PHP - Form Advice - Sessions

Hi all,

I am looking as a pet project to develop a review site, with the info stored in a database by id and the information grabbed bet get id and then displayed on a dynamic page, eg review.php?id=1

My question is this, if i throw keywords into the mix for each review, will search engines cache a review like this? Or would I need static pages for google etc to find the info?

Thanks

In short i want to use the following code below, when someone selects there option and submits it, it would bring up details from the database on this user from the selected table, can you explain what it would be called doing this so i can look it up, Sorry to be a pain, Cheers.

Code: [Select]
<select name="target2" id="target2">

    <option value=""></option>

  <?php

  $sql = "SELECT player_id, friend_id, name, is_active FROM contacts as c JOIN players as p ON c.friend_id = p.id WHERE c.player_id = $playerID AND is_active = 1 ORDER BY name ASC";

  $que = mysql_query($sql) or die(mysql_error());

  while($list = mysql_fetch_array($que)) {

  ?>

  <option value="<?php echo $list['friend_id'] ?>"><?php echo $list['name'] ?></option>

  <?php } ?>

  </select>

Hello, can someone please advice me on what scripts I will need to accomplish the following.

I want users to be able to login to their personal page, on there will be items such as pdf files, jpeg files etc, that they will be able to download.

Are there any free scripts out there that can do this, that anyone knows of? I don't mind paying if its a cheapish script for one of you to make for me, but money is a bit tight at the moment so a free script would be my 1st choice...

Thanks for all your help

for those of you who don't know i am creating a piece of forum software called ASF. Ive done it by myself so far but as it grows i find it harder to write the code and keep organised. my code is a mess and things arent done the way they should be. So if anyone can give me advice or wants to help i could post some of the files for download. Even if you just want to have a look and let me know waht you think.

Thanks
Carl

http://www.thevault.cz.cc

So here's my problem I'm not sure how to approach this:

I have a table with user_items which are stored together separated by commas.
Code: [Select]
13,12,11,9,27,15,16,22,21,23,24,26,29,30,31,32,33
Now, I have a script where the user is in a trade and I want to verify the item they are trying to trade, but is there an alternative other than grabbing all of that users' items and checking that one item with all of the records?

I've tried using
Code: [Select]
SELECT * FROM MYTABLE WHERE user_item_id IN(33)
As an example to see if it will pull the rows with that ID.  It didn't seem to work, am I doing it wrong? if so, forgive me. Any suggestions/help? The main problem is I don't want to have to explode that data and use a foreach to check that one item against all of that users items, as they could have well over 500.

Right now I have a SESSION so when users flip though pages they carry their info with them, what I'm trying to do now is that userhome.php can't be accesses unless the user just was succesful in cracking there system.. game I'm creating for those of you helping and following me while I do this! it's a virutal hacking simulation and where I'm now is that the user's passwordcracker was compared to the target systems 'systemkey' and either granted him access or didn't, if it did it displayed a progress bar then fowarded to userhome.php where the target users info will lay, right now though if I just type in userhome.php i get there without haveing the crack it.... any ideas?

hi im new to php i am making shopping cart i made a session variable to add products in cart when i run it gives this warning Notice: Undefined index: cart in C:\wamp\www\cart\public\views\layouts\shop.php on line 15
Notice: Undefined index: total_items in C:\wamp\www\cart\public\views\layouts\shop.php on line 16
Notice: Undefined index: total_price in C:\wamp\www\cart\public\views\layouts\shop.php on line 17
but when i click on add to cart it add product price and quanitity kindly help me my shop.php code is
<head>
    <title> Shopping Cart</title>
   <link href="stylesheets/cool_style.css" media="screen" rel="Stylesheet" type="text/css" />
</head>
<body>
<h1> products</h1>
<div class="cart">
    <p><b> Shopping Cart</b></p>
 print_r($_SESSION['cart']);
 echo $_SESSION['total_items'];
echo number_format($_SESSION['total_price'],2);

</div>
<hr />
</body>

</html>
and my index file is where i set session variables are
include('db_fns.php');
include("cart_functions.php");
session_start();
if(isset($_SEESION['cart']))   // if change this conditon if(!isset($_SEESION['cart'])) it gives not warning but does not //add products to the cart it does not do anything
{
   
    $_SESSION['cart']=array();
    $_SESSION['total_items']=0;
    $_SESSION['total_price']=0.00;

}

$view=empty($_GET['view'])?'index':$_GET['view'];

$controller='shop';

switch ($view){
   case "index";

$products = find_product();

   break;

   case "add_to_cart";
   
    $id=$_GET['id'];
    $add_item=add_to_cart($id);
    $_SESSION['total_items']=total_items($_SESSION['cart']);
     $_SESSION['total_price']=total_price($_SESSION['cart']);

 header('Location: index.php');
  

break;


   case "update_cart";



break;


   case "checkout";


       break;
}

  if change this conditon  if(!isset($_SEESION['cart'])) it gives not warning  file run correctly with no warning but does not add products to the cart and does not do anything
kindly help me please

I am in the process of opening my web site to the general public. Right now you have to have a username and password to see anything on the site. What I am looking to do is make it so anyone can see most things on the site. There will still be user accounts for things like admins and submitting ideas. What i have now is some links that look at the user rank and only show up if you are higher then a rank. What I need to do is make it so you don't need to log in to see the site but you still need to log in to edit things.

Here is my sessions scrip
Code: [Select]
<?php  session_start(); 
if(!$_SESSION['login']){
$_SESSION['rank'];
$_SESSION['loggedinusername'] = $loggedinusername;
$_SESSION['loggedinuseremail'] = $loggedinuseremail;
header("location:login.php");
}
$rank=$_SESSION['rank'];
$loggedinusername=$_SESSION['loggedinusername'];
$loggedinuseremail=$_SESSION['loggedinuseremail'];
?>

How do I edit this so you are free to move around the site even if your not logged in?

Thanks

How do you set a time limit on a session?

Hi guys,
I have come across a problem when working with session data, I have been storing data from a textarea in a session, but the problem is when I retrieve the data and display it back in a textarea or to mysql it saves the carriage returns and line breaks as \r\n not converting it to actual line breaks.

e.g saving the following from a text area;

Line 1
Line 2
Line 3

will actually show as: Line 1 \r\nLine 2 \r\nLine3


 How do I get it to show properly as intended?
I have tried str_replace('\r\n', '\n'); with double and single quotes

any helpful suggestions would be much appreciated. Thanks..

Hello,
I would like to make a session which saves the input.
To make this easier to understand i will explain my whole problem.

I will have that image uploader:

HTML:
<input type="file" /......>
<input type="submit".....>

and some php behind it to upload the image.
When the file will be uploaded, there will be the text if you want to continue to next page (other php file) to edit uploaded file.

Now what i am asking you is: If the user clicks yes, i want the session to save name of uploaded image without extension and save it as variable, so i can use it on that another page and print it out.

Thank you

Hi

Something strange is happening and I can't understand it.

A user can access an availability page of accommodation and book ita room, this works fine, and goes from availability to the booking form and back quite well, carrying the room  id of the accommdation and room/s selected in a session.

If they close the browser down and open the availability page again all the rooms are there as before, but when they select a room and go to the booking form the session of the room  id  and the rooms selected are empty.

If I do a session destroy and open the browser up again everything works fine again.

I have tried this in Chrome and Firefox and it seems to work fine

Any help would be appreciated

i have an upload form and a posting form on the same page.
when you upload a file it is uploaded to the server. what i am then trying to do is add the name of the file to $_SESSION['attachment'] so i can use it later. When the user posts their form i want the session to be inserted into the database but the session always comes up empty.

this is what happens when they upload their file
Setting the session and moving the file:
session_start();
$_SESSION['attachment'] = "EXAMPLE";
move_uploaded_file($_FILES['Filedata']['tmp_name'], "../attachments/" . time() . $_FILES['Filedata']['name']);

and then when they submit their form(textarea) it uploads the contents to the database and the contents of the session aswell.

Why is this session always empty?

hello

i am makeing a forum and to post a new thread it has to check if the user is logged in, so i log into my website and i go to the post new topic but it says im not logged in here is the new_topic.php and also the login.php

new_topic.php
<?php
session_start();
include_once "../scripts/connect_to_mysql.php"; // Connect to the database
// Check to see if the user is logged in with session variables
if (!isset($_SESSION['userpass']) || $_SESSION['userpass'] == "") {

echo "Please log in...";

exit();
} else {

// Assume they are a member because they have a password session variable set

// Check the database to be sure that their ID, password, and email session variables all match in the database

$u_id = mysql_real_escape_string($_SESSION['id']);

$u_name = mysql_real_escape_string($_SESSION['username']);

$u_email = mysql_real_escape_string($_SESSION['useremail']);

$u_pass = mysql_real_escape_string($_SESSION['userpass']);

$sql = mysql_query("SELECT * FROM myMembers WHERE id='$u_id' AND username='$u_name' AND email='$u_email' AND password='$u_pass'");
    $numRows = mysql_num_rows($sql);
    if ($numRows < 1) {

    echo "ERROR: You do not exist in the system.";

    exit();
    }
}

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Check to make sure the URL variables of "sid" and "title" are set
if (!isset($_POST['forum_id']) || $_POST['forum_id'] == "" || !isset($_POST['forum_title']) || $_POST['forum_title'] == "") {

echo "Important variables are missing";

exit();
} else {

// Acquire the variables and proceed to show them a form for creating a new topic

$forum_section_id = preg_replace('#[^0-9]#i', '', $_POST['forum_id']); 

$forum_section_title = preg_replace('#[^A-Za-z 0-9]#i', '', $_POST['forum_title']); 
}
///////////////////////////////////////////////////////////////////////////////////////////////////
$sql = mysql_query("SELECT * FROM forum_sections WHERE id='$forum_section_id' AND title='$forum_section_title'");
$numRows = mysql_num_rows($sql);
if ($numRows < 1) {

    echo "ERROR: That section deos not exist.";

    exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="style/style.css" rel="stylesheet" type="text/css" />
<title>Create New Topic</title>
<script type="text/javascript" language="javascript"> 
<!--
function validateMyForm ( ) { 
    var isValid = true;
    if ( document.form1.post_title.value == "" ) { 

    alert ( "Please type in a title for this topic" ); 

    isValid = false;
    } else if ( document.form1.post_title.value.length < 10 ) { 
            alert ( "Your title must be at least 10 characters long" ); 
            isValid = false;
    } else if ( document.form1.post_body.value == "" ) { 
            alert ( "Please type in your topic body." ); 
            isValid = false;
    }
    return isValid;
}
//-->
</script>
</head>
<body>
<?php include_once("template_header.php"); ?>
<table style="background-color: #F0F0F0; border:#069 1px solid; border-top:none;" width="900" border="0" align="center" cellpadding="12" cellspacing="0">
  <tr>
    <td width="731" valign="top">
    <div id="breadcrumbs"><a href="http://www.webintersect.com">Web Intersect Home</a> &larr; <a href="http://www.webintersect.com/forum">Forum Home</a> &larr; <a href="section.php?id=<?php echo $forum_section_id; ?>"><?php echo $forum_section_title; ?></a></div>
    <h2>Creating New Topic In the  <em><?php echo $forum_section_title; ?></em> Forum</h2>
    
    <form action="parse_post.php" method="post" name="form1">
    <input name="post_type" type="hidden" value="a" />
    Topic Author:<br /><input name="topic_author" type="text" disabled="disabled" maxlength="64" style="width:96%;" value="<?php echo $u_name; ?>" />
    <br /><br />
    Please type in a title for your topic he <br /><input name="post_title" type="text" maxlength="64" style="width:96%;" /><br /><br />
    Please type in your topic body:<br /><textarea name="post_body" rows="15" style="width:96%;"></textarea>
    <br /><br /><input name="" type="submit" value="Create my topic now!" onclick="javascript:return validateMyForm();"/>
    <input name="fsID" type="hidden" value="<?php echo $forum_section_id; ?>" />
    <input name="fsTitle" type="hidden" value="<?php echo $forum_section_title; ?>" />
    <input name="uid" type="hidden" value="<?php echo $_SESSION['id']; ?>" />
    <input name="upass" type="hidden" value="<?php echo $_SESSION['userpass']; ?>" />
    </form>
    
    </td>
    <td width="189" valign="top"><div style=" width:160px; height:600px; background-color: #999; color: #CCC; padding:12px;"> <br />
      <br />
      <br />
      <h3>Ad Space or Whatever</h3>
    </div></td>
  </tr>
</table>
<?php include_once("template_footer.php"); ?>
</body>
</html>

login.php
<?php
// Start Session to enable creating the session variables below when they log in
session_start();
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1');
//-----------------------------------------------------------------------------------------------------------------------------------
// Initialize some vars
$errorMsg = '';
$email = '';
$pass = '';
$remember = '';
if (isset($_POST['email'])) {

$email = $_POST['email'];

$pass = $_POST['pass'];

if (isset($_POST['remember'])) {

$remember = $_POST['remember'];

}

$email = stripslashes($email);

$pass = stripslashes($pass);

$email = strip_tags($email);

$pass = strip_tags($pass);

// error handling conditional checks go here

if ((!$email) || (!$pass)) { 

$errorMsg = 'Please fill in both fields';

} else { // Error handling is complete so process the info if no errors

include 'scripts/connect_to_mysql.php'; // Connect to the database

$email = mysql_real_escape_string($email); // After we connect, we secure the string before adding to query

    //$pass = mysql_real_escape_string($pass); // After we connect, we secure the string before adding to query

$pass = md5($pass); // Add MD5 Hash to the password variable they supplied after filtering it

// Make the SQL query
        $sql = mysql_query("SELECT * FROM myMembers WHERE email='$email' AND password='$pass' AND email_activated='1'"); 

$login_check = mysql_num_rows($sql);
        // If login check number is greater than 0 (meaning they do exist and are activated)

if($login_check > 0){ 
    

while($row = mysql_fetch_array($sql)){

// Pleae note: Adam removed all of the session_register() functions cuz they were deprecated and

// he made the scripts to where they operate universally the same on all modern PHP versions(PHP 4.0  thru 5.3+)

// Create session var for their raw id

$id = $row["id"];   

$_SESSION['id'] = $id;

// Create the idx session var

$_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id");
                    // Create session var for their username

$username = $row["username"];

$_SESSION['username'] = $username;

mysql_query("UPDATE myMembers SET last_log_date=now() WHERE id='$id' LIMIT 1");
        

//die($username);
    

} // close while

    

// Remember Me Section
    

if($remember == "yes"){
                    $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id");
    

    setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days

        setcookie("passCookie", $pass, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days

$_SESSION['username'] = $username;
    

} 
    

// All good they are logged in, send them to homepage then exit script
    

//die($_SESSION['username']);

$_SESSION['username'] = $username;

header("location: index.php?user=$username;"); 
    

exit();

} else { // Run this code if login_check is equal to 0 meaning they do not exist

    $errorMsg = "Incorrect login data, please try again";

}


    } // Close else after error checks

} //Close if (isset ($_POST['uname'])){

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="icon" href="favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<title>Log In</title>
<style type="text/css">
<!--
body {

margin-top: 0px;
}
-->
</style></head>
<body>
<table width="400" align="center" cellpadding="6" style="background-color:#FFF; border:#666 1px solid;">
  <form action="login.php" method="post" enctype="multipart/form-data" name="signinform" id="signinform">
    <tr>
      <td width="23%"><font size="+2">Log In</font></td>
      <td width="77%"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td>
    </tr>
    <tr>
      <td><strong>Email:</strong></td>
      <td><input name="email" type="text" id="email" style="width:60%;" /></td>
    </tr>
    <tr>
      <td><strong>Password:</strong></td>
      <td><input name="pass" type="password" id="pass" maxlength="24" style="width:60%;"/></td>
    </tr>
  <tr>
      <td align="right">&nbsp;</td>
      <td><input name="remember" type="checkbox" id="remember" value="yes" checked="checked" />
        Remember Me</td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input name="myButton" type="submit" id="myButton" value="Sign In" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td>&nbsp;</td>
    </tr>
    <tr>
      <td colspan="2">Forgot your password? <a href="forgot_pass.php">Click Here</a>
  <br /></td>
    </tr>
    <tr>
      <td colspan="2">Need an Account? <a href="register.php">Click Here</a><br />        <br /></td>
    </tr>
  </form>
</table>
<br />
<br />
<br />
</body>
</html>

I have this (display_items.php) script which should not be accessed directly . user will be directed to a login page, the login checked by a check_login.php file then successful authentication will direct the user to the display_items.php page. it works perfectly on windows server but not on linux. the display_items.php script can be accessed directly on the linux server. It may have something to do with sessions but i cannot pin point the issue at the moment  . i have attaced the php script files. Grateful if someone could point me in the right direction

 

 

 

check_login.txt display_items.txt login.txt