Learn VBA & Macros in 1 Week!

PHP - After Login ...access Danied

Full Excel VBA Course - Beginner to Expert

After Login ...access Danied	View Content

Full Excel VBA Course - Beginner to Expert

Having To Login Twice To Access Page ?

Similar Tutorials

View Content

This has been an ongoing issue from the start.

When I try to login I enter the username and password and click login, then get taken back to the login page to reenter the same details and the second time I click login I get logged in. Now if I then log out and close window and wait a few seconds, restart again and try to log in, I get in first time. I believe this could be a session issue but I thought unsetting the unset($_SESSION['admin']); would cause the session to be lost and have to start again.

I just can not get my head around what is causing it. Can anyone tell me what I might be doing wrong ?

I have a redirect to originating page, so if I was to view a previous page within the admin area I have to log in and then once loggeed in it will redirect to the page I was on before.

Here are my scripts.

adminCreateCampaign.php

<?php
session_set_cookie_params(0, '/', '.****.com'); session_start(); error_reporting(-1);

define('site_title', 'Admin ');
define('pageTitle', 'Admin ');
$_SESSION['loginRedirect'] = "adminCreateCampaign.php";

include("functions-for-email.php");

$checkAdminStatus = checkAdminStatus($mysqli);
  if(!isset($_SESSION['admin']) || $checkAdminStatus == "NOACCESS") {
    $_SESSION['error'] = 'You must be logged in to view that page. (el.S1)';
    //$_SESSION['loginRedirect'] = "showStats.php";
//echo("You must be logged in to view that page. (el.S1)<br>"); exit;
    @mysqli_close($mysqli);
    header('Location: ' . adminFullWebAddress . '/index.php'); exit;
  } else {
    if($_SESSION['admin']['account_type'] != 'admin') {
      $_SESSION['error'] = 'You do not have the priviledges to view that page. (el.S2)';
      @mysqli_close($mysqli);
      header('Location: ' . adminFullWebAddress . '/index.php'); exit;
    }
  }
?>
<!DOCTYPE>
<html>
<head>
<link href="adminstyle.css" rel="stylesheet" type="text/css" />
<title><?php echo(site_title); ?></title>
</head>
<body>
    <div id="container">

                                <div class="containerInner">
                                <div id="leftInner100">
                                <?php // start of leftInner ?>

<?php menu(); ?>

                    <h1 class="middleTitle">Admin </h1>
                    <?php
                    if(isset($thisError)) { echo '<div class="errorDiv">',$thisError,'</div>'; unset($thisError); }
                    if(isset($thisSuccess)) { echo '<div class="successDiv">',$thisSuccess,'</div>'; unset($thisSuccess); }
                    ?>

                    
                    <br><br>
                                </div><?php //    end of leftInner ?>
                                </div><?php // end of containerInner ?>

        <div class="clearfix"></div>

    </div><?php // container ?>
</body>
</html>
<?php @mysqli_close($mysqli); ?>

index.php

<?php
session_set_cookie_params(0, '/', '.****.com'); session_start(); error_reporting(-1);
include("functions.php");
$checkAdminStatus = checkAdminStatus($mysqli);
//$_SESSION['loginRedirect'] = adminFullWebAddress . "/index.php";
$fromlink4 = isset($_SERVER['REMOTE_ADDR']) ? (gethostbyaddr($_SERVER['REMOTE_ADDR'])) : "empty";
$ipAddress = $_SERVER['REMOTE_ADDR'];

    if(isset($_POST['email'])) { $email = $_POST['email']; $email = strip_tags($email); } else { $email = ""; }
    if(isset($_POST['pass'])) { $password = $_POST['pass']; $pass = $_POST['pass']; } else { $pass = ""; }
    if(isset($_POST['login']) && trim($_POST['login']) == 'Login') {
            $checkEmail        = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1");
            $checkBanned    = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' AND `suspended` = 'Yes' LIMIT 1");
            $failedLoginCounter    = 0;

            if(!$email) {
                $thisError = 'Please enter your e-mail address.';
            } else if(! $checkEmail->num_rows) {
                $thisError = 'Either the email address, password or both were not entered correctly.';
            } else if(!$password) {
                $thisError = 'Please enter your password.';
            } else if($checkBanned->num_rows) {
                $thisError = 'Your account has been suspended by Admin.';
            } else {
                    $password = md5($password);
                    $checkAccount = db_query($mysqli, "SELECT * FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($email) . "' AND `password` = '" . $mysqli->real_escape_string($password) . "' LIMIT 1");
                        if($checkAccount->num_rows) {
                        $saveChanges = db_query($mysqli, "UPDATE `admins` SET `lastlogindatetime` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastAccessSinceLogin` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastloginip` = '" . $mysqli->real_escape_string($ipAddress) . "', `failedLoginCounter` = 0 WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1");
                        // set lastlogindatetime
                        $_SESSION['admin'] = $checkAccount->fetch_assoc();
                        $loginRedirect = isset($_SESSION['loginRedirect']) ? $_SESSION['loginRedirect'] : "";
                        $_SESSION['success'] = 'You are now logged in. (ok.L2) ' . $loginRedirect;
                              header('Location: ' . adminFullWebAddress . '/' . $loginRedirect); exit;
                        } else {
                                $thisError = 'Your e-mail address and/or password is incorrect.<br>If you still face issues, you can <a href="startresetpw.php">reset your password</a>';
                                $saveChanges = db_query($mysqli, "UPDATE `admins` SET `failedLoginCounter` = `failedLoginCounter` + 1, `lastloginfailedip` = '" . $mysqli->real_escape_string($ipAddress) . "', `lastlogindatetimeFailed` = '" . $mysqli->real_escape_string(datetimenow) . "' WHERE `email` = '" . $mysqli->real_escape_string($email) . "' LIMIT 1"); // set lastlogindatetimeFailed
                                 }
                    }
    }
if(!isset($_SESSION['admin'])) {
define('site_title', 'Login');
define('pageTitle', 'Login');
} else {
define('site_title', 'Home');
define('pageTitle', 'Home');
}
?>
<!DOCTYPE>
<html>
<head>
<link href="adminstyle.css" rel="stylesheet" type="text/css" />
<title><?php echo(site_title); ?></title>
</head>
<body>
    <div id="container">
            <div class="containerInner">
            <div id="leftInner100">
            <?php // start of leftInner ?>

                <div id="mainphoto"><?php //specialMessage($mysqli); mainPageImage(""); ?></div>
                <div class="clear"></div><?php

                    if(isset($_SESSION['admin'])) {
                        menu();
                    }

                    if(isset($thisError)) { echo '<div class="errorDiv">',$thisError,'</div>'; }
                    if(isset($thisSuccess)) { echo '<div class="successDiv">',$thisSuccess,'</div>'; }
                    unset($thisError); unset($thisSuccess);

                        if(!isset($_SESSION['admin'])) { ?>
                                <div style="width: 100%; margin: 0em auto; text-align: center;">
                                    <form method="POST" action="index.php" style="width: 15em; text-align: center;">
                                      <div class="field"> E-mail Address </div>
                                      <div class="value"> <input type="text" name="email" value="<?php if(isset($_POST['email'])) { echo $email; } ?>" style="width: 12.5em;" title="email"> </div>
                                          <div class="field"> Password<br><span style="font-size: 0.8em;"><?php
                                          if (isset($_POST['pass'])) { echo('<strong style="color: red;">'); } ?>(Please note: your password may be CaSe SeNSitIvE)<?php if (isset($_POST['pass'])) { echo('</strong>'); } ?></span>
                                          </div>
                                      <div class="value"> <input type="password" name="pass" value="" style="width: 12.5em;" title="pass"> </div>
                                      <div><br><input type="submit" name="login" value="Login"> <input type="reset" value="Clear"><br></div>
                                    </form><br>
                                  <div class="clearFloat"></div>
                                </div>
                        <?php
                        } else { ?>logged in<?php } ?>

            <br><br>
            </div><?php //    end of leftInner ?>
            </div><?php // end of containerInner ?>
        <div class="clearfix"></div>
    </div><?php // container ?>
</body>
</html>
<?php
@mysqli_close($mysqli); ?>

functions.php

<?php
define('showOutput', 0);

include("/home/****/db_login_functions.php");
define('db_table_name', 'clientList');
define('mailHost', 'mail.****.com');
define('mailUsername', 'noreply@****.com');
define('mailPW', '****');

define('bounce', 'bounce@****.com');

define('fullDomain', 'https://www.admin.****.com');
define('adminFullWebAddress', 'https://www.admin.****.com');
define('adminEmail', 'admin@****.com');
define('fromEmail', 'noreply@****.com');
define('fromName', 'DO NOT REPLY');
define('REMOTEADDR', isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '');
define('PHPSELF', $_SERVER['PHP_SELF']);
define('HTTPREFERER', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "not set");

define('unsub', 'https://www.****.com/unsub.php'); define('securityhash', 'abc'); // NEVER change this securityhash.

date_default_timezone_set('Europe/London');
define('datetimenow', date("Y-m-d H:i:s"));

/*        check if user is allowed to access a certain page or not.    */
function checkAdminStatus($mysqli) { $yesNo = "";

    if(isset($_GET['action']) && $_GET['action'] == 'logout') {
        unset($_SESSION['admin']);
        $_SESSION['success'] = 'You have successfully logged out. (lo.1)';
        header('Location: index.php'); exit;
    }
    if(isset($_SESSION['admin']) ) {
        //            need to add in code to check if logged in for more than 1 hour, if so log out on next refresh of page.
        if ($_SESSION['admin']['lastAccessSinceLogin'] < date( 'Y-m-d H:i:s', strtotime("-5 minutes") )) {        unset($_SESSION['admin']);
        $_SESSION['error'] = 'You were logged out due to no activity, please login again to view that page. (lo.2)';
        header('Location: index.php'); exit;
        }
    $checkBanned    = db_query($mysqli, "SELECT `adminid` FROM `admins` WHERE `email` = '" . $mysqli->real_escape_string($_SESSION['admin']['email']) . "' AND `suspended` = 'Yes' LIMIT 1");
        if($checkBanned->num_rows) {        $yesNo = "NOACCESS";        //$_SESSION['error'] = 'You must be logged in to view that page.';
        } else {        $yesNo = "ACCESS";        // if logged in, update        `users`.`lastAccessSinceLogin`        with current datetime.
        $updateLastAccessSinceLogin = db_query($mysqli, "UPDATE `admins` SET `lastAccessSinceLogin` = '" . $mysqli->real_escape_string(datetimenow) . "', `lastloginip` = '" . $mysqli->real_escape_string(REMOTEADDR) . "', `failedLoginCounter` = 0 WHERE `email` = '" . $mysqli->real_escape_string($_SESSION['admin']['email']) . "' LIMIT 1");
        $_SESSION['admin']['lastAccessSinceLogin'] = datetimenow;
        }
    }

return $yesNo;
}

function menu() {
echo('<a href="index.php?action=logout">Log Out</a>&nbsp;&nbsp;&nbsp;&nbsp;');
echo('
<a href="adminCreateCampaign.php">Create Campaign</a><br><br><br>');
}
?>

.htaccess (within the admin folder)

Header set Access-Control-Allow-Origin "*"

RewriteEngine On
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

### DON'T DELETE!! Below entry is MUST for your PHP sites like wordpress,joomla and etc to work properly.
suPHP_ConfigPath /home/****/php.ini

.htaccess (within the root folder)

Header set Access-Control-Allow-Origin "*"

RewriteEngine On
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

### DON'T DELETE!! Below entry is MUST for your PHP sites like wordpress,joomla and etc to work properly.
suPHP_ConfigPath /home/****/php.ini

the php.ini file

allow_url_fopen = on
allow_irl_include = on
date.timezone = Europe/London
safe_mode = off
upload_max_filesize = 20M
post_max_size = 20M
upload_tmp_dir = "/home/****/tmp"
session.save_path = "/home/****/sessions"
session.use_only_cookies = on
error_reporting = E_ALL
log_errors = On
display_errors = Off
track_errors = On
error_log = "/home/****/errors.log"
sendmail_from = "server@****.com"

Access Level From Database To Login In Myphpadmin

Similar Tutorials

View Content

We have setup a member login page in CS5 using a myphpadmin database. We want to give members access to particular areas of our site depending on what username and password they enter. ie member 1 only requires access to specific documents/webpages - member 2 requires access to other documents/webpages. Not sure how to do this.

Php Login Form With Odbc Connection Toms Access

Similar Tutorials

View Content

So I'm doing a project and I need to make a successful login form, where it checks in MS Access if the username and password are correct, and if they are the user is taken to a new page. If they are wrong, a message comes up and they stay on the same page.

The user should first just see a blank form, but after submit is pressed, it should check if the username and password are correct. IF they are should be taken to a new page.

It's been a while since I used php last, so I wasn't quite sure how to tackle this issue. I was wondering if someone could please help me? here is my code.

Code: [Select]
<html>
<head>
<style type="text/css">

</style>
</head>
<body style="text-align:center">

<div id='title'>

</div>

<?php

print_r ($_POST) ;

if (isset($_POST['submit'])) {

if(isset($_POST['username'])){
$username= $_POST['username'] ;
}
if(isset($_POST['password'])){
$TABLE= $_POST['password'] ;
}

$username  = null ;
$password  = null ;

$connection = odbc_connect('Olympics', '', '');

if (!$connection)
{exit("Conection Failed: " . $connection);}

$username = stripslashes($username);
$password = stripslashes($password);

$sql = "select * from users where users = '$username' and passwords = '$password'";

$rs=odbc_exec($connection,$sql);

$count=odbc_num_rows($rs);

if ($count == 1) {
     $_SESSION['loggedIn'] = "true";
     header("Location: searchpage.php");
} else {
     $_SESSION['loggedIn'] = "false";
    header("Location: index.php");
echo "Login failed" ;
}

}

echo "<form action='index.php' method='post'> \n" ;
echo" Please enter your username and password if you wish. <br/> \n" ;
echo "Username: <input type='text' name='username' > \n " ;
echo "Password: <input type='password' name='password' > \n" ;
echo "<input type='submit' value='Login' name='submit'> <br/> \n" ;
echo "<input type='submit' value='You may also continue you as a guest.'> \n" ;

?>
</body>
</html>

Php Login Form Verifying Username With Odbc Connect To Access

Similar Tutorials

View Content

So basically my project is one where the user can log onto my website, and the page then checks if the ID and password are in my table in my microsoft access file.

If the username and password are the same, the user continues, if it isnt, then it stays on the same page and says something like "username and/or password are incorrect" or something along the lines of that.

the problem is right now im not sure how to make it say "ERROR username and/or password is incorrect" if the username and password dont match. Can someone help me with this? and also make sure if the username and password are correct that it goes to the next page, entitled searchpage.php

here is the code Code: [Select]
<html>
<head>
<style type="text/css">

</style>
</head>
<body style="text-align:center">

<div id='title'>

</div>

<?php

print_r ($_POST) ;

if

if (isset($_POST['Login'])) {

if(isset($_POST['username'])){
$username= $_POST['username'] ;
}
if(isset($_POST['password'])){
$TABLE= $_POST['password'] ;
}

$username  = null ;
$password  = null ;

$connection = odbc_connect('Olympics', '', '');

if (!$connection)
{exit("Conection Failed: " . $connection);}

$username = stripslashes($username);
$password = stripslashes($password);

$sql = "select * from users where users = '$username' and passwords = '$password'";

$rs=odbc_exec($connection,$sql);

$count=odbc_num_rows($rs);

if ($count == 1) {
     $_SESSION['loggedIn'] = "true";
     header("Location: searchpage.php");
} else {
     $_SESSION['loggedIn'] = "false";
    header("Location: index.php");
echo "Login failed" ;
}

}

echo "<form action='index.php' method='post'> \n" ;
echo" Please enter your username and password if you wish. <br/> \n" ;
echo "Username: <input type='text' name='username' > \n " ;
echo "Password: <input type='password' name='password' > \n" ;
echo "<input type='submit' value='Login' name='Login'> <br/> \n" ;
echo "<input type='submit' value='You may also continue you as a guest.'> \n" ;
echo "</form>" ;

?>
</body>
</html>

Login Form - Member And Admin Page After Login

Similar Tutorials

View Content

hi

i need help an idea how can i separate members from admins
since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something)
how what i want to do is separate members and admins because admin need more rights to do
now i have idea but dont know will it work like that
what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work?
and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag?

Facebook Login Tutorial For Php Login Script?

Similar Tutorials

View Content

Hello guys,

Is there on web any updated tutorial on how can I add Facebook login on my simple php login script?

Helping With Admin Login And User Login

Similar Tutorials

View Content

Hi guys,

Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!"

Any suggestion and help would be appreciated.
Thanks.

login.php

<?php

//Assigned varibale $error_msg as empty

//$error_msg = "";

session_start();

$error_msg = "";

if (isset($_POST['submit'])) {

if ($a_username = "admin" && $a_password = "123")

{

//Define $_POST from form text feilds

$username = $_POST['username'];

$password = $_POST['password'];

//Add some stripslashes

$username = stripslashes($username);

$password = stripslashes($password);

//Check if usernmae and password is good, if it is it will start session

if ($username == $a_username && $password == $a_password)

{

session_start();

$_SESSION['session_logged'] = 'true';

$_SESSION['session_username'] = $username;

//Redirect to admin page

header("Location: admin_area.php");

}

$username = (isset($_POST['username'])) ? $_POST['username'] : '';

$password = (isset($_POST['password'])) ? $_POST['password'] : '';

if($username && $password) {

$connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!");

mysql_select_db("friendsdb") or die ("Couldn't find the DB");

$query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'");

$numrows = mysql_num_rows($query);

if ($numrows != 0){

while ($row = mysql_fetch_array($query)) {

$dbusername = $row['username'];

$dbpassword = $row['password'];

}

//Check to see if they are match!

if ($username == $dbusername && md5($password) == $dbpassword) {

header ("Location: user_area.php");

$_SESSION['username'] = $username;

}

else

$error_msg = "Incorrect password!";

//code of login

}else

$error_msg = "That user does not exist!";

//echo $numrows;

}

else

$error_msg = "Please enter a username and password!";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login Page</title>
</head>

<body>
<br />
<?php

require "header.php";
?><br />
<div align="center">
<table width="200" border="1">

<?php

// If $error_msg not equal to emtpy then display error message

if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?>

<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">

Username: <input type="text" name="username" /><br /><br />

Password: <input type="password" name="password" /><br /><br />

<input type="submit" name = "submit" value="Log in" />
</form> <p> </p>

Register a <a href="register.php">New User</a>
</table>
</div>
</body>
</html>

How To Add The Ability To Login With Username Or Email For Login?

Similar Tutorials

View Content

How to add the ability to login with username or email for login?

<?php 
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
	header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
	$email = mysqli_real_escape_string($conn, $_POST['email']);
	$password = mysqli_real_escape_string($conn, $_POST['password']);
	$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
	if ($row = mysqli_fetch_array($result)) {
		$_SESSION['user_id'] = $row['uid'];
		$_SESSION['user_name'] = $row['user'];	
		$_SESSION['user_email'] = $row['email'];		
		header("Location: ../dashboard");
	} else {
		$error_message = "Incorrect Email or Password!!!";
	}
}
?>

Login Using External Side Login System

Similar Tutorials

View Content

Hi guys.

What I want to create is really complicated. Well I have a login system that works with post on an external website.
I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users.
What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login".
If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry".

So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login.

Any idea??

Thanks

Why Won't My Login Page Actually Login?

Similar Tutorials

View Content

Hello, I am once again desperately asking for your help,

I am working on a simple login page and I am having trouble actually getting it to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now

This is the code any suggestions would be greatly appreciated

<?php
    /*
    Name: Deanna Slotegraaf 
    Course Code: WEBD3201
    Date: 2020-09-22
    */

    $file = "sign-in.php";
    $date = "2020-09-22";
    $title = "WEBD3201 Login Page";
    $description = "This page was created for WEBD3201 as a login page for a real estate website";
    $banner = "Login Page";
    require 'header.php';

    $error = "";

    if($_SERVER["REQUEST_METHOD"] == "GET")
    {
        $username = "";
        $password = "";
        $lastaccess = "";        
        $error = "";
        $result = "";
        $validUser = "";
    }
    else if($_SERVER["REQUEST_METHOD"] == "POST")
    {        
    	$conn;
        $username = trim($_POST['username']); //Remove trailing white space
        $password = trim($_POST['password']); //Remove trailing white space

    if (!isset($username) || $username == "") {
      $error .= "<br/>Username is required";
    }
    if (!isset($password) || $password == ""){
      $error .= "<br/>Password is required";
    }
    if ($error == "") {
      $password = md5($password);
      $query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'";
      $results = pg_query($conn, $query);
      //$_SESSION['username'] = $username;
        //$_SESSION['success'] = "You are now logged in";
        header('location: dashboard.php');
      }else {
        $error .= "Username and/or Password is incorrect";
      }

}

?>

<div class = "form-signin">
    <?php
             echo "<h2 style='color:red; font-size:20px'>".$error."</h2>";
    ?>
<form action = "<?php echo $_SERVER['PHP_SELF'];  ?>" method="post">

      <label for="uname"><b>Login ID</b></label>
      <input type="text" name="username" value="<?php echo $username; ?>"/>
      <br/>
      <label for="psw"><b>Password</b></label>
      <input type="password" name="password" value="<?php echo $password; ?>"/>
      <br/>
        <button type="submit" name="login_user">Login</button>
        <button type="reset">Reset</button></div>
</form>
</div>

<?php require "footer.php"; ?>

Check Login / Login

Similar Tutorials

View Content

Hi everyone i wonder if you can help me he

I need a script for a login and check login- create cookie.

Here is my form:

<form method="post" action="check_login.php">
<p>
<input type="submit" name="Submit2" value="go" />
</fieldset>
</p>
</form>

that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box)

But now all it does is send me straight to the memebrs area???

Can i change the check_login.php script to make it work correctly:

Code: [Select]
<?php
// Connects to your Database
mysql_connect("server", "user", "password") or die(mysql_error());
mysql_select_db("DB") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['upassword'])
{
}
else
{
header("Location: members_area.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['upassword']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
$info['upassword'] = stripslashes($info['upassword']);
$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
if ($_POST['upassword'] != $info['upassword']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['upassword'], $hour);

//then redirect them to the members area
header("Location: members_area.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table width="316" height="120" border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="upassword" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

Can't Access My Site

Similar Tutorials

View Content

Hi, i am learning WordPress and have just started, but i have a problem....when i try to access my site i get this:

Warning: Cannot modify header information - headers already sent by (output started at /home/smra9/public_html/wp-content/themes/evanescence/functions.php:6) in /home/smra9/public_html/wp-includes/pluggable.php on line 890

when i open pluggable.php and i go to the line 890 it says:

header("Location: $location", true, $status);

i will also copy a text from line 885 to 890 so maybe you will understand better:

if ( $is_IIS ) {
header("Refresh: 0;url=$location");
} else {
if ( php_sapi_name() != 'cgi-fcgi' )
status_header($status); // This causes problems on IIS and some FastCGI setups
header("Location: $location", true, $status);
}

Can anyone help me, i don't know what to do

Php Directory Access.

Similar Tutorials

View Content

Hello, folks.
I am having a little trouble with this script. I want it to be able to read a directory, not just a file, and list all files in the directory along with their id3 tags. I can't get it to read all the files, it reads only the first file in the directory.
Here, I'm posting the basic (stripped down) script, without mods or add-ons.
I would appreciate any help.
Thanks.

Code: [Select]
<?php
    require('error.inc.php');
    require('id3.class.php');
    $nome_arq  = 'music.mp3';
$myId3 = new ID3($nome_arq);
if ($myId3->getInfo()){
         echo('<HTML>');
         echo('<a href= "'.$nome_arq.'">Click to play: </a><br>');
         echo('<table border=1>
               <tr>
                  <td><strong>Artist</strong></td>
                  <td><strong>Title</strong></font></div></td>
                  <td><strong>Track</strong></font></div></td>
                  <td><strong>Album/Year</strong></font></div></td>
                  <td><strong>Genre</strong></font></div></td>
                  <td><strong>Comments</strong></font></div></td>
               </tr>
               <tr>
                  <td>'. $myId3->getArtist() . '&nbsp</td>
                  <td>'. $myId3->getTitle()  . '&nbsp</td>
                  <td>'. $myId3->getTrack()  . '&nbsp</td>
                  <td>'. $myId3->getAlbum()  . '/'.$myId3->getYear().'&nbsp</td>
                  <td>'. $myId3->getGender() . '&nbsp</td>
                  <td>'. $myId3->tags['COMM']. '&nbsp</td>
               </tr>
            </table>');
         echo('</HTML>');
    }else{
     echo($errors[$myId3->last_error_num]);
   }
?>

Selling Api Access

Similar Tutorials

View Content

I've got data in a mySql database which is updated daily. I would like to allow webmasters to place this data in a form of a widget on their websites provided they pay for access. If not payment comes through we should be able to block access. Any suggestions how this project would be designed?

Website Access

Similar Tutorials

View Content

Hi I'm after a solution to a problem I have. I'm building a small site for charity which the the client wants to email(with a url link) to say 1000 selected companies but only wants them to be able to view the site and register interest and not anyone else or if they forward the mail to a non prefered client? Any help to point me in the right direction would be good thank-you.

File Access

Similar Tutorials

View Content

Hi guys,

I am making a site where users upload files (like images, pdfs, etc) to the server.

My question is, how does Facebook handle file permissions, restricting access to files uploaded to their servers based on what a user sets?
Because I need to implement a similar thing and have no idea how to do it in a clean way.

I have had two thoughts on storing the files 1) in a DB or 2) in a folder out of the wwwroot, which would prevent access by anyone without knowing the path (or some such) but it is the more "real" permissions implementation I am stuck on.

I obviously would like to achieve this with PHP and MySQL(i).

Any help is much appreciated.

Cheers in advance.

Best Way To Validate Access

Similar Tutorials

View Content

Hi,

I want to control a variable (decide whether to track click if coming from a specific site oppose to hitting the final site (destination) directly.
For example:

www.portal.com - this will be a management site that will redirect viewers to the the final destination based on variable info - for exmample $a=123 or $a= 567 - which would come in as www.portal.com?a=123 or www.portal.com?a=567

Note: 123 would redirect to www.abc.com?a=123 and/or 567 would redirect to www.xyz.com?a=567 with said variable(s).
------

My question is this: What is the best method to authenticate (both on) www.abc.com and/or www.xyz.com that the referred viewer came from www.portal.com?
I know about the super globals (HTTP_REFERER) but want to know if there are other (more) secure method to manage this interaction between external domains /websites?

Any insight on this appreciated - thanks!

Not Able To Access My Id Property

Similar Tutorials

View Content

Hey Guys. I have a class named CoreCartFunctions. In the class there is a protected property named $menu_item_id which is initialized as null. A method named GetMenuItemId assigns the $menu_item_id its value. I have tested it out using the following, to see if a value got returned and it did

fb($menu_item_id->GetMenuItemId(), "This is the menu id");

The problem is when I access the property from a different public method in the same class it dones't return anything.

fb($menu_item_id->DisplayMenuItems());

It only returns something when I hard code a value to it.... Not sure why this is happening. Here is my full code. Please not the example below may have some syntax errors since I just copied and paste pieces of my code, to show a quick and dirty example.

class CoreCartFunctions {


protected $menu_item_id = NULL; 


public static $items; //Equal to the a long session string

protected function GetMenuItemId() {


      foreach (self::$items as $menu_item_id_session) {


/***********************************
Get the id of the menu item item
************************************/
$this->menu_item_id = preg_match_all('/\-(.*?)\*/',$menu_item_id_session,$match_found)?$match_found[1][0]:"";
// The following line shows example of above line
// $menu_item_id = "12";

public function DisplayMenuItems(){
  

return $this->menu_item_id; // Doesn't return Item ID

}




}

How Do I Access An Array Outside Of If?

Similar Tutorials

View Content

When I send values to the foreach they are not recorded in the array.

$x = $getProductID;
$_SESSION['pColors'] = array();

if(isset($_POST['pColors'])) {

    foreach($_POST['pColors'] as $colorKey => $RColors) {
        $_SESSION['pColors'][$colorKey] = $RColors;
    }
}

var_dump($_SESSION['pColors']);

Send date with AJAX:

                $('.addToCart').click(function(){
                    $.ajax({
                        url:""+realLink+"cart.php",
                        method:"POST",
                        data:{action:action,pColors:pColors},
                            success:function(data){
                               //alert(data);
                            }
                    });
                });

How To Access Symmetric Key?

Similar Tutorials

View Content

If a client connects to a ReactPHP TLS socket server, is it possible to obtain the symmetric key from within the PHP code? Hoping it will allow me to decrypt analysis traffic between two using Wireshark.