PHP - Building A Transcript System Using Php/mysql

i have already made the register page where their info goes into the database, and im not sure about the code that selects values from the database.
mysql_connect('', '', '');
mysql_select_db('');

$user = $_POST['user'];
$pass = $_POST['pass'];

echo "<font color='white'>You Need To Login</font>";
if($user == Username && $pass == Password) echo "Welcome $user";

mysql_query("SELECT ('Username', 'Password') FROM login");

?>

I am using a login system in php and mySQL but only one page is potected.

pages i am using:
1. login.php // inputing details (user name, password)
2. checkloginDetails.php // connect to db and check login details
3. logged_in.php // successfully login

...i need more than the one page protected for example; once the user has logged in there will be the main logged in page with other links, remove topics, add, user, remove user all these pages i want protecting but with out the user inputing his details again.

Has anyone got an idear onhow i ould achive this?
 

Hi,

I have a fully pledged membership system and want to integrate my own user referral system but want some tips, advice really on the logic of it. Basically already registered users on my site will have the option to refer people, only registered users. I will try to explain my logic and what i have done so far.

My current registered users table is something like

Quote

    users (table)
    - id (user id)
    - email (user email)
    - password (hash of users password)
    - reg_date (date user registered)


I have some other fields but not relevant to what I want to do and to keep things as simple as possible I left them out.

I am thinking of creating a new table called referrals and for example when a registered user on my site from the users table goes to a member only page called referral.php it will display a form so they can enter an email address of someone they want to refer and it also displays the people they referred.

My referral table is like this so far and not sure if it's best way to go about the database logics and php logic.

my table so far looks like this:

Quote

    referrals (table)
    - id (auto incremented every time a new referral (row) is added to referrals table)
    - referrer_uid (id of referrer, this would be the unique id of a registered user from the users table)
    - referred_email (email address of person who has been referred)
    - status (when someone is first referred default will be `referred`, if they signup to site via referral link this will update to `completed`)
    - created_on (date the referral was made, unix timestamp)
    - updated_on (date the referred person actually clicks the referral link and completes signup)


Currently i added the database table above to my site on local. added some sample data for testing and created a referral.php page where there's a form so a registered member can enter a persons email and refer them to my site to signup. On referral.php there is also  the total people they referred and a table showing all the people they referred as follows:

Referred Email | Referred Date | Status | Completed On

Now so far everything is seems fine. I have my sample (pretend referrals i made) data showing in my test account. The part i am now not sure about is this:

Obviously to stop abuse i do my usual validation checks like: check to ensure the email being entered on referrals page does not exist in users table (registered member), check to ensure the email has not already been referred previously (for spam reasons) only allowed to refer an email address once and not allowed to refer someone who has previously been referred by someone else to (again for spam reasons)

Now onto the tracking the referral and link building.

I was first thinking this:

on sign up form have a hidden field. The sign up form would do a simple check to see if isset $_GET['ref'] like signup.php?ref=something_here

if it is prefill the hidden field, when user then signs up if the ref=something_here matches what's in the database then update referral to complete so the referrer knows that their friend for example signed up via their referral, unix timestamp of when referred person completed signup.

Now i was going to use the email address of referred person or username of person who made the referral signup.php?ref=username or signup.php?ref=referred_email . Now what i am thinking is what would be better and i guess stop random abuse is create another column and call it referred_id; this would be a random md5 hash that is unique to that referral and it will be appended to the url like signup.php?ref=md5_hash_here.



So my questions a

1) Is there anything you think i should change, improve on, alter etc ?

2) Do you think i am going about it the rite way or making a mess of it ?

3) Have i left anything out that i may have not thought of that could cause the system to be abused ?

Any suggestions, feedback, help on the whole logic would be great.

I coded allot of it last night and won't take me long to do the rest but need some help in terms of ensuring i am doing it the best way possible etc, the logic behind it all.

Thanks for any suggestions, help, advice, tips!

PHPFAN

Okay so kinda new to php and been looking around google for hours trying to figure this out, I am trying to get this array from MySql instead of it being hardcoded as my website always has new users... This is for a chat system built into the site.

Table = user_table
$row1 = Username
$row2 = Password

function SimpleLoginSystem() {
$this->aExistedMembers = array(
'User1' => 'qwerty',
'User2' => 'assdf',
'User3' => 'qwe',
'Beatz' => '123'
);
}

I have tried many variations of MySql queries and inserting into the array list, but every time (even when I echo_r($array) and copy and paste the user and pass it still says wrong user/pass... Anyone that can help me with this?

Would be much appreciated

function SimpleLoginSystem() {
$vLink = mysql_connect("localhost", "root", "password");
mysql_select_db("website");

$resultset = mysql_query("SELECT Username, Password FROM user_table");

$this->aExistedMembers = array();
for ($i = 1; $line = mysql_fetch_assoc($resultset); $i++) aExistedMembers[$i] = $line;
echo mysql_error();
print_r($aExistedMembers);
}

Sorry if I haven't explained this too well I am not too good at explaining

I have two sets of codes that work perfectly.  One is for the table and the other is for the rating system.  I can't seem to figure out how to combine the two codes so that the rating system is displayed INSIDE the table instead of after it.  I'm not sure if it's possible, but I've seen it used on sites like Netflix.  If you can tell me how to fix it or give me a different suggestion I would be eternally thankful.

What I am trying to do ultimately is have a table that has a star rating associated with each entry without linking to a full page.



Code: [Select]
<link rel="stylesheet" type="text/css" href="style.css">
<script type="text/javascript" src="/jquery_star.js"></script>
<script type="text/javascript" src="/script.js"></script>
<?php
$con = mysql_connect("localhost","myhowd5_undrdg","indie500");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("myhowd5_jo151", $con);

$result = mysql_query("SELECT * FROM jos_easytables_table_data_1");

echo "<table border='1'>
<tr>
<th>Artist</th>
<th>Genre</th>
<th>Your Rating</th>
<th>Average Rating</th>
<th>Total Votes</th>
</tr>";

while($row = mysql_fetch_array($result))
  {
  echo "<tr>";
  echo "<td>" . $row['column0'] . "</td>";
  echo "<td>" . $row['column1'] . "</td>";
    echo "<td>" . $row['rating'] . "</td>";
      echo "<td>" . $row['total_rating'] . "</td>";
        echo "<td>" . $row['total_ratings'] . "</td>";
  echo "</tr>";
  }
echo "</table>";

mysql_close($con);
?> 

<?php
mysql_connect("localhost", "myhowd5_undrdg", "indie500") or die(mysql_error());
mysql_select_db("myhowd5_jo151") or die(mysql_error());

$query = mysql_query("SELECT * FROM jos_easytables_table_data_1");

while($row = mysql_fetch_array($query)) {
    $rating = (int)$row[rating];
    ?>
    <div class="floatleft">
        <div id="rating_<?php echo $row[id]; ?>">
            <span class="star_1"><img src="/star_blank.png" alt="" <?php if($rating > 0) { echo"class='hover'"; } ?> /></span>
            <span class="star_2"><img src="/star_blank.png" alt="" <?php if($rating > 1.5) { echo"class='hover'"; } ?> /></span>
            <span class="star_3"><img src="/star_blank.png" alt="" <?php if($rating > 2.5) { echo"class='hover'"; } ?> /></span>
            <span class="star_4"><img src="/star_blank.png" alt="" <?php if($rating > 3.5) { echo"class='hover'"; } ?> /></span>
            <span class="star_5"><img src="/star_blank.png" alt="" <?php if($rating > 4.5) { echo"class='hover'"; } ?> /></span>
        </div>
    </div>
    <div class="star_rating">
        (Rated <strong><?php echo $rating; ?></strong> Stars)
    </div>

    <div class="clearleft">&nbsp;</div>
    <?php    
}

?>

Hi All,

I am currently struggling with the my user info function which is supposed to display an image on my profile page along with the following parts of information taken from my database.

The error is a mysql error stating that the $info = mysql_fetch_assoc($result); is not a valid arguement.

Code: [Select]
function fetch_user_info($uid)
{

$uid=(int)$uid;
       
    $sql = "SELECT
`user_id AS `id`
                `user_username` AS `username`,
                `user_firstname` AS `firstname`,
                `user_lastname` AS `lastname`,
                `user_email` AS `email`,
                `user_location` AS `location`,
                `user_about` AS `about`,
                `user_gender` AS `gender`
FROM `users`
WHERE `user_id` = {$uid}";
                                 
        $result = mysql_query($sql);
       
        $info = mysql_fetch_assoc($result);
       
        $info['avatar'] = "core/user_avatars/{$info['id']}.jpg";

return $info;

}
I have looked through the code a few times, but I can tell what is wrong.

I have included below the profile page code in case it may be an issue there.

Code: [Select]
<?php

include('core/init.inc.php');

$userinfo = fetch_user_info($_GET['uid']);

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?php echo $userinfo ['username']; ?>'s Profile</title>
</head>
<body>
<div>
   
    <?php

if($userinfo == false)
{

echo 'Sorry, the user does not exist.';

}
else
{
?>
        <h1><?php echo $userinfo ['firstname']; ?> <?php echo $userinfo ['lastname']; ?></h1>
            <img src="<?php echo $userinfo['avatar'];?>" alt="avatar"/>
    <p>Username: <?php echo $userinfo ['username']; ?></p>
    <p>First Name: <?php echo $userinfo ['firstname']; ?></p>
    <p>Last Name: <?php echo $userinfo ['lastname']; ?></p>
            <p>Gender: <?php echo ($userinfo ['gender'] == 1) ? 'Male' : 'Female'; ?></p>
    <p>Email: <?php echo $userinfo ['email']; ?></p>
    <p>Location: <?php echo $userinfo ['location']; ?></p>
    <p>About: <?php echo $userinfo ['about']; ?></p>
           
    </div>
    <?php
}
?>
</body>
</html>
Thanks

Jamie

Hi guys,

I am thinking of create an free email system by sending an messages using with a username. Would I have to store the messages via in mysql?

If I can do that, then I just curious that how would a user delete their messages if their messages is display on php page?

What method would I have to use?

I currently have a MyBB forum and I'm going to attempt to create a top list for it, but I'd like users that have already registered on my forum to be able to log into the top list area and either add or edit their website on the top list. How would I go about creating a login script with an already existing MySQL database that contains my MyBB users?

I'm attempting to implement a simple social networking system but at the moment am confused about how to create a multiple query which will display a certain user's friends list.

The database contains four tables, the two tables that I'm using at the moment at 'usersTable' and 'friendshipsTable' are detailed below.


usersTable           | Table that stores all the user data

UserID         | Default primary key
Forename              |
Surname         |
Username           |
Password              |
Email Address      |


friendshipTable   | Table that stores information about friendships between users

FriendshipID      |  Default primary key
userID_1                |  UserID
userID_2         |  UserID
Status         |  Either Pending or Confirmed.

The user's id is parsed into the url, and then saved into a variable.

blah.com/userprofile.php?id=6

$id = $_GET['id']; 

I am familiar with creating simple queries, but can't quite work out how to set up multiple table queries.

What the query needs to do is to check the userID that is parsed with the url, and then check the friendshipsTable by checking if either the userID_1 or userID_2 field  matches the userID to grab the records from the table where there is a match.

The next step is to check to see if the friendship is 'Confirmed' or 'Pending' and if it is 'Pending' to ignore it. Once the records have then been chosen I need the query to then check the value in either userID_1 or userID_2 that doesn't match userID and then pull the user's username and name from the usersTable so it can be displayed on a webpage.

I've no idea hoe much I may or may not be overcomplicating this, an example of the code that I've got so far for this query can be found below, but that's as far as I've got at the moment.

$displayFriends = mysql_query("SELECT * FROM friendshipTable, usersTable WHERE friendshipTable.userID_1='$id' OR friendshipTable.userID_2='$id' ");

Cheers for any help.

I am currently creating a multi-user login system, and I have created the database in MySQL, but the problem is that my PHP script is not working as expected. I would like it so that if the user enters in a correct username + password combination, then they are redirected to a webpage called "congrats.php" for example. However, with my current PHP code, if I include a redirection instruction based on the correct input, then when I run the script, then the user is instantly taken to the congrats.php page without filling in any login details. I'm quite sure that the database has been connected to, as due to the layout of my script at the moment, the text that reads "You did it!" appears 4 times, the same number of rows in my MySQL database. My PHP coding for this is:

Code: [Select]
<html><head><title>Multi-User Log In Form</title></head>
<body>
<?php
$self = $_SERVER['PHP_SELF'];
$username = $_POST['username'];
$password = $_POST['password'];
?>
<form action = "<?php echo $self; ?>" method = "post">
Username <input type = "text" name = "username" size = "8">
Password <input type = "password" name = "password" size = "8">
<input type = "submit" value="Submit">
</form>
<?php
$conn = @mysql_connect("localhost", "root", "") or die ("Err: Conn");
$rs = @mysql_select_db("test3", $conn) or die ("Err: Db");
$sql = "select * from users";
$rs = mysql_query($sql, $conn);
while ($row = mysql_fetch_array($rs)) {

$name = $row["uname"];
$pass = $row["pword"];
if ($username = $name && $password = $pass)
{
//CODE FOR REDIRECTION SHOULD GO HERE
//header("location:congrats.php");
echo "You did it!";
}
else
{
echo "Invalid username and password combination";
}
}
?></body>
</html>

Any help in trying to get it so that my PHP script will redirect only if a correct username + password combination is entered would be greatly appreciated

hello dear PHP-Fans - greetings to you - and a happy new year!!


i set up a WAMP-System on my openSuse 11.4 system.  In order to learn as much as i can bout PHP i want to do some tests and write some scripts.

Well the WAMP is allready up and running.  Now i try to give the writing access to the folder

mkdir /srv/www/

where the php-scripts should go in...

i want  to give write permission to all to all files in /srv/www

As root I generally:

mkdir /srv/www/
chown <webmaster usrername> /srv/www/

/srv/www/ should be readable and traversable by all, but only writeable by it's owner (the user designated as the webmaster.)

can i do this like mentioned above,...

Love to hear from you

greetings
db1

Hey guys,

I'm not exactly sure what the term used for this is, but I'll try explaining it very thoroughly.

My site I'm building is this:

http://r-gaming.net/urban-rp/home/

On index.php file, I would like it so you if you're logged in (I have a logged in system already scripted), you're able to post current news. Something like this:

http://ls-rp.com/

Would anyone willing to help me by linking a tutorial to code this method 'latest news' tool? Would be greatly appreciated.

Crayon

Hi guys,

I have recently been asked by a freinds to turn his web-site in to a CMS web site and i was just wondering if implementing it in php is the write way to go about it. I have never realy build anything like a CMS so if you guys have tips for me that would be spot on.

If I use this code:
$values = range(0, 10);
echo "<select name=\"my_field\">\n";
foreach($values as $v) {   
echo "<option value=\"$v\">$v</option>\n";
}echo "</select>\n";

to generate a dropdown, it will offer options from 1 thru 10. 

Is there any way to make them increment by .50 (ie: 0.0, 0.5, 1.0, 1.5, 2.0, 2.5, etc.?