PHP - Problem With Users

I would get the ip address of the user that is on the site. I used $ip = $_SERVER['REMOTE_ADDR']; and it doesn't show my actual ip. Is it because im using an apache server on my computer.

 Hi guys,

im just trying to work out an app in my head and on paper. im just wondering..
when a user registers they can choose an Avatar 100px by 100px jpg, when they upload one would i then grab the file and store all Avatars in a avatar image folder and rename it to something like.. avatar[user_id].jpg and keep them all in the same folder.

or

would i crate a folder called users, each user gets their own folder with files like avatar.jpg and it finds the [user_id] folder and pulls the avatar out from that, or is there a more prefered method?

cheers

Hi guys,

I am trying to get a admin panel, which when the user is logged in, it will check if there user access is(say for this post) 9...

If there access is 9 in the database then direct to admin panel if not return them home.

Thanks guys

Hi, I am having serious issues with compatibility with IE7 and below (and even 8 but they should be rectified). There is no way I can have these problems finished before the site is online, so I want to redirect users to a page apologizing and recommending alternative browsers.

Is this possible?


*Please don't reply just to tell me that banning an entire browser is bad, I know it is - I plan to sort it out. But this is an extra curricular project and I'm halfway through my penultimate year of uni, so IE and it's utterly shambolic rendering of CSS is not my priority. Thankyou*

Hi, for my coursework i need to make a microblogging website, similar to that of Twitter

I have created a MySQL Database, and also the login and registration forms
I am able to log in as a user and also change user submitted information i.e. Name, About Me etc

The problem i am having is that when i access the logged in users profile page e.g. John Doe, i can access it fine
However, when i wish to access say James Smith or any other user, i am redirected back to John Doe's profile

login.php
Code: [Select]
$query = mysql_query("SELECT * FROM users WHERE username = '$user'") or die(mysql_error());
      $login = mysql_fetch_array($query);
     
      if(md5($pass) == $login['password'])
      {
         $_SESSION['user'] = $login['id'];
         header("Location: home.php");   
      }

home.php
Code: [Select]
<?php
include ('includes/connect.php');
session_start();

$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['user'] . "");
$user = mysql_fetch_assoc($query)

?>


<a href="profile.php?id=<?php echo $user['id']; ?>"> Profile | </a>


users.php
Code: [Select]
<?php
include ('includes/connect.php');
session_start();

$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['user'] . "");
$user = mysql_fetch_assoc($query)

?>

<?php
$members = mysql_query("SELECT * FROM users");
while($allusers = mysql_fetch_assoc($members))
{
   echo
   "<table>
    <tr>
    <td>
    <a href=\"profile.php?id=" . $allusers['id'] . "\">" . $allusers['fullname'] . "</a>     </td>
    </tr>
    </table>";   
}

?>

In all honesty i do know that the fault lies with the $_SESSION bit of the code since everything i do will only access the profile of the user who is logged in

However i dont know how i am able to allow the logged in user to access their own profile as well as view other people's profile.



Another problem is how do i follow users?
I have a table called 'follow'
I have two columns, user_id and follower_id, both being foreign keys

However i honestly dont understand how to use PHP code to make users follow each other

If anyone could assist me with any part of this i would be very grateful


Thank You

Hi,
I am creating an admin page that allows me to view requests for sheet music that is not currently on my website.
(View image to get an idea of what we're talking about).

On this page are 6 columns.
ID (autoincremented) This is the # the request is
Userid - the user's id
artist - the name of the artist the user requested
title - the name of the title the user requested
added - after I have manually added the sheet music to my site, i click added which will set the "added" column in my sql table to "yes". Also, once added is clicked, an email will be sent to the user that originally requested the sheet.
delete - This deletes the row in the sql database, and removes it from view on my page.
At the bottom of the page, there is also a button called "Added All", which goes through and sets the "added" status to "yes" for all rows on the page.

So, the problem I'm having right now, is emailing the user after I have selected Added. After I figure this out, I need to implement it into the "Added All" button, which will email all the corresponding users. Here is what I have come up with. Any input appreciated.
I'm not getting any errors at this point. I tested my variables and all are echoing out correctly.

The area that I have specified to email the user is in this if statement:
if ($confirm=="true" && isset($_GET['id']))

Here's my code. Thanks

<?php
session_start();

include_once('../inc/connect.php');
include_once('../inc/admin.php'); 
if (isset($_SESSION['username'])){
$loginstatus = "logout";

if(!isset($_SESSION['sort_counter']))
{$_SESSION['sort_counter'] = 1;}

if(($_SESSION['sort_counter']%2) == 0){ //test even value
  $sortcount = "DESC";
}else{ //odd value
  $sortcount = "";
}

$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY id"); 

$requestedquery = mysql_query("SELECT added FROM requests WHERE added='no'");
$requestedcount = mysql_num_rows($requestedquery);

$addedquery = mysql_query("SELECT added FROM requests WHERE added='yes'");
$addedcount = mysql_num_rows($addedquery);

$getuserinfo = mysql_query("SELECT * FROM users");
$row2 = mysql_fetch_assoc($getuserinfo); 

$sort = $_GET['sort'];
$delete = $_GET['delete'];
$confirm = $_GET['confirm'];

/////////////////////////////////

if ($sort=='id'){ 

// $result = mysql_query("SELECT * FROM users ORDER BY id");  
$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY id $sortcount"); 
$_SESSION['sort_counter'] = $_SESSION['sort_counter'] + 1; //increment after every run
 
}
if ($sort=='userid'){ 

// $result = mysql_query("SELECT * FROM users ORDER BY username"); 
$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY userid $sortcount"); 
$_SESSION['sort_counter'] = $_SESSION['sort_counter'] + 1; //increment after every run
}
if ($sort=='artist'){ 

// $result = mysql_query("SELECT * FROM users ORDER BY email"); 
$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY artist $sortcount"); 
$_SESSION['sort_counter'] = $_SESSION['sort_counter'] + 1; //increment after every run
}
if ($sort=='title'){ 

// $result = mysql_query("SELECT * FROM users ORDER BY email"); 
$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY title $sortcount"); 
$_SESSION['sort_counter'] = $_SESSION['sort_counter'] + 1; //increment after every run
}
if ($sort=='file'){ 

// $result = mysql_query("SELECT * FROM users ORDER BY email"); 
$result = mysql_query("SELECT * FROM requests WHERE added='no' ORDER BY file $sortcount"); 
$_SESSION['sort_counter'] = $_SESSION['sort_counter'] + 1; //increment after every run
}

/// FIX THIS AREA
if ($confirm=="true" && isset($_GET['id']))
{
    mysql_query('UPDATE `requests` SET `added`="yes" WHERE id = ' . (int)$_GET['id']);
$useremailquery = mysql_query("SELECT email FROM users WHERE id=".$row2['id']."");
$emailrow = mysql_fetch_assoc($useremailquery);

$useremail = $emailrow['email'];

$to = $useremail;
$subject = "Sheet requested ready for download!";
$Email = "admin@mysite.com";

mail("$to", "$subject", "
Hello, <br />The sheet that you requested on Sheet Music site is now ready for download.<br />
Thank you<br /><strong>Sheet Music site</strong>", "$Email");

echo "<SCRIPT language='JavaScript'><!--
  window.location='requestedsheets.php';//-->
</SCRIPT>";
}  
if ($delete=="true" && isset($_GET['id']))
{
mysql_query('DELETE FROM `requests` WHERE id = ' . (int)$_GET['id']);
echo "<SCRIPT language='JavaScript'><!--
  window.location='requestedsheets.php';//-->
</SCRIPT>";
}  
if ($delete=="false" && isset($_GET['id']))
{
echo "<SCRIPT language='JavaScript'><!--
  window.location='requestedsheets.php';//-->
</SCRIPT>";
}  
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" type="text/css" href="../styles/style.css" />
<link rel="stylesheet" type="text/css" href="../styles/requestedsheets.css" />
<script type="text/javascript">
function make_blank()
{
if(document.login.username.value =="Username"){
document.login.username.value ="";
document.login.username.style.color ="#000000";
}
}
function make_blank1()
{
if(document.login.password.value =="Password"){
document.login.password.value ="";
document.login.password.type ="password";
document.login.password.style.color ="#000000";
}
}
function undoBlank() {
  if(document.login.username.value == ""){
    document.login.username.value ="Username";
document.login.username.style.color="#ccc";
  }
}
function undoBlankpass() {
  if(document.login.password.value == ""){
    document.login.password.value ="Username";
document.login.password.style.color="#cccccc";
  }
}
</script>
</head>
<body bgcolor="#343331">

<!-- Header -->
<div id="header">
<div id="headerleft"></div>
<div id="headermiddle"><a href="../index.php"><img src="../img/logo.png"></a></div>
<div id="headerright">


<?php echo "<form name='login' action='../inc/$loginstatus.php' method='POST'>";?>
<div class="loginboxdiv" id="username">
<input type="text" class="loginbox" name="username" value="Username" onFocus="make_blank();" onBlur="undoBlank();">
</div>
<div class="loginboxdiv" id="password">
<input class="loginbox" type="text" name="password" type="text" value="Password" onFocus="make_blank1();" onBlur="undoBlankpass();">
</div>
<div id="login">
<?php echo "<input type='image' src='../img/$loginstatus.png' alt='".ucfirst($loginstatus)."'>";?>
</div>
</form>
<div id="register">
<a href="../register.php"><img src="../img/register.png"></a>
</div>
<div id="forgotpassword">
<a href="../resetpassword.php" class="forgot">Forgot Password?</a>
</div>
</div>

</div>

<!-- Content Top -->
<div id="contenttop">
<div id="links">

<table cols="7">
<tr>
<td align="center" valign="middle" width="100px" height="48px"><a href="../index.php"><img src="../img/home.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../member.php"><img src="../img/member.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../addsheet.php"><img src="../img/addsheet.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../advertise.php"><img src="../img/advertise1.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../faq.php"><img src="../img/faq.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../terms.php"><img src="../img/terms.png"></a></td>
<td align="center" valign="middle" width="100px" height="48px"><a href="../contact.php"><img src="../img/contact.png"></a></td>
</tr>
</table>
<!-- 92x30 -->
</div>
</div>

<!-- Content Middle -->
<div id="contentmiddle">
<div id="content">

<?php
include('inc/navadmin.php');
echo "<br /><div style='font-size: 28px; text-align: center;'>Requested Sheets</div>
<div id='headcont'>
<div id='requested'>Requested Sheets: ".$requestedcount."</div>
<div id='added'>Added Sheets: ".$addedcount."</div>
</div><br />
<table border='1' align='center'>
<tr>
<th bgcolor='#cccccc'><a href='requestedsheets.php?sort=id'>ID</a></th>
<th bgcolor='#cccccc'><a href='requestedsheets.php?sort=userid'>UserID</a></th>
<th bgcolor='#cccccc'><a href='requestedsheets.php?sort=artist'>Artist</a></th>
<th bgcolor='#cccccc'><a href='requestedsheets.php?sort=title'>Title</a></th>
<th bgcolor='#cccccc'><a href='requestedsheets.php'>Added</a></th>
<th bgcolor='#cccccc'><a href='requestedsheets.php'>Delete</a></th>
</tr>";
echo "<script type='text/javascript'>
function show_delete()
{
var r=confirm('Delete?');
if (r==true)
{
// Delete
return true;
}
else
{
// Don't Delete
return false;
}
}
";

echo "
function show_undelete()
{
var r=confirm('Undelete?');
if (r==true)
{
// Undelete
return true;
}
else
{
// Don't Undelete
return false;
}
}
</script>";

$usersids = "";
$i = 0;

while($row = mysql_fetch_array($result))
  {
  
  //
  $active = $row['active'];
  $color = "#ffffff";
  $deleted = "Delete";
  if ($active=='no'){
  $color = "#f43636";
  $deleted = "Undelete";
  $active = "false";
  $alert = "show_undelete";
  }
  else{
  $active = "true";
  $alert = "show_delete";
  }
  //
  
  echo "<tr>";
  echo "<td align='center' width='40' bgcolor='$color'>" .$row['id']. "</td>";
  echo "<td align='center' width='40'>" .$row['userid']. "</td>";
  echo "<td align='center' width='230'>".ucwords($row['artist'])."</td>";
  echo "<td align='center' width='230'>".ucwords($row['title'])."</td>";
  echo "<td align='center' width='10'><a href='requestedsheets.php?confirm=true&id=" .$row['id'] . "'>Added</a></td>";
  echo "<td align='center' width='10'><a href='requestedsheets.php?delete=$active&id=" .$row['id']. "' onclick='return $alert()'>$deleted</a></td>";
  echo "</tr>";
  $usersids[$i] = $row['id'];
  $i++;
  }

  echo "
  <tr>
<td align='center' width='10' colspan='6'><a href='requestedsheets.php?confirm=all'>Added All</a></td>
  </tr>";
  
  if ($confirm=="all")
{
$i = 0;
mysql_data_seek($result,0);
while($row = mysql_fetch_array($result))
  {
    mysql_query('UPDATE `requests` SET `added`="yes" WHERE id = ' . $usersids[$i]);
$i++;
  }
echo "<SCRIPT language='JavaScript'><!--
  window.location='requestedsheets.php';//-->
</SCRIPT>";
}  
  
echo "</table>";
}
else{
$loginstatus = "login";
}
?>

</div>

</div>

<!-- Content Bottom -->
<div id="contentbottom">

</div>

</body>
</html>

Hey guys.

So I'm about to start developing a Private Messaging system for a CMS that I already have set up and working fine, and I had a problem I would like to solve before I start. I would like to add a feature that allows users to send the message to one or more users at a time. Whether it be by typing in the different usernames seperated by commas in the input field or another method, I have no idea how I'd handle submitting this into the database.

I don't want it to be like a group conversation though, I want it to submit the message seperately for each user they included in the receptitents field.

Any suggestions on how to go about doing this?
Gathering it'd be like an array of some sort but I have very little experience with arrays from forms and how to seperate them.

I have a database with Users as a table. It has the normal stuff, id, username, password, and I have anther in it called lastactive. It is int(11) , and I am wondering how I would make a sql query select the users in the database 'users' and see who has been active in the past 15 mins.

By the way, the lastactive time gets updated by the function time()

Here is my code:

<?php
$online = mysql_query("SELECT * from users WHERE (TIMESTAMPDIFF(MINUTE, `lastactive`, NOW()) < 15) ORDER by lastactive DESC") or die (mysql_error());
while($online = mysql_fetch_assoc($online)) {
echo '<a style="color:#F0CD87;" href="profile?id='.$online['user_id'].'">';
echo ucFirst($online['username']);
echo '</a>, ';
}
?>


Here is how the last active gets updated.

<?php
if(isset($_SESSION['logged'])) {
mysql_query("UPDATE `users` SET `lastactive`='" . time() . "' WHERE `username`='" . $_SESSION['username'] . "'");
}
?>


Again its not showing the users that have been on since 15 minutes ago, even tho it updates the users last active on every page since its in the footer.php part. which is on every page.

Thanks for the upcoming help.

I have a mobile app. They visit a web site where they login. The videos live above web root, thus making it impossible for anyone to directly link to the video file. On iOS, I made a PHP script that checks if they are logged in first and if they are I use a range download method that acts like streaming. Works great! On android however, the script isn't working..lame.

So I was trying to think of other methods to deliver the video, but first checking if they are logged in. My idea was to check if they are logged in, if they are, copy the video from above web root to a temp directory in web root and give it a uniqid name and insert it into the DB. That ID will then expire after two hours and I would delete the video.

Ok that sounds like it would work for both phones, except with high traffic, that could be problematic.

My next idea was symlinks, but I don't know much about them other than they are a shortcut. Could I potentially use a symlink to give the logged in user a video file that lives above web root?

Hey guys and girls,

Okay so am trying to provide a rank for each user within my database but I cant seem to get it working here is my code

Code: [Select]
SELECT

`Table`.`Id`,
`Table`.`Photo`,
`Table`.`Fname`,
`Table`.`Lname`,
`Table`.`Gender`,
`Table`.`Gd`,
`Table`.`Bd`,
`Table`.`Point`,

(SELECT COUNT(*) + 1 FROM
(SELECT U.Id, T.`User Id` FROM `u_account` U
LEFT JOIN `score_system` T ON `T`.`User Id` = `U`.`Id`) x

WHERE Table.Point > (SELECT SUM(Good)-SUM(Bad) FROM `score_system` GROUP BY `User Id`)
) AS RANK

FROM
(SELECT
`C`.`Id`,
`C`.`Photo`,
`C`.`Fname`,
`C`.`Lname`,
`C`.`Gender`,

CASE WHEN COALESCE( SUM(`S`.`Good`), '') = '' THEN '0' ELSE SUM(`S`.`Good`) END AS Gd,
CASE WHEN COALESCE( SUM(`S`.`Bad`), '') = '' THEN '0' ELSE SUM(`S`.`Bad`) END AS Bd,

CASE WHEN COALESCE( SUM(`S`.`Good` - `S`.`Bad`), '') = ''
THEN '0' ELSE SUM(`S`.`Good` - `S`.`Bad`) END AS Point

FROM
`u_account` AS `C`
LEFT JOIN `score_system` AS `S` ON `C`.`Id` = `S`.`Child Id`

AND (SELECT Start FROM event_schedule WHERE CURDATE() >= Start AND End >= CURDATE()) < `S`.`Date`
AND (SELECT End FROM event_schedule WHERE  CURDATE() >= Start AND End >= CURDATE()) > `S`.`Date`

GROUP BY `C`.`Id`

) AS `Table`

ORDER BY Point DESC, Fname ASC

I cant seem to pull the users rank from this and its donig my head in I've tried different things and they all dont work this is perhaps as close as I've got to figuring it out.

This is the part that creates the users rank now its saying the Subquery returns more than 1 row but I just cant seem to think of away to implement this into my query above so that it displays the rank for each user.

Code: [Select]
(SELECT COUNT(*) + 1 FROM
(SELECT U.Id, T.`User Id` FROM `u_account` U
LEFT JOIN `score_system` T ON `T`.`User Id` = `U`.`Id`) x

WHERE Table.Point >= (SELECT SUM(Good - Bad) FROM `score_system` GROUP BY `User Id`)
) AS RANK

I'm also looking for this to display the same rank for both users with the same points so If bill and ben have 200points then they would both have the same rank but if bill was to have 201points then he would be higher up than ben.

So can anyone lend me a hand.

Thanks in advance

Hello,
i am trying to make a calendar for different users which are described in the database.
depending on the link to earn a calendar for the user. here's the code:

Code: [Select]
$sql=" SELECT user , fullname FROM users ";
$resource=mysql_query($sql) or die(mysql_error());
while($array=mysql_fetch_assoc($resource))
 {
 $users[]=$array['user'];
 }   
if (isset($_GET['user'])) {
$user = $_GET['user'];
setcookie('user', $user, time()+(3600*24*365));
}
elseif (isset($_COOKIE['user'])) {
$user = $_COOKIE['user'];
} else {
$user = 'bg';
}
if (!(in_array($user, array_keys($users)))) {
die("Грешка: няма езиков файл!");
}
require_once "{$user}.php";
function switch_users_options() {
global $text, $users, $user;
$retval = $text['switch'];
$get = $_GET;
foreach ($users as $abbrv => $name) {
if ($abbrv !== $user) {
$get['user'] = $abbrv;
$url = $_SERVER['PHP_SELF'] . '?' .
http_build_query($get);
$retval .= " <a href=\"{$url}\">
{$name}</a><br>";
}
}
return $retval;
}

I've taken it from one code to change the language ..
the question is that it displayed on new line - users from database but the links are wrong :

index.php?user=0, user=1 .. user=2

not as it should be index.php?user=user1, user=test ...
please for assistance.

As long as it's SQL injection proof, would it be alright for me to let non-members add comments to a post and give the Author the ability to delete them?    

I am basically done with my entire site. I just realized...what happens if 10 users are trying to fwrite to one file at once? that is how i store my usernames passwords signatures and all that jazz. If users cant all fwrite at once my site is not going to work AT ALL. and I might just have to give up haha. good news or bad news?

I have jobs portal where registered users posts new jobs searches This weekly newsletter will send all the jobs posted in the site (in a week) to the registered users but in a more personalized way: For example, posted jobs looking for designers should be sent to users registered as designers. what is the best way to do this? any recommendations? Thanks in advance.  

Hi guys

I am new to PHP and need som help. I have set up a site that allows a user to log in through a simple form where the data is then send to checklogin.php. Here the data is checked up against my sql database and if the login is correct the user is transfered to the "secret" members only site. All this works fine.
My question is then, how do I get the members site to greet the member with "Hello 'username'"; of course where the username changes depending on the login.
This is the part where the username and password is checked:

<?php
$host="mydbb10.surftown.dk"; // Host name
$username="****"; // Mysql username
$password="****"; // Mysql password
$db_name="****"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "korrekt.php"
session_register("myusername");
session_register("mypassword");
echo "Tak fordi du loggede ind<br>Redirecter...";
header("location: ../forhandlerservice.php");
}
else {
echo "Forkert brugernavn eller password";
header("location: ../loginfejl.html");
}
?>


and this is the first line of code on the members site:

<?
session_start();
if(!session_is_registered(myusername)){
header("location:login.html");
}
?>


Sorry if I provided to much code, just want to make sure that I don't forget anything.


Any help is appreciated. Thank you