|
PHP - Check If User Has Paid Script.
I would like to create a script to check wether a user has made a payment to access a members only area of my site, much like a check-login script that checks if the user has logged in, i need it do do a similar check only its not looking to see if the user is logged in but if they have ever paid and if not; send them to the payments page before the access is granted... What section(s) if any, do i need to modify from this check-login script to change it to check for their payments?
Code: [Select] <?php ob_start(); // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> Similar TutorialsI have mysql table titled fee_payment.
details of the table:
fee_payment Table
payment_id student_id name class term year date amount
1 6 john JHS2 2nd_term 2013 23-04-2013 56 67
2 6 john JHS2 2nd_term 2013 23-04-2013 56 34
3 5 peter JHS3 3rd_term 2014 23-04-2014 56 85
4 6 john JHS2 2nd_term 2014 23-04-2014 56 76
5 6 john JHS2 3rd_term 2014 23-04-2014 56 34
6 6 john JHS2 2nd_term 2014 23-04-2014 56 23
7 5 peter JHS2 3rd_term 2014 23-04-2014 56 43
what i need to do now is to sum total amount paid by each student so that i can view payment records based on term and year.
what i have tried:
Controller:
/******MANAGE FEE PAYMENTS / INVOICES WITH STATUS*****/ function payfees($param1 = '', $param2 = '', $param3 = '') { if ($this->session->userdata('admin_login') != 1) redirect(base_url(), 'refresh'); if ($param1 == 'create') { $data['student_id'] = $this->input->post('student_id'); $data['name'] = $this->input->post('name'); $data['class_id'] = $this->input->post('class'); $data['term'] = $this->input->post('term'); $data['year'] = $this->input->post('year'); $data['amount'] = $this->input->post('amount'); $data['creation_timestamp'] = strtotime($this->input->post('date')); $this->db->insert('fee_payment', $data); redirect(base_url() . 'index.php?admin/payfees', 'refresh'); } if ($param1 == 'do_update') { $data['student_id'] = $this->input->post('student_id'); $data['class_id'] = $this->input->post('class'); $data['term'] = $this->input->post('term'); $data['year'] = $this->input->post('year'); $data['amount'] = $this->input->post('amount'); $data['creation_timestamp'] = strtotime($this->input->post('date')); $this->db->where('payment_id', $param2); $this->db->update('fee_payment', $data); redirect(base_url() . 'index.php?admin/payfees', 'refresh'); } else if ($param1 == 'edit') { $page_data['edit_data'] = $this->db->get_where('fee_payment', array( 'payment_id' => $param2 ))->result_array(); } if ($param1 == 'delete') { $this->db->where('payment_id', $param2); $this->db->delete('fee_payment'); redirect(base_url() . 'index.php?admin/payfees', 'refresh'); } $page_data['page_name'] = 'payfees'; $page_data['page_title'] = get_phrase('fee_payment'); $this->db->order_by('creation_timestamp', 'term'); $page_data['payments'] = $this->db->get('fee_payment')->result_array(); $this->load->view('index', $page_data); } The Invoice: <div class="box-content"> <?php foreach($edit_data as $row):?> <div class="pull-left"> <span style="font-size:20px;font-weight:100;"> <?php echo get_phrase('payment_to');?> <img width="50" height="30" src="<?php echo base_url();?>uploads/logo.png" style="max-height:100px;margin:20px 0px;" /> </span> <br /> <?php echo $system_name;?> <br /> <?php echo $this->db->get_where('settings' , array('type'=>'address'))->row()->description;?> </div> <div class="pull-right"> <span style="font-size:20px;font-weight:100;"> <?php echo get_phrase('credited_account:');?> </span> <br /> <?php echo $this->db->get_where('student' , array('student_id'=>$row['student_id']))->row()->name;?> <br /> <?php echo get_phrase('student_id');?> : <?php echo "FAVECSID0000", $this->db->get_where('student' , array('student_id'=>$row['student_id']))->row()->student_id;?> <br /> <?php echo get_phrase('class');?> : <?php $class_id = $this->db->get_where('student' , array('student_id'=>$row['student_id']))->row()->class_id; echo $this->db->get_where('class' , array('class_id'=>$class_id))->row()->name; ?> </div> <div style="clear:both;"></div> <hr /> <table width="100%" background="http://localhost/sch...backlogos.png"> <tr style="background-color:#7087A3; color:#fff; padding:5px;"> <td style="padding:5px;"><?php echo get_phrase('payment_details');?></td> <td width="30%" style="padding:5px;"> <div class="pull-right"> <?php echo get_phrase('amount');?> </div> </td> </tr> <tr> <td> <span style="font-size:20px;font-weight:100;"> <?php echo get_phrase('payment_made');?> </span> <br /> </td> <td width="30%" style="padding:5px;"> <div class="pull-right"> <span style="font-size:20px;font-weight:100;"> <?php echo "Gh", $row['amount'];?> </span> </div> </td> </tr> <tr> <tr> <td> <span style="font-size:20px;font-weight:100;"> <?php echo get_phrase('balance');?> </span> <br /> <?php echo $row['description'];?> <?php $exams = $this->db->get_where('fee_payment', array('student_id'=>$row['student_id']))->result_array(); foreach($exams as $row): ?> <?php $ttpaid = sum($row['amount']); echo $ttpaid;?> <?php endforeach; ?> </td> <td width="30%" style="padding:5px;"> <div class="pull-right"> <span style="font-size:20px;font-weight:100;"> <?php $tuition = $this->db->get_where('student' , array('student_id'=>$row['student_id']))->row()->tuition_fee; $status = $this->db->get_where('student' , array('student_id'=>$row['student_id']))->row()->status_fee; $total_fees = $tuition + $status; $balance_fee = $total_fees - $row['amount']; echo "Gh", $balance_fee; ?> </span> </div> </td> </tr> <tr> <td></td> <td width="30%" style="padding:5px;"> <div class="pull-right"> <hr /> <?php echo get_phrase('status');?> : <?php echo $row['status'];?> <br /> <?php echo get_phrase('receipt_no:');?> : <?php echo "FAVECSFP0000",$row['payment_id'];?> <br /> <?php echo get_phrase('date');?> : <?php echo date('m/d/Y', $row['creation_timestamp']);?> </div> </td> </tr> </table> <br /> <br /> <?php endforeach;?> </div> </div> output: ayment To fffff P O BOX 126 Credited Account: john Student Id : FAVECSID00006 Class : JHS2A I am developing paid property listing php website, I do not have al lot of scripting/database experience that is why I am farming this part of the work out. This website will provide a listing service which real estate agents can go to the site and look at the properties. They can search by Zip, city, or Sale by Owner. Alternatively, they can look at all the properties or recently posted. They will be able to see one tiny thumbnail with limited info like zip code/city. In order to see more pictures or get address info they will need to sign up and pay for each property to get more pics/info. So I need the script/scripts to do the following: 1. Provide all the search criteria as listed above (search by zip, search by city, Sale by Owner, Page that populates all the properties) 2. Provide a database interface so that I can upload the pics and enter new entries that will dynamically embed into my site. 3. Provide user access (new and existing) 4. Provide a shopping cart and payment gateway (Provide options for both Paypal and traditional Credit Card payment gateways) which will then allow the user access to the full info. 5. Must be able to integrate into my existing website/CSS If you are wondering if this will work, do not worry. My guy is taking the pics and getting the info has been getting business from real estate agents with this by word of mouth, it will work. Let me know ASAP as I am taking bids and looking to implement quickly. I can send a mock up by the man doing the property finding. Let me know what other info you need in order to get an accurate quote. best regards, Jordan McGehee Hi there,
I've been searching the internet for the best way to check if the user has been logged in. Some codes have security breaches. So I'm not sure where to start.
Here's what I've come up with:
The user logs in and is checked whether he/she is a valid user, if not return false and if true carry on and create session, I read the post that Jacques1 made about session feedback and implemented what he said. After that the session variables are assigned and then the user id, session_id and a unique identifier to check against on each page load are inserted into a database and then the user is logged in.
Here's my code: (please note this is in a class and only shows the login function)
function Login($username, $password)
{
try
{
$db = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME.";charset=utf8", DB_USERNAME, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
}
catch(PDOException $ex)
{
echo "Unable to connect to DB";
error_log($ex->getMessage());
}
try
{
$User_Info = $db->prepare("SELECT * FROM users WHERE username=:username");
$User_Info->bindValue(":username", $username, PDO::PARAM_STR);
$User_Info->execute();
$Info = $User_Info->fetchAll(PDO::FETCH_ASSOC);
$salt = $Info['salt'];
$password = $salt . $password;
$password = $this->CreateHash($password);
$unique_key = $this->GenerateRandom();
$unique_key = $this->CreateHash($unique_key);
$Check_User = $db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");
$Check_User->bindValue(":username", $username, PDO::PARAM_STR);
$Check_User->bindValue(":password", $password, PDO::PARAM_STR);
$Check_User->execute();
if($Check_User->rowCount() > 0)
{
while($row = $Check_User->fetchAll(PDO::FETCH_ASSOC))
{
session_destroy();
session_start();
$_SESSION = array();
session_regenerate_id(true);
$_SESSION['username'] = $row['username'];
$session_id = session_id();
$user_id = $row['id'];
$Check_Logged_In = $db->prepare("DELETE FROM logged_in_users WHERE user_id=:userid");
$Check_Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Check_Logged_In->execute();
$has_changed = $Check_Logged_In->rowCount();
if($has_changed > 0)
{
$Logged_In = $db->prepare("INSERT INTO logged_in_users (id, user_id, session_id, unique_key) VALUES (NULL, :user_id, :session_id, :unique_key)");
$Logged_In->bindValue(":user_id", $user_id, PDO::PARAM_STR);
$Logged_In->bindValue(":session_id", $session_id, PDO::PARAM_STR);
$Logged_In->bindValue(":unique_key", $unique_key, PDO::PARAM_STR);
$Logged_In->execute();
$affected_rows = $Logged_In->rowCount();
if($affected_rows > 0)
{
return true;
}
}
return false;
}
}
return false;
}
catch(PDOException $ex)
{
echo "Unable to complete query";
error_log($ex->getMessage());
}
}
Thanks
Hey guys, How do I check to see if the user has been login on the page that they are on? I have a login and I want users to login before then can go to other pages. thanks guys, hi, how can i check if a username exists? i tried this
$usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
$usrres = mysql_query($usrsql);
$usrcount = mysql_num_rows($usrres);
if($usrres && mysql_num_rows($usrcount)>0) {
die("Username is already taken!");
}
Hi, I want have this code (below), how would I check if a user is logged in? I want to make it so they can only see 500 chars, or the full thing if they're logged in. Thanks! Code: [Select] public function __construct( $data=array() ) { if ( isset( $data['id'] ) ) $this->id = (int) $data['id']; if ( isset( $data['publicationDate'] ) ) $this->publicationDate = (int) $data['publicationDate']; if ( isset( $data['title'] ) ) $this->title = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['title'] ); if ( isset( $data['summary'] ) ) $this->summary = preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-zA-Z0-9()]/", "", $data['summary'] ); if ( isset( $data['content'] ) ) $this->content = $data['content']; if ( isset( $data['tags'] ) ) $this->tags = $data['tags']; } So let's say if contact_name wants to add member_name as a friend, how would i make it say user is already pending? what variables to check? or should i make friends table and a friends_pending table? Hey, so I'm trying to check the database if the user and email already exists when registering.
<?php
include_once('includes/config.php');
if(isset($_POST['submit'])) {
$username = $_POST['username'] ? trim($_POST['username']) : null;
$password = md5($_POST['password']) ? trim($_POST['password']) : null;;
$email = ($_POST['email']);
$message = "";
if(empty($username) || empty($password) || empty($email)) {
$message = "All fields required";
} else {
$sql = "SELECT COUNT(username) AS userNum FROM users WHERE username = :username";
$sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['userNum'] >0) {
die("That username already exists!");
} elseif($row['emailNum'] > 0) {
die("That email already exists!");
}
$sql = "INSERT INTO users (username, password, email) VALUES (:username, :password, :email)";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->bindValue(':password', $password);
$stmt->bindValue(':email', $email);
$result = $stmt->execute();
if($result) {
$message = "Registration was successful";
}
}
}
?>
If I remove this line " $sql = "SELECT COUNT(email) AS emailNum FROM users WHERE email = :email"; the code works but only checks the username. How can I check both? Hello people i have a system that takes people to generated pages from the database, the user has a field to input a video and others watching videos will get redirecting to tht video in time, what i want to know is how can i tell if a user viewed the page so to stop them getting redirected to it again by my random video query? The link always is video.php?id=blabla the id changes every refresh, so i can call that id to check if there on the page but how can i tell if they have been on it before. on all my secured pages at the the very top the code is Code: [Select] <?php require ("u_check_login.php"); ?> and then the u_check_login.php code is Code: [Select] <?php require('database.php'); //Include DB connection information $ip = mysql_real_escape_string($_SERVER["REMOTE_ADDR"]); //Get user's IP Address $email = mysql_real_escape_string($_COOKIE['uemail']); //Get username stored in cookie $pp = mysql_real_escape_string($_COOKIE['pp']); if ($pp == 1){ $sessionid = mysql_real_escape_string($_COOKIE['sessionid']); //Get user's session ID $check = mysql_query("SELECT * FROM `users` WHERE `email` = '$email' AND `session_id` = '$sessionid' AND `login_ip` = '$ip' AND `pp` = '1' ") or die(mysql_error()); //Check if all information provided from the user is valid by checking in the DB $answer = mysql_num_rows($check); //Return number of results found. Equal to 0 if not logged in or 1 if logged in. if ($answer == 0 || $sessionid == '') { //Check if login is valid. If not redirect user to login page header('Location: ulogin.php'); exit(); } $row = mysql_fetch_array($check); $email = stripslashes($row['email']); }else{ header('Location: ulogin.php'); } ?> and this error is being displayed on my page that is supposed to not have let me on because i was not logged in Code: [Select] Warning: Cannot modify header information - headers already sent by (output started at /home/content/03/8587103/html/pinkpanthers/pinkpanthers.php:1) in /home/content/03/8587103/html/pinkpanthers/u_check_login.php on line 17 I have a site where the user must view a timed loader before playing an audio bible. I'm noticing some direct linking to the bible player instead of sitting through the loader... I need to check the previous page's url before actually loading the player. I through together a script last ween in javascript and people reported error, so I assumed it would be best server side anyway. I haven't coded anything in PHP since PHP3. So, I'm asking for your expert options and help... I haven't tested this yet, but is this the best method and are they any problems with this method (if it works). $realname = basename($_SERVER[loader], ".php"); if ($realname == 'loader.php') { return(); } else { // rediret to a notice to user that this isn't allow header( 'Location: http://www.yoursite.com/new_page.html' ) ; } Hi Guys, Just a quick introduction I am NOT a student I am a IT Technician in a School in the South of the United Kingdom. I am trying to write a PHP Script with a Function that Checks if the user is logged in, if the user is logged in then it shows the user the content on the page but if they are not logged in then to show a blank page with a link to the Login Page. I need it to be simple. I just want it to check if a useer is logged in but if there not only show some content on a page. Can anyone help? My Users login into a php Session. Thanks for any help you can offer. Best Regards Thomas Hi I have a live chat integrated into my website that uses Ajax, PHP and MySQL. When two people have the chat window open they can chat and it works fine. How can I send an alert to the person being requested to chat with, or for the chat.php page to popup automatically. It prob needs to be some function constantly running in the background check the DB for new message entries. Thanks Jay Hi, I'm trying to change an OpenSource software that is using PHP code, I'm somewhat new to PHP and am wanting to learn more on it, but I'm having trouble a couple of things. On rightcolumn.tpl, I include another file called login_rightside.tpl where it is a login box. What I want to do is if the user clicks "Register" and gets taken to "signup.php" then that login box on "login_rightside.tpl" should disappear. So basically my pseudocode is this: Code: [Select] if (current page = signup.php do nothing else {include file="login_leftside.tpl"} end if My problem is how to tell it that the current page is signup.php. If anyone can provide some help, I'd appreciate it. i want a code in php to check if user open this pageĀ Can you see if a request (post/get) is from a curl request or an actual user? I am trying to defeat a little bit of fraud. Hi all, I've got a website for an event, each team have their details on a page which are recalled from a SQl database. But I'm wanting to create a password input box for each team, so when they enter the correct password they are taken to a page containing forms where they can edit the team details. Here is the page with the users details on where they anter the password: http://www.wharncliffenetwork.co.uk/wrc/entered/team.php?id=8 I'm not sure how to code it, Can an IF statement be used? Anyone got any pointers? I'f been unsuccessful in finding a tutorial or something similar. Hope that makes sense :S Cheers. Code what i made so far.
$inputText = 'This is testing http://www.youtube.com';
$allowedDomains = 'www.google.com
youtube.com/
http://www.test.org';
$array = preg_split('/[\s]+/', $allowedDomains);
$regex = '';//Need this line
if(preg_match($regex, $inputText)){
print 'Domain match!';
}else{
print 'Domain not match!';
}
Edited by jacob21, 16 October 2014 - 08:31 AM. Im creating a token system where if a user uploads notes they get tokens and can download other peoples notes. My problem is I am not sure where to store the information for who has bought the note for future download. Should I store the information in the database under the table that looks after the notes, in its own table, or in a file that has arrays of the Note names and the users who are allowed to download it. I figured the best way would to have it in the db table that looks after the users but im not sure how I would get about making it so that every time the user bought another note I didnt have to add a new field. I am having a bit of a problem with my log on scrip sense i moved to a different host. Users are able to log in but most of there info isn't passed. The way I have it set up right now if your logged in the home page says "You are signed in as: 'user'". But all its showing is "You are signed in as:". The only thing I can tell that is getting passed is there user rank. There are other areas where the email is not showing up ether. Here is what i have. This is on every page unless your logged in Code: [Select] <form name="form1" method="post" action="checklogin.php"> <span class="rulesub">Username:</span><input name="myusername" type="text" id="myusername" /> <span class="rulesub">Password:</span><input name="mypassword" type="password" id="mypassword" /> <input type="submit" name="Submit" value="Login" /> <div align="center">Not a member? <a class="nav" href="new_user.php">Sign up.</a> </form> This is my check log in script Code: [Select] <?php ob_start(); include"scripts/connect.php" ; mysql_connect('localhost',$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $encrypted_password=md5($mypassword); $sql="SELECT * FROM user WHERE username='$myusername' and password='$encrypted_password' and active=1"; $result=mysql_query($sql); $count=mysql_num_rows($result); $row = mysql_fetch_assoc($result); $rank = $row['rank']; $loggedinusername = $row['username']; $loggedinuseremail = $row['email']; if($count==1){ session_start(); $_SESSION['login'] = "1"; $_SESSION['rank'] = $rank; $_SESSION['loggedinusername'] = $loggedinusername; $_SESSION['loggedinuseremail'] = $loggedinuseremail; header ("Location:index.php"); } else { $errorMessage = "Invalid Login"; session_start(); $_SESSION['login'] = ''; header ("Location:login.php"); } ?> This is what i have for the session part on every page Code: [Select] <?php session_start(); $_SESSION['login']; $_SESSION['rank']; $_SESSION['loggedinusername'] = $loggedinusername; $_SESSION['loggedinuseremail'] = $loggedinuseremail; $rank=$_SESSION['rank']; $loggedinusername=$_SESSION['loggedinusername']; $loggedinuseremail=$_SESSION['loggedinuseremail']; ?> And this is what I am using to show the user name. Code: [Select] <?php if($rank>=1){ ?> <p class="rulesub"> You are signed in as: <?php echo $loggedinusername; ?> <br /><a class="nav" href="logout.php" title="Log out" target="_self">Log Out</a> </p> <?php }?> Thanks in advance |
|||||||