Jump to content


New Members
  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Nelalen

  • Rank
  1. Sorry, yes I just thought of the login script where I require the email as input. It matches it to an existing entry into the database. I'm guessing I need to query the database to assign the email? Apologies if I seem like a bit of an idiot...I've only been learning programming this first semester. Very little prior experience.. Here's the login script: <?php //check for required fields from the form if ((!filter_input(INPUT_POST, 'email')) || (!filter_input(INPUT_POST, 'password'))) { //if ((!isset($_POST["username"])) || (!isset($_POST["password"]))) { header("Location: userlogin.html"); exit; } //connect to server and select database $mysqli = mysqli_connect("localhost", "cs213user", "letmein", "testDB"); //create and issue the query $targetname = filter_input(INPUT_POST, 'email'); $targetpasswd = filter_input(INPUT_POST, 'password'); $sql = "SELECT firstname, lastname FROM members WHERE email = '".$targetname. "' AND password = PASSWORD('".$targetpasswd."')"; $result = mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli)); //get the number of rows in the result set; should be 1 if a match if (mysqli_num_rows($result) == 1) { //if authorized, get the values of firstname lastname while ($info = mysqli_fetch_array($result)) { $firstname = stripslashes($info['firstname']); $lastname = stripslashes($info['lastname']); } //set authorization cookie setcookie("auth", "1", time()+60*30, "/", "", 0); //create display string $display_block = " <p>".$firstname." ".$lastname." is authorized!</p> <p>Authorized Users' Menu:</p> <ul> <li><a href=\"secretpage.php\">Lottery Ticket Selection</a></li> <li><a href=\"fileupload.html\">Upload A File</a></li> </ul>"; } else { //redirect back to login form if not authorized //header("Location: userlogin.html"); //exit; echo "wrongone"; } ?> <html> <head> <title>User Login</title> </head> <body> <?php echo "$display_block"; ?> </body> </html> And the html form: <html> <head> <title>User Login Form</title> </head> <body> <h1>Login Form</h1> <form method="post" action="userlogin.php"> <p><strong>Email:</strong><br/> <input type="text" name="email"/></p> <p><strong>Password:</strong><br/> <input type="password" name="password"/></p> <p><input type="submit" name="submit" value="login"/></p> </form> <h1> Don't have an account?</h1> <a href ='applyaccount.php'>Click here!</a> </body> </html>
  2. Sorry, wasn't sure how to do it and was getting ready for bed. We created a form previously to create a new user where they can input their email as well as some other information. I then used something like mkdir(var/www/html/$email,0733) to create their directory and figured I should be able to use that again on this page. I tried defining it like this: $email = (filter_input(_POST["email"])); previously but it would break the page. Where should I be defining $email? and if I used the post method on the form it should be stored as POST correct? I'm a little confused as to how I can retrieve the variable from the form. When I put in the query to the server I had to make it lowercase $targetemail = strtolower($email); Do I need to use this as the email from the form may not be written in lowercase?
  3. The code works but it puts the files into /uploadir/. The users directories go by their email addresses ($email). Using the error reporting it tells me: ! ) Notice: Undefined variable: email in /var/www/html/Lab5/uploadfile.php on line 10 Call Stack # Time Memory Function Location 1 0.0010 129288 {main}( ) ../uploadfile.php:0 Any help is much appreciated!! <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors','1'); session_start(); if ($_COOKIE["auth"] == "1") { $file_dir = "/var/www/html/uploaddir/$email"; foreach($_FILES as $file_name => $file_array) { echo "path: ".$file_array["tmp_name"]."<br/>\n"; echo "name: ".$file_array["name"]."<br/>\n"; echo "type: ".$file_array["type"]."<br/>\n"; echo "size: ".$file_array["size"]."<br/>\n"; if (is_uploaded_file($file_array["tmp_name"])) { move_uploaded_file($file_array["tmp_name"], "$file_dir/".$file_array["name"]) or die ("Couldn't copy"); echo "File was moved!<br/>"; } } } else { //redirect back to login form if not authorized header("Location: userlogin.html"); exit; } ?>
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.