|
PHP - Custom Cms With User Register, Login, Etc. Help?
If I wanted to create a custom CMS that will allow people to be able to upload files, register a new account, to be able to add to a blog article, edit one's article but not someone else's, edit one's profile, be able to leave comments, edit comments as well as edit their blog articles in something similar to this forum's post box (with Bold, Italic, etc options), how would I go about it?
Similar TutorialsHi I really need help coding my register.php
please flag any mistakes and suggest additions to the code
please help
<html>
<head>
<title>______________</title>
</head>
<body>
<h2>Registration Page</h2>
<a href="index.php">Click here to go back<br/><br/>
<form action="register.php" method="POST">
Enter Company Name: <input type="text" name="Company_Name" required="required" /> <br/>
Enter Unit: <input type="text" name="Unit" required="required" /> <br/>
Enter Street: <input type="text" name="Street" required="required" /> <br/>
Enter Town: <input type="text" name="Town" required="required" /> <br/>
Enter County: <input type="text" name="County" required="required" /> <br/>
Enter Postcode: <input type="text" name="Postcode" required="required" /> <br/>
Enter Country: <input type="text" name="Country" required="required" /> <br/>
Enter Phone Number: <input type="text" name="Phone_Number" required="required" /> <br/>
Enter Email: <input type="text" name="Email" required="required" /> <br/>
Enter Password: <input type="password" name="Password" required="required" /> <br/>
<input type="submit" value="Register"/>
</form>
</body>
</html>
<?php
if($_SERVER["REQUEST_METHOD"]== "POST"){
$Company_Name = mysql_real_escape_string($POST['Company Name']);
$Unit = mysql_real_escape_string($POST['Unit']);
$Street = mysql_real_escape_string($POST['Street']);
$Town = mysql_real_escape_string($POST['Town']);
$County = mysql_real_escape_string($POST['County']);
$Postcode = mysql_real_escape_string($POST['Postcode']);
$Country = mysql_real_escape_string($POST['Country']);
$Phone_Number = mysql_real_escape_string($POST['Phone Number']);
$Email = mysql_real_escape_string($POST['Email']);
$Password = mysql_real_escape_string($POST['Password']);
echo "Company Name entered is: ". $Company_Name . "<br/>";
echo "Unit entered is: ". $Unit . "<br/>";
echo "Street entered is: ". $Street . "<br/>";
echo "Town entered is: ". $Town . "<br/>";
echo "County entered is: ". $County . "<br/>";
echo "Postcode entered is: ". $Postcode . "<br/>";
echo "Country entered is: ". $Country . "<br/>";
echo "Phone Number entered is: ". $Phone_Number . "<br/>";
echo "Email entered is: ". $Email. "<br/>";
echo "Password entered is: ". $Password . "<br/>";
}
?>
Hello everyone,i was trying to make a register/login pages on my own and well i got stuck..and my good friend google couldn't help me :S So well i came to ask proffesionals Okay here is it: First thing i don't get is about email activation that i wanted to use on my register page... I got do_reg.php file that looks like this: Code: [Select] <?php include 'connection.php'; //grab data from form $name = $_POST['username']; $pass = $_POST['password']; $pass_conf = $_POST['pass_conf']; $email = $_POST['email']; $ip = $_POST['ip']; //if else if($name == false || $pass == false || $pass_conf == false || $email == false){ echo "Please fill in all the required fields."; }; if($pass != $pass_conf){ echo "Blah..Passwords do not match."; }else{ //generate random code $code = rand(11111111,99999999); //send email $subject = "Activate your account"; $headers = "From: admin@mysite.com"; $body = "Hello $name,\n\nYou registered and need to activate your account. Click the link below or paste it into the URL bar of your browser\n\n http://localhot/login/activate.php?code=$code\n\nThanks!"; if (!mail($email,$subject,$body,$headers)) echo "Error,what a shame!"; else { $sql = mysql_query("INSERT INTO users (username,password,email,code,active,ip) VALUES('$name','$pass','$email','$code',0,'$ip')") or die(mysql_error()); $result = mysql_query($sql); echo "Thank you for registering! But your account is not still active :'( Please check your email ($email) for activation code! :)"; } }; ?>I went through thousands of erros and still couldn't make it work,i am using xampp localhost server for now and maybe that is the reason it wont work even if i tried to activate SMTP and that stuff in php.ini conf file (as my friend google told me).. So this is one of the errors: Quote Warning: mail() [function.mail]: SMTP server response: 550 relaying denied in C:\xampp\htdocs\login\do_reg.php on line 25 Error,what a shame! Now the next thing i couldn't understand is where is the error inside this script... (do_login.php) Code: [Select] <?php include 'connection.php'; $session_username = $_SESSION['username']; if($_POST['login']) { //get form data $username = $_POST['username']; $password = $_POST['password']; } if(!$username||!$password) echo "Username and password missing!"; else { //login $login = mysql_query("SELECT * FROM users WHERE username='$username'"); } if (mysql_query($login)==0) echo "No souch user!"; else { while ($login_row = mysql_fetch_assoc($login)) { $password_db = $login_row['password']; $password = md5($password); if ($password!=$password_db) echo "Incorect password!"; else { //check if active $active = $login_row['active']; $email = $login_row['email']; if ($active==0) echo "You haven't activated your account, please check your email ($email) for activation!"; else { $_SESSION['username']=$username; //assign session header("Location: index.php");//refresh } } } } ?> Thank you for your spent time and help.. My issue is that I cannot get my user information to (1) upload to the database, and (2) if I manually put information in the data base I cannot retrive it when trying to log in.. I assume its a connection issue, but I cannot seem to find it. Thanks in advance for the help! This is my "init.inc.php" script... Code: [Select] <?php session_start(); $exceptions = array('register','login'); $page = substr(end(explode('/',$_SERVER['SCRIPT_NAME'])),0,-4); if(in_array($page, $exceptions) === false){ if(isset($SESSION['username']) === false){ header('Location: login.php'); die(); } } mysql_connect('localhost','root',''); mysql_select_db('newlogin'); $path = dirname(__FILE__); include("{$path}/inc/user.inc.php"); ?> This is my "user.inc.php" script... Code: [Select] <?php // check is the given username exisits in the table function user_exists($user){ $user = mysql_real_escape_string($user); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}'"); return (mysql_result($total, 0) == '1') ? true : false; } // checks is the username and password are valid function valid_credentials($user, $pass){ $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } //adds user to the database function add_user($user, $pass){ $user = mysql_real_escape_string(htmlentities($user)); $pass = sha1($pass); mysql_query("INSERT INTO 'user_tbl' ('user_name', 'user_password') VALUES ('{$user}', '{$pass}')"); } ?> Finally this is my "register.php" Page... Code: [Select] <?php error_reporting(0); include('core/init.inc.php'); $errors = array(); if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){ if(empty($_POST['username'])){ $errors[] = "The username field cannot be empty!"; } if(empty($_POST['password']) || empty($_POST['repeat_password'])){ $errors[] = "The password fields cannot be empty!"; } if($_POST['password'] !== $_POST['repeat_password']){ $errors[] = "Password verification failed !"; } if(user_exists($_POST['username'])){ $errors[] = "That username has already been taken!"; } if(empty($errors)){ add_user($_POST['username'], $_POST['password']); $_SESSION['username'] = htmlentities($_POST['username']); header('Location: protected.php'); die(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <div> <?php if( empty($errors) === false){ ?> <ul> <?php foreach($errors as $error){ echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> </div> <form action="" method="post"> <p> <label for="username"> Username:</label> <input type="text" name="username" id="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" /> </p> <p> <label for="password"> Password:</label> <input type="password" name="password" id="password" /> </p> <p> <label for="repeat_password"> Repeat Password:</label> <input type="password" name="repeat_password" id="repeat_password" /> </p> <p> <input type="submit" value="Register" /> </p> </form> </body> </html> Hi guys I'm trying to fix my user registration page, I've gotten myself into a real mess here so any help would be appreciated I am getting "Notice: Undefined index" message for my variables (firstname,lastname,password,repeatpasswords) and it is not loading the page only the "die" message which is happening because the script is failing. Code: [Select] <?php session_start(); $con = mysql_connect('localhost','root','abc'); if (!$con) { die ("Could not connect to database" . mysql_error()); } //get data from the form if (isset($_POST['firstname'])) { $firstname = $_POST['firstname']; } if (isset($_POST['lastname'])) { $lastname = $_POST['lastname']; } if (isset($_POST['username'])) { $username = $_POST['username']; } if (isset($_POST['password'])) { $password = $_POST['password']; } if (isset($_POST['repeatpassword'])) { $repeatpassword = $_POST['repeatpassword']; } if (isset($_POST['submit'])) { //check for existance if ($firstname&&$lastname&&$username&&$password&&$repeatpassword) { //check passwords match if ($password==$repeatpassword) { //check char length of username and names if (strlen($username)>25||strlen($firstname)>25) { echo "The first name, last name or username fields are too long!"; } else { //check password length if (strlen($password)>25||strlen($password)<6) { echo "Password must be between 6 and 25characters"; } else { //encrypt password $password = md5 ($password); $repeatpassword = md5 ($repeatpassword); } } } else echo "Your passwords do not match!"; } else echo "Please fill in all fields!"; } //select database table mysql_select_db('theimageworks'); //add data to database $sql="INSERT INTO user (firstname, lastname, username, password) VALUES ('$_POST[firstname]', '$_POST[lastname]', '$_POST[username]', '$_POST[password]')"; if (!mysql_query($sql,$con)) { die ('Error: ' . mysql_error()); } die ("You have been registered! Return to <a href='loginpage.php'>login page</a>"); mysql_close($con); ?> Hello,
i got a problem with a part of my code :
<?php Hi guys, Can anyone help me; I have created a registration form (can be use for create or modify) and login form (Admin). What I am trying to do is; once the admin log in he/she can create / register a new user which contains: -Firstname -Surname -Address -Mobile -Dept Name -Username -Password -Repeat Password My DB will look like this: Table PERSONS: id, firstname, surname, address, mobile, dept_id, username, password. Table USER: id, username, password Table DEPT: id, dept_name Can anyone help me how am I going to related the USER table into the PERSONS so when admin register a new user - the data will be created the into database as well as the data can be extracted for modification. Any suggestion? Here are my code: register.php <?php require 'includes/application_top.php'; if (!isset($_POST['name']) && isset($_GET['id'])) { $mode = "Modifying"; // Get data from DB $q = "SELECT * FROM `persons` WHERE `ID` = '".$_GET['id']."'"; $result = mysql_query($q) or die (mysql_error()); $row = mysql_fetch_array($result); $name = $row['firstname']; $surname = $row['surname']; $address = $row['address']; $dept = $row['dept_id']; $mobile = $row['mobile']; }else if (!isset($_POST['name']) && !isset($_GET['id'])) { $mode = "Register"; // Data is empty $name = $surname = $address = $dept = $mobile = ""; } else { $errors = array(); if ($_POST['name'] == "") $errors[] = "Name"; if ($_POST['surname'] == "") $errors[] = "Surname"; if ($_POST['mobile'] == "" || !is_numeric ($_POST['mobile'])) $errors[] = "Mobile No"; if (count($errors)) { $errormsg = "Please fill the blank info:<br/ >".implode('<br />',$errors); $mode = $_POST['mode']; $name = $_POST['name']; $surname = $_POST['surname']; $address = $_POST['address']; $dept = $_POST['dept']; $mobile = $_POST['mobile']; } else { foreach ($_POST as $key => $val) { $_SESSION[$key] = $val; } header("Location: confirmPage.php"); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Modify Document</title> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <?php if (isset($errormsg)) echo "<div id=\"error_message\" style=\"color:red;\">$errormsg</div>"; ?> <div align="center"> <table width="370" border="0"> <h1> <?php echo $mode; ?> A User </h1> <p><font color="orangered" size="+1"><tt><b>*</b></tt></font> indicates a required field</p> <tr> <th width="200" height="35" align="left" scope="row" >First Name <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td width="160"><input type="text" name="name" value="<?php echo $name;?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Surname <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input type="text" name="surname" value="<?php echo $surname; ?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Address</th> <td> <input type="text" name="address" value="<?php echo $address; ?>" size="25"/></td> </tr> <tr> <th height="35" align="left"> Choose a username <font color="orangered" size="+1"><tt>*</tt></font></th> <td> <input name="username" type="text" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left"> Choose a password <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input name="password" type="password" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left"> Repeat your password <font color="orangered" size="+1"><tt><b>*</b></tt></font> </th> <td> <input name="repeatpassword" type="password" maxlength="100" size="25" /> </td> </tr> <tr> <th height="35" align="left">Department</th> <td> <select name="dept"> <option value="">Select..</option> <?php $data = mysql_query ("SELECT * FROM `dept` ORDER BY `id` DESC") or die (mysql_error()); while($row_dept = mysql_fetch_array( $data )) { ?> <option value="<?php echo $row_dept['id'] ;?>" <?php if($row_dept['id']==$dept){echo ' selected="selected"';}?>> <?php echo $row_dept['dept_name'] ;?> </option> <?php } ?> </select> </td> </tr> <tr> <th height="35" align="left">Mobile</th> <td><input type="text" name="mobile" value="<?php echo $mobile; ?>" size="25"/></td> </tr> <tr> <td align="right" colspan="2"> <hr noshade="noshade" /> </td> </tr> </table> <br/> <a href="index.php"> <input type="button" name="back" value="Back" /></a> <input type="hidden" name="id" value="<?php echo isset($_GET['id']); ?>"> <input type="hidden" name="mode" value="<?php echo $mode; ?>"> <input type="submit" value="<?php echo ($mode == "Register") ? 'Register' : 'Modify'; ?>"/> </div> </form> </body> </html> Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. Code: [Select] <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code Code: [Select] define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: Code: [Select] $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: Code: [Select] <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works Hi there, I've just registered here and had a quick look around but couldn't find the answer I was looking for so I hope I'm posting this question in the right place. I want to write a PHP Login/Registration script that I can run on a website I am developing for a client but this website has more than one piece of software on it (each with it's own user-tables) and this is the first time I have had to integrate software before so I need a bit of help. When a user fills in the registration form, that data needs to be sent to the relevent user-tables for each application running on the website & when a user logs in, they need to be authenticated for each of the applications also so that we can have a one-click login process. I hop Hi, currently in my registration code, the userId allows only six digits as the user ID. I need help in performing the following task 1. Modify the account creation screen to allow users to enter EITHER a 6-digit ID OR a 9 character ID. Any 6-digit PLID will be stored with the perpended B11. 2.Modify the login utility for the users to allow them to use either the 6-digit or 9-character IDs which means you will need to prepend the B11 to any 6-digit PLID to find their record in the database. 3.Convert existing PLIDs in the database to the new format by prepending the B11. Any coding help will be greatly appreciated. Hello, I am new and am having a hard time with PHP. Scenario: There are PDF files on my website that I want users to register before downloading the files. I do not want them to login but rather provide basic information such as name and email address. Once the form is submitted, I am not sure if I should be using PHPSESSION to validate the user. Also, I am not sure where to place the files: either in the webroot (/var/www/) or outside. I am new to PHP so please forgive me if I use terminology incorrectly. Thank you for reading my question. This topic has been moved to Application Design. http://www.phpfreaks.com/forums/index.php?topic=313919.0 I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> Hallo everybody,
i have the following code.
but i get allways this error while the user exist in the database.
User not found!
what do i do wrong?
thank you very much for your help
Rafal
<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>
Edited by rafal, 21 September 2014 - 04:33 PM. Hallo everybody,
the user is in the table, but i get error (user not found!).
thank you very much for your help
Rafal
<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>
I am trying to populate a custom field called "Customer Type" current user role. The custom field is displayed on my checkout page. I tried the below in my functions.php of my child theme and thought it would work but it does nothing. Can anyone tell me what I might be doing wrong?
$user = wp_get_current_user(); $fields['customertype'] = $user;
return $fields; add_filter( 'woocommerce_checkout_fields', 'onboarding_update_fields' ); Edited April 11 by JayXHello, I had 8 select boxes(dropdowns) in a form. Its like a search kind of implementation in the website. I don't know what the user selects, he may choose different select boxes, any number of select boxes. So, based upon the user selection, I need to generate the data. The data fields to be generated would be almost same. So, How would I know what the user selection is and how many select boxes has been selected and how could I generate different data based upon selected boxes. I had to make a small note abt this, that the data generation fields may change for some of the user select combinations, but most of the result fields would be same. so, can you please help me out, how to do, how to make different combination data generations, because, i had 8 fields, i had to make 8! combinations, that would result in a big code. Hello can someone point me into the right direction? I've got this code: if ($userdata["user_level"] <> 1 ){ die(); } The above code works but now I want to give users with level 3 also acces but not the users having level 2. Anyone has an idea? Regards Richard Ok. I would like to be able to do this :: http://webdeveloper.50webs.com/js.login.htm in PHP and with a database. I know it may look like a simple login script, but I would like it to redirect to a specific URL based on each user. I.E. "http://example.com/users/index.php" is the login page, and once the user logs in, it would redirect them to "http://example.com/users/username/" Unless someone has a better idea. I know this isn't secure (because someone could just change the url to a different username, and they now have access to that users account.) The only reason I would like to do it this way, is because I have an upload script, and because of the way it uploads, the files are placed in a folder (So username/files is were the files are stored) and I have a file browser (username/browser.php) And I don't know how to display only the files the user has uploaded. (I.E. if I had one main file that the users see once they login, they would all see everyones uploads.) I would forfeit a tiny bit of security if users had there files not publicly visible. (People still have to login to see the files, and they would have to know the URL to a specific username.) So basically what I would like to do, is have a database (I.E. "Users") and have a table in that database with "username" "password" "email" "URL" and the PHP script looks up the database, and checks the username, and the password, and if they match, looks at the URL and sees were its supposed to redirect the user. I have attached the PHP code I have found, and use. If anyone knows how to do this, please let me know! Thanks in advance! Cheers! ------ Anders |
|||||||