Jump to content

rocky48

Members
  • Content Count

    196
  • Joined

  • Last visited

Community Reputation

0 Neutral

About rocky48

  • Rank
    Advanced Member
  • Birthday 03/03/1948

Profile Information

  • Gender
    Male
  • Location
    Hastings, UK
  • Interests
    Programming, Radio Control Model Aircraft
  • Age
    69
  1. I am designing a form where the users input information to be stored on a database. All of the other inputs apart from the email post OK, but the email does not! The error is: Notice: Undefined index: email in /home/hp3-linc4-nfs2-y/555/1099555/user/htdocs/includes/renew1.php on line 19 Consequently the mysqli query does not succeed. Here is the section of code in the html file: <h1>Online Renewal Form</h1> <form action="includes/renew1.php" method="post"> <fieldset> <p><label for= "firstname"><b>Enter Firstname:</b></label> <input type="text" name="firstname" id="firstname" value="firstname" size="20" maxlength="20"/></p> <p><label for= "surname"> <b>Enter Surname: </b></label> <input type="text" name="surname" id="surname" value="surname" size="20" maxlength="40"/></p> <p><label for= "bmfa_no"> <b>Enter BMFA No:</b></label> <input type="text" name="bmfa_no" id="bmfa_no" value="BMFA_No" size="30" maxlength="80" /> </p> <p><label for= "road"> <b>Enter Road:</b></label> <input type="text" name="road" id="road" value="road" size="30" maxlength="80"/> </p> <p><label for="town"> <b>Enter Town:</b> </label> <input type="text" name="town" id="town" value="town" size="30" maxlength="80"/> </p> <p><label for="county"> <b>Enter County:</b></label> <input type="text" name="county" id="county" value="county" size="30" maxlength="80" /> </p> <p><label for= "pcode"> <b>Enter Post Code:</b></label> <input type="text" name="pcode" id="pcode" value="pcode" size="30" maxlength="80" /> </p> <p><label for="phone"> <b>Enter Phone No:</b></label> <input type="tel" name="phone" id="phone" value="phone" size="30" maxlength="80" /> </p> <p><label for="mobile"> <b>Enter Mobile No:</b></label> <input type="tel" name="mobile" id="mobile" value="mobile" size="30" maxlength="80" /> </p> <p><label for="email"> <b>Enter Email:</b></label> <input id="email" type="text"></p> <p><label for="date"><b>Enter Date of Birth:</b></label> <input id="date" type="date"> </p> </fieldset> <fieldset> <p><label><b>Do you wish that the club obtains your BMFA membership & Insurance: </b></label> (click on box to see the list) <SELECT name= "club_mem"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset> <p><label><b>Country Member: </b></label> (click on box to see the list) <SELECT name= "country_mem"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset> <p><label><b>Do you require training: </b></label> (click on box to see the list) <SELECT name= "train"> <option value="No">NO</option> <option value="Yes">YES</option> </SELECT><br><br> </fieldset> <fieldset><legend><b>The Amount to Pay</b></legend> <p><label><b>Membership Fees: </b></label> (click on box to see the list) <SELECT name= "subs_amount"> <option value="0">0</option> <option value="10.00">£10.00</option> <option value="13.00">£13.00</option> <option value="15.00">£15.00</option> <option value="17.00">£17.00</option> <option value="24.00">£24.00</option> <option value="27.00">£27.00</option> <option value="34.00">£34.00</option> <option value="44.00">£44.00</option> </SELECT><br><br> <b>Description of Fees</b><br><br> Social or Country members £10<br> Family Junior member £13<br> Junior Country member £17<br> Family Partner member £24<br> Junior Club member (Includes BMFA fees) £27<br> Family Senior member &£34<br> Senior Club member (Includes BMFA fees) £44<br> Family members must complete the renewal form if they want the club to sign them up for BMFA family membership.<br> If the family member has Country membership of BMFA they must enrol as a country member (£10). </p> </fieldset> <fieldset><legend><b>Please select the method of payment</b></legend> <p><label><b>Payment Method: </b></label> (click on box to see the list) <select name="pay_meth"> <option value="Cheque">Cheque</option> <option value="Cash">Cash</option> <option value="BACS">BACS</option> </select> </fieldset> <br /> <div align="left"><input type="submit" name="submit" value="Submit" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> The code in the PHP file is as follows: $trimmed = array_map('trim', $_POST); $Fname = mysqli_real_escape_string($dbc, $_POST['firstname']); $Sname = mysqli_real_escape_string($dbc, $_POST['surname']); $Road = mysqli_real_escape_string($dbc, $_POST['road']); $Town = mysqli_real_escape_string($dbc, $_POST['town']); $County = mysqli_real_escape_string($dbc, $_POST['county']); $Pcode = mysqli_real_escape_string($dbc, $_POST['pcode']); $Phone = mysqli_real_escape_string($dbc, $_POST['phone']); $Mobile = mysqli_real_escape_string($dbc, $_POST['mobile']); $Email = mysqli_real_escape_string($dbc, $_POST['email']); $DOB = mysqli_real_escape_string($dbc, $_POST['dob']); $BMFA = mysqli_real_escape_string($dbc, $_POST['bmfa_no']); $C_mem = mysqli_real_escape_string($dbc, $_POST['country_mem']); $Amount = mysqli_real_escape_string($dbc, $_POST['subs_amount']); $meth = mysqli_real_escape_string($dbc, $_POST['pay_meth']); $club = mysqli_real_escape_string($dbc, $_POST['club_mem']); $training = mysqli_real_escape_string($dbc, $_POST['train']); I thought that the problem was in the HTML file, but I am unable to see where it is incorrect. Please help?
  2. What do you mean by a prepared query? I am not putting user input directly into the query, otherwise I would have put the ($_POST['Value']) into the query! Am I not understanding why that no rows are produced with msqli_num_rows()? I am still somewhat 'green', probably due to my age!
  3. I know this question has been asked many times before, and I have looked at many of the answers, but i just can't see whats wrong. I have got it to print $r and that equals 1, so should print the message "Your renewal form has been received and added to the database", but it prints the other message? Never the less the INSERT is updating the database, so why is it not printing the correct echo. I've tried FALSE instead of <1. I also had it the other way around (correct message first), but I still get the same result. Please help! Here is the code: <?php require_once ('config.inc.php'); if (isset($_POST['submitted'])) { // Handle the form. // print_r($_POST); require_once('connect_renew.php'); // Trim all the incoming data: $trimmed = array_map('trim', $_POST); $Fname = $_POST['firstname']; $Sname = $_POST['surname']; $Road = $_POST['road']; $Town = $_POST['town']; $County = $_POST['county']; $Pcode = $_POST['pcode']; $Phone = $_POST['phone']; $Mobile = $_POST['mobile']; $Email = $_POST['email']; $DOB = $_POST['dob']; $BMFA = $_POST['bmfa_no']; $C_mem = $_POST['country_mem']; $Amount = $_POST['subs_amount']; $meth = $_POST['pay_meth']; $q= "INSERT INTO `Rform`(`firstname`, `surname`, `road`, `town`, `county`, `pcode`, `phone`, `mobile`, `email`, `dob`, `bmfa_no`, `country_mem`, `subs_amount`, `pay_meth`, date_sub) VALUES ('$Fname', '$Sname', '$Road', '$Town', '$County', '$Pcode', '$Phone', '$Mobile', '$Email', '$DOB', '$BMFA', '$C_mem', '$Amount', '$meth', now())"; $r = mysqli_query ($dbc, $q) or die(mysqli_error($dbc)); if (mysqli_num_rows($r) < 1){ // Available. echo $r; echo '<p>Somethings wrong, You need to re-enter your details</p>'; }else{ echo '<p> Your renewal form has been received and added to the database</p>'; } mysqli_close($dbc); } ?>
  4. I am trying to make my site more secure by staring a session at login which uses the user_id to identify a user. I had a previous post which was to change password, which I eventually found was due to not putting ob_start before the session start. Using this method I tried adding the same to another file, so that an intruder can't circumvent the login procedure. When I run this file all I get is a blank screen, no errors are shown. I added to show errors: ini_set('display_errors',1); error_reporting(E_ALL); Here is the script that is not working: <?php # MFC1066 - Club_Info.php // This is the main page for the site. ob_start(); session_start(); ini_set('display_errors',1); error_reporting(E_ALL); // Include the configuration file: require_once ('includes/config.inc.php'); // Set the page title and include the HTML header: $page_title = 'Club Info'; include ('includes/header1.html'); // If no user_id session variable exists, redirect the user: if (!isset($_SESSION[$uid])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. ?> <?php include ('includes/info.html'); ?> <?php // Include the HTML footer file: include ('includes/footer1.html'); ?> Here is the Login script: <?php # - login.php // This is the login page for the site. //ini_set('display_errors',1); //error_reporting(E_ALL); // Start output buffering: ob_start(); session_start(); $uid=$_SESSION('user_id'); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header1.html'); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your BMFA number!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']='user_id'; mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login3.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Forgot Password</a></h2> <?php // Include the HTML footer. include ('includes/footer1.html'); ?> I have isolated the problem to the redirect code lines 15 - 19, but can't see why it does not work! Please can you help?
  5. rocky48

    Using SESSIONS in Change Password Script

    I take it back! The SESSION is still not being recognized! I am at my wits end trying to solve this problem. Please can anyone help?
  6. rocky48

    Using SESSIONS in Change Password Script

    I eventually found that ob_start should go BEFORE Session_start, so it now recognizes the session. However, I now have another problem! The query is not working on line 436 of change_password.php. All I get is the echo of the array when the line is like so: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION=$_POST['user_id']"; I tried changing it but keep getting errors. I tried this: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION['loggedin']::'user_id'}"; As this field is not one that has been posted, how do you retrieve it from the record?
  7. rocky48

    Header Problem!

    Think it's 2008 version!
  8. rocky48

    Using SESSIONS in Change Password Script

    Having some more thoughts on this! Do I need the line: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); Does this capture all of the data in the SELECT query? So if I then have the line: $_SESSION['loggedin']='user_id'; Should this not pass the user_id as a named session, so when I try to use it in the change_password script it will identify the user? Is my thinking correct or am I totally wrong?
  9. rocky48

    Using SESSIONS in Change Password Script

    Just realized why it returns to home page! Its due to this line: if (!isset($_SESSION['loggedin'])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } So I guess it is not recognizing the session. Should I have the session start on this script?
  10. rocky48

    Using SESSIONS in Change Password Script

    Firstly, I was at first trying to use the email address as the session data to use throughout the session, but soon realized tat was not a good idea. So my scripts were not totally changed. Here are the changes I have made. Login script: // Register the values & redirect: //$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']=$_POST['user_id']; As you can see I have only commented out the superfluous line for now. Now to the Change_password script: $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION['loggedin']::$_POST['user_id']}"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); When i run this on my localhost, I get the following error: According to the web query that strange sounding error message is to do with double colons. It is inferring that it should be :: and not =, but when I changed it to the double colons it returned to my home page and did not process the html code on lines 62 onward. The ob_start is in the header1.html script! Any ideas to why this is happening?
  11. I am having difficulty finding out what is wrong with these scripts. When a user logs on a session is started in the logon script: Login.php: <?php # - login.php // This is the login page for the site. session_start(); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header1.html'); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your BMFA number!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['loggedin']=$_POST['user_id']; echo $_POST['user_id']; mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Forgot Password</a></h2> <?php // Include the HTML footer. include ('includes/footer1.html'); ?> I am using output buffering, so that I can include files and only send to the server when the form is submitted. Would this screw up the sessions? I'm not sure if the way I have set the session is correct on line 48 as there is a session which is saving the array of the MYSQL query. I am using a book for this example, so I don't understand how the first session statement is saving the array, if it is not named? The script allows me to login OK and on the page it redirects to I have put a button that allows the user to change their password. This runs the change_password.php script. <?php # Change_password.php // This page allows a logged-in user to change their password. session_start(); ob_start; require_once ('includes/config.inc.php'); $page_title = 'Change Your Password'; include ('includes/header1.html'); // If no first_name session variable exists, redirect the user: if (!isset($_SESSION['email'])) { $url = BASE_URL . 'index.php'; // Define the URL. ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } print_r($_POST); if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Check for a new password and match against the confirmed password: $p = FALSE; if (preg_match ('/^(\w){4,20}$/', $_POST['password1']) ) { if ($_POST['password1'] == $_POST['password2']) { $p = mysqli_real_escape_string ($dbc, $_POST['password1']); } else { echo '<p class="error">Your password did not match the confirmed password!</p>'; } } else { echo '<p class="error">Please enter a valid password!</p>'; } if ($p) { // If everything's OK. // Make the query. $q = "UPDATE users SET pass=SHA1('$p') WHERE user_id={$_SESSION=$_POST['user_id']"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Send an email, if desired. echo '<h3>Your password has been changed.</h3>'; mysqli_close($dbc); // Close the database connection. include ('includes/footer.html'); // Include the HTML footer. exit(); } else { // If it did not run OK. echo '<p class="error">Your password was not changed. Make sure your new password is different than the current password. Contact the system administrator if you think an error occurred.</p>'; } } else { // Failed the validation test. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); // Close the database connection. } // End of the main Submit conditional. ?> <h1>Change Your Password</h1> <form action="change_password.php" method="post"> <fieldset> <p><b>New Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters, numbers, and the underscore. Must be between 4 and 20 characters long.</small></p> <p><b>Confirm New Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p> </fieldset> <div align="center"><input type="submit" name="submit" value="Change My Password" /></div> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php include ('includes/footer1.html'); ?> When this runs all I get is a blank page and not the message that the password has been changed. As there are no error messages I am not sure where the script is wrong. Can someone tell me where I am going wrong?
  12. rocky48

    Header Problem!

    I am trying to write some code based on the scripts in Larry Ulmans Book PHP6 & MYSQL 5. When I run the script I get the following error: The config.inc.php is shown below: <?php # config.inc.php /* This script: * - define constants and settings * - dictates how errors are handled * - defines useful functions */ // Document who created this site, when, why, etc. // ********************************** // // ************ SETTINGS ************ // // Flag variable for site status: define('LIVE', FALSE); // Admin contact address: define('EMAIL', 't.e.hudson@btinternet.com'); // Site URL (base for all redirections): define ('BASE_URL', 'http://www.1066cards4u.co.uk/MFC1066/'); // Location of the MySQL connection script: define ('MYSQL', '\Connect_login.php\\'); // Adjust the time zone for PHP 5.1 and greater: date_default_timezone_set("Europe/London"); // ************ SETTINGS ************ // // ********************************** // // ****************************************** // // ************ ERROR MANAGEMENT ************ // // Create the error handler: function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) { // Build the error message. $message = "<p>An error occurred in script $e_file on line $e_line: $e_message\n<br />"; // Add the date and time: $message .= "Date/Time: " . date("j-n-Y H:i:s") . "\n<br />"; // Append $e_vars to the $message: $message .= "<pre>" . print_r ($e_vars, 1) . "</pre>\n</p>"; if (!LIVE) { // Development (print the error). echo '<div class ="error">' . $message . '</div><br />'; } else { // Do not show the error: // Send an email to the admin: mail(EMAIL, 'Site Error!', $message, 'From: email@example.com'); // Only print an error message if the error isn't a notice: if ($e_number != E_NOTICE) { echo '<div class="error">A system error occurred. We apologize for the inconvenience.</div><br />'; } } // End of !LIVE IF. } // End of my_error_handler() definition. // Use my error handler. set_error_handler ('my_error_handler'); // ************ ERROR MANAGEMENT ************ // // ****************************************** // ?> The header is called in the following script: <?php # - login.php // This is the login page for the site. include('includes/SessionManage.php'); SessionManager::sessionStart('login'); require_once ('includes/config.inc.php'); $page_title = 'Login'; include ('includes/header.html'); echo ""; if (isset($_POST['submitted'])) { require_once('includes/Connect_login.php'); // Validate the email address: if (!empty($_POST['email'])) { $e = mysqli_real_escape_string ($dbc, $_POST['email']); } else { $e = FALSE; echo '<p class="error">You forgot to enter your email address!</p>'; } // Validate the password: if (!empty($_POST['pass'])) { $p = mysqli_real_escape_string ($dbc, $_POST['pass']); } else { $p = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } // Validate the BMFA No: if (!empty($_POST['BMFA'])) { $b = mysqli_real_escape_string ($dbc, $_POST['BMFA']); } else { $b = FALSE; echo '<p class="error">You forgot to enter your password!</p>'; } if ($e && $p && $b) { // If everything's OK. // Query the database: $q = "SELECT user_id, first_name, user_level, BMFA_No FROM users WHERE (email='$e' AND pass=SHA1('$p') AND BMFA_No= ('$b')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // A match was made. // Register the values & redirect: $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); mysqli_free_result($r); mysqli_close($dbc); $url = BASE_URL . 'mempage.php'; // Define the URL: ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { // No match was made. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; } } else { // If everything wasn't OK. echo '<p class="error">Please try again.</p>'; } mysqli_close($dbc); } // End of SUBMIT conditional. ?> <h1>Login</h1> <p>Your browser must allow cookies in order to log in.</p> <form action="login.php" method="post"> <fieldset> <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" /></p> <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p> <p><b>BMFA No:</b> <input type="text" name="BMFA" size="20" maxlength="20" /></p> <div align="center"><input type="submit" name="submit" value="Login" /></div> <input type="hidden" name="submitted" value="TRUE" /> </fieldset> </form> <h2>Forgot your password? Click on this link:<a href="forgot_password.php"target="_blank">Change Password</a></h2> <?php // Include the HTML footer. include ('includes/footer.html'); ?> I have highlighted the line that fails in red. It is used to open the script mempage.php, so I thought I would try opening the script with require, but all I get is a blank screen. Is there a bug in the script that was written by Larry Ulman or is it something is wrong with the way I have modified the script. If that is not the case is there an alternative way of proceeding to the next script? Your help would be appreciated!
  13. rocky48

    How do you use 'Classes' in your code?

    I feel a right twit! Such a basic mistake. I didn't put the php tags around the class file. The fact that the contents of the class file where printed out above the error should have made realise that it was not being parsed.
  14. rocky48

    How do you use 'Classes' in your code?

    I did wonder about that, so I tried it with the 'r' on the end. Still gave an error! I assumed that it should have been SessionManager, as that was the name that was declared as the class. These are the lines in login that call the class file: include('includes/SessionManage.php'); SessionManager::sessionStart('login');
  15. I am trying to get to grips with secure sessions on a login page I am writting. Doing some research on Google I found an article called 'How to Create Bulletproof Sessions. The first thing the article was to write a class called SessionManager, which I called SessionManage.php I include this file like so: 'include('includes/SessionManage.php');' The class file: class SessionManager { static function sessionStart($name, $limit = 0, $path = '/', $domain = null, $secure = null) { // Set the cookie name before we start. session_name($name . '_Session'); // Set the domain to default to the current domain. $domain = isset($domain) ? $domain : isset($_SERVER['SERVER_NAME']); // Set the default secure value to whether the site is being accessed with SSL $https = isset($secure) ? $secure : isset($_SERVER['HTTPS']); // Set the cookie settings and start the session session_set_cookie_params($limit, $path, $domain, $secure, true); session_start(); } } The article says to use this in your code you type one of the following: I just used login as the installation name. When I now run the code I get the following Fatal Error: Above the error information the complete code for the class file is printed. I am obviously have not got the syntax correct, but searching the internet has not helped. Can anybody point out where I am going wrong?
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.