PHP - Log In Which Will Divert To One Of Two Different Pages Depending On Member Type

Hi, I'm new here. I used to have a coworker to do the PHP stuff, but now I've gotta try to learn it.  Thanks!

New member to this forum. However, I've been working with PHP/MySQL for a couple years.    Looking to learn some new things as well as contribute when possible. 

hey i was trying to make a new login system with member area the problem is that i wanted to add point system which i can add points manual to members by creating a new column called 'points' and add the following code to member area echo 'you got , '.$_SESSION['points']; but it didn`t work here is my member.php page any tip or advice would be helpful much appreciated ♥

<?php  session_start();

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=322218.0

I have a class which pulls settings from the database. These settings are needed for the application to be run. Currently it queries the database on each page load and adds the information to a static variable.

What I'm after is a way to store this information in the variable so it can be accessed on each page without having to query the database. Memcache is an option but it can be disabled in my application so I am after another if possible.

Thanks

Hi guys i've spent 3 whole days trying to get this to work but it dosent. My issue is very similar almost the same as: http://www.phpfreaks.com/forums/index.php?topic=296100.15 but with the code i have.

Basically i have custom member pages. member1.php member2.php the design and content will be custom to each member, they also have their own login page.

Each member should be able to access their page and simply view their secure area. They should not be able to log into another users area if they dont have the username or password for it.

Now the problem is, i have this entire script setup and it works, however i fear there is something wrong with the sessions which allows other members to access other members pages with their own passwords and usernames because they share the same database. So the script executes thinking its a valid user and lets them in.

Here is my login checker once the user is validated they are sent to their own folder header("Location: ../{$loginusername}/index.php"); and are able to view the page.


Code: [Select]
<?php
require_once('../config.php');

// Connect to the server and select the database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db")or die("Unable to select database");

// The username and password sent from login.php
$loginusername=$_POST['username'];
$loginpassword=$_POST['password'];

//The following bit of coding protects from MySQL injection attacks
$loginusername = stripslashes($loginusername);
$loginpassword = stripslashes($loginpassword);
$loginusername = mysql_real_escape_string($loginusername);
$loginpassword = mysql_real_escape_string($loginpassword);

$sql="SELECT * FROM $tbl WHERE username='$loginusername' and password='$loginpassword'";
$result=mysql_query($sql);

// Count how many results were pulled from the table
$count=mysql_num_rows($result);

// If the result equals 1, continue
if($count==1){

session_start();
$_SESSION["loginusername"] = $loginusername;
$_SESSION['user1'] = $username; // store session data
//echo "User: = ". $_SESSION['loginusername']; //retrieve data
header("Location: ../{$loginusername}/index.php");

}
// If not successful, inform the user of error
else {
echo "Wrong Username or Password";
}
?>


Now here is the secure page sample:

Code: [Select]
<?php
session_start(); 
if (!$_SESSION['user1']){ 
header("Location: login.php"); 
}else{
print "its working!";
}

?>

<html>
<body>
Login Successful for

</body>
</html>

For each login page i have given each user it's own session.. this works, however if user1 logs in and simply changes the url to user2 and enters his user2 password he is granted access giving him new sessions which means he has access to everything.

Im pretty sure im missing something really small any help would be appreciated.

Ok, so I don't really understand a lot about OOP. I was given a two big files full of classes and functions. We were hand coding this file for each use. My objective was to make an array we could use to ease the pain of coding these features.

Here is an example of what is happening to me. Can someone advise me conceptually on what to do.

Code: [Select]
include('Tons of files included here');

$myarray = array(
                             0 => array("question" => "answer"),
                             1 => array("question1" => "answer1")
                  );
class BigClass {
var $a
var $b
function fiststep(){
global $myarray;
                foreach($myarray as $anarray) {
$this->$anarray = new includedfunction1($anarray["question"]);
$this->$anarray->Values = array(array("yes", "yes"), array("no", "no"));
$this->$anarray->Multiple = true;
}
}
function nthstep(){
global $myarray;
                foreach($myarray as $anarray) {
$this->$anarray->astep();   // Error occurs: Call to a member function on a non-object
}
}
}

include('Tons of files included here');

There seem to be a number of steps that occur in one of the 10-20 include files before the data comes back to the nthstep. Once it comes back. I cannot seem to get it to be recognized as an object. If I were to manually type out the contents of $anarray. I get NO error. I am very over my head. Does anyone have a conceptual idea of my issue?

Hey everybody, please help a newba out........

I am trying to allow users to create a favorites list.

Basically there will be a list of links users can access, and I want them to be able to add individual links to their own  favorites list. I'm pretty new to php and mysql, but here's what i'm thinking...

User registers.
User gets added to table "users", and a new table is created "new_user_1 favorites"
User clicks "add to my favorites", next to a link they like.
Link is added to "new_user_1 favorites".
Table "new_user_1 favorites" is displayed under link "My Favorites".

How does this sound? Is this the way to do it, or is there something i'm missing? Do I really need a individual table for each users favorites, or is there an more efficient way?

Any input would be appreciated. Thanks folks.

hi
i have set up my1 st member area (www.sittonjewelryshop.com). everything works fine except of 1 thing with the checkuser and the verify php files. i have set it up that if some one is trying to go directly to the member area without register it wont let him and send him to the login area but for some reasson it doesnt work. if you write www.sittonjewelryshop.com/member/login_success.php it takes you directly to the membera area.
was trying to manipulate verify.php and register.php but could find the problem.
any suggestion?
tnx.

I am having problem with calling class member from with the function in that class.
<?php
class board
{


function __construct () 
{
$num_sheep_init=20;
  $num_lion_init=2;
$board_value=array(0=>'',
  1=>'',
  2=>'',
  3=>'',
  4=>'',
  5=>'',
  6=>'',
  7=>'',
  8=>'',
  9=>'',
  10=>'',
  11=>'',
  12=>'',
  13=>'',
  14=>'',
  15=>'',
  16=>'',
  17=>'',
  18=>'',
  19=>'',
  20=>'',
  21=>'',
  22=>'',
  23=>'',
  24=>'');
$random_array_value=array (0,1,2,3,4,5,7,9,10,11,13,14,15,17,19,20,21,22,23,24);
$selected_index=array();
$randd=array();
$countt=0;
}
function init_board ()
{
$this->board_value['6']="S";

Above is part of the code where i am having problem. It says that it can not access empty property //$this->board_value['6']="S";

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=352032.0

Hi there,

I must say this forum looks great and its good to be here.

Now I'll get straight to the point. I am working on a website where supplier and a member should be able to login with a single UserID.

That is, a member can be a supplier at the same time (logged in with the same ID) and if he is the supplier, he should be given a link taking him to the supplier admin area. If he is just a member, that supplier link will not be there.

Having a separate ID for member and supplier is not what is required. If the member is a supplier there will be a supplier admin link.

Looking forward to hearing from you guys!

Any inputs/feedback is always welcome.

Cheers!

Sid.

I have a problem with database search for a member. I am pretty sure my sql is correct. It must be my if statements.

Upon submitting the search for a member, even if there is not a match, the link appears for the member that was entered into the search. I only want the link to show up if there is a match.

Thank you in advance.

Code: [Select]
<?php 

error_reporting(E_ALL);
require_once("./include/membersite_config.php");
//session_start();//FOR GETTING USER ONLINE SCRIPT

header("Cache-Control: nocache");
header("Expires: 0");



if(!$fgmembersite->CheckLogin())
{
    $fgmembersite->RedirectToURL("login.php");
    exit;
}

$currentUser=$_SESSION['name_of_user']; // set current user name logged in to $currentUser to grab his profil DB data later.





if(!$fgmembersite->CheckLogin())
{
    $fgmembersite->RedirectToURL("login.php");
    exit;
}

//define a maxim size for the uploaded images in Kb
define ("MAX_SIZE","100");

//This function reads the extension of the file. It is used to determine if the file is an image by checking the extension.
function getExtension($str)
 {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}

//This variable is used as a flag. The value is initialized with 0 (meaning no error found)
//and it will be changed to 1 if an errro occures.
//If the error occures the file will not be uploaded.
$errors=0;

include 'memberHeader.php';




if (isset($_POST['submit']))

{
$memberSearch=$_POST['memberSearch'];


mysql_connect(" ", " ", " ") or die(mysql_error());  // info left out
mysql_select_db(" ") or die(mysql_error()) ;


$sql = "SELECT username FROM users WHERE username='$memberSearch'";
 

$result = mysql_query($sql);

echo $result;

if (!$result) {
echo "no matching member found " . mysql_error();
exit;
}
     if($result) {
 
 echo "Your search result link: <a href='viewProfile.php?userPage=".$memberSearch."'>click here for result</a>";
}

////////////////////////////////MEMBER SEARCH FORM//////////////






 









 }
 
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<p>&nbsp;</p><p>&nbsp;</p><p><? echo "<p> &nbsp;</p><p></p><form id='form1' name='form' method='post' action=''>

 Enter a member's name here to search <input type='text' name='memberSearch' id='memberSearch' />
  <input type='submit' name='submit' id='submit'/>
</form>"; ?> </p>
</body>
</html>

I have a header as a include at the top of each page. When a member is NOT logged in, it displays a header with login option and some non member links, when member IS logged in it displays a header with member options. That part of the script works fine, however when i log in on that page and the member header is displayed.. If i visit another page or refresh that page it loses the session like its been logged out and just displays the standard header. Any help would be greatly appreciated.

index.php
Code: [Select]
<?php 
session_start();
$path = (isset($_SESSION['LOGINID']) ) ? 'memberheader.php' : 'header_tmp.php';

include( $path ); 

?>
this is the auth script included in the member header
memberheader.php
Code: [Select]
<?php
require_once('scripts/auth.php');
?>
auth.php (the actual auth script)
Code: [Select]
<?php
//Start session
session_start();{


}


if(!isset($_SESSION['LOGINID'])) {
header("location: access-denied.php");
exit();
}
?>
I didn't include login page because the login script works fine on each page except the ones with the multi header include. The pages that only include the memberheader works fine

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=357281.0