|
PHP - Cannot Pass Username Over A Session (noob)
Hello.
I am just beginning to teach myself the basics of php. I am learning from books and video tutorials etc. I have come across a problem that I just can't work out, I'm sure it is very simple. Two files, movie1.php and moviesite.php, movie1.php looks like this: Code: [Select] <?php session_start(); $_SESSION['username'] = "Joe12345"; $_SESSION['authuser'] = 1; ?> <html> <head> <title>Find My Movie!</title> </head> <body> <?php $myfavmovie = urlencode("The Life of Brian"); echo "<a href='moviesite.php?favmovie=$myfavmovie'>"; echo "click here to see information about my favourite movie!"; echo "</a>" ?> </body> </html> OK? You see the '$_SESSION['username'] = "Joe12345";', this is my specific problem. This should be echoed into the next page, moviesite.php which you can see below: Code: [Select] <?php session_start(); //check to see if the user has logged in with a valid password if ($_SESSION['authuser'] != 0) { echo "sorry, but you don't have permission to view this page"; exit(); } ?> <html> <head> <title>My Movie Site - <?php echo $_REQUEST['favmovie']; ?></title> </head> <body> <?php echo "Welcome to our site, "; echo $_SESSION['username']; echo "! <br>"; echo "My favourite movie is "; echo $_REQUEST['favmovie']; echo "<br>"; $movierate = 5; echo "My movie rating for this movie is "; echo $movierate; ?> </body> </html> OK? 'echo $_SESSION['username'];' does not echo the username. Everything else seems to be ok. This is an example I have been working on from the book 'Beginning PHP, MySQL and Apache Web Development'. I hope someone can help. The username 'Joe12345' is not carried to the next page. It is just blank. Many Thanks for all and any assistance people can give me. Similar Tutorials
Using Inline Php; <h1><font Color="000088">the Username <?php '.$username.' ?> Already Exists";</h1>
I know they do, because I tested with.
die($HASH_Pass);
And it returned the same password as the password stored with the username associated in the database.
<?php
/*
<p class="required">All fields are required</p><br/>
<form method="post" action="Scripts/UserFunctions/login.php">
<label for="username">Username:</label><input type="text" name="username" id="username" size="40px"><br/>
<label for="password">Password:</label> <input type="password" name="password" id="password" size="40px"><br/>
<input type="submit" name="submit" value="Login">
</form>
*/
if(isset($_POST['submit'])){
//set default variables
$msg = "";
$error = false;
//set variables from user input
$Username = $_POST['username'];
$Password = $_POST['password'];
$HASH_Pass = hash("sha512", $Password);
//include connection
require_once("../DB/connect.php");
//create quarries to get data
$Query = $connect->prepare("SELECT * FROM Users WHERE Username = :hhh AND Password = :jjj");
$Query->bindValue(':hhh', $Username);
$Query->bindValue(':jjj', $HASH_Pass);
$Query->execute() or die("Not executed");
$ROWS = $Query->fetch(PDO::FETCH_NUM);
if($ROWS != 0){
$_SESSION['Logged_in']=$Username;
header("Location: http://www.family-line.dx.am/Community/profile.php?user=$Username");
exit();
} else {
$msg .= "Username and Password do not match. Try again";
$error = true;
}
if($error){
$Self = $_SERVER['PHP_SELF'];
echo <<<form
<div style="background: #efefef;">
<h2 style="color: red; font-weight: 850;">{$msg}</h2>
<p class="required">All fields are required</p><br/>
<form method="post" action="{$Self}">
<label for="username">Username:</label><input type="text" name="username" id="username" size="40px"><br/>
<label for="password">Password:</label> <input type="password" name="password" id="password" size="40px"><br/>
<input type="submit" name="submit" value="Login">
</form>
</div>
form;
}
}
?>
Spelled Queries wrong…sorry
I'm using PDO (obviously), but is there anything that would cause this error? I've made a working Login script, but I never used bindValue()...
I'm new here.
But I'm pretty sure it's not the SQL's issue, because it never displayed the or die(...)
Not sure if this helps but the script is here...
http://family-line.d....php?page=login
Username: Test
Password: Test
Edited by Masonh928, 11 January 2015 - 06:55 PM. Basically I am trying to make a list of items which I have put into an sql database. When I click on an item in the list, I want a "generic" page loaded, with the items description. Im having alot of trouble with getting this generic page to work. Heres what Ive done so far. The page with shows the list http://pastebin.com/PE8FkyYQ http://pastebin.com/GiCpV5AH The generic page with the items description. http://pastebin.com/HFnSfqN4 http://pastebin.com/C0zsHpZY If anyone can help me solve this problem, ill be greatly in there debt! hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> Code: [Select] <form action='test.php' method='post'> <input id="Username" type="hidden" name="date2" /> <input type="submit" name="action" value="Submit"></form> Hi I want to pass a Username javascript variable to test.php as hidden, anyone can help? When code this Code: [Select] <input id="Username" type="input" name="date2" />Data can pass to test.php When code this Code: [Select] <input id="Username" type="hidden" name="date2" />Data fail to pass over I'm helping out a friend who owns a boarding kennel. She would like an online site where she or a client can register, add their dogs to their profile and other info. I know CSS and HTML but have very, very little experience in PHP, I figured it would be fun to give this a try and learn something new. So far I've managed to create a register and log in area, and now I'm trying to make it possible for someone to add a dog breed from a drop down list to their "page" after they've logged in. I cannot get the data to insert into that specific user's table. I'm trying to use the session id and session username as the variable, and this is where the problem comes in. If I type the userid and the username out then the data will update fine...but that's not practical. I need it to know which user is logged in and update them accordingly. Anyway, what I'm typing here makes sense in my head but I've been staring at this computer all day and it's possible I'm way out in left field, so here's the code to see for yourself. (chances are it's something totally obvious....or I have stuff in there that doesn't belong, I haven't a clue.) Thank you in advance to anyone willing to help me out! The form <?php session_start(); $_SESSION['userid']=$userid;?> <html><body> <h4></h4> <form action="process.php" method="post"> <select name="breed" id="breed"> <option value="collie">Collie</option> <option value="aussie">Aussie</option> </select> <select name="sex"> <option>Dog</option> <option>Bitch</option> </select> <input type="submit" /> </form> </body></html> The php for that form <?php session_start(); $_SESSION['userid']=$userid; $_SESSION['Username']=$username;?> <html><body> <?php $host="localhost"; // Host name $username="silver_phptest"; // Mysql username $password="bowser"; // Mysql password $db_name="silver_phptestingbase"; // Database name $tbl_name="users"; // Table name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Get values from form $breed=$_POST['breed']; // Insert data into mysql mysql_query("UPDATE users SET dogs = '$breed' WHERE userID = '$userid'"); // close connection mysql_close(); ?> </body></html> Came a long way with the code since Friday and have another issue.
I can echo the session username on my pages but not into the insert command to the database. I need this so when a user logs in only their data will be seen. Here is the code pages.
Here is the page code this does echo the username
Logged in as <?php echo "$username"; ?>
<?php
// Start session
session_start() ;
$username = $_SESSION['username'];
// Include required functions file
require_once('include/db/functions.inc.php') ;
// Check login status ... if not logged in, redirect to login screen
if (check_login_status() == false) {
redirect('login.php') ;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add A New Tank(WAD)</title>
<style type="text/css"></style>
</head>
<body>
<p align="center"><a href="../test/index.php">Home</a> | <a href="../test/register.php">Register</a> | <a href="../test/login.php">Login</a> | <a href="../test/tank.php">Add Tank</a> | <a href="../test/fish.php">Add Fish</a> | <a href="../test/plants.php">Add Plants</a> | <a href="../test/water-test.php">Add Water Test</a> | <a href="../test/include/login/logout.inc.php">Logout</a></p></p>
<p>Logged in as <?php
echo "$username";
?> </p>
<table width="810" border="2" align="center">
<tr>
<td>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center" bgcolor="#FFFFFF" scope="col"><h2><b>Your Tanks(WAD)</b></h2></td>
</tr>
<form action="/test/include/tank/tank.inc.php" method="post" name="tank" id="tank">
<table border="2" align="center" cellpadding="0">
<tr>
<td><div align="left"><b>Tank Name: </b> </div></td>
<td><div align="left">
<input type="text" name="tankname" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Date Filled With Water: </b> </div></td>
<td><div align="left">
<input type="text" name="date" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Length: </b> </div></td>
<td><div align="left">
<input type="text" name="length" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Depth: </b> </div></td>
<td><div align="left">
<input type="text" name="depth" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Height: </b> </div></td>
<td><div align="left">
<input type="text" name="height" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Volume: </b> </div></td>
<td><div align="left">
<input type="text" name="volume" size="25" />
</div></td>
</tr>
<tr>
<td><div align="left"><b>Type of Tank: </b> </div></td>
<td><div align="left">
<input type="text" name="type" size="25" />
</div></td>
</tr>
<tr>
<td></div></td></tr>
<tr>
<td><div align="left"><b>Notes: </b> </div></td>
<td><div align="left">
<p>
<textarea name="notes" cols="50" rows="10"></textarea>
</p>
</div></td>
</tr>
<tr>
<th colspan="2"><p>
<input type="submit" value="Add New Tank" />
</p></th>
</tr>
</table>
</form>
<tr>
<td align="center" valign="top" bgcolor="#FFFFFF"><div align="center"><font size="2"> © 2014 <a href="http://www.pctechtime.com">PC TECH TIME</a> </font> </div></td>
</tr>
</table>
<tr>
<td></td></td></tr>
<tr>
<td></tr></td></tr>
</table>
</body>
</html>
This is tank.inc.php which works except for the username being inserted into the database. I did try removing the mysqli_close($con); but that didn't help. I did have it working when I removed the mysqli_close($con); but then I logged out and then back in and it stopped?
<?php
include_once "../../../test/include/db/db.inc.php";
// escape data and set variables
$tankname = mysqli_real_escape_string($con, $_POST['tankname']);
$date = mysqli_real_escape_string($con, $_POST['date']);
$length = mysqli_real_escape_string($con, $_POST['length']);
$depth = mysqli_real_escape_string($con, $_POST['depth']);
$height = mysqli_real_escape_string($con, $_POST['height']);
$volume = mysqli_real_escape_string($con, $_POST['volume']);
$type = mysqli_real_escape_string($con, $_POST['type']);
$notes = mysqli_real_escape_string($con, $_POST['notes']);
$username = $_SESSION['username'];
// # setup SQL statement
$sql="INSERT INTO tank (tankname, username, date, length, depth, height, volume, type, notes)
VALUES ('$tankname', '$username', '$date', '$length', '$depth', '$height', '$volume', '$type', '$notes')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo 'New Tank Added ';
mysqli_close($con);
?>
Hello. Basically I've created a login script. Works great. It sends users to different locations depending on what type of user they are. Now I have also created a Members account. Upon logging in this user should go to the members area. That all works fine! In the login script i stored a few session variable like username, access_level and so on. Now in the members area I am trying to make the page echo the name of the current user. I have been stairing at my code too long and can no longer see why nothing is echo'ing. Any ideas. I thought that the session_start() would continue the session in the next page and throughout the site until the person logs off and runs the session_destroy()! Is this not correct. First ill post the login script <?php include('database.php'); session_start(); if(isset($_POST['submit3'])) { $email = stripslashes($_POST['email3']); $password = stripslashes($_POST['password3']); $email = mysql_real_escape_string($_POST['email3']); $password = md5($password); $CheckUser = "SELECT * FROM Members WHERE email='".$email."' AND password='".$password."'"; $userDetails2 = mysql_query($CheckUser); $userInfo = mysql_fetch_array($userDetails2); $count = mysql_num_rows($userDetails2); if($count != 0) { $_SESSION['username'] = $userInfo['username']; $_SESSION['usertype'] = $userInfo['usertype']; $_SESSION['access_level']= $userInfo['access_level']; if($userInfo['usertype']== 'Member') { header('Location: members/index.php'); } else if($userInfo['usertype'] == 'Owner') { header('Location: owner/index.php'); } else if($userInfo['usertype'] == 'Corporation') { header('Location: corporation/index.php'); } else if($userInfo['usertype'] == 'Administrator') { header('Location: owner/admin/index.php'); } else if($userInfo['usertype'] == 'Staff') { header('Location: owner/staff/index.php'); } } else { $message = "incorrect login details"; } } ?> now ill post the members page <?php include('../database.php'); session_start(); ?> <head> <link href="stylz.css" rel="stylesheet" type="text/css" /> <link href="reset.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> WELCOME TO THE MEMBERS AREA <?php $_SESSION['username']; ?> <?php include('../title.php');?> <?php include('../nav.php');?> <div id="test"></div> <?php include('../footer.php');?> </div> </body> </html> I am under developing PHP add to cart without DB, so that i am using SESSION, actually get data from fetch_data.php data to my_cart.php using the POST method, successfully retun the values, After receiving the post data how can i convert to display like a table. workout: fetch_data.php return values. https://snag.gy/IASCMZ.jpg & values received https://snag.gy/ojWxHe.jpg Here is my my_cart.php :
// FYI -> Here i am using only two fields : voice_sku & voice_name
<table width="100%" cellpadding="6" cellspacing="0">
<thead>
<tr>
<th>Voice Sku</th>
<th>Voice Name</th>
<th>Remove</th>
</tr>
</thead>
<tbody>
<?php
session_start();
$voice_sku = '';
$voice_name = '';
if(isset($_POST['voice_sku'])&& isset($_POST['voice_name']))
{
// print_r($_POST);
// die();
$voice_sku = $_POST['voice_sku'];
$voice_name = $_POST['voice_name'];
$_SESSION['voice_sku'] = $voice_sku;
$_SESSION['voice_name'] = $voice_name;
}
var_dump($_SESSION);
?>
<tr>
<td colspan="5">
<span style="float:right;text-align: right;">
<!-- -->
</span>
</td>
</tr>
<tr>
<td colspan="5">
<a href="index.php" class="button">Add More Items</a>
<button type="submit">Update</button>
</td>
</tr>
</tbody>
</table>
I tried many ways but unable to pass sessions to virtual subdomains on my site.. I edited ihi.ini file and included Code: [Select] session.cookie_domain = .mydomain.com I like to add that session is active on my main domain for www.mydomain.com only.. So how do I pass sessions for WWW to other subdomains ? Thanks n Advance Unfortunately I have no code for this yet cuz I don;t even know if its possible... I am programming an application that is used by a couple of stores, which could end up being a lot of stores. Anyways, the basis is that the stores would, though a separate application (and therefore separate database) create a username and password, I now want to use this username and password to do the following 1. Allow them to login to my application using the same username and password 2. I want the store the username in a session to pull tables based on the username from my database For instance, a user has the login store123, after loggin in it now pulls the information from the tables store123_items, store123_prices, store123_settings, etc. Now my database will have quite a lot of store###_tables I am, sadly, a noobie to PHP and I do recall seeing an article (somewhere on the net, and I stupidly forgot to bookmark it, knowing I would need it eventually) on how to access multiple databases easily. Now because they are both under my account I can use the same username and password for both, its accessing the MySQL username/password database and storing the info I know I am lacking on how to do it. Any ideas? ISSUE. A User enters information into a form. If the 'username' is already taken, a 'message' in Red and with larger font-size will be returned, for example, "The username $username already exists." If the username is 'mattd' then the message should say, "The username mattd already exists." Within my php application, I have included 'inline html'. Here is part of the code: .... if (mysql_num_rows($query_run)==1) { // it will never = more than one because only //one user will or will not exist ?> <html> </body> <h1><font color="#FF0066">The username <?php echo $username; ?>already exists.</h1> </body> </html> <?php }else{ //start the registration process $query = "INSERT INTO `Names` VALUES .... 1. At one point I did get this: "The username mattd already exists." 2. But now I only get "The username already exists." I am not retrieving the $username variable. This screenshot is found he http://imgur.com/lIwLZ1G thanks. While we're on the subject, is there a way to ensure that the first letter of a name is captalized, and the rest lowercase? Or is this best handled later on, when the name is being used and called from the DB. PS: some of us comment are code as to WHAT we are doing because we're just not that good yet, and we need to explain it to ourselves. I work with a large codebase and I have this situation come up fairly often:
the legacy class has large objects such as:
$design->motor->dimensions->a; $design->motor->dimensions->bd; $design->specifications->weight; $design->data->height; //etcWhen I create a new class, that class sometimes operates on the specific data, so say:
class MyClass
{
public function compute($weight, $height, $a)
{
//stuff
}
}
//and I call this for example as such:
(new MyClass())->compute($design->specifications->weight, $design->data->height, $design->motor->dimensions->a);
CONS: Potential issue: if design specs change and I need to change things parameters in "compute" function, I need to "re-key" the variables I pass to the function, and adjust things accordinly in MyClass as wel.
PROS: only the exact data is being passed, and this data can come from anywhere it is viable, so in effect the function is fairly well separated, I think.
Alternative option for me is to pass the entire design object, i.e
class MyClass
{
public function compute(&$design) //can also be done via DI through a setter or constructor.
{
print $design->specifications->weight;
print ($design->data->height + $design->motor->dimensions->a);
//stuff
}
}
(new MyClass())->compute($design);
PROS: In this case when things change internally in which variables are needed and how things are computed, I only need to change the code in compute function of the class itself.
CONS: MyClass now needs to be aware of how $design object is constructed.
When it comes to this parameter passing, and Dependency Injection like this in general, does Computer Science advocate a preference on this issue? Do I pass the entire object, or do I pass only the bits and pieces I need?
I'm trying to get a simple table to display and am not sure how to make it happen. Table will have just 2 columns. A TIME and an EVENT. What I want to have happen is for the first row to show the TIME and next to that, the EVENT. If a TIME has more than one event going I want the next row to show an empty first cell and then the second event below the first. If I set up the loop the only way I know how (so far) it would also output the TIME value again and again as many times as there were events for that same time. For example what I don't want is: 9:15 Sunday School 9:15 Nursery Available What I do want is: 9:15 Sunday School Nursery Available Thanks. Please bear with me. In an html file there is an <!-- BEGIN poll --> ..... <!-- END poll --> I need to draw a separation hr between all rows escept the first one. I believe I need a counter. Please show me how to do this. Thank you. I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. |
|||||||