Jump to content

Motto

New Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Motto's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Motto
    I have a problem with my site. I did everything that is said in the tutorial and got nothing , I searched the forum replaced some data but still no result. I keep getting : "Your login session is not on record in the database" when i try to add a new record in the database. i can refresh the index.php in storeadmin but when i refresh the inventory_list.php it dosen't work or when i try to add / delete / edit a product. please help. this admin_login.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (isset($_SESSION["manager"])) { header("location: index.php"); exit(); } ?> <?php // Parse the log in form if the user has filled it out and pressed "Log In" if (isset($_POST["username"]) && isset($_POST["password"])) {[/size][/font][/color] $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 1) { // evaluate the count while($row = mysql_fetch_array($sql)){ $id = $row["id"]; } $_SESSION["id"] = $id; $_SESSION["manager"] = $manager; $_SESSION["password"] = $password; header("location: index.php"); exit(); } else { echo 'That information is incorrect, try again <a href="index.php">Click Here</a>'; exit(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Admin Log In </title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="left" style="margin-left:24px;"> <h2>Please Log In To Manage the Store</h2> <form id="form1" name="form1" method="post" action="admin_login.php"> User Name:<br /> <input name="username" type="text" id="username" size="40" /> <br /><br /> Password:<br /> <input name="password" type="password" id="password" size="40" /> <br /> <br /> <br /> <input type="submit" name="button" id="button" value="Log In" /> </form> <p> </p> </div> <br /> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> this index.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Store Admin Area</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head>[/size][/font][/color] <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="left" style="margin-left:24px;"> <h2>Hello store manager, what would you like to do today?</h2> <p><a href="inventory_list.php">Manage Inventory</a><br /> <a href="#">Manage Blah Blah </a></p> </div> <br /> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> this inventory_list.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <?php // Script Error Reporting error_reporting(E_ALL); ini_set('display_errors', '1'); ?> <?php // Delete Item Question to Admin, and Delete Product if they choose if (isset($_GET['deleteid'])) { echo 'Do you really want to delete product with ID of ' . $_GET['deleteid'] . '? <a href="inventory_list.php?yesdelete=' . $_GET['deleteid'] . '">Yes</a> | <a href="inventory_list.php">No</a>'; exit(); } if (isset($_GET['yesdelete'])) { // remove item from system and delete its picture // delete from database $id_to_delete = $_GET['yesdelete']; $sql = mysql_query("DELETE FROM products WHERE id='$id_to_delete' LIMIT 1") or die (mysql_error()); // unlink the image from server // Remove The Pic ------------------------------------------- $pictodelete = ("../inventory_images/$id_to_delete.jpg"); if (file_exists($pictodelete)) { unlink($pictodelete); } header("location: inventory_list.php"); exit(); } ?> <?php // Parse the form data and add inventory item to the system if (isset($_POST['product_name'])) { $product_name = mysql_real_escape_string($_POST['product_name']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $subcategory = mysql_real_escape_string($_POST['subcategory']); $details = mysql_real_escape_string($_POST['details']); // See if that product name is an identical match to another product in the system $sql = mysql_query("SELECT id FROM products WHERE product_name='$product_name' LIMIT 1"); $productMatch = mysql_num_rows($sql); // count the output amount if ($productMatch > 0) { echo 'Sorry you tried to place a duplicate "Product Name" into the system, <a href="inventory_list.php">click here</a>'; exit(); } // Add this product into the database now $sql = mysql_query("INSERT INTO products (product_name, price, details, category, subcategory, date_added) VALUES('$product_name','$price','$details','$category','$subcategory',now())") or die (mysql_error()); $pid = mysql_insert_id(); // Place image in the folder $newname = "$pid.jpg"; move_uploaded_file( $_FILES['fileField']['tmp_name'], "../inventory_images/$newname"); header("location: inventory_list.php"); exit(); } ?> <?php // This block grabs the whole list for viewing $product_list = ""; $sql = mysql_query("SELECT * FROM products ORDER BY date_added DESC"); $productCount = mysql_num_rows($sql); // count the output amount if ($productCount > 0) { while($row = mysql_fetch_array($sql)){ $id = $row["id"]; $product_name = $row["product_name"]; $price = $row["price"]; $date_added = strftime("%b %d, %Y", strtotime($row["date_added"])); $product_list .= "Product ID: $id - <strong>$product_name</strong> - $$price - <em>Added $date_added</em> <a href='inventory_edit.php?pid=$id'>edit</a> • <a href='inventory_list.php?deleteid=$id'>delete</a><br />"; } } else { $product_list = "You have no products listed in your store yet"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Inventory List</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div> <div align="left" style="margin-left:24px;"> <h2>Inventory list</h2> <?php echo $product_list; ?> </div> <hr /> <a name="inventoryForm" id="inventoryForm"></a> <h3> ↓ Add New Inventory Item Form ↓ </h3> <form action="inventory_list.php" enctype="multipart/form-data" name="myForm" id="myform" method="post"> <table width="90%" border="0" cellspacing="0" cellpadding="6"> <tr> <td width="20%" align="right">Product Name</td> <td width="80%"><label> <input name="product_name" type="text" id="product_name" size="64" /> </label></td> </tr> <tr> <td align="right">Product Price</td> <td><label> $ <input name="price" type="text" id="price" size="12" /> </label></td> </tr> <tr> <td align="right">Category</td> <td><label> <select name="category" id="category"> <option value="Clothing">Clothing</option> </select> </label></td> </tr> <tr> <td align="right">Subcategory</td> <td><select name="subcategory" id="subcategory"> <option value=""></option> <option value="Hats">Hats</option> <option value="Pants">Pants</option> <option value="Shirts">Shirts</option> </select></td> </tr> <tr> <td align="right">Product Details</td> <td><label> <textarea name="details" id="details" cols="64" rows="5"></textarea> </label></td> </tr> <tr> <td align="right">Product Image</td> <td><label> <input type="file" name="fileField" id="fileField" /> </label></td> </tr> <tr> <td> </td> <td><label> <input type="submit" name="button" id="button" value="Add This Item Now" /> </label></td> </tr> </table> </form> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> and this inventory_edit.php <?php // This file is www.developphp.com curriculum material // Written by Adam Khoury January 01, 2011 // http://www.youtube.com/view_play_list?p=442E340A42191003 session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <?php // Script Error Reporting error_reporting(E_ALL); ini_set('display_errors', '1'); ?> <?php // Parse the form data and add inventory item to the system if (isset($_POST['product_name'])) { $pid = mysql_real_escape_string($_POST['thisID']); $product_name = mysql_real_escape_string($_POST['product_name']); $price = mysql_real_escape_string($_POST['price']); $category = mysql_real_escape_string($_POST['category']); $subcategory = mysql_real_escape_string($_POST['subcategory']); $details = mysql_real_escape_string($_POST['details']); // See if that product name is an identical match to another product in the system $sql = mysql_query("UPDATE products SET product_name='$product_name', price='$price', details='$details', category='$category', subcategory='$subcategory' WHERE id='$pid'"); if ($_FILES['fileField']['tmp_name'] != "") { // Place image in the folder $newname = "$pid.jpg"; move_uploaded_file($_FILES['fileField']['tmp_name'], "../inventory_images/$newname"); } header("location: inventory_list.php"); exit(); } ?> <?php // Gather this product's full information for inserting automatically into the edit form below on page if (isset($_GET['pid'])) { $targetID = $_GET['pid']; $sql = mysql_query("SELECT * FROM products WHERE id='$targetID' LIMIT 1"); $productCount = mysql_num_rows($sql); // count the output amount if ($productCount > 0) { while($row = mysql_fetch_array($sql)){ $product_name = $row["product_name"]; $price = $row["price"]; $category = $row["category"]; $subcategory = $row["subcategory"]; $details = $row["details"]; $date_added = strftime("%b %d, %Y", strtotime($row["date_added"])); } } else { echo "Sorry dude that crap dont exist."; exit(); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Inventory List</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="right" style="margin-right:32px;"><a href="inventory_list.php#inventoryForm">+ Add New Inventory Item</a></div> <div align="left" style="margin-left:24px;"> <h2>Inventory list</h2> <?php echo $product_list; ?> </div> <hr /> <a name="inventoryForm" id="inventoryForm"></a> <h3> ↓ Add New Inventory Item Form ↓ </h3> <form action="inventory_edit.php" enctype="multipart/form-data" name="myForm" id="myform" method="post"> <table width="90%" border="0" cellspacing="0" cellpadding="6"> <tr> <td width="20%" align="right">Product Name</td> <td width="80%"><label> <input name="product_name" type="text" id="product_name" size="64" value="<?php echo $product_name; ?>" /> </label></td> </tr> <tr> <td align="right">Product Price</td> <td><label> $ <input name="price" type="text" id="price" size="12" value="<?php echo $price; ?>" /> </label></td> </tr> <tr> <td align="right">Category</td> <td><label> <select name="category" id="category"> <option value="Clothing">Clothing</option> </select> </label></td> </tr> <tr> <td align="right">Subcategory</td> <td><select name="subcategory" id="subcategory"> <option value="<?php echo $subcategory; ?>"><?php echo $subcategory; ?></option> <option value="Hats">Hats</option> <option value="Pants">Pants</option> <option value="Shirts">Shirts</option> </select></td> </tr> <tr> <td align="right">Product Details</td> <td><label> <textarea name="details" id="details" cols="64" rows="5"><?php echo $details; ?></textarea> </label></td> </tr> <tr> <td align="right">Product Image</td> <td><label> <input type="file" name="fileField" id="fileField" /> </label></td> </tr> <tr> <td> </td> <td><label> <input name="thisID" type="hidden" value="<?php echo $targetID; ?>" /> <input type="submit" name="button" id="button" value="Make Changes" /> </label></td> </tr> </table> </form> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.