|
PHP - Php Login Logs In But Only Correct On A Refresh
Hello all, I have a php login project that I am almost finished with. I have users in a table and I can login with the users BUT when I click the login button I get
Notice: session_start(): A session had already been started - ignoring in E:\xampp\htdocs\PHP_Login\index.php on line 53 Warning: Cannot modify header information - headers already sent by (output started at E:\xampp\htdocs\PHP_Login\index.php:53) in E:\xampp\htdocs\PHP_Login\index.php on line 60 When I click the refresh button I get what I am supposed to get and I am logged in to the dashboard.
<?php
error_reporting(E_ALL);
ini_set("display_errors", "1");
// Initialize SESSION
session_start();
// Check if logged in ifso sent to Welcome.php
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
header("Location: php/welcome.php");
exit;
}
// Include config mySQL
require_once "php/config.php";
// Define all variables and initialize them as 'empty'
$username = $password = "";
$usernameerror = $passworderror = "";
// Process form data when submitted
if($_SERVER["REQUEST_METHOD"] == "POST") {
// Check if username is empty.
if(empty(trim($_POST["username"]))) {
$usernameerror = "Please enter a username";
} else {
$username = trim($_POST["username"]);
}
// Check if password is empty.
if(empty(trim($_POST["password"]))) {
$passworderror = "Please enter a password";
} else {
$password = trim($_POST["password"]);
}
// Validate credentials.
if(empty($usernameerror) && empty($passworderror)) {
// Prepare a SELECT statement.
$sql = "SELECT userid, name, username, password FROM users WHERE " .
"username = :username";
if($stmt = $pdoConn->prepare($sql)) {
// bind variables to the prepared statement as parameters
$stmt->bindParam(":username", $param_username, PDO::PARAM_STR);
// Set parameters
$param_username = trim($_POST["username"]);
// Attempt to execute prepared statement.
if($stmt->execute()) {
// Check if username exists if so check password.
if($stmt->rowCount() == 1) {
if($row = $stmt->fetch()) {
$id = $row["userid"];
$username = $row["username"];
$password_hashed = $row["password"];
$name = $row["name"];
if(password_verify($password, $password_hashed)) {
// Password correct start new session
session_start();
// store data in SESSION variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
$_SESSION["name"] = $name;
//Redirect to welcome.php
header("Location: php/welcome.php");
} else {
// If password INCORRECT error msg
$passworderror = "Password was <b>Incorrect!</b>";
}
}
} else {
$usernameerror = "No account was found.";
}
} else {
echo "Error something went wrong, incorrect execution ";
}
}
// Close prepared stmt
unset($stmt);
}
// Close connection
unset($pdoConn);
}
?>
Similar TutorialsHi everyone, Im using the code below to insert an item to auction, then calculate and display the time remaining until the auction ends. As soon as the confirm auction submit button is clicked, the item appears at auction straight away, however the time remaining is 0s, i have to refresh the page in order to get the end time to appear correctly. Does anybody know why this is happening and what i can do to get the correct end time to appear straight away? Thanks <?php if ($_POST['confirm_auction']) { foreach ($_POST['checkbox'] as $checked) { $add_auction_query = mysql_query("SELECT * FROM offers WHERE seller='$username' AND buyer='$buyer' AND item='$checked'"); while ($row = mysql_fetch_assoc($add_auction_query)) { $starting_bid = $row['offer']; $current_bid = $starting_bid; $start_date = date("Y-m-d H:i:s"); $end_date = date("Y-m-d H:i:s", strtotime("+1 week")); mysql_query("INSERT INTO auctions VALUES ('','$checked','$username','$starting_bid','$current_bid','$buyer','1','At Auction','$start_date','$end_date')"); mysql_query("INSERT INTO bids VALUES('','$checked','$username','$buyer','$starting_bid','$start_date')"); mysql_query("UPDATE offers SET seller_status='At Auction',buyer_status='At Auction' WHERE item='$checked'"); } echo "Offer(s) Sent to Auction"; } } $x = 0; while ($auction_row = mysql_fetch_assoc($auction_query)) { $then = strtotime($auction_row['end_date']); $now = time(); $diff = $then - $now; $weeks = floor($diff / (60*60*24*7)); $diff = $diff - ($weeks * (60*60*24*7)); $days = floor($diff / (60*60*24)); $diff = $diff - ($days * (60*60*24)); $hours = floor($diff / (60*60)); $diff = $diff - ($hours * (60*60)); $minutes = floor($diff / 60); $diff = $diff - ($minutes * 60); $seconds = $diff; ?> <html> <table> <tr> <td> <?php if ($week > 0) {echo $weeks . "w ";} if ($days > 0) { echo $days . "d ";} if ($hours > 0) {echo $hours . "h ";} if ($minutes > 0) { echo $minutes . "m ";} if ($hours < 1) {echo $seconds . "s";} ?> </td> </tr> </table> </html> <?php $x++; } ?> Ok.. I have made an admin section for a couple of sites, and it works fine, alough i'm almost certain that the way i have done it is not the "proper way". What I have done is had a form with a password field that sends the password via POST to another script that checks the password is correct via variable, something like this: Code: [Select] <?php $pass = $_POST["pass"]; $correct = "imapassword"; if($pass == $correct){ //display contents of page else{ //return user to login screen } ?> And then it saves the password into a cookie, that dies either over time or when the browser closes. And then on each page it tests wether that cookie is still there and is correct. When the user wants to log out it just destroys the cookie. This seems like a really hashed up way of doing it, could anybody let me know the bare essentials for making a similar system, but the "right way". Thankyou in advance I have a strange problem. When a guest visits my contact-user.php page, they get a message telling them the must login before viewing the page. After the guest logs in, they view the same page and it tells them they have to login again (keeps on looping). But if they manually refresh that page with the "you must be logged in" message, it recognizes the login and lets them in. How can I get this page to immediately recognize that the user is logged in and not require them to refresh the page manually? Here is my code for contact-user.php <?php session_start(); header("Cache-Control: private, max-age=10800, pre-check=10800"); header("Pragma: private"); header("Expires: " . date(DATE_RFC822,strtotime("+2 day"))); include("connection.php"); mysql_select_db("database"); if (isset($_SESSION['username'])) { ******** MY HTML PAGE CONTENT ******** } else { echo "<meta http-equiv='REFRESH' content='2;url=http://www.mysite.com/login.php'> <center><font color='#EE0000'><p>You must be logged in before negotiating. You will now be redirect to the login page.</p></font></center>"; } ?> Here is my code for login.php script: <?php include("connection.php"); mysql_select_db("database"); session_start(); if(isset($_POST['login'])){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $tUnixTime = time(); $sGMTMySqlString = gmdate("Y-m-d H:i:s", $tUnixTime); if (!$username || !$password) { print "Please fill out all fields."; exit; } $logres = mysql_num_rows(mysql_query("SELECT * FROM members WHERE username = '$username' and password = '$password'")); if ($logres <= 0) { print "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again."; exit; } else { $_SESSION['username'] = $username; if (isset($_SESSION)) { echo'You are now logging in'; mysql_query("UPDATE members SET activity = '$sGMTMySqlString' WHERE username = '$username'"); } else { echo "You are not logged in!"; } echo'<html><head><meta http-equiv="REFRESH" content="1;url=http://www.mysite.com/members/' . $_SESSION['username'] . '/"></head><body></body></html>'; exit; } } ?> I have a mysql table in which will be updated fairly frequently via php code on a form. My question is how do I code a log of the changes made into another table using php or calling a stored procedure from within the database. or if you can think of a better way suggest it. Stored procedure would be more secure if possible. Hi, on my cpanel I can see some errors: [Mon Mar 12 08:41:05 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/504.shtml, referer: http://www.mysite.com/admin/ [Mon Mar 12 08:33:25 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/404.shtml [Mon Mar 12 08:33:25 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/404.shtml [Mon Mar 12 08:30:12 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/404.shtml [Mon Mar 12 08:30:12 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/favicon.ico [Mon Mar 12 08:30:12 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/504.shtml, referer: http://www.mysite.com/admin/ [Mon Mar 12 08:29:55 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/404.shtml [Mon Mar 12 08:29:55 2012] [error] [client 46.120.43.163] File does not exist: /home/affilinn/public_html/favicon.ico what is that? It's pretty simple to see what I am trying to do here. For some reason all results in the table are the same exact cityName replacing all existing records. The echoed results are correct. I've include a small dump of my table as well. $query = "SELECT cityName FROM sys_city_dev_2"; $resource = mysqli_query($cxn, $query) or die("MySQL error: " . mysqli_error($cxn) . "<hr>\nQuery: $query"); while($result = mysqli_fetch_assoc($resource)) { $nox = $result['cityName']; $toUpper = ucfirst($nox); echo "$toUpper" . "<br />"; $setString = "UPDATE sys_city_dev_2 SET cityName = '" . $toUpper ."' WHERE cityName != ''"; mysqli_query($cxn,$setString); } 100 Records of table dump (pre running my script above): -- -- Table structure for table `sys_city_dev_2_backup` -- CREATE TABLE IF NOT EXISTS `sys_city_dev_2_backup` ( `ID` int(11) NOT NULL AUTO_INCREMENT, `Mid` int(11) NOT NULL DEFAULT '0', `cityName` varchar(30) NOT NULL DEFAULT '', `forder` int(4) NOT NULL DEFAULT '0', `disdplay` int(4) NOT NULL DEFAULT '0', `cid` int(11) NOT NULL DEFAULT '0', PRIMARY KEY (`ID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=113970 ; -- -- Dumping data for table `sys_city_dev_2_backup` -- INSERT INTO `sys_city_dev_2_backup` (`ID`, `Mid`, `cityName`, `forder`, `disdplay`, `cid`) VALUES (84010, 1, 'dothan', 0, 0, 0), (84011, 1, 'alabaster', 0, 0, 0), (84012, 1, 'birmingham', 0, 0, 0), (84013, 2, 'flagstaff', 0, 0, 0), (84014, 1, 'auburn', 0, 0, 0), (84015, 1, 'florence', 0, 0, 0), (84016, 1, 'gadsden', 0, 0, 0), (84017, 1, 'huntsville', 0, 0, 0), (84018, 1, 'mobile', 0, 0, 0), (84019, 1, 'montgomery', 0, 0, 0), (84020, 1, 'tuscaloosa', 0, 0, 0), (84021, 2, 'mohave valley', 0, 0, 0), (84022, 2, 'phoenix', 0, 0, 0), (84023, 2, 'prescott', 0, 0, 0), (84024, 2, 'sierra vista', 0, 0, 0), (84025, 2, 'tucson', 0, 0, 0), (84026, 2, 'yuma', 0, 0, 0), (84027, 3, 'bakersfield', 0, 0, 0), (84028, 3, 'chico', 0, 0, 0), (84029, 3, 'fresno / madera', 0, 0, 0), (84030, 3, 'gold country', 0, 0, 0), (84031, 3, 'humboldt county', 0, 0, 0), (84032, 3, 'imperial', 0, 0, 0), (84033, 3, 'inland empire', 0, 0, 0), (84034, 3, 'los angeles', 0, 0, 0), (84035, 3, 'alhambra', 0, 0, 0), (84036, 3, 'merced', 0, 0, 0), (84037, 49, 'fayetteville', 0, 0, 0), (84038, 49, 'fort smith', 0, 0, 0), (84039, 49, 'jonesboro', 0, 0, 0), (84040, 49, 'little rock', 0, 0, 0), (84041, 49, 'arkadelphia', 0, 0, 0), (84042, 49, 'texarkana', 0, 0, 0), (84043, 3, 'modesto', 0, 0, 0), (84044, 3, 'alta sierra', 0, 0, 0), (84045, 3, 'alpine', 0, 0, 0), (84046, 3, 'pedley', 0, 0, 0), (84047, 3, 'redding', 0, 0, 0), (84048, 3, 'alondra park', 0, 0, 0), (84049, 3, 'sacramento', 0, 0, 0), (84050, 4, 'canon city', 0, 0, 0), (84051, 3, 'san luis obispo', 0, 0, 0), (84052, 3, 'santa barbara', 0, 0, 0), (84053, 3, 'stockton', 0, 0, 0), (84054, 3, 'aliso viejo', 0, 0, 0), (84055, 3, 'visalia', 0, 0, 0), (84056, 3, 'yuba city', 0, 0, 0), (84057, 4, 'boulder', 0, 0, 0), (84058, 4, 'colorado springs', 0, 0, 0), (84059, 4, 'denver', 0, 0, 0), (84060, 4, 'applewood', 0, 0, 0), (84061, 4, 'pueblo', 0, 0, 0), (84062, 4, 'air force academy', 0, 0, 0), (84063, 5, 'avon', 0, 0, 0), (84064, 5, 'hartford', 0, 0, 0), (84065, 5, 'new haven', 0, 0, 0), (84066, 5, 'ansonia', 0, 0, 0), (84067, 5, 'fairfield', 0, 0, 0), (84068, 7, 'daytona beach', 0, 0, 0), (84069, 7, 'sebastian', 0, 0, 0), (84070, 5, 'wallingford center', 0, 0, 0), (84071, 8, 'belvedere park', 0, 0, 0), (84072, 7, 'sarasota springs', 0, 0, 0), (84073, 7, 'sandalfoot cove', 0, 0, 0), (84074, 7, 'san carlos park', 0, 0, 0), (84075, 7, 'st. augustine', 0, 0, 0), (84076, 7, 'tallahassee', 0, 0, 0), (84077, 7, 'safety harbor', 0, 0, 0), (84078, 7, 'ruskin', 0, 0, 0), (84079, 8, 'athens-clarke county', 0, 0, 0), (84080, 8, 'atlanta', 0, 0, 0), (84081, 8, 'augusta-richmond county', 0, 0, 0), (84082, 8, 'brunswick', 0, 0, 0), (84083, 8, 'columbus', 0, 0, 0), (84084, 8, 'americus', 0, 0, 0), (84085, 8, 'acworth', 0, 0, 0), (84086, 8, 'valdosta', 0, 0, 0), (84087, 10, 'boise', 0, 0, 0), (84088, 10, 'ammon', 0, 0, 0), (84089, 10, 'moscow', 0, 0, 0), (84090, 10, 'blackfoot', 0, 0, 0), (84091, 10, 'twin falls', 0, 0, 0), (84092, 10, 'meridian', 0, 0, 0), (84093, 10, 'jerome', 0, 0, 0), (84094, 10, 'idaho falls', 0, 0, 0), (84095, 11, 'addison', 0, 0, 0), (84096, 10, 'garden city', 0, 0, 0), (84097, 10, 'eagle', 0, 0, 0), (84098, 10, 'chubbuck', 0, 0, 0), (84099, 10, 'caldwell', 0, 0, 0), (84100, 12, 'bloomington', 0, 0, 0), (84101, 12, 'evansville', 0, 0, 0), (84102, 12, 'fort wayne', 0, 0, 0), (84103, 12, 'indianapolis', 0, 0, 0), (84104, 12, 'muncie / anderson', 0, 0, 0), (84105, 12, 'lafayette / west lafayette', 0, 0, 0), (84106, 12, 'south bend / michiana', 0, 0, 0), (84107, 12, 'terre haute', 0, 0, 0), (84108, 12, 'northwest indiana', 0, 0, 0), (84109, 13, 'ames', 0, 0, 0); Hello, I have php application, it is hosted on a shared server. How can I view the errors in my application with the details of the error for my website users? Thanks, what is the best way to add 1 to the database filed TimesLoggedIn after a user has logged in? Regards Ant Hey gang, Is there any way to view the apache error.log file in PHP? basically could somebody help me with information on having a php script that deletes mysql rows which are older than 3 hours old. I know MYSQL table will need a date/time column but how can I only target ones which are 3 hours old+. Thanks i have added a member area to my wordpress site. everything works good, login, edit, delete, etc. But when i upload the logout.php file to the godaddy server, it starts logging me out on every page. The programs work fine without the logout file, but as soon as it is uploaded it keeps logging out. here is the logout.php i am using <?php // If the user is logged in, delete the session vars to log them out session_start(); if (isset($_SESSION['user_id'])) { // Delete the session vars by clearing the $_SESSION array $_SESSION = array(); // Delete the session cookie by setting its expiration to an hour ago (3600) if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 3600); } // Destroy the session session_destroy(); } // Delete the user ID and username cookies by setting their expirations to an hour ago (3600) setcookie('user_id', '', time() - 3600); setcookie('username', '', time() - 3600); // Redirect to the home page $home_url = 'http://' . $_SERVER['HTTP_HOST'] . '/my-account/'; header('Location: ' . $home_url); ?> i have looked around the internet but haven't found any solutions. Please help. Thank you Hello, Recently I put my websites up, but since then it constantly records entrys from domains which are trying to reach strange paths. 103.19.87.175 - - [18/Jun/2014:12:07:12 -0400] "CONNECT www.walmart.com:443 HTTP/1.1" 405 307 "-" "-" 198.100.98.214 - - [18/Jun/2014:12:07:23 -0400] "CONNECT www.amazon.com:443 HTTP/1.1" 405 306 "-" "-" 168.63.216.55 - - [18/Jun/2014:12:07:30 -0400] "GET http://luongson.servegame.com/ HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)" 31.6.71.243 - - [18/Jun/2014:12:07:34 -0400] "GET http://www.proxy-listen.de/azenv.php HTTP/1.1" 404 1402 "http://www.google.de...roxy-listen.de" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) (Prevx 3.0.5)" 168.63.216.55 - - [18/Jun/2014:12:07:39 -0400] "GET http://luongson.servegame.com/ HTTP/1.0" 404 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)" 192.155.106.104 - - [18/Jun/2014:12:07:39 -0400] "GET http://pm.5188bh.com/header53621.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; FunWebProducts)" 192.155.106.116 - - [18/Jun/2014:12:07:48 -0400] "GET http://121.199.31.193/proxyheader.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1)" 80.138.67.164 - - [18/Jun/2014:12:08:00 -0400] "GET http://www.proxy-listen.de/azenv.php HTTP/1.1" 404 1402 "http://www.google.co...roxy-listen.de" "Opera/9.20 (Windows NT 6.0; U; en)" 192.155.106.109 - - [18/Jun/2014:12:08:03 -0400] "GET http://121.199.31.193/proxyheader.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; HbTools 4.7.0)" 98.126.248.250 - - [18/Jun/2014:12:08:06 -0400] "GET http://121.199.31.193/proxyheader.php HTTP/1.1" 404 1402 "-" "Mozilla/5.0 (Windows; U; Win 9x 4.90; de-DE; rv:1.8.1.21) Gecko/20090331 K-Meleon/1.5.3" 61.228.20.235 - - [18/Jun/2014:12:08:07 -0400] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 405 310 "-" "-" 192.155.106.106 - - [18/Jun/2014:12:08:09 -0400] "GET http://pm.5188bh.com/judgelife.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)" 61.228.24.110 - - [18/Jun/2014:12:08:10 -0400] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 405 310 "-" "-" 61.228.88.55 - - [18/Jun/2014:12:08:21 -0400] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 405 310 "-" "-" 192.155.106.124 - - [18/Jun/2014:12:08:24 -0400] "GET http://pm.5188bh.com/judgelife.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" 204.44.65.54 - - [18/Jun/2014:12:08:35 -0400] "CONNECT www.walmart.com:443 HTTP/1.1" 405 307 "-" "-" 192.155.106.105 - - [18/Jun/2014:12:08:36 -0400] "GET http://pm.5188bh.com/header53621.php HTTP/1.1" 404 1402 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Acoo Browser; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; FDM; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; InfoPath.2)" [Wed Jun 18 12:07:30 2014] [error] [client 168.63.216.55] Directory index forbidden by Options directive: /var/www/html/ [Wed Jun 18 12:07:30 2014] [error] [client 168.63.216.55] File does not exist: /var/www/html/error/noindex.html [Wed Jun 18 12:07:34 2014] [error] [client 31.6.71.243] script '/var/www/html/azenv.php' not found or unable to stat, referer: http://www.google.de...proxy-listen.de [Wed Jun 18 12:07:39 2014] [error] [client 168.63.216.55] Directory index forbidden by Options directive: /var/www/html/ [Wed Jun 18 12:07:39 2014] [error] [client 168.63.216.55] File does not exist: /var/www/html/error/noindex.html [Wed Jun 18 12:07:39 2014] [error] [client 192.155.106.104] script '/var/www/html/header53621.php' not found or unable to stat [Wed Jun 18 12:07:48 2014] [error] [client 192.155.106.116] script '/var/www/html/proxyheader.php' not found or unable to stat [Wed Jun 18 12:08:00 2014] [error] [client 80.138.67.164] script '/var/www/html/azenv.php' not found or unable to stat, referer: http://www.google.co...proxy-listen.de [Wed Jun 18 12:08:03 2014] [error] [client 192.155.106.109] script '/var/www/html/proxyheader.php' not found or unable to stat [Wed Jun 18 12:08:06 2014] [error] [client 98.126.248.250] script '/var/www/html/proxyheader.php' not found or unable to stat [Wed Jun 18 12:08:09 2014] [error] [client 192.155.106.106] script '/var/www/html/judgelife.php' not found or unable to stat [Wed Jun 18 12:08:24 2014] [error] [client 192.155.106.124] script '/var/www/html/judgelife.php' not found or unable to stat [Wed Jun 18 12:08:36 2014] [error] [client 192.155.106.105] script '/var/www/html/header53621.php' not found or unable to stat Is there away to stop those fail path reach logs and only records what's else ? Or even completely stop it ? My operation system is CentOS 32bit. Hey guys, Im trying to combine 2 logs to seperate parts of a website into 1. One of them uses sessions to store it. And the other uses cookies to login. I cant seem to get it working AT ALL. Even tho the cookies are being set and I can see it being set in firefox. Here is the page with the sessions. <?php if(isset($_POST['username'])){ $username = $_POST['username']; //name of the text field for usernames $password = $_POST['password']; //likewise here just for the password //connect to the db $user = 'root'; $pswd = ''; $db = 'chat'; $conn = mysql_connect('localhost', $user, $pswd); mysql_select_db($db, $conn); //run the query to search for the username and password the match $query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'"; $result = mysql_query($query) or die("Unable to verify user because : " . mysql_error()); //this is where the actual verification happens if(mysql_num_rows($result) == 1){ //the username and password match //so e set the session to true session_start(); $_SESSION['username'] = $username; //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; setcookie("user_id", "$username", time()+3600); setcookie("pass_id", "$pass", time()+3600); //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON //and then move them to the index page or the page to which they need to go header('Location: index.php'); }else{ $err = 'Incorrect username / password.' ; } //then just above your login form or where ever you want the error to be displayed you just put in echo $err; } else ?> I made comments // in the code so you can see whats going on. Here is the code that uses cookies, also it uses 2 pages. This is the one I think that mainly adds the cookies. <?php // Login Logic $username = ""; $err = ""; $err_style = ""; $err_style2= ""; //Checks if there is a login cookie if(isset($_COOKIE['user_id'])) { //if there is, it logs you in and directes you to the members page $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++; while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: index.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // SANITISE $username = sanitize($_POST['username']); $pass = sanitize($_POST['pass']); $red = sanitize($_POST['red']); // makes sure they filled it in if(!$_POST['username']) { $err = 'You did not fill in a required section'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } if(!$_POST['pass']) { $err = 'You did not fill in a required section'; $err_style2 = "style='border: 1px solid #CC0000'"; $show_login = 1; } // checks it against the database if (!$err) { $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++; //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { $err = 'User not found - please try again!'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } while($info = mysql_fetch_array( $check )) { $info['password'] = stripslashes($info['password']); $pass = $pass; //gives error if the password is wrong if ($pass != $info['password']) { $err = 'Incorrect password, please try again.'; $err_style2= "style='border: 1px solid #B02B2C;'"; $show_login = 1; } else { // if login is ok then we add a cookie $hour = time() + 3600; setcookie("user_id", $username, $hour); setcookie("pass_id", $pass, $hour); //then redirect them to the members area if (!$red) { header("Location: index.php"); } else { header("Location: $red.php"); } exit; } } } } ?> Here is the other page it also includes inside. <?php Check.php session_start(); //checks cookies to make sure they are logged in if(isset($_COOKIE['user_id'])) { $username = $_COOKIE['user_id']; $pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++; while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { // Update some info setcookie ("user_id", $_COOKIE['user_id'], time() + 3600 ); setcookie ("pass_id", $_COOKIE['pass_id'], time() + 3600 ); // Get some basic user details, so we can use these later! $uname = $info['username']; $uID = $info['user_id']; $loggedin = 1; $admin_user = $info['admin']; } } } ?> Thanks for the upcoming help that you all provide. If anything else is needed please post here and il provide it. Hi all, Thanks for reading. I'm running a script using jQuery that auto-refreshes a <div> on the index page from an external PHP script to get all the rows in a database and display them on the index page. The script works great - here it is as follows: Code: [Select] <script type="text/javascript"> $(document).ready(function() { $("#responsecontainer").fadeOut("fast").load("getrows.php").fadeIn("slow"); var refreshId = setInterval(function() { $("#responsecontainer").fadeOut("fast").load('getrows.php').fadeIn("slow"); }, 5000); $.ajaxSetup({ cache: false }); }); </script> The getrows.php script I'm working with looks like this: Code: [Select] <?php $rowsQuery = mysql_query("SELECT * FROM Happenings WHERE HappeningDate='$today'"); if (mysql_num_rows($rowsQuery) == 0) { $happeningsToday = "There are no happenings today."; } else { $allHappeningsToday = 1; while ($getHappeningsToday = mysql_fetch_array($rowsQuery)) { $happeningName = stripslashes($getHappeningsToday['HappeningName']); $happeningDate = $getHappeningsToday['HappeningDate']; $happeningDescription = $getHappeningsToday['HappeningDescription']; if ($allHappeningsToday == 1) { $happeningsToday .= " <div class=\"box\"> <p>".$happeningName." | ".$happeningDate." | ".$happeningDescription." </div>"; $allHappeningsToday = 2; } else { $happeningsToday .= " <div class=\"box\"> <p>".$happeningName." | ".$happeningDate." | ".$happeningDescription." </div>"; $allHappeningsToday = 1; } } } echo $happeningsToday; ?> This script works great as well. Currently, the auto-refresh jQuery script as you can see if getting and fading in/out all of the rows. Off of the above getrows.php script, is there a way after I could get only the newly created rows since the last refresh and only fade those in and out while leaving the others already loaded by the auto-refresh script to not fade in/out? Any ideas, thoughts or suggestions would be unbelievably helpful. Thank you very much. I have this function I use to simplify things.
function search_string( $needle, $haystack ) {
if ( preg_match_all( "/$needle/im", $haystack ) || strpos( $haystack, $needle ) ) {
return TRUE;
}
return FALSE;
}
I keep getting this error in my PHP logs, and it comes in a sequence: [07-Nov-2020 05:34:14 America/Los_Angeles] PHP Warning: preg_match_all(): Unknown modifier 'G' in /home/baser-b/public_html/include/functions.php on line 791 [07-Nov-2020 05:34:14 America/Los_Angeles] PHP Warning: preg_match_all(): Unknown modifier 'g' in /home/baser-b/public_html/include/functions.php on line 791 Meaning, it will come with one with the small g, then three with the big G, then one with the small g, then five with the big G, and so on.... My question is, how can I stop getting this error. It won't show me the functions being called to arrive at this answer, as this is likely an error generated by another function calling this one. I was wondering if anyone knew what to change in the search_string function to stop getting this error, why this error is happening, or why the strange repetitive sequence. Is it someone trying to do a hack? The only variable that would be changeable by a visitor would be the $needle variable, so what could they type that has something to do with 'g' to get this? Anyway, thanks. How do you have a log generate two different logs, and having where it posts the log at, depend on if it's a visitor, or a search engine spider HTTP_USER_AGENT (Like Googlebot, Msnbot, Yahoo! Slurp.) <?php define("DATE_FORMAT","m-d-Y - H:i:s"); define("LOG_FILE","/full_path/visitors.html"); define("LOG_FILE2","/full_path/search_engine_bots.html"); $logfileHeader='DATE - IP - HOSTNAME - BROWSER - URI - REFERRER'."\n"; $userAgent = (isset($_SERVER['HTTP_USER_AGENT']) && ($_SERVER['HTTP_USER_AGENT'] != "")) ? $_SERVER['HTTP_USER_AGENT'] : "Unknown"; $userIp = (isset($_SERVER['REMOTE_ADDR']) && ($_SERVER['REMOTE_ADDR'] != "")) ? $_SERVER['REMOTE_ADDR'] : "Unknown"; $refferer = (isset($_SERVER['HTTP_REFERER']) && ($_SERVER['HTTP_REFERER'] != "")) ? $_SERVER['HTTP_REFERER'] : "Unknown"; $uri = (isset($_SERVER['REQUEST_URI']) && ($_SERVER['REQUEST_URI'] != "")) ? $_SERVER['REQUEST_URI'] : "Unknown"; $hostName = gethostbyaddr($userIp); $actualTime = date(DATE_FORMAT); $logEntry = "$actualTime - $userIp - $hostName - $userAgent - $uri - $refferer<BR>\n"; if (!file_exists(LOG_FILE)) { $logFile = fopen(LOG_FILE,"w"); fwrite($logFile, $logfileHeader); } else { $logFile = fopen(LOG_FILE,"a"); } fwrite($logFile,$logEntry); fclose($logFile); ?> hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> |
|||||||