charlie0987

I something like this to happen... A user has a text field and a button, he enters text in the field and clicks the button it will go to a URL. Once it goes to that URL it has a text field, this field would be automatically completed from what the user typed in at the start. On that URL there is also a button, that is automatically clicked once the text field has been automatically entered. BUT the user only sees the first page where he entered text in the field and clicked the button. Everything that happens after he clicked that button he cannot see. Is there a particular phrase you would call this from what is happening? If so, what is it and how would I do it? This probably is hard to understand but I tried :/ Thanks

I think I understand what you mean but to be honest I don't think I would be able to solve any of this. Skill level = 10 max, 0 lowest I am level 2 Your like level 9 if not 10 All I need is someone to fix the code because I honestly don't know anymore. If you can't or don't want to its fine. I think I'll give up :| Thanks for the help though dude your knowledge is too powerful for me

Originally it was this: $stmt->bind_param("sssssi", $this->username, $this->displayname, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active); But because I was removing the displayname I deleted it

Enlighten me please, I am not that good with PHP coding. Could you possibly fix the script please? or just tell me where exactly I went wrong in simple terms Sorry for being a pain.

functions.php (func.php): <?php /* UserCake Version: 2.0.2 http://usercake.com */ //Functions that do not interact with DB //------------------------------------------------------------------------------ //Retrieve a list of all .php files in models/languages function getLanguageFiles() { $directory = "models/languages/"; $languages = glob($directory . "*.php"); //print each file name return $languages; } //Retrieve a list of all .css files in models/site-templates function getTemplateFiles() { $directory = "models/site-templates/"; $languages = glob($directory . "*.css"); //print each file name return $languages; } //Retrieve a list of all .php files in root files folder function getPageFiles() { $directory = ""; $pages = glob($directory . "*.php"); //print each file name foreach ($pages as $page){ $row[$page] = $page; } return $row; } //Destroys a session as part of logout function destroySession($name) { if(isset($_SESSION[$name])) { $_SESSION[$name] = NULL; unset($_SESSION[$name]); } } //Generate a unique code function getUniqueCode($length = "") { $code = md5(uniqid(rand(), true)); if ($length != "") return substr($code, 0, $length); else return $code; } //Generate an activation key function generateActivationToken($gen = null) { do { $gen = md5(uniqid(mt_rand(), false)); } while(validateActivationToken($gen)); return $gen; } //@ Thanks to - http://phpsec.org function generateHash($plainText, $salt = null) { if ($salt === null) { $salt = substr(md5(uniqid(rand(), true)), 0, 25); } else { $salt = substr($salt, 0, 25); } return $salt . sha1($salt . $plainText); } //Checks if an email is valid function isValidEmail($email) { if (filter_var($email, FILTER_VALIDATE_EMAIL)) { return true; } else { return false; } } //Inputs language strings from selected language. function lang($key,$markers = NULL) { global $lang; if($markers == NULL) { $str = $lang[$key]; } else { //Replace any dyamic markers $str = $lang[$key]; $iteration = 1; foreach($markers as $marker) { $str = str_replace("%m".$iteration."%",$marker,$str); $iteration++; } } //Ensure we have something to return if($str == "") { return ("No language key found"); } else { return $str; } } //Checks if a string is within a min and max length function minMaxRange($min, $max, $what) { if(strlen(trim($what)) < $min) return true; else if(strlen(trim($what)) > $max) return true; else return false; } //Replaces hooks with specified text function replaceDefaultHook($str) { global $default_hooks,$default_replace; return (str_replace($default_hooks,$default_replace,$str)); } //Displays error and success messages function resultBlock($errors,$successes){ //Error block if(count($errors) > 0) { echo "<div id='error'> <a href='#' onclick=\"showHide('error');\">[X]</a> <ul>"; foreach($errors as $error) { echo "<li>".$error."</li>"; } echo "</ul>"; echo "</div>"; } //Success block if(count($successes) > 0) { echo "<div id='success'> <a href='#' onclick=\"showHide('success');\">[X]</a> <ul>"; foreach($successes as $success) { echo "<li>".$success."</li>"; } echo "</ul>"; echo "</div>"; } } //Completely sanitizes text function sanitize($str) { return strtolower(strip_tags(trim(($str)))); } //Functions that interact mainly with .users table //------------------------------------------------------------------------------ //Delete a defined array of users function deleteUsers($users) { global $mysqli,$db_table_prefix; $i = 0; $stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."users WHERE id = ?"); $stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches WHERE user_id = ?"); foreach($users as $id){ $stmt->bind_param("i", $id); $stmt->execute(); $stmt2->bind_param("i", $id); $stmt2->execute(); $i++; } $stmt->close(); $stmt2->close(); return $i; } //Check if an email exists in the DB function emailExists($email) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE email = ? LIMIT 1"); $stmt->bind_param("s", $email); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Check if a user name and email belong to the same user function emailUsernameLinked($email,$username) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE user_name = ? AND email = ? LIMIT 1 "); $stmt->bind_param("ss", $username, $email); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Retrieve information for all users function fetchAllUsers() { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, user_name, password, email, activation_token, last_activation_request, lost_password_request, active, title, sign_up_stamp, last_sign_in_stamp FROM ".$db_table_prefix."users"); $stmt->execute(); $stmt->bind_result($id, $user, $password, $email, $token, $activationRequest, $passwordRequest, $active, $title, $signUp, $signIn); while ($stmt->fetch()){ $row[] = array('id' => $id, 'user_name' => $user, 'password' => $password, 'email' => $email, 'activation_token' => $token, 'last_activation_request' => $activationRequest, 'lost_password_request' => $passwordRequest, 'active' => $active, 'title' => $title, 'sign_up_stamp' => $signUp, 'last_sign_in_stamp' => $signIn); } $stmt->close(); return ($row); } //Retrieve complete user information by username, token or ID function fetchUserDetails($username=NULL,$token=NULL, $id=NULL) { if($username!=NULL) { $column = "user_name"; $data = $username; } elseif($token!=NULL) { $column = "activation_token"; $data = $token; } elseif($id!=NULL) { $column = "id"; $data = $id; } global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, user_name, password, email, activation_token, last_activation_request, lost_password_request, active, title, sign_up_stamp, last_sign_in_stamp FROM ".$db_table_prefix."users WHERE $column = ? LIMIT 1"); $stmt->bind_param("s", $data); $stmt->execute(); $stmt->bind_result($id, $user, $password, $email, $token, $activationRequest, $passwordRequest, $active, $title, $signUp, $signIn); while ($stmt->fetch()){ $row = array('id' => $id, 'user_name' => $user, 'password' => $password, 'email' => $email, 'activation_token' => $token, 'last_activation_request' => $activationRequest, 'lost_password_request' => $passwordRequest, 'active' => $active, 'title' => $title, 'sign_up_stamp' => $signUp, 'last_sign_in_stamp' => $signIn); } $stmt->close(); return ($row); } //Toggle if lost password request flag on or off function flagLostPasswordRequest($username,$value) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET lost_password_request = ? WHERE user_name = ? LIMIT 1 "); $stmt->bind_param("ss", $value, $username); $result = $stmt->execute(); $stmt->close(); return $result; } //Check if a user is logged in function isUserLoggedIn() { global $loggedInUser,$mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, password FROM ".$db_table_prefix."users WHERE id = ? AND password = ? AND active = 1 LIMIT 1"); $stmt->bind_param("is", $loggedInUser->user_id, $loggedInUser->hash_pw); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if($loggedInUser == NULL) { return false; } else { if ($num_returns > 0) { return true; } else { destroySession("userCakeUser"); return false; } } } //Change a user from inactive to active function setUserActive($token) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET active = 1 WHERE activation_token = ? LIMIT 1"); $stmt->bind_param("s", $token); $result = $stmt->execute(); $stmt->close(); return $result; } //Update a user's email function updateEmail($id, $email) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET email = ? WHERE id = ?"); $stmt->bind_param("si", $email, $id); $result = $stmt->execute(); $stmt->close(); return $result; } //Input new activation token, and update the time of the most recent activation request function updateLastActivationRequest($new_activation_token,$username,$email) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET activation_token = ?, last_activation_request = ? WHERE email = ? AND user_name = ?"); $stmt->bind_param("ssss", $new_activation_token, time(), $email, $username); $result = $stmt->execute(); $stmt->close(); return $result; } //Generate a random password, and new token function updatePasswordFromToken($pass,$token) { global $mysqli,$db_table_prefix; $new_activation_token = generateActivationToken(); $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET password = ?, activation_token = ? WHERE activation_token = ?"); $stmt->bind_param("sss", $pass, $new_activation_token, $token); $result = $stmt->execute(); $stmt->close(); return $result; } //Update a user's title function updateTitle($id, $title) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users SET title = ? WHERE id = ?"); $stmt->bind_param("si", $title, $id); $result = $stmt->execute(); $stmt->close(); return $result; } //Check if a user ID exists in the DB function userIdExists($id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Checks if a username exists in the DB function usernameExists($username) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE user_name = ? LIMIT 1"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Check if activation token exists in DB function validateActivationToken($token,$lostpass=NULL) { global $mysqli,$db_table_prefix; if($lostpass == NULL) { $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE active = 0 AND activation_token = ? LIMIT 1"); } else { $stmt = $mysqli->prepare("SELECT active FROM ".$db_table_prefix."users WHERE active = 1 AND activation_token = ? AND lost_password_request = 1 LIMIT 1"); } $stmt->bind_param("s", $token); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Functions that interact mainly with .permissions table //------------------------------------------------------------------------------ //Create a permission level in DB function createPermission($permission) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."permissions ( name ) VALUES ( ? )"); $stmt->bind_param("s", $permission); $result = $stmt->execute(); $stmt->close(); return $result; } //Delete a permission level from the DB function deletePermission($permission) { global $mysqli,$db_table_prefix,$errors; $i = 0; $stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permissions WHERE id = ?"); $stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches WHERE permission_id = ?"); $stmt3 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches WHERE permission_id = ?"); foreach($permission as $id){ if ($id == 1){ $errors[] = lang("CANNOT_DELETE_NEWUSERS"); } elseif ($id == 2){ $errors[] = lang("CANNOT_DELETE_ADMIN"); } else{ $stmt->bind_param("i", $id); $stmt->execute(); $stmt2->bind_param("i", $id); $stmt2->execute(); $stmt3->bind_param("i", $id); $stmt3->execute(); $i++; } } $stmt->close(); $stmt2->close(); $stmt3->close(); return $i; } //Retrieve information for all permission levels function fetchAllPermissions() { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, name FROM ".$db_table_prefix."permissions"); $stmt->execute(); $stmt->bind_result($id, $name); while ($stmt->fetch()){ $row[] = array('id' => $id, 'name' => $name); } $stmt->close(); return ($row); } //Retrieve information for a single permission level function fetchPermissionDetails($id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, name FROM ".$db_table_prefix."permissions WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($id, $name); while ($stmt->fetch()){ $row = array('id' => $id, 'name' => $name); } $stmt->close(); return ($row); } //Check if a permission level ID exists in the DB function permissionIdExists($id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id FROM ".$db_table_prefix."permissions WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Check if a permission level name exists in the DB function permissionNameExists($permission) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id FROM ".$db_table_prefix."permissions WHERE name = ? LIMIT 1"); $stmt->bind_param("s", $permission); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Change a permission level's name function updatePermissionName($id, $name) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."permissions SET name = ? WHERE id = ? LIMIT 1"); $stmt->bind_param("si", $name, $id); $result = $stmt->execute(); $stmt->close(); return $result; } //Functions that interact mainly with .user_permission_matches table //------------------------------------------------------------------------------ //Match permission level(s) with user(s) function addPermission($permission, $user) { global $mysqli,$db_table_prefix; $i = 0; $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches ( permission_id, user_id ) VALUES ( ?, ? )"); if (is_array($permission)){ foreach($permission as $id){ $stmt->bind_param("ii", $id, $user); $stmt->execute(); $i++; } } elseif (is_array($user)){ foreach($user as $id){ $stmt->bind_param("ii", $permission, $id); $stmt->execute(); $i++; } } else { $stmt->bind_param("ii", $permission, $user); $stmt->execute(); $i++; } $stmt->close(); return $i; } //Retrieve information for all user/permission level matches function fetchAllMatches() { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, user_id, permission_id FROM ".$db_table_prefix."user_permission_matches"); $stmt->execute(); $stmt->bind_result($id, $user, $permission); while ($stmt->fetch()){ $row[] = array('id' => $id, 'user_id' => $user, 'permission_id' => $permission); } $stmt->close(); return ($row); } //Retrieve list of permission levels a user has function fetchUserPermissions($user_id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, permission_id FROM ".$db_table_prefix."user_permission_matches WHERE user_id = ? "); $stmt->bind_param("i", $user_id); $stmt->execute(); $stmt->bind_result($id, $permission); while ($stmt->fetch()){ $row[$permission] = array('id' => $id, 'permission_id' => $permission); } $stmt->close(); if (isset($row)){ return ($row); } } //Retrieve list of users who have a permission level function fetchPermissionUsers($permission_id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, user_id FROM ".$db_table_prefix."user_permission_matches WHERE permission_id = ? "); $stmt->bind_param("i", $permission_id); $stmt->execute(); $stmt->bind_result($id, $user); while ($stmt->fetch()){ $row[$user] = array('id' => $id, 'user_id' => $user); } $stmt->close(); if (isset($row)){ return ($row); } } //Unmatch permission level(s) from user(s) function removePermission($permission, $user) { global $mysqli,$db_table_prefix; $i = 0; $stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."user_permission_matches WHERE permission_id = ? AND user_id =?"); if (is_array($permission)){ foreach($permission as $id){ $stmt->bind_param("ii", $id, $user); $stmt->execute(); $i++; } } elseif (is_array($user)){ foreach($user as $id){ $stmt->bind_param("ii", $permission, $id); $stmt->execute(); $i++; } } else { $stmt->bind_param("ii", $permission, $user); $stmt->execute(); $i++; } $stmt->close(); return $i; } //Functions that interact mainly with .configuration table //------------------------------------------------------------------------------ //Update configuration table function updateConfig($id, $value) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."configuration SET value = ? WHERE id = ?"); foreach ($id as $cfg){ $stmt->bind_param("si", $value[$cfg], $cfg); $stmt->execute(); } $stmt->close(); } //Functions that interact mainly with .pages table //------------------------------------------------------------------------------ //Add a page to the DB function createPages($pages) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."pages ( page ) VALUES ( ? )"); foreach($pages as $page){ $stmt->bind_param("s", $page); $stmt->execute(); } $stmt->close(); } //Delete a page from the DB function deletePages($pages) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."pages WHERE id = ?"); $stmt2 = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches WHERE page_id = ?"); foreach($pages as $id){ $stmt->bind_param("i", $id); $stmt->execute(); $stmt2->bind_param("i", $id); $stmt2->execute(); } $stmt->close(); $stmt2->close(); } //Fetch information on all pages function fetchAllPages() { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, page, private FROM ".$db_table_prefix."pages"); $stmt->execute(); $stmt->bind_result($id, $page, $private); while ($stmt->fetch()){ $row[$page] = array('id' => $id, 'page' => $page, 'private' => $private); } $stmt->close(); if (isset($row)){ return ($row); } } //Fetch information for a specific page function fetchPageDetails($id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, page, private FROM ".$db_table_prefix."pages WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($id, $page, $private); while ($stmt->fetch()){ $row = array('id' => $id, 'page' => $page, 'private' => $private); } $stmt->close(); return ($row); } //Check if a page ID exists function pageIdExists($id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT private FROM ".$db_table_prefix."pages WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $id); $stmt->execute(); $stmt->store_result(); $num_returns = $stmt->num_rows; $stmt->close(); if ($num_returns > 0) { return true; } else { return false; } } //Toggle private/public setting of a page function updatePrivate($id, $private) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."pages SET private = ? WHERE id = ?"); $stmt->bind_param("ii", $private, $id); $result = $stmt->execute(); $stmt->close(); return $result; } //Functions that interact mainly with .permission_page_matches table //------------------------------------------------------------------------------ //Match permission level(s) with page(s) function addPage($page, $permission) { global $mysqli,$db_table_prefix; $i = 0; $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."permission_page_matches ( permission_id, page_id ) VALUES ( ?, ? )"); if (is_array($permission)){ foreach($permission as $id){ $stmt->bind_param("ii", $id, $page); $stmt->execute(); $i++; } } elseif (is_array($page)){ foreach($page as $id){ $stmt->bind_param("ii", $permission, $id); $stmt->execute(); $i++; } } else { $stmt->bind_param("ii", $permission, $page); $stmt->execute(); $i++; } $stmt->close(); return $i; } //Retrieve list of permission levels that can access a page function fetchPagePermissions($page_id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, permission_id FROM ".$db_table_prefix."permission_page_matches WHERE page_id = ? "); $stmt->bind_param("i", $page_id); $stmt->execute(); $stmt->bind_result($id, $permission); while ($stmt->fetch()){ $row[$permission] = array('id' => $id, 'permission_id' => $permission); } $stmt->close(); if (isset($row)){ return ($row); } } //Retrieve list of pages that a permission level can access function fetchPermissionPages($permission_id) { global $mysqli,$db_table_prefix; $stmt = $mysqli->prepare("SELECT id, page_id FROM ".$db_table_prefix."permission_page_matches WHERE permission_id = ? "); $stmt->bind_param("i", $permission_id); $stmt->execute(); $stmt->bind_result($id, $page); while ($stmt->fetch()){ $row[$page] = array('id' => $id, 'permission_id' => $page); } $stmt->close(); if (isset($row)){ return ($row); } } //Unmatched permission and page function removePage($page, $permission) { global $mysqli,$db_table_prefix; $i = 0; $stmt = $mysqli->prepare("DELETE FROM ".$db_table_prefix."permission_page_matches WHERE page_id = ? AND permission_id =?"); if (is_array($page)){ foreach($page as $id){ $stmt->bind_param("ii", $id, $permission); $stmt->execute(); $i++; } } elseif (is_array($permission)){ foreach($permission as $id){ $stmt->bind_param("ii", $page, $id); $stmt->execute(); $i++; } } else { $stmt->bind_param("ii", $permission, $user); $stmt->execute(); $i++; } $stmt->close(); return $i; } //Check if a user has access to a page function securePage($uri){ //Separate document name from uri $tokens = explode('/', $uri); $page = $tokens[sizeof($tokens)-1]; global $mysqli,$db_table_prefix,$loggedInUser; //retrieve page details $stmt = $mysqli->prepare("SELECT id, page, private FROM ".$db_table_prefix."pages WHERE page = ? LIMIT 1"); $stmt->bind_param("s", $page); $stmt->execute(); $stmt->bind_result($id, $page, $private); while ($stmt->fetch()){ $pageDetails = array('id' => $id, 'page' => $page, 'private' => $private); } $stmt->close(); //If page does not exist in DB, allow access if (empty($pageDetails)){ return true; } //If page is public, allow access elseif ($pageDetails['private'] == 0) { return true; } //If user is not logged in, deny access elseif(!isUserLoggedIn()) { header("Location: login.php"); return false; } else { //Retrieve list of permission levels with access to page $stmt = $mysqli->prepare("SELECT permission_id FROM ".$db_table_prefix."permission_page_matches WHERE page_id = ? "); $stmt->bind_param("i", $pageDetails['id']); $stmt->execute(); $stmt->bind_result($permission); while ($stmt->fetch()){ $pagePermissions[] = $permission; } $stmt->close(); //Check if user's permission levels allow access to page if ($loggedInUser->checkPermission($pagePermissions)){ return true; } //Grant access if master user elseif ($loggedInUser->user_id == $master_account){ return true; } else { header("Location: account.php"); return false; } } } ?> If you want the db connect files just ask.

Yeah it is and all the connects work. I really am stuck with this one.

I get this error when I run my login system. Call to a member function bind_param() on a non-object in /models/class.newuser.php on line 131 This is the modified code (Line 131 is on the top line): $stmt->bind_param("ssssi", $this->username, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active); $stmt->execute(); $inserted_id = $mysqli->insert_id;$stmt->close(); //Insert default permission into matches table $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches ( user_id, permission_id ) VALUES ( ?, '1' )") ; $stmt->bind_param("s", $inserted_id); $stmt->execute(); $stmt->close(); This is the whole code... <?php /* . . */ class User { public $user_active = 0; private $clean_email; public $status = false; private $clean_password; private $username; public $sql_failure = false; public $mail_failure = false; public $email_taken = false; public $username_taken = false; public $activation_token = 0; public $success = NULL; function __construct($user,$pass,$email) { //Sanitize $this->clean_email = sanitize($email); $this->clean_password = trim($pass); $this->username = sanitize($user); if(usernameExists($this->username)) { $this->username_taken = true; } else if(emailExists($this->clean_email)) { $this->email_taken = true; } else { //No problems have been found. $this->status = true; } } public function userCakeAddUser() { global $mysqli,$emailActivation,$websiteUrl,$db_table_prefix; //Prevent this function being called if there were construction errors if($this->status) { //Construct a secure hash for the plain text password $secure_pass = generateHash($this->clean_password); //Construct a unique activation token $this->activation_token = generateActivationToken(); //Do we need to send out an activation email? if($emailActivation == "true") { //User must activate their account first $this->user_active = 0; $mail = new userCakeMail(); //Build the activation message $activation_message = lang("ACCOUNT_ACTIVATION_MESSAGE",array($websiteUrl,$this->activation_token)); //Define more if you want to build larger structures $hooks = array( "searchStrs" => array("#ACTIVATION-MESSAGE","#ACTIVATION-KEY","#USERNAME#"), "subjectStrs" => array($activation_message,$this->activation_token,$this->username) ); /* Build the template - Optional, you can just use the sendMail function Instead to pass a message. */ if(!$mail->newTemplateMsg("new-registration.txt",$hooks)) { $this->mail_failure = true; } else { //Send the mail. Specify users email here and subject. //SendMail can have a third parementer for message if you do not wish to build a template. if(!$mail->sendMail($this->clean_email,"New User")) { $this->mail_failure = true; } } $this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2"); } else { //Instant account activation $this->user_active = 1; $this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1"); } if(!$this->mail_failure) { //Insert the user into the database providing no errors have been found. $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."users ( user_name, password, email, activation_token, last_activation_request, lost_password_request, active, title, sign_up_stamp, last_sign_in_stamp ) VALUES ( ?, ?, ?, ?, ?, '".time()."', '0', ?, 'New Member', '".time()."', '0' )"); $stmt->bind_param("ssssi", $this->username, $secure_pass, $this->clean_email, $this->activation_token, $this->user_active); $stmt->execute(); $inserted_id = $mysqli->insert_id; $stmt->close(); //Insert default permission into matches table $stmt = $mysqli->prepare("INSERT INTO ".$db_table_prefix."user_permission_matches ( user_id, permission_id ) VALUES ( ?, '1' )") ; $stmt->bind_param("s", $inserted_id); $stmt->execute(); $stmt->close(); } } } } ?>