|
PHP - Symfony User Roles
While I am impressed with much of Symfony, the needing to know everything the "symfony way" is a little annoying. For an application, I will have several types of users: Admin Users. They can create a project, add new vendors, assign vendors to a given project, add new normal or admin users, etc. Vendors. They can view projects which they are assigned to and upload documents for that project. Normal Users. They will have the ability to view documents related to a given project which are submitted by vendors. Super Users. There will be multiple Accounts where all of the above user's will be assigned to a single, and they can only interact with others assigned to that same account. The super user can create an account and add the initial Admin User to that account.To expose the data, I am using api-platform. Currently, I am just trying to create endpoints to retrieve a list of vendors, normal users, etc. One possible solution I know how to accomplish but don't believe is the correct way is to create an AbstractUser and create VendorUser, NormalUser, etc which extend AbstractUser. Doing so will create routes for each of these user types and meet my immediate needs. Alternatively, I can create only a single User entity, and then assign roles such as ROLE_ADMIN, ROLE_VENDOR, ROLE_USER, or ROLE_SUPER. Ideally, I could then add new routes such as /vendors instead of making it /users?type=vendor. Or maybe I should be doing something totally different. If I was building this from scratch, I can definitely figure something out, however, would like to take advantage of symfony and do it their way. But I am a complete newbie when it comes to symfony, and don't even know where to start, and would appreciate a strategy to go which won't lead me down to bad of wrong path. Similar TutorialsHi My website is a Wordpress WooCommerce. I modified the PHP function that worked well before I added the multiple customer roles. I have regular customers and regular and tier-level wholesalers. I live in Canada and with have two taxes to apply (GST & PST). We also have customers/wholesalers that get exempted from one tax (PST) only or both taxes. I have one regular wholesale role with two tax exemption roles: 'wholesale_customer', 'wholesale_pst_exempt', 'wholesale_tax_exempt'. I have 4 tier levels wholesale roles with each their own tax exemption roles: 'wholesale_silvia_silver', 'wholesale_silvia_gold', 'wholesale_silvia_premium', 'wholesale_silvia_union' 'wholesale_silvia_silver_pst_exempt', 'wholesale_silvia_gold_pst_exempt', 'wholesale_silvia_premium_pst_exempt', 'wholesale_silvia_union_pst_exempt' 'wholesale_silvia_silver_tax_exempt', 'wholesale_silvia_gold_tax_exempt', 'wholesale_silvia_premium_tax_exempt', 'wholesale_silvia_union_tax_exempt' The tier levels are new and I'm trying to update my existing function that applies different tax rates based on customer user roles. I also have filters to alter the shipping tax for the different tax class based on the customer role. Here are the function and filter that I have updated to add the additional tier level wholesale roles. The changes I've made are not working because I don't see the tax exemptions. Both taxes are always being applied. Can someone help me figure out what I've done wrong to the code that stopped it from working? I'm not proficient in PHP, so was trying my best to make this work.
/*
* APPLY DIFFERENT TAX RATE BASED ON CUSTOMER USER ROLE
* (Code compacted in one unique hook instead of 5 functions with the same hook)
*/
function all_custom_tax_classes( $tax_class, $product ) {
global $current_user;
// Getting the current user
$curr_user = wp_get_current_user();
$curr_user_data = get_userdata($current_user->ID);
// 1 customer_tax_exempt
/* special tax rate: zero if role: Customer Tax Exempt */
/*if ( in_array( 'customer_tax_exempt', $curr_user_data->roles ) )
$tax_class = 'CustomerTaxExemptClass';
// 2 customer_pst_exempt
// special tax rate: charge only GST if role: Customer PST Exempt
if ( in_array( 'customer_pst_exempt', $curr_user_data->roles ) )
$tax_class = 'CustomerPSTExemptClass';
*/
// 3, 4 & 5 WHOLESLE SUITE SPECIAL WHOLESALE TAX RATES
if (isset($current_user) && class_exists('WWP_Wholesale_Roles')) {
$wwp_wholesale_roles = WWP_Wholesale_Roles::getInstance();
$wwp_wholesale_role = $wwp_wholesale_roles->getUserWholesaleRole();
// special tax rate: charge both PST and GST if roles: Wholesale Customer, Wholesale Silvia Silver, Wholesale Silvia Gold, Wholesale Silvia Premium, Wholesale Silvia Union
if (!empty($wwp_wholesale_role) && in_array('wholesale_customer', $wwp_wholesale_role) && in_array('wholesale_silvia_silver', $wwp_wholesale_role) && in_array('wholesale_silvia_gold', $wwp_wholesale_role) && in_array('wholesale_silvia_premimum', $wwp_wholesale_role) && in_array('wholesale_silvia_union', $wwp_wholesale_role)) {
// Where 'wholesale_customer, wholesale_silvia_silver, wholesale_silvia_gold, wholesale_silvia_premium, wholesale_silvia_union' are the names of the wholesale roles to target
$tax_class = 'WholesalePSTGST';
}
// special tax rate: charge only GST if roles: Wholesale PST Exempt, Wholesale Silvia Silver PST Exempt, Wholesale Silvia Gold PST Exempt, Wholesale Silvia Premium PST Exempt, Wholesale Silvia Union PST Exempt
if (!empty($wwp_wholesale_role) && in_array('wholesale_pst_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_silver_pst_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_gold_pst_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_premium_pst_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_union_pst_exempt', $wwp_wholesale_role)) {
// Where 'wholesale_pst_exempt, wholesale_silvia_silver_pst_exempt, wholesale_silvia_gold_pst_exempt, wholesale_silvia_premium_pst_exempt, wholesale_silvia_union_pst_exempt' are the names of the wholesale roles to target
$tax_class = 'WholesalePSTExempt';
}
// special tax rate: zero if roles: Wholesale Tax Exempt, Wholesale Silvia Silver Tax Exempt, Wholesale Silvia Gold Tax Exempt, Wholesale Silvia Premium Tax Exempt, Wholesale Silvia Union Tax Exempt
if (!empty($wwp_wholesale_role) && in_array('wholesale_tax_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_silver_tax_exempt', $wwp_wholesale_role)&& in_array('wholesale_silvia_gold_tax_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_premium_tax_exempt', $wwp_wholesale_role) && in_array('wholesale_silvia_union_tax_exempt', $wwp_wholesale_role)) {
// Where 'wholesale_tax_exempt, wholesale_silvia_silver_tax_exempt, wholesale_silvia_gold_tax_exempt, wholesale_silvia_premium_tax_exempt, wholesale_silvia_union_tax_exempt' are the names of the wholesale role to target
$tax_class = 'WholesaleZeroTax';
}
}
return $tax_class;
}
/* ADDITIONAL FILTERS TO ALTER THE SHIPPING TAX FOR DIFFERENT TAX CLASSES BASED ON CUSTOMER USER ROLE */
add_filter( 'woocommerce_product_get_tax_class', 'all_custom_tax_classes', 1, 2 );
add_filter( 'woocommerce_product_variation_get_tax_class', 'all_custom_tax_classes', 1, 2 );
add_filter( 'option_woocommerce_shipping_tax_class' , function( $option_value ) {
global $wc_wholesale_prices;
if ( $wc_wholesale_prices && is_a( $wc_wholesale_prices , 'WooCommerceWholeSalePrices' ) ) {
$current_user_wholesale_roles = $wc_wholesale_prices->wwp_wholesale_roles->getUserWholesaleRole();
if ( in_array( 'wholesale_customer', $current_user_wholesale_roles ) ){
return 'wholesalepstgst';
} elseif (in_array( 'wholesale_silvia_silver', $current_user_wholesale_roles) ){
return 'wholesalepstgst';
} elseif (in_array( 'wholesale_silvia_gold', $current_user_wholesale_roles) ){
return 'wholesalepstgst';
} elseif (in_array( 'wholesale_silvia_premium', $current_user_wholesale_roles) ){
return 'wholesalepstgst';
} elseif (in_array( 'wholesale_silvia_union', $current_user_wholesale_roles) ){
return 'wholesalepstgst';
} elseif (in_array( 'wholesale_pst_exempt', $current_user_wholesale_roles) ){
return 'wholesalepstexempt';
} elseif (in_array( 'wholesale_silvia_silver_pst_exempt', $current_user_wholesale_roles) ){
return 'wholesalepstexempt';
} elseif (in_array( 'wholesale_silvia_gold_pst_exempt', $current_user_wholesale_roles) ){
return 'wholesalepstexempt';
} elseif (in_array( 'wholesale_silvia_premium_pst_exempt', $current_user_wholesale_roles) ){
return 'wholesalepstexempt';
} elseif (in_array( 'wholesale_silvia_union_pst_exempt', $current_user_wholesale_roles) ){
return 'wholesalepstexempt';
} elseif (in_array( 'wholesale_tax_exempt', $current_user_wholesale_roles) ){
return 'wholesalezerotax';
} elseif (in_array( 'wholesale_silvia_silver_tax_exempt', $current_user_wholesale_roles) ){
return 'wholesalezerotax';
} elseif (in_array( 'wholesale_silvia_gold_tax_exempt', $current_user_wholesale_roles) ){
return 'wholesalezerotax';
} elseif (in_array( 'wholesale_silvia_premium_tax_exempt', $current_user_wholesale_roles) ){
return 'wholesalezerotax';
} elseif (in_array( 'wholesale_silvia_union_tax_exempt', $current_user_wholesale_roles) ){
return 'wholesalezerotax';
}
}
return $option_value;
} , 10 , 1 );
Thank you Lyse Edited June 18, 2019 by LyseSpecify website platforms To apply please click: https://hire.jobvite.com/j?cj=o0URYfwt&s=phpfreaks
This is an exciting opportunity to work on emerging and exciting products within an Agile development organisation in a growing, dynamic software company. Focused on developing the next generation of GFI’s cloud based products, the successful candidates will be part of a new team responsible for an exciting help desk and customer service platform based on a LAMP technology stack, the product allows our clients to efficiently manage communication and issues tracking over multiple channels (social, web, email and mobile) across their range of managed assets and end-users. The successful candidates will have experience in Object Oriented Programming in PHP (use of MVC frameworks such as CodeIgniter advantageous), experience with relational database design and front-end development (HTML/CSS/JavaScript). You will be Involved in every aspect of the SDLC, including specification and design, the successful candidates will have a hand in shaping the future of this exciting product. You will work in a highly collaborative environment where everyone is encouraged to understand and learn all areas of the system, the successful candidates will have a real say in how the system is developed, as well as SCRUM, Continuous Integration and Test Driven Development before seeing their code deployed and used online by our clients. But the words of some of our developers put it much better than we can: “Every one of our products carries the imprint of the people who built it.” “Being a software developer at GFI is challenging, fun and most of all rewarding: watching the code you’ve written deployed into production to become part of something bigger.” “The role is dynamic, you never know what issues will arise or what new features customers will request. GFI are willing to give you the time to cross-train to new languages and the close-knit teams of developers and testers provide all the support you need to succeed” “GFI may be an international company but they have successfully retained the small company feel where it is a pleasure to socialise with people inside and outside of work.” “In my role, I don't work on one boring CRUD application; instead I work on lots of cool things. We work with a diverse range of technologies, so there is always an opportunity to get your hands dirty with something new, and develop with the latest tech.” Check out this video showing A Visual Guide to Programming at GFI Software Developer - LAMP - Edinburgh Required Skills OOP Web Development with PHP5 Strong understanding of relational databases and design (MySQL) Strong HTML, CSS and JavaScript skills (Knowledge of HTML5 and CSS3) SVN Version Control Beneficial Skills Exposure to CodeIgniter (or similar MVC based framework) Test Driven Development Mobile Development Design Patterns Practical knowledge of implementing web services Understanding of email servers / MTA’s Knowledge of Linux/Apache ExtJS / jQuery Experience Software development experience in a professional environment is required. Experience of high-availability, high-volume applications in a cloud based environment would be beneficial. Qualifications The successful candidate will be educated to degree level in a software related discipline. Software Developer - LAMP - Edinburgh The Company The GFI Help Desk and Customer Service platform allows our clients to manage communication and issue tracking with their customers through multiple channels, such as social networking, email and web based communication. GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SME) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. To apply please click: https://hire.jobvite.com/j?cj=o0URYfwt&s=phpfreaks Senior PHP / PHP Developer (m/f) – Symfony 2 or Laraval
Software Engineering | Berlin, Germany
The company
We are working with one of the largest venture start-up businesses in the world, they have started some very famous eCommerce businesses in Germany which have also launched worldwide. The company incubate businesses providing them with full technical support to help them create their business in the most efficient way. The scope of work that you get exposure too is actually quite wide, meaning that the projects will be challenging and varied.
About the Job
I am currently looking for multiple experienced Software Engineers to join a highly professional and dynamic IT team currently filled with skilled PHP5 developers from across Europe. You will be tasked with the planning, tracking and executing of software architecture through to responsibility for assigning resources to design and implement work flows which meet budget, quality and time targets. The aim is for you to develop your skills and career using your skilled colleagues and the robust career development plan. You can expect an attractive salary and the chance to work with new technologies in a high- energy team based in the heart of Berlin with a company.
This is a company whose business language is English but they do welcome German natives to the team.
Who we are looking for
We are ideally looking for individuals with over 2 years experience of PHP5 (OOP) and MySQL databases. You will have experience of either Symfony 2 or Laraval frameworks as these are used frequently. We want people who want to learn new technologies and keep themselves up to date with these technologies. Basic knowledge in system administration (Linux, Apache or nginx) and deep interest in scaling high performance web sites, database optimization and web services (REST, SOAP) would be ideal.
The company do not offer relocation assistance, however, they will advise you on the right places to search for accommodation, the cost of living in Berlin and anything else you need to know.
Are you interested?
If so, please send me your application either in German or in English!
Stuart.day@quantica.co.uk
This topic has been moved to Application Frameworks. http://www.phpfreaks.com/forums/index.php?topic=317833.0 A while back, I was showed how to authenticate to PostgreSQL using peer authentication over a socket for applications where PHP, FPM, and PostgreSQL are all on the same machine. All works. I could use native PHP as shown and it returns results without errors so I know that PHP, FPM, and PostgreSQL is setup correctly to establish a connection using peer authentication without a PostgreSQL username or password. $pdo = new PDO("pgsql:dbname=testing");
$rs = $pdo->query('SELECT * FROM company')->fetchAll();
I could also use Doctrine but not Symfony and get results without errors so I know that Doctrine is capable of establishing a connection using peer authentication without a PostgreSQL username or password. $pdo = EntityManager::create(['driver' => 'pdo_pgsql','dbname' => 'testing'], Setup::createAnnotationMetadataConfiguration([__DIR__."/../src"], true, null, null, false))->getConnection();
$rs = $pdo->query('SELECT * FROM company')->fetchAll();
Now I am trying to do the same but when using Symfony. I expected I could just edit config/packages/doctrine.yaml as follows, however, it results in An exception occurred in driver: SQLSTATE[08006] [7] fe_sendauth: no password supplied doctrine: dbal: driver: pdo_pgsql dbname: testing server_version: 13 Any thoughts how to do this? Thank you I use the Wholesale Suite Premium Prices plugin with WooCommerce. I have 6 specific wholesale roles out of 15 that I wish to hide two specific shipping methods from being selected for the 6 exceptions. I'm just trying this on my staging server at this time using a code snippet example that I found and modified for my specific conditions. Would the following work for this purpose?
/* Hide specific shipping methods for specific wholesale roles */
add_filter( 'woocommerce_package_rates', function( $shipping_rates ) {
// User role and shipping method ID to hide for the user role
$role_shipping_method_arr = array(
'ws_silvia_silver' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver_pst_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver_tax_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_silver_pst_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_silver_tax_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold_pst_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold_tax_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold_pst_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold_tax_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
);
// Getting the current user role
$curr_user = wp_get_current_user();
$curr_user_data = get_userdata($current_user->ID);
// Wholesale Suite Roles
if (isset($current_user) && class_exists('WWP_Wholesale_Roles')) {
$wwp_wholesale_roles = WWP_Wholesale_Roles::getInstance();
$wwp_wholesale_role = $wwp_wholesale_roles->getUserWholesaleRole();
// Loop through the user role and shipping method pair
foreach( $role_shipping_method_arr as $role => $shipping_methods_to_hide ) {
// Check if defined role exist in current user role or not
if( in_array( $role, $current_user->roles) ) {
// Loop through all the shipping rates
foreach( $shipping_rates as $shipping_method_key => $shipping_method ) {
$shipping_id = $shipping_method->get_id();
// Unset the shipping method if found
if( in_array( $shipping_id, $shipping_methods_to_hide) ) {
unset($shipping_rates[$shipping_method_key]);
}
}
}
}
}
return $shipping_rates;
});
Any insights as to how to accomplish this would be greatly appreciated. Lyse I am a little confused with the difference between Symfony Events and Event Listners and Doctrine Events. The Doctrine events look pretty straight forward and are primary used for entity persistence, and I have outlined my understanding below: Doctrine Lifecycle Callbacks. Single entity and single Doctrine event. Method in class. Good performance. Don't have access to Symfony services (all others do) Doctrine Lifecycle Listeners. All entities and single Doctrine event. Separate class and configured in config.service.yaml. Doctrine Entity Listeners. Single entities and single Doctrine event. Separate class and configured in config.service.yaml. Doctrine Lifecycle Subscribers. All entities and multiple Doctrine event. Must implement EventSubscriber (or probably EventSubscriberInterface) Separate class and configured in config.service.yaml.I am more confused with the Symfony events and my interpretation as listed below is likely incorrect. Symfony Event Listeners. Single Symfony event. Separate class and configured in config.service.yaml. More flexible because bundles can enable or disable each of them conditionally depending on some configuration value. Symfony Event Subscribers. All specified Symfony events. Must implement EventSubscriberInterface Separate class but NOT configured in config.service.yaml but in class. Easier to reuse because the knowledge of the events is kept in the class rather than in the service definition.Are they used for totally different purposes or can one use Symfony events to also deal with entities? Where would one want to use these Symfony events? Is there a reason why Doctrine Lifecycle Subscribers are located in src/EventListener and not src/EventSubscriber Are Doctrine Lifecycle and Entity Listeners really only for a single event as I interpret the documentation states, or is it one method per Doctrine event such as the following? App\EventListener\SearchIndexer: tags: - name: 'doctrine.event_listener' event: 'postPersist' - name: 'doctrine.event_listener' event: 'postUpdate'
This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=347122.0 Doing something wrong, but don't see it. How should one retrieve a POST parameter? My $request->toArray()['html'] works, but I am sure it is not the "right way".
<?php
namespace App\DataPersister;
use ApiPlatform\Core\DataPersister\DataPersisterInterface;
use Symfony\Component\HttpFoundation\RequestStack;
class ArchivePersister implements DataPersisterInterface
{
public function __construct(RequestStack $requestStack)
{
$request = $requestStack->getCurrentRequest();
syslog(LOG_ERR, '$request->getMethod(): '.$request->getMethod());
syslog(LOG_ERR, '$request->getContent(): '.$request->getContent());
syslog(LOG_ERR, '$request->request->get(html): '.$request->request->get('html'));
syslog(LOG_ERR, '$request->query->get(html): '.$request->query->get('html'));
syslog(LOG_ERR, '$request->get(html): '.$request->get('html'));
syslog(LOG_ERR, '$request->toArray(): '.json_encode($request->toArray()));
syslog(LOG_ERR, '$request->toArray()[html]: '.$request->toArray()['html']);
}
}
output
$request->getMethod(): POST
$request->getContent(): {"project":"/projects/1","description":"","html":"<p>{{ project_name }}</p>"}
$request->request->get(html):
$request->query->get(html):
$request->get(html):
$request->toArray(): {"project":"\/projects\/1","description":"","html":"<p>{{ project_name }}<\/p>"}
$request->toArray()[html]: <p>{{ project_name }}</p>
I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> hi, i have made a website where people resgister their details of them and products. they have to enter the following details in form Name of company name of the product company address email id password mobile number contact and brief details about their company
user can then login with email id and pwd. now after login ..user will get a page where he can upload the photos of products images and their price, so now my question is that when he finishes uploading (|by clicking on upload button) the product images and price text box ..then on final uploaded webspage it should show all other things which he registerd before (company name , mobile number etc) along with images and price...hence the main question that user does not need to enter mobile and address while uploading images and filling proce ..but on the final page it should show mobile and address along with price and images..as user is not going to enter mobile and address again and again as he will have multiple products to upload.
Actually, what i want to do is to use the email to fetch the $email,$password and $randomnumber from database after Hi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, Hi, I am getting frustrated beyond belief at the moment with trying to get a very simple script to run, I am using PHP 5.3.3 and MySQL 5.1 on a Win2k8 server with IIS7.5. Basically my script is connecting to a local database, running a single select query, returning those rows and building up a string from them. The problem is that I am receiving complete BS responses from PHP that the access is denied for the user being specified. This is complete rubbish since the user can connect via mysql, sqlyog, ASP.NET MVC without issue but for some bizarre reason it is not working via PHP. The code for the script is here : Code: [Select] <?php $mysql = mysql_connect('127.0.0.1:3306', 'myuser', 'mypass', 'mydatabase'); if (!$mysql) { die(mysql_error()); $content = "<nobr></nobr>"; } else { $result = mysql_query('SELECT * FROM tblEventGroup'); $content = "<nobr>"; if ($result) { while($row = mysql_fetch_assoc($result)) { $content .= "<span>"; $content .= $row['GroupName']; $content .= "</span>"; $content .= "<a href=\"../Event/EventSearch?groupid="; $content .= $row['GroupId']; $content .= "\" target=\"_blank\">Book here</a> "; } } mysql_close($mysql); $content .= "</nobr>"; } ?> I cannot for the life of me understand what the problem is, the return error is Access denied for user 'myuser'@'localhost' (using password: YES) Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta Hello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. Hallo everybody,
the user is in the table, but i get error (user not found!).
thank you very much for your help
Rafal
<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>
Hallo everybody,
i have the following code.
but i get allways this error while the user exist in the database.
User not found!
what do i do wrong?
thank you very much for your help
Rafal
<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>
Edited by rafal, 21 September 2014 - 04:33 PM. hello. I need your help please. I'm building logistics website with user panel and admin panel. I've done all login and register forms. now I want to : admin can add package with: tracking number , weight , cost , and declaration form. user can fill declaration form after admin add package to user panel. then admin can see the declared form. is it possible in php? thank you in advance hello, is it possible to get the logged in user id when using windows authentication? |
|||||||