Jump to content

oz11

Members
  • Posts

    92
  • Joined

  • Last visited

About oz11

  • Birthday 11/09/1991

Profile Information

  • Gender
    Male
  • Location
    UK
  • Age
    31

Recent Profile Visitors

1,912 profile views

oz11's Achievements

Regular Member

Regular Member (3/5)

0

Reputation

1

Community Answers

  1. How would that look like? Cant seem to get it to work.. tried this: but get "Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number " error..
  2. Hey. This is my query... SELECT *, MATCH(terms) AGAINST(?) + MATCH(title) AGAINST(?) + MATCH(url) AGAINST(?) as `rank` FROM links WHERE MATCH(terms) AGAINST(?) OR MATCH(title) AGAINST(?) OR MATCH(url) AGAINST(?) GROUP BY title ORDER BY `rank` DESC LIMIT 34 It works on its own, but i want to limit the "rank" to being a number of 5 only ... so basically i added though that didnt work...and i got this error.. How would I go about doing this? Thanks.
  3. OK. Basically, my site uses cookies, not to track just for login mainly. Do I need one of those cookie consent dialog boxes considering the circumstances?
  4. Cleaned up the errors.. and deleted the content of coloumodes.php, changed it around abit and re placed it in the page... Worked without it so just had to fix it up. Anyway, since following the error it became clear! But with the help you you guys gizmola and ginerjm. So much thanks for your advice. PS: cant believe i didn't know about error reporting, never used it before and makes me feel more secure now. Going to sleep now, at it all day and has been like 10 hours.. lucky i can go to bed with a clear mind. Again, thanks ginerjm and gizmola
  5. Whey. Seems like something is happening... Oky doky. Cookies seem to be working now.. could I ask of another question, does anyone know what this Error message could suggest: (once I've logged in and sent to the dashboard). I've cleaned a fair few today but cannot solve this alone seemingly .. _________ ginerjm.. I'm still getting this result even when cookies have indeed been set. @ ginerjmoh... And i define the cookie twice as it stops me needing to refresh the page for the cookie to be set. A hack i got from someone on SO,.
  6. Just tried with seven parameters (max all) based on the manual.. function setRememberMeToken($pdo, $user_id) { $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) setcookie("token", $token, $expirationDate, '/', 'localhost', true, true); $test = true; $to = date('Y-m-d', $expirationDate); $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); //echo "test----------------"; if (!setcookie("token", $token, $expirationDate, "/")) { echo "Could not set cookie for $token using $expirationDate - aborting"; // exit(); } else { echo "Setcookie ran ok"; } // if (isset($_COOKIE['tip3'])) // echo "<br>good cookie"; // if (isset($_COOKIE["token"])) // echo "<br>good cookie2"; } Still getting errors. As you can see I'm using your testing method.
  7. Sorry about the late reply, i have just spent ages solving the other error messages dotted all over my site and had a mental health issue before .. but feeling good and stable now. Like i suggested i added this config... and got these results which i think are relative .. Current code [remember_token.php]: <?php function setRememberMeToken($pdo, $user_id) { $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) setcookie('token', $token, $expirationDate, "/"); //$_COOKIE['token'] = $token; $test = true; $to = date('Y-m-d', $expirationDate); $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); //echo "test----------------"; if (!setcookie('token', $token, $expirationDate, "/")) { echo "Could not set cookie for $token using $expirationDate - aborting"; // exit(); } else { echo "Setcookie ran ok"; } if (isset($_COOKIE['tip3'])) echo "<br>good cookie"; if (isset($_COOKIE['token'])) echo "<br>good cookie2"; } function getRememberMeCheck($pdo) { $stmt = $pdo->prepare(" SELECT users.name, users.user_id FROM user_token, users WHERE tokenHash = ? AND expires > NOW() AND users.user_id = user_token.user_id "); $stmt->execute([sha1($_COOKIE['token'])]); $db_query = $stmt->fetch(); if (!$db_query){ return false; } $_SESSION["loggedin"] = true; $_SESSION["username"] = $db_query['name']; $_SESSION["the_usr_id"] = $db_query['user_id']; $_SESSION["userID"] = $db_query['user_id']; // ADDED DUE TO DESCRIPTION ("PROB WILL BE OK") return true; } function isRemembered() { return isset($_COOKIE['token']); } ?> Current code [login.php]: <?php $the_page = " - Login/ Register"; session_start(); include 'includes/top_bottom/header.php'; if((isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] == true) && (isset($_SESSION["username"]))) { //header('Location: dash.php'); } $base = basename(parse_url($_SERVER['HTTP_REFERER'],PHP_URL_PATH)); ?> <center> <?php include 'includes/logo.php'; ?><!--<img src="mark.png" alt="beta project" width="80px;" style="margin-left: -184px; margin-bottom: 150px;">--><br> <h2>Login/ register</h2> <?php if($_SERVER["REQUEST_METHOD"] == "POST"){ $username = trim($_POST["username"]); $password = trim($_POST["password"]); // Check if username is empty if(empty(trim($_POST["username"]))){ echo $username_err = "<span id='notification'>Please enter username.</span> "; } else{ $username = trim($_POST["username"]); } // Check if password is empty if(empty(trim($_POST["password"]))){ echo $password_err = "<span id='notification'>Please enter your password.</span> "; } else{ $password = trim($_POST["password"]); } // continue... if(empty($username_err) && empty($password_err)){ $sql = "SELECT user_id, name, password, active FROM users WHERE name = ?"; $result = $pdo->prepare($sql); $result->bindParam(1, $_POST["username"]); $result->execute(); $user = $result->fetch(); if(!password_verify($_POST['password'], $user['password'])){ echo "<span id='notification'>Invalid username/password.</span> "; } else { if($user['active'] == '1') { $_SESSION["loggedin"] = true; $_SESSION["username"] = $_POST["username"]; $_SESSION["userID"] = $user['user_id']; // cookie stuff if (isset($_POST['remember-me'])){ echo setRememberMeToken($pdo, $user['user_id']); // <----- set token echo "<--woo"; } echo "Hey ".$_SESSION["username"].". You are Logged in, redirecting in a moment or click <a href='dash.php'>here</a> to be taken to your dashboard."; //header("location:loggingin.php?id=true"); include 'includes/top_bottom/footer.php'; exit(); }else { echo "User not active."; } } } }
  8. Both set but no errors when "logging in" aka "setRememberMeToken"... [whole functions] <?php // https://forums.phpfreaks.com/topic/315262-php-cookies-and-session-data-expiring-at-different-times/ function setRememberMeToken($pdo, $user_id) { //$length wasn't a great name and is an unnecessary variable. $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) //setcookie("token", $token, $expirationDate, "/"); setcookie("token", $token, time() + (86400 * 30)); // 86400 = 1 day $_COOKIE["token"] = $token; $test = true; //$_COOKIE['remember'] is unnecessary, just get rid of it //--deleted //You calculated your expiration timestamp above already, no need to do it again. $to = date('Y-m-d', $expirationDate); //Assuming token_id is an auto increment column, you can just omit it from the insert. $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); //echo "test----------------"; if (!setcookie("token", $token, $expirationDate)) { echo "Could not set cookie for $token using $expirationDate - aborting"; exit(); } else { echo "Setcookie ran ok"; } } function getRememberMeCheck($pdo) { //I find spacing out your queries makes them easier to read and understand. $stmt = $pdo->prepare(" SELECT users.name, users.user_id FROM user_token, users WHERE tokenHash = ? AND expires > NOW() AND users.user_id = user_token.user_id "); $stmt->execute([sha1($_COOKIE["token"])]); $db_query = $stmt->fetch(); //Your token and expiration date are validated as part of the query //All you need to do is check if you got a result or not. if (!$db_query){ //If you didn't get a result, either the token is invalid or it has expired. //header("location: login.php"); return false; } //Otherwise, if you did get a result, the token is valid. $_SESSION["loggedin"] = true; $_SESSION["username"] = $db_query['name']; $_SESSION["the_usr_id"] = $db_query['user_id']; $_SESSION["userID"] = $db_query['user_id']; // ADDED DUE TO DESCRIPTION ("PROB WILL BE OK") return true; } //This method seems to just be a copy of the method above, why does it exist? //The only difference is $_SESSION["loggedin"] = true; which you could just do above. //function setSessionVarables($pdo) { //... //} //--deleted function isRemembered() { //Instead of a separate remember cookie, just check if the token cookie exists. //if ($whatever){ return true; } else { return false} can be simplified to just return $whatever return isset($_COOKIE['token']); } ?> Sorry Ginerjm, just having been doing it that long (PHP).
  9. That is the modified code . See.. if (!setcookie("token", $token, $expirationDate, "/")) { echo "Could not set cookie for $token using $expirationDate - aborting"; exit(); } it's inserted in both files. The test file #1 and also placed in the functions file (#2), for testing purposes as i thought you wanted..?
  10. <?php include '../includes/config.php'; function setRememberMeToken($pdo, $user_id) { $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) setcookie("token", $token, $expirationDate, "/"); echo $_COOKIE["token"] = $token; $test = true; $to = date('Y-m-d', $expirationDate); $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); if (!setcookie("token", $token, $expirationDate, "/")) { echo "Could not set cookie for $token using $expirationDate - aborting"; exit(); } } setRememberMeToken($pdo, 1); echo "<br>"; ?> [test file] && <?php // https://forums.phpfreaks.com/topic/315262-php-cookies-and-session-data-expiring-at-different-times/ function setRememberMeToken($pdo, $user_id) { //$length wasn't a great name and is an unnecessary variable. $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) setcookie("token", $token, $expirationDate, "/"); //$_COOKIE["token"] = $token; $test = true; //$_COOKIE['remember'] is unnecessary, just get rid of it //--deleted //You calculated your expiration timestamp above already, no need to do it again. $to = date('Y-m-d', $expirationDate); //Assuming token_id is an auto increment column, you can just omit it from the insert. $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); echo "test----------------"; if (!setcookie("token", $token, $expirationDate, "/")) { echo "Could not set cookie for $token using $expirationDate - aborting"; exit(); } } function getRememberMeCheck($pdo) { //I find spacing out your queries makes them easier to read and understand. $stmt = $pdo->prepare(" SELECT users.name, users.user_id FROM user_token, users WHERE tokenHash = ? AND expires > NOW() AND users.user_id = user_token.user_id "); $stmt->execute([sha1($_COOKIE["token"])]); $db_query = $stmt->fetch(); //Your token and expiration date are validated as part of the query //All you need to do is check if you got a result or not. if (!$db_query){ //If you didn't get a result, either the token is invalid or it has expired. //header("location: login.php"); return false; } //Otherwise, if you did get a result, the token is valid. $_SESSION["loggedin"] = true; $_SESSION["username"] = $db_query['name']; $_SESSION["the_usr_id"] = $db_query['user_id']; $_SESSION["userID"] = $db_query['user_id']; // ADDED DUE TO DESCRIPTION ("PROB WILL BE OK") return true; } //This method seems to just be a copy of the method above, why does it exist? //The only difference is $_SESSION["loggedin"] = true; which you could just do above. //function setSessionVarables($pdo) { //... //} //--deleted function isRemembered() { //Instead of a separate remember cookie, just check if the token cookie exists. //if ($whatever){ return true; } else { return false} can be simplified to just return $whatever return isset($_COOKIE['token']); } ?> [functions]
  11. It's not that. I genuinely didn't get the code. 99% of people use an "isset". Anyway, i digested the code finally and have some output which might be interesting... Basically, the login page returned this .. ( ignore some of the extra "testing" strings :p ). So this is true/unsuccessful And the test file was a white page (successful/"false")
  12. I can tell by my menu bar or extension that the cookies are set or not.. do you see any other problems other than the syntax of the cookie check??
  13. I don understand. I didn't see it being necessary. Just need a cookie holding a string (token for login), they look optional to me (bool)
  14. I'm not quite sure where you mean.. could you writeup for me?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.