|
PHP - Storing Data From Registration Page To A 'login.dat' File
I have a user registration page that requires the user to input a Username, Password, Confirm Password, Email. If the user passes all the validation requirements for the new account, I then need to have the username, password, email fields saved to a file called 'login.dat'
Here is my code that I have so far, it runs perfectly.
<?php
include 'helpfulfunctions.inc';
include 'productsdata.inc';
$user_login_file = 'login.dat';
//var_dump($_POST);
// product data for photo, name, and price.
$alluserinfo = load_users_info($user_login_file);
//validate users info
$errors = array();
if (array_key_exists('register_submit', $_POST)) {
//check to see if username is taken
$username_entered = $_POST['username'];
//check to see if username already exists
if (array_key_exists($username_entered, $alluserinfo)) {
$errors['username']['username_exists'] = "Username already exists.";
}
//validate username is 4-11 characters long using only a-z A-Z 0-9
if(preg_match("/^[0-9a-zA-z]{4,11}$/",$_POST['username']) ===0){
$errors['username']['invalid_username']= "Invalid username. Username must be 4-11 characters long and use only letters and numbers.";
}
//validate password "." means any character
//.* allows numbers 0-9 to be inserted anywhere
//?= positive lookahead: next text must be like this and follow these rules
// must be at least 6 characters, contain 0-9, a-z, A-Z
$pw_entered=$_POST['password'];
if(preg_match("/^.*(?=.{6,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["password"]) === 0){
$errors['password']['invalid_password']="Password must be at least 6 characters and must contain at least one lower case letter, one upper case letter and one digit.";
}
//validate that "confirm password" matches password above
$pw_repeat=$_POST['confirmpassword'];
if($pw_repeat != $pw_entered){
$errors['confirmpassword']['pw_no_match']="Passwords do not match. Try again.";
}
//validate email format
$email_entered=($_POST['email']);
if(!filter_var($email_entered, FILTER_VALIDATE_EMAIL)){
$errors['email']['invalid_email']="Not a valid email. Please try again.";
}
//no validation errors=>print invoice
if (empty($errors)) {
include 'invoice.inc';
exit;
}
}
//reprint if invalid entry. if no errors print invoice
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<h3>Please register to continue.</h3>
<table>
<tr>
<td>
*Username:
</td>
<td>
<input type="text" name="username"/>
<?php
if (isset($errors['username'])) {
print implode('<br>', $errors['username']);
}
?>
</td>
</tr>
<tr>
<td>
*Password:
</td>
<td>
<input type="password" name="password"/>
<?php
if (isset($errors['password'])) {
print implode('<br>', $errors['password']);
}
?>
</td>
</tr>
<tr>
<td>
*Confirm Password:
</td>
<td>
<input type="password" name="confirmpassword"/>
<?php
if (isset($errors['confirmpassword'])) {
print implode('<br>', $errors['confirmpassword']);
}
?>
</td>
</tr>
<tr>
<td>
*Email:
</td>
<td>
<input type="text" name="email"/>
<?php
if (isset($errors['email'])) {
print implode('<br>', $errors['email']);
}
?>
</td>
</tr>
<tr>
<td>
* required info <br>
<input type="submit" value="Register" name="register_submit">
<?php
//print out hiddens with quantities
save_hidden_qty($_POST['quantity']);
?>
</form>
</td>
</tr>
</table>
In case it's needed, this is the 'helpfulfunctions.inc' file and the included functions:
<?php
if (!function_exists('load_users_info')) {
function load_users_info($users_data_file) {
$fp = fopen($users_data_file, 'r');
//read all lines of login.dat file and create user info arrays
while (!feof($fp)) {
$users_info_line = fgets($fp);
$user_info_parts = explode(',', $users_info_line);
$user_info_array = array('username' => $user_info_parts[0], 'password' => $user_info_parts[1], 'email' => $user_info_parts[2]);
$complete_user_info_array[$user_info_array['username']] = $user_info_array;
}
fclose($fp);
return $complete_user_info_array;
}
}
// function to display products
if (!function_exists('display_products')) {
function display_products($products_to_display, $quantities = array()) {
global $errors;
?>
<table border="1">
<tbody>
<tr>
<td style="text-align: center;"><b><big>Product</big></b></td>
<td style="text-align: center;"><b><big>Brand</big></b></td>
<td style="text-align: center;"><b><big>Price(each)</big></b></td>
<td style="text-align: center;"><b><big>Quantity Desired</big></b></td>
</tr>
<?php
// quantities are 0 unless already inputted, if quantities previously were inputted, return the values.
// input boxes
for ($i = 0; $i < count($products_to_display); $i++) {
if (empty($quantities)) {
$qty = isset($_POST['quantity'][$i]) ? $_POST['quantity'][$i] : 0;
$qty_str = "<input type=text size=3 maxlength=3 name='quantity[$i]' value='$qty'>";
if (isset($errors['quantity'][$i])) {
$qty_str .= "<span style='font-style:italic;font-size:8px;color:red;'>{$errors['quantity'][$i]}</span>";
}
} else {
$qty_str = $quantities[$i];
}
// loop to print out table of photo of board, name of the brand, price, and quantity selected
printf('
<tr>
<td><img alt="Small" id="lightboxImage"
style="width: 119px; height: 88px; bgcolor="#cccccc;"
src="http://imgur.com/%s"
height="300" width="300"></td>
<td style="text-align: center;">%s</td>
<td style="text-align: center;">$%.2f</td>
<td style="text-align: center;">' . $qty_str . '</td>
</tr>
', $products_to_display[$i]['item'], $products_to_display[$i]['board'], $products_to_display[$i]['price']);
}
?>
<tr><td colspan="4" style="text-align: right; border: none">
<input type="submit" value="Purchase"></td></tr>
</tbody>
</table>
<?php
}
}
if (!function_exists('save_hidden_qty')) {
function save_hidden_qty($the_quantities){
foreach ($the_quantities as $key=>$value){
print "<input type='hidden' name='quantity[$key]' value='$value'>\n";
}
}
}
?>
Can anyone help me out?
Similar TutorialsCan anyone explain how i can create a registration and login page using PHP that doesnt use databases, sessions, or cookies? Is there a tutorial someone can point me to or could anyone tell me the method. Thanks first time php coder To me it is logical to store config data such as site name, meta, etc in a php file rather than storing ina table in mysql database. This will reduce the number of calls to the mysql database, as these are key parameters and needed in every page. But, a well-developed CMS like Wordpress uses a mysql table to store such basic data. What is your idea? Ain't it better to reduce mysql loads? Ok im only new to PHP and Im trying to setup my own porfolio website using PHP,CSS,HTML5 and other bits. Iv downloaded WAMP and im tryin to get my website workin offline first. Well im just trying to get a section in my site in the top right corner for a login and register area similar to this website (membership section) iv bein following some online video tuts and completed them right but Im not sure how to integrate it into my existing home page,/ index.html page. I want to have it so that it says login or registered and it works through php. all the tuts I followed seem to have this done on one index.php page and im getting confused as to how I can have a small section on my home page just for registering if yano what I mean..... Maybe its a silly question....im still learning....Any help be gratefull Hi All, I have currently been working on a login/registration system for a university project and I am now struggling with the login section. The problem is with one particular function and an if statement. The function checks to see if the username and password entered matches the username and password in the database but each time I get it echoing username/password incorrect. the function is Code: [Select] function valid_credentials($user, $pass) { $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT(`user_username`) FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } and the statement is Code: [Select] if (valid_credentials($_POST['username'], $_POST['password']) == false) { $errors = 'Username/Password incorrect.'; } Any help would be greatly appreciated as this has been bugging me for the past 5 days :/ I have this working code except I can't redirect to a thank you page when a new user registers. When they login it works without issue. I just don't know where or what to put for the registration part.
Here is my Code. Any help would be much appreciated.
<?php I'm trying to make a simple but secure login/user registration for this site I'm building. I'm new to php, so I followed some tutorials from www.newthinktank.com. http://www.newthinktank.com/2011/01/php-security-pt-2/ http://www.newthinktank.com/2011/01/php-security-pt-4-set-up-captcha// http://www.newthinktank.com/2011/01/web-design-and-programming-pt-21-secure-login-script/ But I'm having a couple of problems. On the registration.php file, whenever I type in wrong information, the validation error messages don't display and also whenever I click the submit button, the form doesn't do anything. It doesn't insert information into my database. It just shows the empty form. On my login.php file, again the validation errors don't display and I can't tell if I'm logged in or not. The form redirects to my index page, but the user box that shows the different menus depending on whether or not someone is logged in stays in guest mode. I don't get any php error messages on either file. Here's my code: register.php file: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled</title> <link href="_css/page_layout.css" rel="stylesheet" type="text/css" /> <link href="_css/page_text.css" rel="stylesheet" type="text/css" /> <link href="_css/sidebarLeft.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <?php include('_includes/template/header.php'); ?> <?php include('_includes/template/nav.php'); ?> <?php include('_includes/template/sidebar_left.php'); ?> <div id="mainContent"> <div class="content"> <?php require_once('_includes/connectvars.php'); if (isset($_POST['submitted'])) { if (preg_match ('%^[A-Za-z\.\' \-]{2,20}$%', stripslashes(trim($_POST['first_name'])))) { $firstname = escape_data($_POST['first_name']); } else { $firstname = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid first name!</font></p>'; } if (preg_match ('%^[A-Za-z\.\' \-]{2,40}$%', stripslashes(trim($_POST['last_name'])))) { $lastname = escape_data($_POST['last_name']); } else { $lastname = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid last name!</font></p>'; } if (preg_match ('%^(0?[1-9]|[12][0-9]|3[01])[-/. ](0?[1-9]|1[0-2])[-/.](19|20)\d{2}$%', stripslashes(trim($_POST['birth_date'])))) { $birthdate = escape_data($_POST['birth_date']); } else { $birthdate = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid date of birth!</font></p>'; } $gender = escape_data($_POST['gender']); if (preg_match ('%^[0-9]{5}$%', stripslashes(trim($_POST['zip_code'])))) { $zipcode = escape_data($_POST['zip_code']); } else { $zipcode = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid 5 digit zip code!</font></p>'; } if (preg_match ('%^[A-Za-z0-9._\%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$%', stripslashes(trim($_POST['email'])))) { $email = escape_data($_POST['email']); } else { $email = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid email address!</font></p>'; } if (preg_match ('%^[a-z\d_]{2,20}$%', stripslashes(trim($_POST['username'])))) { $username = escape_data($_POST['username']); } else { $username = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid username!</font></p>'; } if (preg_match ('%\A(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])\S{6,}\z%', stripslashes(trim($_POST['password1'])))) { if (($_POST['password1'] == $_POST['password2']) && ($_POST['password1'] != $_POST['username'])) { $password = escape_data($_POST['password1']); } elseif ($_POST['password1'] == $_POST['username']) { $password = FALSE; echo '<p><font color="red" size="+1″>Your password cannot be the same as the username!</font></p>'; } else { $password = FALSE; echo '<p><font color="red" size="+1″>Your password did not match the confirmed password!</font></p>'; } } else { $password = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid password!</font></p>'; } $captchchk = 1; require_once('_includes/recaptchalib.php'); $privatekey = "My private key goes here...i know"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { echo '<p><font color="red" size="+1″>The CAPTCHA Code wasn\'t entered correctly! </font></p>'; $captchchk = 0; } if ($firstname && $lastname && $birthdate && $gender && $zipcode && $email && $username && $password) { $query = "SELECT user_id FROM users WHERE username='$username'"; $result = mysql_query($query) or trigger_error("Sorry, that username is taken"); if(mysql_num_rows($result) == 0) { $a = md5(uniqid(rand(), true)); $query = "INSERT INTO users(zip_code, username, first_name, password, activation_code, join_date, last_name, gender, birth_date, email) VALUES ('$zipcode', '$username', '$firstname', SHA('$password'), '$a', NOW(), '$lastname', '$gender', '$birthdate', '$email')"; $result = mysql_query($query) or trigger_error("Sorry an error happened"); if(mysql_affected_rows() == 1) { $body = "Thanks for registering. Activate account by clicking this link: <br />"; $body .= "http://localhost/activate.php?x=" . mysql_insert_id() . "&y=$activationcode"; mail($email, 'Registration Confirmation', '$body', 'From: admin@mysite.com'); echo '<br /><br /><h1>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h1>'; } exit(); } else { echo '<p><font color="red" size="+1″>You could not be registered due to a system error. We apologize for any inconvenience.</font></p>'; } } else { echo '<p><font color="red" size="+1″>That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font></p>'; } mysql_close(); } ?> <h1>Register</h1> <br /> <p>Please fill out the form below. All fields required.</p> <br /> <center><form action="register.php" method="POST" id="regform"> <table width="550" border="0"> <tr> <td width="200"><p>First Name:</p></td> <td width="200"><label for="first_name"></label> <input name="first_name" type="text" id="first_name" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>"/></td> <td width="200"> </td> </tr> <tr> <td><p>Last Name:</p></td> <td><label for="last_name"></label> <input name="last_name" type="text" id="last_name" maxlength="45" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Birthdate:</p></td> <td><label for="birth_date"></label> <input name="birth_date" type="text" id="birth_date" maxlength="10" value="<?php if (isset($_POST['birth_date'])) echo $_POST['birth_date']; ?>"/></td> <td><p>(Format: MM/DD/YYYY)</p></td> </tr> <tr> <td><p>Gender</p></td> <td><p> <label> <input type="radio" name="gender" value="F" id="gender_0" /> F </label> <label> <input type="radio" name="gender" value="M" id="gender_1" /> M </label> <input name="gender" type="hidden" value="" /> <br /> </p></td> <td> </td> </tr> <tr> <td><p>Zip Code</p></td> <td><label for="zip_code"></label> <input name="zip_code" type="text" id="zip_code" maxlength="5" value="<?php if (isset($_POST['zip_code'])) echo $_POST['zip_code']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Email:</p></td> <td><label for="email"></label> <input name="email" type="text" id="email" maxlength="255" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Username:</p></td> <td><label for="username"></label> <input name="username" type="text" id="username" maxlength="60" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>"/></td> <td> </td> </tr> <tr> <td><p>Choose New Password:</p></td> <td><label for="password1"></label> <input name="password1" type="password" id="password1" maxlength="40" /></td> <td> </td> </tr> <tr> <td><p>Confirm New Password:</p></td> <td><label for="password2"></label> <input name="password2" type="password" id="password2" maxlength="40" /></td> <td> </td> </tr> </table> </br> <?php require_once('_includes/recaptchalib.php'); $publickey = "my public key goes here...i know"; // you got this from the signup page echo recaptcha_get_html($publickey); ?> <br /> <input type="submit" name="submit_signup" id="submit_signup" value="Sign Up" /> <input type="hidden" name="submitted" value="TRUE" /> </form></center> <br /> <br /> </div> </div> <?php include('_includes/template/sidebar_right.php'); ?> <?php include('_includes/template/footer.php'); ?> </div> </body> </html> login.php file: Code: [Select] <?php session_start(); require_once('_includes/connectvars.php'); ?> <?php if (isset($_POST['submitLogin'])) { if (preg_match ('%^[A-Za-z0-9]\S{6,20}$%', stripslashes(trim($_POST['username'])))) { $username = escape_data($_POST['username']); } else { $username = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid username!</font></p>'; } if (preg_match ('%^[A-Za-z0-9]\S{6,20}$%', stripslashes(trim($_POST['password'])))) { $password = escape_data($_POST['password']); } else { $password = FALSE; echo '<p><font color="red" size="+1″>Please enter a valid password!</font></p>'; } if ($username && $password) { $query = "SELECT user_id, level_access, username, password, join_date, first_name, last_name, birth_date, gender, zip_code, email, activation_code FROM users WHERE username='$username' AND password=SHA('$password')"; $result = mysql_query ($query) or trigger_error("Either the Username or Password are incorrect"); if (mysql_affected_rows() == 1) { $row = mysql_fetch_array ($result, MYSQL_NUM); mysql_free_result($result); $_SESSION['first_name'] = $row[5]; $_SESSION['username'] = $row[2]; $tokenId = rand(10000, 9999999); $query2 = "update users set tokenid = $tokenId where username = '$_SESSION[username]'"; $result2 = mysql_query ($query2); $_SESSION['token_id'] = $tokenId; session_regenerate_id(); header("Location: http://localhost/mysite/index.php"); mysql_close(); exit(); } } else { echo '<br><br><p><font color="red" size="+1″>Either the Username or Password are incorrect</font></p>'; mysql_close(); exit(); } echo '<br><br><p><font color="red" size="+1″>Either the Userid or Password are incorrect</font></p>'; mysql_close(); exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled</title> <link href="_css/page_layout.css" rel="stylesheet" type="text/css" /> <link href="_css/page_text.css" rel="stylesheet" type="text/css" /> <link href="_css/sidebarLeft.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <?php include('_includes/template/header.php'); ?> <?php include('_includes/template/nav.php'); ?> <?php include('_includes/template/sidebar_left.php'); ?> <div id="mainContent"> <div class="content"> <h1>Login</h1> <form action="login.php" method="post" name="login" id="login"> <table width="200" border="0"> <tr> <td><p>Username:</p></td> <td><label for="username"></label> <input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>"/></td> </tr> <tr> <td><p>Password:</p></td> <td><label for="password"></label> <input type="password" name="password" id="password" /></td> </tr> </table> <br /> <p> <label> <input type="radio" name="remember_me" value="radio" id="remember_me_0" /> Keep me logged in </label> <br /> </p> <br /> <input type="submit" name="submitLogin" value="Login" /> <input type="hidden" name="submitted" value="TRUE" /> </form> <br /> <p>Not a member? <a href="register.php">Create an account!</a></p> <br /> <p>Forgot password?</p> </div> </div> <?php include('_includes/template/sidebar_right.php'); ?> <?php include('_includes/template/footer.php'); ?> </div> </body> </html> Here's the code that shows the different menus depending on if someone is logged in or not. Code: [Select] <div class="login"> <?php echo '<p>'; echo 'Welcome '; if (isset($_SESSION['first_name'])) { echo " {$_SESSION['first_name']}!</br></br>"; } else { echo 'Guest!'; } if (isset($_SESSION['username']) AND (substr($_SERVER['PHP_SELF'], -10) != 'logout.php')) { echo '<a href="add_event.php">Add an Event</a></br> <a href="my_profile.php">My Profile</a></br> <a href="logout.php"><p>Logout</a></br>'; } else { echo '</br> <a href="register.php">Register</a></br> <a href="login.php">Login</a></br>'; } echo'</p>'; ?> </div> Hi! I have read like crazy to find a tutorial on a login page without My_SQL. Anyway I am working on a easy login/logged out page with sessions. Here is the login page with tree users in an array.
The things that I need some hints to solve is, when clicking on login the error message don't show. Instead the script goes to the logged in page right away. And when you write the wrong password you get loged in anyway.
I am not sure how or if it's possible to write a varible to a file this way. But I tried and recived a parse error with the txt varible.
When searching for topics I get more confused with the My_SQL varibles. I am near a breaking point at cracking the first step on PHP, but need some advice.
<?php
$page_title = 'Logged in'; //Dynamic title
include('C:/wamp/www/PHP/includes/header.html');
?>
<?php
session_start();
//A array for the sites users with passwords
$users = array(
'Dexter'=>'meow1',
'Garfield'=>'meow2',
'Miro'=>'meow3'
);
//A handle to save the varible users to file on a new line from the last entry
$handle = fopen("newusers.txt, \n\r")
$txt = $users;
fclose($handle);
if(isset($_GET['logout'])) {
$_SESSION['username'] = '';
header('Location: ' . $_SERVER['PHP_SELF']);
}
if(isset($_POST['username'])) {
if($users[$_POST['username']] == $_POST['password']) {
$_SESSION['username'] = $_POST['username'];
}else {
echo "Something went wrong, Please try again";
}
}
?>
<?php
echo "<h3>Login</h3>";
echo "<br />";
?>
<!--A legend form to login-->
<fieldset><legend>Fill in your username and password</legend>
<form name="login" action="777log.php" method="post">
Username: <br />
<input type="text" name="username" value="" /><br />
Password: <br />
<input type="password" name="password" value="" /><br />
<br />
<input type="submit" name="submit" value="Login" />
</fieldset>
</form>
<?php //Footer include file
include('C:/wamp/www/PHP/includes/footer.html');
?>
The logged in page
<?php //Header
$page_title = 'Reading a file';
include('C:/wamp/www/PHP/includes/header.html');
?>
<?php
session_start();
//Use an array forthe sites users
$users = array(
'Dexter'=>'meow1',
'Garfield'=>'meow2',
'Miro'=>'meow3'
);
//
if(isset($_GET['logout'])) {
$_SESSION['username'] = '';
echo "You are now loged out";
//The user is loged out and returned to the login page
header('Location: ' . $_SERVER['PHP_SELF']);
}
if(isset($_POST['username'])) {
//Something goes wrong here when login without any boxes filled
if($users[$_POST['username']] == $_POST['password']) {
$_SESSION['username'] = $_POST['username'];
}else {
echo "Something went wrong, Please try again";
$redirect = "Location: 777.php";
}
}
?>
<?php if($_SESSION['username']): ?>
<p><h2>Welcome <?=$_SESSION['username']?></h2></p>
<p align="right"><a href="777.php">Logga ut</a></p><?php endif; ?>
<p>Today Ben&Jerrys Chunky Monkey is my favorite!</p>
<?php //Footer
include('C:/wamp/www/PHP/includes/footer.html');
?>
Notice: Undefined index: user in /var/www/localhost/htdocs/index.php on line 43
echo $_POST['user'] Doesn't do the showing of variable. Code parts aren't linked. $_SESSION works but $_POST doesn't - and it's all in the same file. I need good, free operations with $_POST
I'm novice, though very forgetful, I don't ask advice on how to separate files again, I just do it or do not. When "do not" I suffer, from misunderstanding of the $_POST mechanics. So when separate I don't understand login at all. $_SESSION['l'] I need to operate in game loc position. When all login is together i could be more free to look at code parts.
<!DOCTYPE html>
<html>
<h1>Register</h1>
<form method="POST">
<input type="text" name="user"><br /><br />
<input type="pass" name="pass"><br /><br />
<input type="submit"><br />
</form>
<?php
session_start();
if(isset($_POST['user'], $_POST['pass'])){
require 'connect.php';
$zr++;
$query = d()->prepare("INSERT INTO u (user, pass, loc) VALUES (:user, :pass, :loc)");
$query->bindParam(':user', $_POST['user']);
$query->bindParam(':pass', $_POST['pass']);
$query->bindParam(':loc', $zr);
if($query->execute()){
$_SESSION['user'] = $row['user'];
$_SESSION['pass'] = $row['pass'];
header("Location: ".$_SERVER['PHP_SELF']);
} else{
echo 'ERROR';
}
}
?>
<h1>Login</h1>
<form method="POST">
<input type="text" name="user"><br /><br />
<input type="pass" name="pass"><br /><br />
<input type="submit"><br />
</form>
<?php
echo $_POST['user'];
if(isset($_POST['user'], $_POST['pass'])){
require 'connect.php';
$query = d()->prepare("SELECT user, pass FROM u WHERE user=:user AND pass=:pass");
$query->bindParam(':user', $_POST['user']);
$query->bindParam(':pass', $_POST['pass']);
$query->execute();
if($row = $query->fetch()){
$_SESSION['user'] = $row['user'];
$_SESSION['pass'] = $row['pass'];
header("Location: ".$_SERVER['PHP_SELF']);
}
}
$us=$_SESSION['user'];
echo 'user ',$us;
?>
<?php
if(isset($_SESSION['user'])){
$us=$_SESSION['user'];
echo '<br /> user ',$us, ' ', '<a href="logout.php">Logout</a>';
echo '<br />', '<a href="zrs.php">zero session</a>';
}
?>
</html>
Edited by xcislav, 27 November 2014 - 05:46 AM. This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=351535.0 Could anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.
So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it.
<html lang="eng">
<head>
<link rel="stylesheet" href="style.css">
<title>name</title>
</head>
<body>
<div class="formdiv">
<h2>Log in or register</h2>
<form action="" method="post">
<p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required>
<p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required>
<?php
if (isset($_POST['saveBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = register($username);
if ($error == '') {
echo "User: $username has been registered!<br/>";
}
else echo $error;
}
?>
<input type="submit" name="saveBtn" value="Save new user">
<input type="submit" name="loginBtn" value="Login">
</form>
</div>
<?php // Registration
function register($user){
$textError = '';
// Check and see if user exists
$UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
$textError = "Username already exists!";
break;
}
}
if ($textError == ''){
$hash = password_hash('', PASSWORD_DEFAULT);
fwrite($UserPassTxt, "\n$user: $hash");
}
fclose($UserPassTxt); // Closes txt doc
return $textError;
}
?>
<?php //Login
function login($user, $pass){
}
?>
</body>
///here's my best attempt at the function
<?php //Login
$error = '0';
if (isset($_POST['loginBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = login($username,$password);
}
function login($user, $pass){
$errorText = '';
$validUser = false;
$UserPassTxt = fopen("userpwd.txt","r");
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){
$validUser= true;
$_SESSION['user'] = $user;
}
break;
}
}
fclose($UserPassTxt);
if ($validUser != true) $errorText = "Not correct username or password";
if ($validUser == true) $_SESSION['validUser'] = true;
else $_SESSION['validUser'] = false;
return $errorText;
}
function logoutUser(){
unset($_SESSION['validUser']);
unset($_SESSION['user']);
}
function checkUser(){
if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){
header('Location: index.php');
}
}
?>
Hello! I'd like to know how one can save inputted data using a form to store it into another php file. The user should just input their name in the php webpage called "MainPage.php". When they write their names and hit submit, they would just stay on the same page. Their submitted names should be stored permanently into a "Answers.php" file. What do I need to change in my "MainPage.php code? Code: [Select] <html> <body> <form method="post" action="Answers.php" > Name:<input type="text" name="Name" /> <input type="submit" value="Submit name" /> </form> [Some php code not relevant to question] </body> </html> I have a bunch of pdf's and I want to extract text from the last page of every pdf. I have a function to count the number of pages in each pdf. Does anyone know of a way that I could extract file from a specified file and page number. example: getData('example.pdf', 54); Can anyone tell me whats wrong with this: The file uploads fine, the url however does not get posted to the database? I added a 'or die' but it didn't execute...Do I need to move the query higher up the script? <?php include ('base.php'); $id = $_GET['id']; if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) { if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; if (file_exists("upload/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "imgs/pictures/" . $_FILES["file"]["name"]); echo "Stored in: " . "upload/" . $_FILES["file"]["name"]; } } } else { echo "Invalid file"; } $file = $_FILES["file"]["name"]; $sql = "UPDATE `chillp_security`.`staff` SET `picture` = \'imgs/pictures/$file\' WHERE `staff`.`id` = $id;"; ?> Im making a application but many users can access it at the same time, also the data that needs to be stored into the database in 3 parts firstly the user will enter some details the comany will fill out the reamining details and the user will then accept or decline the companies proposal. The issue im havign will it be easier to just store all of this information into session variables and then save them into the database at the end when all of the details are ready ? Thank You Hey I am having a small problem with setting and storing data using $_SESSION for a login script to validate that a user is logged in. The outputted error message I'm getting is; Notice: Undefined index: userid ...\...\ Notice: Undefined variable: userid in ...\...\ The PHP code I'm using for the validation Code: [Select] <?php session_start(); //must call session_start before using any $_SESSION variables $username = $_POST['username']; $password = $_POST['password']; $userid = $_POST['userid']; //validating a user function validateUser() { session_regenerate_id (); //this is a security measure $_SESSION['valid'] = 1; $_SESSION['userid'] = $userid; } Let me know if you need any other bits of code to establish what is happening I really need help with this. Thanks. Hi, I have a XHTML/PHP page that loads a PHP file each couple of seconds for building up the page. The PHP file should retreive data that keeps changing. What would be the best way to store and retreive the data? Obviously i can do this with a database but that will put a lot of stress on the server as each user keeps polling the database. So i was looking into other methods of doing this. I have tried doing this with a plain text file and CSV files using fwrite to put the initial data into a file with separators. Then retrieving that file and explode it into a multidimensional array again. I am unsuccessful here to assign the key values to the new array. I have also tried many snippets for this but these where also not working properly for me. Maybe XML is the key, i didn't really delve into it yet but it seems i have to get extra programs or parser to actually write and change files? But then again i can't find any working tutorials on how to put multi dimensional strings back and forth between PHP and XML. So what needs exactly to be done. Well i'm creating a game where you can fight each other with 4 units on a turn base. The units have a speed stat that determines when it's there turn to act. Like if (unit 1) has 3 speed and (unit 2) 5 speed they will move like this on the time line (unit 1) -> (unit 2) -> (unit 1) -> (unit 1) -> (unit 2). So the plan is each time the user acts with a unit to increment it's speed by the base value. A script will run each time picking up the next unit in line. The PHP page does a check on which player the unit belongs to and if that matches the players ID it will sent the necessary information. The other player will get something like "not your turn". Tx, I want to store a series of data which are called in a main php file. Do you suggest to store them in xml as file1.xml: <title>TITLE</title> <content>CONTENT</content> or file1.php: $title="TITLE"; $content="CONTENT"; AND is it better to create separate file for each article or storing all data in one single file? Here is my code... Code: [Select] <?php mysql_connect("localhost", "user", "pass")or die("cannot connect"); mysql_select_db("database")or die("cannot select DB"); $myemail = mysql_real_escape_string($_POST['myemail']); $mypassword = mysql_real_escape_string($_POST['mypassword']); $mypassword = md5($mypassword); $myemail = stripslashes($myemail); $mypassword = stripslashes($mypassword); $sql="SELECT * FROM users WHERE email='$myemail' and password='$mypassword'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ session_start(); $_SESSION["myemail"]= "$myemail"; header("location:home.php"); } else { header("location:fail.php"); } ?> What can I do to this code so that it will also store first name from the database inside a session? I have created a login form. I am sending values through Ajax for form validation. However, I am having problem with the code that I am unable to store values in Sessions & Cookies.
I have added a "Remember me" checkbox into login form. I want to validate Boolean value using Javascript Checked property and send the data to PHP for validation.
If user clicks on remember me checkbox then the data should be stored in either Sessions & Cookies. If it is not checked then data should be stored only in Sessions. I am posting here my login form code, Ajax code & PHP code.
Could you guys help me to point out my mistake what I am doing wrong in this code?
Login Form:
<input type="checkbox" id="cb" name="cb"> <label for="cb">Remember me</label>Ajax Code:
function login(){var e = _("email").value;
var pass = _("password").value;
var cb = _("cb").value;
if(e == "" || pass == ""){
_("status").innerHTML = "Please fill out the form";
} else {
_("loginbtn").style.display = "none";
_("status").innerHTML = 'please wait ...';
var ajax = ajaxObj("POST", "handlers/login_handler.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
if(ajax.responseText == "login_failed"){
_("status").innerHTML = "Login failed, please try again.";
_("loginbtn").style.display = "block";
} else {
window.location = "message.php?msg=Hello "+ajax.responseText;
}
}
}
ajax.send("e="+e+"&pass="+pass+"&cb="+cb);
}
}
PHP Code:
$cb = cleanstr($_POST['cb']);
if(isset($cb) && ($cb == true)) {
// IF USER CLICKED ON REMEMBER ME CHECKBOX CREATE THEIR SESSIONS AND COOKIES
$_SESSION['userid'] = $db_id;
$_SESSION['username'] = $db_username;
$_SESSION['password'] = $db_pass;
setcookie("id", $db_id, strtotime( '+30 days' ), "/", "", "", TRUE);
setcookie("user", $db_username, strtotime( '+30 days' ), "/", "", "", TRUE);
setcookie("pass", $db_pass, strtotime( '+30 days' ), "/", "", "", TRUE);
// UPDATE THEIR "IP" AND "LASTLOGIN" FIELDS
$sql = "UPDATE users SET ip='$ip', lastlogin=now() WHERE id='$db_id' LIMIT 1";
$query = mysqli_query($con, $sql);
echo $db_username;
exit();
} else {
// IF USER HAS NOT CLICKED ON REMEMBER ME CHECKBOX CREATE THEIR SESSIONS ONLY
$_SESSION['userid'] = $db_id;
$_SESSION['username'] = $db_username;
$_SESSION['password'] = $db_pass;
// UPDATE THEIR "IP" AND "LASTLOGIN" FIELDS
$sql = "UPDATE users SET ip='$ip', lastlogin=now() WHERE id='$db_id' LIMIT 1";
$query = mysqli_query($con, $sql);
echo $db_username;
exit();
}
Hey everyone I'm pulling data from my db and then trying to store each value to its own var. the problem is the amount of values is always changing. here is what I have that isnt working $result = mysql_query("SELECT thismonth FROM list"); while($row = mysql_fetch_array($result)) { echo $row[0] . "<br>"; // this prints out all the values perfectly } no I just dont know how to store them so i can use them later. |
|||||||