Jump to content

bcooperz

Members
  • Posts

    11
  • Joined

  • Last visited

    Never

Everything posted by bcooperz

  1. Ok, so what your telling me to do here is drop the 'online' column and purely check the user's timestamps to see how long ago they were active
  2. It's 300 seconds not 30 seconds and the globals are not going to change regardless so I'm not to worried about that, also, the user isn't logged out if the field says they are offline, it will just say they're offline, as soon as they do something it will say they're back online. I really just want to so if it's safe to use these functions with a lot of users, will it slow down my website ETC?
  3. Hey Guys/Girls, Thanks for offering to help! I'm currently setting up a small social network for school and I just basically want to know whether the way I'm dealing with in-active users is appropriate and not going to SLOW down my code A LOT, My method is : 3 Functions: function update_active_user(){ global $connection; global $id; $time = time(); $result3 = mysql_query("UPDATE users5 SET last_update = '$time' WHERE id = '$id'", $connection); } function update_inactive_users(){ global $connection; $time_to_expire = time() - 300; // 300 seconds off the current time $result2 = mysql_query("UPDATE users5 SET online='0' WHERE last_update < $time_to_expire AND online='1'", $connection); } function update_active_users(){ global $connection; $time_to_expire = time() - 300; // 300 seconds off the current time $result2 = mysql_query("UPDATE users5 SET online='1' WHERE last_update > $time_to_expire AND online='0'", $connection); } First function updates the user's field called last_update to the current time (This will only occer when the script loads and the user has done something on my website, it will update their last_update field to current time) Second function sets ALL users that haven't loaded any pages in the last 300 seconds to offline or field online to 0, which obviously means the user is offline Third function sets ALL users that have loaded pages in the last 300 seconds to online if they're offline The reason I'm worried about this is not because it doesn't work, it's working fine at the moment with 2 users, I'm worried when their might be A LOT of users and there are people who are active. My question is : will it make my scripts really slow or be bad for my database in ANY way if I do use these functions for ALL users because each time it searches the table, it is searching ALL users to see if they're active or inactive.
  4. Hey I would just like to release a simple login/register script that will work just fine and has some nice systems in it. The Login. (I will post the code then below tell you what you need to do to get it to work with MYSQL DATABASE) Create a file and call it login with the suffix .php so if you have file extensions showing on your computer it will look like "login.php" then put this code inside of it. <?php session_start(); ?> <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_SESSION['user_id'])){ redirect_to("staff.php"); } ?> <?php if (isset($_POST['submit'])){ $errors = array(); // Perform validations on the form $required_fields = array('username', 'password'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); if (empty($errors)){ // Checks database to see if username and password exist their $query = "SELECT id, username FROM users WHERE username='$username' AND hashed_password='$hashed_password' LIMIT 1"; $result_set = mysql_query($query, $connection); if(!$result_set){ die("Database Query Failed: " . mysql_error()); } if (mysql_num_rows($result_set) == 1) { // The Username and Password have been found in the database and the user is verified // Only 1 Match $found_user = mysql_fetch_array($result_set); $_SESSION['user_id'] = $found_user['id']; $_SESSION['username'] = $found_user['username']; redirect_to("staff.php"); }else{ // Username and Password was not found in the database. $message = "Username/Password Combination Incorrect.<br/>Please make sure your caps lock key is off and try again."; echo $message; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted if(isset($_GET['logout']) && $_GET['logout'] == 1){ echo "You Are Now Logged Out"; } if(isset($_GET['nowlogged']) && $_GET['nowlogged'] == 1){ echo "You Need to Login to reach this page."; } $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="login.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /><br /> <input type="submit" name="submit" value="Login" /><br /> </form> <p>Haven't got an account? register <a href="register.php">here!</a></p> </body> </html> Now once you have a file called "login.php" with the above code inside of it you will need to goto your mysql database and create a database with a table that has 3 fields in the following format. - id - int(11) - Auto increment - username - varchar(50) - hashed_password - varchar(40) Now search for this in the login.php code define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","yourpassword"); define("DB_NAME","yourdatabasename"); And This: $db_select = mysql_select_db("bcooperz", $connection); And change these to your settings. Once you have done all this create a new file called register with the suffix .php as well so if you have file extensions turned on it will look like "register.php" And add this code inside it: <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php define("DB_SERVER","localhost"); define("DB_USER","root"); define("DB_PASS","maxcooper"); define("DB_NAME","bcooperz"); $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if(!$connection){ die("Database Connection Failed: " . mysql_error()); } $db_select = mysql_select_db("bcooperz", $connection); if(!$db_select){ die("Connection to database failed: " . mysql_error()); } ?> <?php if(isset($_POST['submit'])){ $username = trim(mysql_prep($_POST['username'])); $password = trim(mysql_prep($_POST['password'])); $hashed_password = sha1($password); $confirmpass=$_POST['confirmpass']; $query2 = "SELECT * FROM users WHERE username='$username'"; $result2 = mysql_query($query2); $counted=mysql_num_rows($result2); $errors = array(); // Perform validations on the form $required_fields = array('username', 'password', 'confirmpass'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } if($confirmpass!=$_POST['password']){ $errors[] = "passdifference"; } if($counted > 0){ $errors[] = "User Already Created"; } $field_with_lengths = array('username' => 30, 'password' => 30); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } /* The Form Has Been Submitted */ if (empty($errors)){ $query = "INSERT INTO users (username,hashed_password) VALUES ('{$username}', '{$hashed_password}')"; $result = mysql_query($query, $connection); if($result){ echo "User Successfully Created"; }else{ echo "The User Could Not Be Created" . "<br />"; echo mysql_error(); } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; print_r(implode(", ", $errors)); }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ /* The Form Has Not Yet Been Submitted */ $username = ""; $password = ""; } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username : <input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /><br /> Password : <input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /><br /> Confirm Password: <input type="password" name="confirmpass" maxlength="30" value="" /><br /><br /> <input type="submit" name="submit" value="Register" /><br /> </form> <p>Already have a account? login here <a href="login.php">here!</a></p> </body> </html> Once you have done that and you have a file called "register.php" you will need to perform the final step which will be changing the database details once again on the second file ("register.php"). Thanks, Bcooperz. Please tell me if this works
  5. Yea it's for people having troubles with their send mail scripts, I saw some people having troubles. BTW im looking for a website design buddy if your interested, just to talk to on like MSN or something about sites, i want to be a programmer as my job.
  6. Updated my second post with the tag thanks for that i am new to this forum and diden't know it had that function.
  7. UPDATE! Added a email checking system so now it actually checks if the email contains a "@" or not. NEW CODE! <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php if (isset($_POST['submit'])){ // The form has been submitted $errors = array(); // Set the needed variables here $email = $_POST['email']; $title = $_POST['title']; $message = $_POST['message']; // Perform validations on the form $required_fields = array('title', 'email', 'message'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('title' => 20, 'email' => 50); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim($_POST[$fieldname])) > $maxlength) { $errors[] = $fieldname; } } if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { $errors[] = "In-Correct Email Format"; } if (empty($errors)){ // Their are no errors in the form $headers = 'From: ' . $email . "\r\n" . 'Reply-To: bcooperz@hotmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $sentmail=mail("bcooperz@hotmail.com","$title","$message", "$headers"); // if your email successfully sent if($sentmail){ echo "Your Email Has been sent"; }else{ echo "Cannot send email"; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted $email = ""; $title = ""; $message = ""; } ?> <html> <head> <title>Contact Us</title> </head> <body> <form action="test.php" method="post"> Title of message : <input type="text" name="title" maxlength="20" value="" /><br /> Your Email : <input type="text" name="email" maxlength="50" value="" /><br /> Message : <br /><textarea name="message" rows="20" cols="80"></textarea><br /><br /> <input type="submit" name="submit" value="Contact Us" /><br /> </form> </body> </html>
  8. Hey my name is Brandon, im quite new to php but im improving and I really want to get into web design soon. Well lucky for you guys I was bored so i decided to create a Contact Us page. Just so you know MY contact us requires the user to be logged in to use it otherwise it redirects them to the login.php page and outputs a error saying "you need to be logged in to access this page", however i changed this contact us page so the user does not have to be logged in and it just requires all the fields to be entered. One thing I diden't add was a system to check if the email has a "@" sign in it, so you can be more confident that the email is real, I don't find this that important because if the user is leaving out a "@" sign then it's likely they are just wanting to send a fake email and they will do it regardless of a check or not. Here's The Code. <?php function mysql_prep($value) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists("mysql_real_escape_string"); // i.e PHP >= v4.3.0 if($new_enough_php){ // PHP v4.3.0 or higher if ($magic_quotes_active){ $value = stripslashes($value); } $value = mysql_real_escape_string($value); }else{ //Before PHP v4.3.0 //if magic quotes aren't already on then add slahes manually if(!$magic_quotes_active){ $value = addslashes($value); } // if magic quotes are active then the slashes already exist } return $value; } function redirect_to($location = NULL){ if($location != NULL){ header("Location: {$location}"); exit; } } ?> <?php if (isset($_POST['submit'])){ // The form has been submitted $errors = array(); // Perform validations on the form $required_fields = array('title', 'email', 'message'); foreach($required_fields as $fieldname){ if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])){ $errors[] = $fieldname; } } $field_with_lengths = array('title' => 20, 'email' => 50); foreach($field_with_lengths as $fieldname => $maxlength) { if (strlen(trim($_POST[$fieldname])) > $maxlength) { $errors[] = $fieldname; } } // Set the needed variables here $email = $_POST['email']; $title = $_POST['title']; $message = $_POST['message']; if (empty($errors)){ // Their are no errors in the form $headers = 'From: ' . $email . "\r\n" . 'Reply-To: bcooperz@hotmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $sentmail=mail("bcooperz@hotmail.com","$title","$message", "$headers"); // if your email successfully sent if($sentmail){ echo "Your Email Has been sent"; }else{ echo "Cannot send email"; } }else{ $count = count($errors); if($count == 1){ echo "Their Was {$count} Error In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; }else{ echo "Their Was {$count} Error's In The Form" . "<br />"; echo "<b>"; print_r(implode(", ", $errors)); echo "</b>"; } } }else{ // The Form Has Not Been Submitted $email = ""; $title = ""; $message = ""; } ?> <html> <head> <title>Contact Us</title> </head> <body> <form action="contact.php" method="post"> Title of message : <input type="text" name="title" maxlength="20" value="" /><br /> Your Email : <input type="text" name="email" maxlength="50" value="" /><br /> Message : <br /><textarea name="message" rows="20" cols="80"></textarea><br /><br /> <input type="submit" name="submit" value="Contact Us" /><br /> </form> </body> </html> Now in order for this to work you will need to have a domain or localhost will also do fine if you have it set up with a email system, some free domains will work as long as they have a email sending capability and php enabled. Also one thing you will want to do is change "bcooperz@hotmail.com" in that code to your email so the users of your website are sending the emails to your email Thanks, BcooperZ.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.