|
PHP - How Would I Check If User Is Pending Already?
So let's say if contact_name wants to add member_name as a friend, how would i make it say user is already pending? what variables to check? or should i make friends table and a friends_pending table? Similar TutorialsHello,
I am trying to figure out why paypal recurring payment always shows as Pending when I use my following code?
this is a very basic HTML form which i use for recurring payment in paypal. but when the users sign up using the following code, the payment status shows as "PENDING"!
could someone please help me to solve this issue?
Thanks in advance.
here is my html form:
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_xclick-subscriptions"> <input type="hidden" name="business" value="mysandboxemail@gmail.com"> <input type="hidden" name="currency_code" value="GBP"> <input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="cbt" value="Return to The Store"> <input type="hidden" name="cancel_return" value=" <?php echo $actual_link ?>"> <input type="hidden" name="custom" value="This is a custom field!!!"> <input type="hidden" name="item_name" value="ACCOUNT UPGRADE"> <input type="hidden" name="a3" value="5.00"> <input type="hidden" name="p3" value="1"> <input type="hidden" name="t3" value="M"> <input type="hidden" name="src" value="1"> <input type="hidden" name="sra" value="1"> <input type="image" src="http://www.paypal.com/en_US/i/btn/btn_subscribe_LG.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> </form> hi, how can i check if a username exists? i tried this
$usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$usrres = mysql_query($usrsql);
$usrcount = mysql_num_rows($usrres);
if($usrres && mysql_num_rows($usrcount)>0) {
die("Username is already taken!");
}
Hey guys, How do I check to see if the user has been login on the page that they are on? I have a login and I want users to login before then can go to other pages. thanks guys, Hi there,
I've been searching the internet for the best way to check if the user has been logged in. Some codes have security breaches. So I'm not sure where to start.
Here's what I've come up with:
The user logs in and is checked whether he/she is a valid user, if not return false and if true carry on and create session, I read the post that Jacques1 made about session feedback and implemented what he said. After that the session variables are assigned and then the user id, session_id and a unique identifier to check against on each page load are inserted into a database and then the user is logged in.
Here's my code: (please note this is in a class and only shows the login function)
function Login($username, $password)
{
try
{
$db = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";charset=utf8", DB_USERNAME, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch(PDOException $ex)
{
echo "Unable to connect to DB";
error_log($ex->getMessage());
}
try
{
$User_Info = $db->prepare("SELECT * FROM users WHERE username=:username");
$User_Info->bindValue(":username", $username, PDO::PARAM_STR);
$User_Info->execute();
$Info = $User_Info->fetchAll(PDO::FETCH_ASSOC);
$salt = $Info['salt'];
$password = $salt . $password;
$password = $this->CreateHash($password);
$unique_key = $this->GenerateRandom();
$unique_key = $this->CreateHash($unique_key);
$Check_User = $db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");
$Check_User->bindValue(":username", $username, PDO::PARAM_STR);
$Check_User->bindValue(":password", $password, PDO::PARAM_STR);
$Check_User->execute();
if($Check_User->rowCount() > 0)
{
while($row = $Check_User->fetchAll(PDO::FETCH_ASSOC))
{
session_destroy();
session_start();
$_SESSION = array();
session_regenerate_id(true);
$_SESSION['username'] = $row['username'];
$session_id = session_id();
$user_id = $row['id'];
$Check_Logged_In = $db->prepare("DELETE FROM logged_in_users WHERE user_id=:userid");
$Check_Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Check_Logged_In->execute();
$has_changed = $Check_Logged_In->rowCount();
if($has_changed > 0)
{
$Logged_In = $db->prepare("INSERT INTO logged_in_users (id, user_id, session_id, unique_key) VALUES (NULL, :user_id, :session_id, :unique_key)");
$Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Logged_In->bindValue(":session_id", $session_id, PDO::PARAM_STR);
$Logged_In->bindValue(":unique_key", $unique_key, PDO::PARAM_STR);
$Logged_In->execute();
$affected_rows = $Logged_In->rowCount();
if($affected_rows > 0)
{
return true;
}
}
return false;
}
}
return false;
}
catch(PDOException $ex)
{
echo "Unable to complete query";
error_log($ex->getMessage());
}
}
Thanks
Hi, I want have this code (below), how would I check if a user is logged in? I want to make it so they can only see 500 chars, or the full thing if they're logged in. Thanks! Code: [Select] public function __construct( $data=array() ) { if ( isset( $data['id'] ) ) $this->id = (int) $data['id']; if ( isset( $data['publicationDate'] ) ) $this->publicationDate = (int) $data['publicationDate']; if ( isset( $data['title'] ) ) $this->title = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['title'] ); if ( isset( $data['summary'] ) ) $this->summary = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['summary'] ); if ( isset( $data['content'] ) ) $this->content = $data['content']; if ( isset( $data['tags'] ) ) $this->tags = $data['tags']; } on all my secured pages at the the very top the code is Code: [Select] <?php require ("u_check_login.php"); ?> and then the u_check_login.php code is Code: [Select] <?php require('database.php'); //Include DB connection information $ip = mysql_real_escape_string($_SERVER["REMOTE_ADDR"]); //Get user's IP Address $email = mysql_real_escape_string($_COOKIE['uemail']); //Get username stored in cookie $pp = mysql_real_escape_string($_COOKIE['pp']); if ($pp == 1){ $sessionid = mysql_real_escape_string($_COOKIE['sessionid']); //Get user's session ID $check = mysql_query("SELECT * FROM `users` WHERE `email` = '$email' AND `session_id` = '$sessionid' AND `login_ip` = '$ip' AND `pp` = '1' ") or die(mysql_error()); //Check if all information provided from the user is valid by checking in the DB $answer = mysql_num_rows($check); //Return number of results found. Equal to 0 if not logged in or 1 if logged in. if ($answer == 0 || $sessionid == '') { //Check if login is valid. If not redirect user to login page header('Location: ulogin.php'); exit(); } $row = mysql_fetch_array($check); $email = stripslashes($row['email']); }else{ header('Location: ulogin.php'); } ?> and this error is being displayed on my page that is supposed to not have let me on because i was not logged in Code: [Select] Warning: Cannot modify header information - headers already sent by (output started at /home/content/03/8587103/html/pinkpanthers/pinkpanthers.php:1) in /home/content/03/8587103/html/pinkpanthers/u_check_login.php on line 17 Hello people i have a system that takes people to generated pages from the database, the user has a field to input a video and others watching videos will get redirecting to tht video in time, what i want to know is how can i tell if a user viewed the page so to stop them getting redirected to it again by my random video query? The link always is video.php?id=blabla the id changes every refresh, so i can call that id to check if there on the page but how can i tell if they have been on it before. I have a site where the user must view a timed loader before playing an audio bible. I'm noticing some direct linking to the bible player instead of sitting through the loader... I need to check the previous page's url before actually loading the player. I through together a script last ween in javascript and people reported error, so I assumed it would be best server side anyway. I haven't coded anything in PHP since PHP3. So, I'm asking for your expert options and help... I haven't tested this yet, but is this the best method and are they any problems with this method (if it works). $realname = basename($_SERVER[loader], ".php"); if ($realname == 'loader.php') { return(); } else { // rediret to a notice to user that this isn't allow header( 'Location: http://www.yoursite.com/new_page.html' ) ; } I would like to create a script to check wether a user has made a payment to access a members only area of my site, much like a check-login script that checks if the user has logged in, i need it do do a similar check only its not looking to see if the user is logged in but if they have ever paid and if not; send them to the payments page before the access is granted... What section(s) if any, do i need to modify from this check-login script to change it to check for their payments? Code: [Select] <?php ob_start(); // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> Hey, so I'm trying to check the database if the user and email already exists when registering.
<?php
include_once('includes/config.php');
if(isset($_POST['submit'])) {
$username = $_POST['username'] ? trim($_POST['username']) : null;
$password = md5($_POST['password']) ? trim($_POST['password']) : null;;
$email = ($_POST['email']);
$message = "";
if(empty($username) || empty($password) || empty($email)) {
$message = "All fields required";
} else {
$sql = "SELECT COUNT(username) AS userNum FROM users WHERE username = :username";
$sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['userNum'] >0) {
die("That username already exists!");
} elseif($row['emailNum'] > 0) {
die("That email already exists!");
}
$sql = "INSERT INTO users (username, password, email) VALUES (:username, :password, :email)";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->bindValue(':password', $password);
$stmt->bindValue(':email', $email);
$result = $stmt->execute();
if($result) {
$message = "Registration was successful";
}
}
}
?>
If I remove this line " $sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email"; the code works but only checks the username. How can I check both? Hi Guys, Just a quick introduction I am NOT a student I am a IT Technician in a School in the South of the United Kingdom. I am trying to write a PHP Script with a Function that Checks if the user is logged in, if the user is logged in then it shows the user the content on the page but if they are not logged in then to show a blank page with a link to the Login Page. I need it to be simple. I just want it to check if a useer is logged in but if there not only show some content on a page. Can anyone help? My Users login into a php Session. Thanks for any help you can offer. Best Regards Thomas Hi, I'm trying to change an OpenSource software that is using PHP code, I'm somewhat new to PHP and am wanting to learn more on it, but I'm having trouble a couple of things. On rightcolumn.tpl, I include another file called login_rightside.tpl where it is a login box. What I want to do is if the user clicks "Register" and gets taken to "signup.php" then that login box on "login_rightside.tpl" should disappear. So basically my pseudocode is this: Code: [Select] if (current page = signup.php do nothing else {include file="login_leftside.tpl"} end if My problem is how to tell it that the current page is signup.php. If anyone can provide some help, I'd appreciate it. Hi I have a live chat integrated into my website that uses Ajax, PHP and MySQL. When two people have the chat window open they can chat and it works fine. How can I send an alert to the person being requested to chat with, or for the chat.php page to popup automatically. It prob needs to be some function constantly running in the background check the DB for new message entries. Thanks Jay i want a code in php to check if user open this page Can you see if a request (post/get) is from a curl request or an actual user? I am trying to defeat a little bit of fraud. Hi all, I've got a website for an event, each team have their details on a page which are recalled from a SQl database. But I'm wanting to create a password input box for each team, so when they enter the correct password they are taken to a page containing forms where they can edit the team details. Here is the page with the users details on where they anter the password: http://www.wharncliffenetwork.co.uk/wrc/entered/team.php?id=8 I'm not sure how to code it, Can an IF statement be used? Anyone got any pointers? I'f been unsuccessful in finding a tutorial or something similar. Hope that makes sense :S Cheers. Code what i made so far.
$inputText = 'This is testing http://www.youtube.com';
$allowedDomains = 'www.google.com
youtube.com/
http://www.test.org';
$array = preg_split('/[\s]+/', $allowedDomains);
$regex = '';//Need this line
if(preg_match($regex, $inputText)){
print 'Domain match!';
}else{
print 'Domain not match!';
}
Edited by jacob21, 16 October 2014 - 08:31 AM. Hi Guys, Quick question. I'm trying to get my head around how I would check that a user has reached a certain page from another page. So for example, the workflow through my site is something like the following: user registers a verification email is sent user clicks the link within the verification email to complete the sign up process user logs in and ONLY on a successful login will the following happen: checks are made to see if account has been verified if user has been verified, go to main menu if user has not been activated his account then he goes to a page that says account has not been activated The bit i'm struggling to get my head around is this... the user should only reach the page 'account has not been activated' page from the login page. If that page was called confirm-account.php. What can i do to stop a random person typing something along the lines of www.mywebsite.com/confirm-account.php and getting straight onto that page? or even upon the registration process if the user is taken to a page that says an email has been sent, how would i stop a random person just typing the url straight to that page and bypassing the pages I would expect them to have gone through before reaching that?? Cheers How I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
|
|||||||