"> <option value="<?php print "$country"; ?>"><?php print "$country"; ?></option> <option value="United States of America">United States of America</option> <option value="Afghanistan">Afghanistan</option> <option value="Albania">Albania</option> <option value="Algeria">Algeria</option> <option value="American Samoa">American Samoa</option> <option value="Andorra">Andorra</option> <option value="Angola">Angola</option> <option value="Anguilla">Anguilla</option> <option value="Antigua and Barbuda">Antigua and Barbuda</option> <option value="Argentina">Argentina</option> <option value="Armenia">Armenia</option> <option value="Aruba">Aruba</option> <option value="Australia">Australia</option> <option value="Austria">Austria</option> <option value="Azerbaijan">Azerbaijan</option> <option value="Bahamas">Bahamas</option> <option value="Bahrain">Bahrain</option> <option value="Bangladesh">Bangladesh</option> <option value="Barbados">Barbados</option> <option value="Belarus">Belarus</option> <option value="Belgium">Belgium</option> <option value="Belize">Belize</option> <option value="Benin">Benin</option> <option value="Bermuda">Bermuda</option> <option value="Bhutan">Bhutan</option> <option value="Bolivia">Bolivia</option> <option value="Bonaire">Bonaire</option> <option value="Bosnia and Herzegovina">Bosnia and Herzegovina</option> <option value="Botswana">Botswana</option> <option value="Brazil">Brazil</option> <option value="British Indian Ocean Ter">British Indian Ocean Ter</option> <option value="Brunei">Brunei</option> <option value="Bulgaria">Bulgaria</option> <option value="Burkina Faso">Burkina Faso</option> <option value="Burundi">Burundi</option> <option value="Cambodia">Cambodia</option> <option value="Cameroon">Cameroon</option> <option value="Canada">Canada</option> <option value="Canary Islands">Canary Islands</option> <option value="Cape Verde">Cape Verde</option> <option value="Cayman Islands">Cayman Islands</option> <option value="Central African Republic">Central African Republic</option> <option value="Chad">Chad</option> <option value="Channel Islands">Channel Islands</option> <option value="Chile">Chile</option> <option value="China">China</option> <option value="Christmas Island">Christmas Island</option> <option value="Cocos Island">Cocos Island</option> <option value="Columbia">Columbia</option> <option value="Comoros">Comoros</option> <option value="Congo">Congo</option> <option value="Cook Islands">Cook Islands</option> <option value="Costa Rica">Costa Rica</option> <option value="Cote D'Ivoire">Cote D'Ivoire</option> <option value="Croatia">Croatia</option> <option value="Cuba">Cuba</option> <option value="Curacao">Curacao</option> <option value="Cyprus">Cyprus</option> <option value="Czech Republic">Czech Republic</option> <option value="Denmark">Denmark</option> <option value="Djibouti">Djibouti</option> <option value="Dominica">Dominica</option> <option value="Dominican Republic">Dominican Republic</option> <option value="East Timor">East Timor</option> <option value="Ecuador">Ecuador</option> <option value="Egypt">Egypt</option> <option value="El Salvador">El Salvador</option> <option value="Equatorial Guinea">Equatorial Guinea</option> <option value="Eritrea">Eritrea</option> <option value="Estonia">Estonia</option> <option value="Ethiopia">Ethiopia</option> <option value="Falkland Islands">Falkland Islands</option> <option value="Faroe Islands">Faroe Islands</option> <option value="Fiji">Fiji</option> <option value="Finland">Finland</option> <option value="France">France</option> <option value="French Guiana">French Guiana</option> <option value="French Polynesia">French Polynesia</option> <option value="French Southern Ter">French Southern Ter</option> <option value="Gabon">Gabon</option> <option value="Gambia">Gambia</option> <option value="Georgia">Georgia</option> <option value="Germany">Germany</option> <option value="Ghana">Ghana</option> <option value="Gibraltar">Gibraltar</option> <option value="Great Britain">Great Britain</option> <option value="Greece">Greece</option> <option value="Greenland">Greenland</option> <option value="Grenada">Grenada</option> <option value="Guadeloupe">Guadeloupe</option> <option value="Guam">Guam</option> <option value="Guatemala">Guatemala</option> <option value="Guinea">Guinea</option> <option value="Guyana">Guyana</option> <option value="Haiti">Haiti</option> <option value="Hawaii">Hawaii</option> <option value="Honduras">Honduras</option> <option value="Hong Kong">Hong Kong</option> <option value="Hungary">Hungary</option> <option value="Iceland">Iceland</option> <option value="India">India</option> <option value="Indonesia">Indonesia</option> <option value="Iran">Iran</option> <option value="Iraq">Iraq</option> <option value="Ireland">Ireland</option> <option value="Isle of Man">Isle of Man</option> <option value="Israel">Israel</option> <option value="Italy">Italy</option> <option value="Jamaica">Jamaica</option> <option value="Japan">Japan</option> <option value="Jordan">Jordan</option> <option value="Kazakhstan">Kazakhstan</option> <option value="Kenya">Kenya</option> <option value="Kiribati">Kiribati</option> <option value="Korea North">Korea North</option> <option value="Korea South">Korea South</option> <option value="Kuwait">Kuwait</option> <option value="Kyrgyzstan">Kyrgyzstan</option> <option value="Laos">Laos</option> <option value="Latvia">Latvia</option> <option value="Lebanon">Lebanon</option> <option value="Lesotho">Lesotho</option> <option value="Liberia">Liberia</option> <option value="Libya">Libya</option> <option value="Liechtenstein">Liechtenstein</option> <option value="Lithuania">Lithuania</option> <option value="Luxembourg">Luxembourg</option> <option value="Macau">Macau</option> <option value="Macedonia">Macedonia</option> <option value="Madagascar">Madagascar</option> <option value="Malaysia">Malaysia</option> <option value="Malawi">Malawi</option> <option value="Maldives">Maldives</option> <option value="Mali">Mali</option> <option value="Malta">Malta</option> <option value="Marshall Islands">Marshall Islands</option> <option value="Martinique">Martinique</option> <option value="Mauritania">Mauritania</option> <option value="Mauritius">Mauritius</option> <option value="Mayotte">Mayotte</option> <option value="Mexico">Mexico</option> <option value="Midway Islands">Midway Islands</option> <option value="Moldova">Moldova</option> <option value="Monaco">Monaco</option> <option value="Mongolia">Mongolia</option> <option value="Montserrat">Montserrat</option> <option value="Morocco">Morocco</option> <option value="Mozambique">Mozambique</option> <option value="Myanmar">Myanmar</option> <option value="Nambia">Nambia</option> <option value="Nauru">Nauru</option> <option value="Nepal">Nepal</option> <option value="Netherland Antilles">Netherland Antilles</option> <option value="Netherlands">Netherlands</option> <option value="Nevis">Nevis</option> <option value="New Caledonia">New Caledonia</option> <option value="New Zealand">New Zealand</option> <option value="Nicaragua">Nicaragua</option> <option value="Niger">Niger</option> <option value="Nigeria">Nigeria</option> <option value="Niue">Niue</option> <option value="Norfolk Island">Norfolk Island</option> <option value="Norway">Norway</option> <option value="Oman">Oman</option> <option value="Pakistan">Pakistan</option> <option value="Palau Island">Palau Island</option> <option value="Palestine">Palestine</option> <option value="Panama">Panama</option> <option value="Papua New Guinea">Papua New Guinea</option> <option value="Paraguay">Paraguay</option> <option value="Peru">Peru</option> <option value="Philippines">Philippines</option> <option value="Pitcairn Island">Pitcairn Island</option> <option value="Poland">Poland</option> <option value="Portugal">Portugal</option> <option value="Puerto Rico">Puerto Rico</option> <option value="Qatar">Qatar</option> <option value="Reunion">Reunion</option> <option value="Romania">Romania</option> <option value="Russia">Russia</option> <option value="Rwanda">Rwanda</option> <option value="St Barthelemy">St Barthelemy</option> <option value="St Eustatius">St Eustatius</option> <option value="St Helena">St Helena</option> <option value="St Kitts-Nevis">St Kitts-Nevis</option> <option value="St Lucia">St Lucia</option> <option value="St Maarten">St Maarten</option> <option value="St Pierre and Miquelon">St Pierre and Miquelon</option> <option value="St Vincent and Grenadines">St Vincent and Grenadines</option> <option value="Saipan">Saipan</option> <option value="Samoa">Samoa</option> <option value="Samoa American">Samoa American</option> <option value="San Marino">San Marino</option> <option value="Sao Tome and Principe">Sao Tome and Principe</option> <option value="Saudi Arabia">Saudi Arabia</option> <option value="Senegal">Senegal</option> <option value="Seychelles">Seychelles</option> <option value="Serbia and Montenegro">Serbia and Montenegro</option> <option value="Sierra Leone">Sierra Leone</option> <option value="Singapore">Singapore</option> <option value="Slovakia">Slovakia</option> <option value="Slovenia">Slovenia</option> <option value="Solomon Islands">Solomon Islands</option> <option value="Somalia">Somalia</option> <option value="South Africa">South Africa</option> <option value="Spain">Spain</option> <option value="Sri Lanka">Sri Lanka</option> <option value="Sudan">Sudan</option> <option value="Suriname">Suriname</option> <option value="Swaziland">Swaziland</option> <option value="Sweden">Sweden</option> <option value="Switzerland">Switzerland</option> <option value="Syria">Syria</option> <option value="Tahiti">Tahiti</option> <option value="Taiwan">Taiwan</option> <option value="Tajikistan">Tajikistan</option> <option value="Tanzania">Tanzania</option> <option value="Thailand">Thailand</option> <option value="Togo">Togo</option> <option value="Tokelau">Tokelau</option> <option value="Tonga">Tonga</option> <option value="Trinidad and Tobago">Trinidad and Tobago</option> <option value="Tunisia">Tunisia</option> <option value="Turkey">Turkey</option> <option value="Turkmenistan">Turkmenistan</option> <option value="Turks and Caicos Is">Turks and Caicos Is</option> <option value="Tuvalu">Tuvalu</option> <option value="Uganda">Uganda</option> <option value="Ukraine">Ukraine</option> <option value="United Arab Emirates">United Arab Emirates</option> <option value="United Kingdom">United Kingdom</option> <option value="United States of America">United States of America</option> <option value="Uruguay">Uruguay</option> <option value="Uzbekistan">Uzbekistan</option> <option value="Vanuatu">Vanuatu</option> <option value="Vatican City State">Vatican City State</option> <option value="Venezuela">Venezuela</option> <option value="Vietnam">Vietnam</option> <option value="Virgin Islands (Brit)">Virgin Islands Brit</option> <option value="Virgin Islands (USA)">Virgin Islands USA</option> <option value="Wake Island">Wake Island</option> <option value="Wallis and Futana Is">Wallis and Futana Is</option> <option value="Yemen">Yemen</option> <option value="Zaire">Zaire</option> <option value="Zambia">Zambia</option> <option value="Zimbabwe">Zimbabwe</option> </select> </td> </tr> <tr> <td align="right" class="alignRt">State/Province: <span class="brightRed">*</span></td> <td><input name="state" type="text" class="formFields" id="state" value="<?php print "$state"; ?>" size="32" maxlength="36" /></td> </tr> <tr> <td align="right" class="alignRt">City: <span class="brightRed">*</span></td> <td><input name="city" type="text" class="formFields" id="city" value="<?php print "$city"; ?>" size="32" maxlength="36" /></td> </tr> <tr> <td align="right" class="alignRt">Postal / Zip Code: <span class="brightRed">*</span></td> <td><input name="zip" type="text" class="formFields" id="zip" value="<?php print "$zip"; ?>" size="32" maxlength="24" /></td> </tr> <tr> <td align="right" class="alignRt">Website:</td> <td><strong>http://</strong> <input name="website" type="text" class="formFields" id="website" value="<?php print "$website"; ?>" size="40" maxlength="88" /></td> </tr> <tr> <td align="right" class="alignRt">Youtube Channel:</td> <td><strong>http://www.youtube.com/user/</strong> <input name="youtube" type="text" class="formFields" id="youtube" value="<?php print "$youtube"; ?>" size="32" maxlength="88" /></td> </tr> <tr> <td align="right" class="alignRt">Email Address: <span class="brightRed">*</span></td> <td><input name="email1" type="text" class="formFields" id="email1" value="<?php print "$email1"; ?>" size="32" maxlength="48" /></td> </tr> <tr> <td align="right" class="alignRt">Confirm Email:<span class="brightRed"> *</span></td> <td><input name="email2" type="text" class="formFields" id="email2" value="<?php print "$email2"; ?>" size="32" maxlength="48" /></td> </tr> <tr> <td align="right" class="alignRt">Create Password:<span class="brightRed"> *</span></td> <td><input name="pass1" type="password" class="formFields" id="pass1" maxlength="16" /> <span class="textSize_9px"><span class="greyColor">Alphanumeric Characters Only</span></span></td> </tr> <tr> <td align="right" class="alignRt">Confirm Password:<span class="brightRed"> *</span></td> <td><input name="pass2" type="password" class="formFields" id="pass2" maxlength="16" /> <span class="textSize_9px"><span class="greyColor">Alphanumeric Characters Only</span></span></td> </tr> <tr> <td align="right" class="alignRt"><br /> Human Check: <span class="brightRed">*</span></td> <td><br /> <input name="humancheck" type="text" class="formFields" id="humancheck" value="Please remove all of this text" size="38" maxlength="32" /> </td> </tr> <tr> <td> </td> <td><p><br /> <input type="submit" name="Submit3" value="Submit Form" /> </p></td> </tr> </form> </table> <br /> <br /></td> <td width="180" valign="top"><?php include_once "right_AD_template.php"; ?></td> </tr> </table> <?php include_once "footer_template.php"; ?> </body> </html> I am having problems understanding the reason for why the user has to click logout twice, here's the bulk of the code: <?php ini_set('display_errors',0); require_once 'header.html'; require_once 'db.functions.php'; require_once 'config.php'; $database = dbConnect($host, $username, $password, $database); // should output 1 or nothing at all! if($database == true) { // now connected? // carry on with logic of outputting the blog contents: $result = entries("SELECT * FROM entries"); printf("<table>"); while($row = mysql_fetch_array($result)) { printf(" <tr> <td>%s</td> <td>%s</td> </tr> <tr> <td colspan=\"2\">%s</td> </tr> ", $row[2], $row[4], $row[3]); } printf("</table>"); printf("\n\n"); session_name("jeremysmith_blog"); session_start(); if(array_key_exists('login',$_SESSION)) { if($_SESSION['login'] == 1) // change this to correspond with session on the login.php script { printf("<p>Welcome %s</p> <p>To logout, click <a href=\"index.php?action=logout\">here</a></p> ",$_SESSION['username']); } } else { printf("<p>You are not logged in, please click <a href=\"login.php\">here</a> to login.</p>"); } } else { printf("\n<p id=\"error\">Could not connect to database, please try again later.</p>"); } // init the logout script? if(array_key_exists('action',$_GET)) { if($_GET['action'] == 'logout') { // log user out of the system: unset($_SESSION['login']); unset($_SESSION['username']); session_destroy(); } } printf("\n"); // just for output format! require_once 'footer.html'; Why does the user have to click logout twice, have I missed anything? Any helps appreciated thanks. I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta |
|||||||