PHP - Force Users To See Latest Content Of Page

So, I'm designing a website (who isn't?) and I created the basic framework for a users page from a tutorial I found. Using some previous knowledge I managed to make it display a few custom fields that are defined by the user. Everything works fine as is, but now I want to do a few things to it that I have not the slightest clue how to even begin...

Here is my user page code so far... and oh yes I'm using WordPress which is why I made it check manually for page status in my Page.php file.

<?php
if ( is_page('Users'))
{

echo "<ul id=\"UsersList\">";

/*
First we set how we'll want to sort the user list. You could sort them by:
------------------------
* ID - User ID number.
* user_login - User Login name.
* user_nicename - User Nice name ( nice version of login name ).
* user_email - User Email Address.
* user_url - User Website URL.
* user_registered - User Registration date.
*/
$szSort = "user_nicename";
/*
Now we build the custom query to get the ID of the users.
*/
$aUsersID = $wpdb->get_col( $wpdb->prepare("SELECT $wpdb->users.ID FROM $wpdb->users ORDER BY %s ASC", $szSort ));
/*
Once we have the IDs we loop through them with a Foreach statement.
*/

foreach ( $aUsersID as $iUserID ) :

/*
We use get_userdata() function with each ID.
*/

$user = get_userdata( $iUserID );


/*
Here we finally print the details wanted.
Check the description of the database tables linked above to see
all the fields you can retrieve.

To echo a property simply call it with $user->name_of_the_column.
*/

if($user->user_login != "Unknown") // don't show the placeholder for [unknown] author

{
echo '<a href="">' . get_avatar( $iUserID, $size = '45', $border='0') . '</a>';
echo '<li>' . ucwords( strtolower(  $user->user_login ) ) . '</li>';

if($user->favorite_player != "")
{
echo '<li>' . $user->favorite_player . '</li>';
}
if($user->player_name != "")
{
echo '<li>' . $user->player_name . '</li>';
}
}
/*
     The strtolower and ucwords part is to be sure
     the full names will all be capitalized.
*/

endforeach; // end the users loop.

echo "</ul>";
};
?>


Problem one: This does NOT sort my name, despite the tutorial's insistence that it will. I have not even a guess as to why this is.

Problem two: I would like to either sort this list into two columns or paginate it or both but I am not sure how to do either.

Problem three: I want to insert some static text between the echo '<li>'  and the  . $user->player_name . '</li>'; so that it reads:

o Player Name: USER'S VARIABLE ' PLAYER NAME' HERE

Yes that 'o' is supposed to be the list item dot. I know how strings work, I just can't get my attempts to work out syntax-wise.

Any help would be greatly appreciated! Tutorials, answers, suggestions, examples, anything. The extent of my previous coding knowledge is several years of UnrealScript, so you can see why this simple thing is baffling me. Frankly I'm surprised this much of it works.

i have a mysql db, i have a form that i use to post data to db.
i would like to have visitors to my site be able to post to db as well, but they would have to be registered and have their own profile. when logged in they could see and edit their own space and content that they posted to mysql.

how would i go about creating something like this? can someone point me in the right direction ? thank you.

MySQL Version: 5.5.20 (<-- This is my WAMPServer version to test my program, my hosting has 5.1 though)
PHP Version: 5.3.10 (My Hosting says its PHP 5 but not sure what version, i know its not the newest)

What im trying to do is have my site have a page like "www.mysite.com/data.php?user=Nicholas&country=USA"

Thing is, i dont know what to add in my data.php source code to make it work like that. What im trying to achieve is for my users to sign up for my page but I DO NOT want to add my MySQL user and pass in the page where it can be cracked and hacked. When the user goes to the page, a script will automatically put the user and country and then the page will automatically add the user and his country to the MySQL table on my database.

Im also making a program that will work like this and that will have a higher chances of being hacked if i add my MySQL info into the program in order to add data.

Can someone please provide me of a sample source i can try? I will not only be adding user and country but i want to test this out.

Thanks!

Hi,

I'm very new to php/mysql, but for a project I'm working on I need to create users that are admins, and normal users. The admins would be able to post news stories, and delete user accounts. Whereas the users would just be able to comment on the news stories.

I'm just wondering how I would create a normal 'register' page for both, which has the same fields, but somehow creates some people as admins, and others as normal users... with the ability to limit who can become an admin, so not everyone can register as one. I'm not sure how I would achieve this, or even know how to do it.

Does anyone know any tutorials or code on how to achieve this?

Your help is greatly appreciated,

Thanks.

Hi,

I have a restricted area for my work's company. This is an area where registered users with their own user name and password can access to download technical documents etc.

I am hearing some reports that users will have to login twice to get to the area - This happens in Chrome, IE 7/8 and some Firefox's.

It has only happened to me once or twice. Does anyone know why this may be?

Here is the HTML code from the login form on the index page:

Code: [Select]
      <form name="login_form" method="post" action="log.php?action=login">
        <p>Login:<br /> <input type="text" name="user" />
        </p>
     
       <p>Password: <br /><input type="password" name="pwd" />  </p>
       
        <p class="submit">
          <input type="submit" value="Submit" name="submit" class="submit" />
          </p>
        </form>


Here is the log.php File:

(personal connection details edited)

Code: [Select]
<?php

    $hostname = "IP:3306";
    $username = "user";
    $password = "password";
    $database = "db_name";

    $link = MYSQL_CONNECT($hostname,$username,$password);
    
    mysql_select_db($database);    
?>

<?php
session_name("MyWebsiteLogin");
session_start();

if($_GET['action'] == "login") {
$conn = mysql_connect("IP:3306","user","password");
$db = mysql_select_db("db_name"); //Your database name goes in this field. 
$name = $_POST['user'];
$ip=$_SERVER['REMOTE_ADDR'];
$country = file_get_contents('http://api.hostip.info/country.php?ip='.$ip);
$q_user = mysql_query("SELECT * FROM customer WHERE username='$name'");

?>

<?php
               $insert_query = ("INSERT INTO login(username, ip, country) VALUES ('$name','$ip','$country');");
               mysql_query($insert_query) or die('Error, insert query failed');

?>

<?php
if(mysql_num_rows($q_user) == 1) {

$query = mysql_query("SELECT * FROM customer WHERE username='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password'])
{
session_register("name");
header("Location: http://#/download/index.php?un=$name"); // This is the page that you want to open if the user successfully logs in to your website.
exit;
} else {
header("Location: login.php?login=failed&cause=".urlencode('Wrong Password'));
exit;
}
} else {
header("Location: login.php?login=failed&cause=".urlencode('Invalid User'));
exit;
}
}


?>

Any help or ideas would be greatly appreciated.

hi i was wondering how i would make a website that allowed a user to login and edit there website ... like im a hoster and they can have a webpage on my server... how would i do  this? allow them to create a database , and use all types of code? please help me this is important , if i didnt explain good enough please tell me

I am trying to make a login and direct for my clients. I have all the login stuff working but can't figure out how to redirect specific clients to their pages only. Any help anyone can offer would be great.

Code: [Select]
<?php
//Start session
session_start();

//Include database connection details
require_once('config.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

//Sanitize the POST values
$login = clean($_POST['login']);
$password = clean($_POST['password']);

//Input Validations
if($login == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: login-form.php");
exit();
}

//Create query
$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
$result=mysql_query($qry);

//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) == 1) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
session_write_close();
header("location: member-index.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}
}else {
die("Query failed");
}
?>

Hey guys,

What im trying to do is get the users screen resolution and place it into a database so that i can call it up and place it onto a stats page. So far i get the idea that you have to use Javascript to get the resolution then use PHP to pull that information.

What i want to do is pull the screen resolutions and place them into a database so that i can call upon them to place into a stats page

So far i have the following getting certain bits of information and banging them into the database using the stats.inc.php then calling them up and placing them onto stats.php.
the stats.inc.php is included on every page of my site so it can track where a users has been etc etc.

Im assuming i can insert something into my headerLoggedin.inc.php file that will pull the users resolution then use some PHP in the stats.inc.php script to pull that information and then insert it into my database which i can then easily pull from and place into the stats.php page.

I know this seems like a bit of a silly thing to be doing, its for a college assignment and im pretty stumped.

Any help is appreciated thanks guys.


headerLoggedin.php
Code: [Select]
<?php include('includes/security.inc.php'); ?>
<?php include('includes/stats.inc.php');?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <meta http-equiv="Content-Language" content="en-us" />
<link rel="stylesheet" href="css/index.css" type="text/css"/>
    <title>############</title>
</head>

<body>
<!-- Start of wrapper div-->
<div id="wrapper">

<!-- Start of header div-->
<div id="header">
  <div id="logo"><img src="./images/logo.png" width="412" height="32" alt="Elite Recruitment Services" /></div>
        <div id="navigation">
            <ul class="nav">
            <li><a href="news.php">News Page</a></li>
                <li><a href="edit.php">Edit text file</a></li>
                <li><a href="upload.php">Upload text file</a></li>
                <li><a href="stats.php">Stats</a></li>
                <li><a href="logout.php">Logout</a></li>
            </ul>
        </div>
    </div>
    <!--End of header div-->
   
    <!--Start of loginContainer div-->
    <div id="formsContainer">
stats.inc.php
Code: [Select]
<?php
$db_host = "localhost";  // Databases host name
$db_username ="#######";  // Database Username
$db_password ="#######";  // Database Password
$db_name ="dannymit_stats";  // Databases name
$db_table="statTracker";  // Database table where the logins are stored
mysql_connect("$db_host", "$db_username", "$db_password"); // Connects to the database using the preset host, username and password
mysql_select_db("$db_name"); // Selects the database.

//collect information...
$browser  = $_SERVER['HTTP_USER_AGENT']; // get the browser name
$curr_page = $_SERVER['PHP_SELF'];// get page name
$ip = $_SERVER['REMOTE_ADDR'];   // get the IP address
$from_page = $_SERVER['HTTP_REFERER'];//  page from which visitor came
$page = $_SERVER['PHP_SELF'];//get current page
$width = $_GET['width']; //Gets users screen width
$height = $_GET[['height']; //Gets users screen height

//Insert the data in the table...
$query_insert  = "INSERT INTO statTracker
(browser,ip,thedate_visited,page,from_page) VALUES
('$browser','$ip',now(),'$page','$from_page')" ;
$result=mysql_query ( $query_insert); 
if(!$result){
die(mysql_error());
}
?>

stats.php
Code: [Select]
<?php
// Header include
include('includes/headerLoggedin.inc.php');
include('includes/stats.inc.php');
?>
<br/><br/>
<?php 
$db_host = "localhost";  // Databases host name
$db_username ="######";  // Database Username
$db_password ="######";  // Database Password
$db_name ="dannymit_stats";  // Databases name
$db_table="statTracker";  // Database table where the logins are stored
mysql_connect("$db_host", "$db_username", "$db_password"); // Connects to the database using the preset host, username and password
mysql_select_db("$db_name"); // Selects the database.

$sqlquery = "SELECT * FROM `$db_table`";
$result = mysql_query($sqlquery);
$num = mysql_num_rows($result);
mysql_close();

while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
    printf ("Browser:<br/> %s<br/> IP Address:<br/> %s<br/> Date Visited:<br/> %s<br/> Page Visited:<br/> %s<br/> Paged Visited From:<br/> %s<br/>", $row[1], $row[2], $row[3], $row[4], $row[5]);
echo "<br />";
}
?>
<?php include('includes/footer.inc.php');?>

I have a Yahtzee system

Code: [Select]
session_start();
$_SESSION['Yahtzee']['totaltime'] =time();
echo $_SESSION['Yahtzee']['totaltime'];
Now, Long STORY Short when somone finishes playing the Yahtzee, I update there username with the score they had, and I want to update how long they have been playing, and it will be for "Total Time Playing globally" no matter how many games.

If I do this session and echo it out, it echo's out the time, but I need it to echo out seconds instead so I can just add that to my totaltime field in my database each time they finished a game.

Hello all...fairly new to this php/mysql thing... working on my final project thats due in about 24 hours... and i hit a rut...
im making a pretty basic, online classifieds site. users can sign up, login, post new listings and view others listings by clicking on different categories. the problem i am having right now is this...When the user clicks on "My listings" i need it to pull only the listings that were created by that users user_id, which is the primary key in my user_info table...my professor suggested storing it in hidden field through the login submit button...very confused and frustrated... any help is much appreciated...

Hi! I have read like crazy to find a tutorial on a login page without My_SQL. Anyway I am working on a easy login/logged out page with sessions. Here is the login page with tree users in an array. The things that I need some hints to solve is, when clicking on login the error message don't show. Instead the script goes to the logged in page right away. And when you write the wrong password you get loged in anyway.   I am not sure how or if it's possible to write a varible to a file this way. But I tried and recived a parse error with the txt varible.   When searching for topics I get more confused with the My_SQL varibles. I am near a breaking point at cracking the first step on PHP, but need some advice.

<?php 
$page_title = 'Logged in'; //Dynamic title 
include('C:/wamp/www/PHP/includes/header.html');
?> 
<?php
session_start();
//A array for the sites users with passwords
$users = array(
                'Dexter'=>'meow1',
                'Garfield'=>'meow2',
		'Miro'=>'meow3'
                );

//A handle to save the varible users to file on a new line from the last entry				
$handle = fopen("newusers.txt, \n\r")
$txt = $users;
fclose($handle);


if(isset($_GET['logout'])) {
    $_SESSION['username'] = '';
    header('Location:  ' . $_SERVER['PHP_SELF']);
}

if(isset($_POST['username'])) {
    if($users[$_POST['username']] == $_POST['password']) { 
        $_SESSION['username'] = $_POST['username'];
    }else {
        echo "Something went wrong, Please try again";
    }
}
?>

<?php 
echo "<h3>Login</h3>";
echo "<br />";
?>
<!--A legend form to login-->
		<fieldset><legend>Fill in your username and password</legend>
        <form name="login" action="777log.php" method="post">
            Username: <br /> 
			<input type="text" name="username" value="" /><br />
            Password: <br /> 
			<input type="password" name="password" value="" /><br />
			<br />
            <input type="submit" name="submit" value="Login" />
	</fieldset>
	</form> 

<?php //Footer include file 
include('C:/wamp/www/PHP/includes/footer.html');
?>

The logged in page

<?php //Header
$page_title = 'Reading a file'; 
include('C:/wamp/www/PHP/includes/header.html');
?> 

<?php 
	session_start();
	//Use an array forthe sites users  
$users = array(
                'Dexter'=>'meow1',
                'Garfield'=>'meow2',
		'Miro'=>'meow3'
                );
//
if(isset($_GET['logout'])) {
    $_SESSION['username'] = '';
	echo "You are now loged out";
	//The user is loged out and returned to the login page
    header('Location:  ' . $_SERVER['PHP_SELF']); 
}

if(isset($_POST['username'])) {
	//Something goes wrong here when login without any boxes filled
    if($users[$_POST['username']] == $_POST['password']) { 
        $_SESSION['username'] = $_POST['username'];
    }else {
        echo "Something went wrong, Please try again";
		$redirect = "Location: 777.php";
    }
}
?>
        <?php if($_SESSION['username']): ?>
            <p><h2>Welcome <?=$_SESSION['username']?></h2></p> 
			<p align="right"><a href="777.php">Logga ut</a></p><?php endif; ?>
			<p>Today Ben&Jerrys Chunky Monkey is my favorite!</p>	

<?php //Footer
include('C:/wamp/www/PHP/includes/footer.html');
?>

Hello   I am trying to work out how many regular users I have to my site and how long those users tend to be users..   So, I have a table that logs every time a user visits my site and logs in, it stores the date / time as a unix timestamp and it logs their user id.   I started by getting the id's of any user who logs in more than 5 times in a specified period, but now I want to extend that...  

 
SELECT userID as user, count(userID) as logins FROM login_history where timestamp > UNIX_TIMESTAMP('2014-06-01 00:00:00') and timestamp < UNIX_TIMESTAMP('2014-07-01 00:00:00') group by user having logins > 5;
 

About a year ago I wrote a mod_rewrite in at sites htaccess file.  It was to call a page that queried the database based on a unite code that was assigned to a member.  If the member was assigned a code that was FL1001, the URL www.marketingteammates.com/FL1001 would bring up a page that quaried that member and displayed their database content.   In the users table of the site, it quaried the field webPageID and the information was called.  It called a page webpage.php that quaried the info.  The URL in the address bar still displayed www.marketingteammates.com/FL1001.  Here are the lines of code in the htaccess file.

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([A-Za-z])([A-Za-z])([0-9]+)$ /webpage.php?webPageID=$1$2$3 [NC,L]

I now have a second page completely different from the webpage.php.  It is a page storeNumber.php and would query a field storeNumberID.  This field could contain any kind of string such as Store#101, or mystore101, or #101 is my store.   I tried using the same rewite rule just replaceing the webpage.php and variable with storeNumber.php and $storeNumberID.   This doesn't work.  It also leads me to wonder if there can even be two different pages in the mod_rewrite.  How would it diferentiate one from the other.   Thanks for any help in advance.   Mike

I just discovered that I have a major security flaw with my website.
Anyone who logs in to the website can easily access other users information as well as delete and edit other users information just by changing the ID variable in the address bar.
I have user ID Session started on these pages but still people can do anything they like with other users information just by editing the address bar.
For example if your logged in in the address bar of www.mywebsite.com/delete_mystuff.php?id=5 and change the "5" say to a "9" then you will have access to user#9 information.

Every important page that I have has this code:
Code: [Select]
 session_start();

if (!isset($_SESSION['user_id'])) {
// Start defining the URL.
         $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
         if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
         $url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
                //Else If Logged In Run The Script

if((isset($_GET['id'])) && (is_numeric($_GET['id']))) {
         $id = (int) $_GET['id'];
} elseif ((isset($_POST['id'])) && (is_numeric($_POST['id']))) {
         $id = (int) $_POST['id'];
} else {
         echo ' No valid ID found, passed in url or form element';
        
         exit();
}



What am I doing wrong?
Please help if you know how to correct this.

Many thanks in advance.

Hi every one
I want to share a page content(or an article) into my facebook page via php  .

How should I do that ?

Thanks