melloorr

I was getting the errors because I was using the cookie to get the username from the correct row in the database, so I could display it on screen. And if the cookie has been modified, then it has been destroyed, so the variable would not have been defined (if there was originally no cookie, then i do not get these errors, as the variable is only defined if the cookie is present)

Thank you. It worked perfectly

Sorry if this is off topic, but I want to disable php errors (or not display them) for a specific page on my website, is this possible? I am asking because if the cookie has been modified, then lots of undefined constants and variable errors appear. While it does not alter the way the script works, I just don't like the way it looks (I'm a bit OCD in that sense)

Works great! Thanks

I want't going to have an error page. it is for a login script, where, if the cookie id does not match the id in the database, then they are logged out. Here is a bit of pseudo code to show what i mean. //page.php if ($cookieid != database['cookie']) { header(Redirect: index.php/98eyux9dsn29dn; } //index.php while (redirect: 98eyux9dsn29dn) { echo "You have been logged out because your cookie has been compromised"; } Something along the lines of that

Yes I know a header. But I want the user to be redirected to a page, then the page checks to see where the were redirected from, then displays the relevant error message. The page is a normal page (e.g. index) and will not always display the message

Okay, first things first. I have never done anything to URL's when coding n PHP, but... I want to make a redirect page, as in, if the user has met a certain condition, they are redirected to a different page, and they are given a specific error message depending on what the url is. (sorry if I have not explained it well.) But I do not know how to go about doing this. Any help at all please? Thanks

I have not started using the sessions yet but I am am stuck. On my nav bar, I have a button that only appears is a user is logged in, and it is supposed to display the users username, but at the moment, it is not displaying anything at all, not even the fail echos. Here is the code: <?php if ($_COOKIE) { $cookieid = $_COOKIE['Key_my_site']; $query = mysql_query("SELECT * FROM users WHERE cookieid='" . $cookieid . "'"); if ($query) { while($row = mysql_fetch_assoc($query)) { $username = $row['username']; echo "<li><a href=members.php>$username</a></li>"; } } else { echo "Fail"; } } else { echo "Fail"; } ?> Is there anything wrong with it?

True, but I only started using it because I got it for free. But I have a question about Notepad++ I keep getting lines that have just a space, and does not delete when using 'Delete Blank Lines' . Is there anyway to get around this? *EDIT* Never mind, I have done it now

You should check my thread: http://www.phpfreaks.com/forums/index.php?topic=348885.msg1646220#msg1646220

Okay I think I have now done it. When someone logs in, they are given a unique ID that is stored in a cookie and in the database. I have the header of my website checking if there is a cookie, and if there is, but the contents do not match the Unique ID stored in the database, then they are logged out. Is this okay? Also, will checking it on every page put too much strain on a server?

Well I am afraid I don't know then. Sorry I couldn't be any more help

Whats the full code? If you havent already, put a else statement after the if if () { echo"success"; } else(){ echo"fail"; }

are you using $_POST in you echo? Because you will need to do: echo(' '.$_POST['username'].' ');

Hmm looks like I need help already. How can I delete a specific value from a database, all I find is deleting a whole row. This is what I have got so far: mysql_query("DELETE FROM users WHERE cookieid = '$cookieid'"); But that will delete the user with that value, instead of just deleting the value

ahhh, try putting $username = $_POST['username']; underneath if ($_POST['submit']=='Login') {

so your still getting the username error? Could you could post the full error please?

Change if ($_POST['submit']=='Login') to if (isset($_POST['submit']))

change it from title="submit" to name="submit" and have you tried putting just $username = $_POST['username']; on the top line of the code you have showed us EDIT You have misunderstood me. when you open the form, try putting: <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> I did not mean putting it at the end of every <input> line

Well, I am no expert, but if you are sending data from forms to php then the it should be action="<?php echo $_SERVER['PHP_SELF']?>" if it is in the same file or action="yourfile.php" if it is in a different file.

Well that sounds easy enough, although it will probably take me a few days to figure out how to do it. But at least I will learn along the way. I will let you know how I get on. Thanks for all the help

I use Microsoft Expression Web. Seems to be good, but there does not seem to be much other people that use it

Do you mean, if the login is successful, then they are given a unique random key that is stored in the database, and also in cookie? Then that is used to check if they are logged in? Then when they are logged out, or the cookie is deleted or the unique numbers in the cookie is different to the one in the database, then it is deleted from the database?

Okay so I have got my login script to work after two days of me wondering why it was not working, only to find out that it was because the fields in my database were not big enough to hold the password or the salt. So I am now wondering how I can check if people are logged in without using cookies? Currently I have it so if the username and password in the cookie match the username and password in the database, then they are showed the data, but how can I do it without a cookie for a password? Would the idea I put in the last post be sufficient?

God this is so confusing. If I also give the user a unique id, then stored that in a database, the put that in a cookie instead of a password, but still checked the hashed password against the database, would this work?