Jump to content

Adthegreat

Members
  • Posts

    16
  • Joined

  • Last visited

    Never

Everything posted by Adthegreat

  1. Well i've done that and it is still a white screen. [code] <?php session_start(); include ("mysqlconnect.php"); if ($_POST[submitted] != 'TRUE')    {     header ("Location: profile.php");    } if ($_POST[password] || $_POST[password1] || $_POST[email] = "") { header ("location : profile.php"); } else{     $sql = "SELECT email AND password FROM Member WHERE username = '{$_SESSION[username]}'";     $result = mysql_query($sql);     $row = mysql_fetch_array($result,MYSQL_NUM);     if($row[0] == $_POST[email] && $row[1] == $_POST[password])         {         if( $_POST[password1] == $_POST[password2])              {              $newpass = md5($row[1]);              $sql2 = "UPDATE Member SET password = $newpass WHERE username = '{$_SESSION[username]}'";              $result2 = mysql_query($sql2);              if(mysql_affected_row() == 1)                  {                   //if it ran okay                   echo "Your password has been updated.";                  }              else                  {                   //if it did not run okay                   echo "Your password could not be updated, please contact an admin.                   }           echo "Your passwords did not match";       }     echo"Could not find the email or password in the database";    }    } ?> [/code]
  2. Hey, I'm making a page for my users to change their passwords, you fill out a form where you type in your email, old pass new password and confirm your new password. My PHP Code is [code] <?php session_start(); include ("mysqlconnect.php"); if ($_POST[submitted] != 'TRUE')    {     header ("Location: profile.php");    } if ($_POST[password] || $_POST[password1] || $_POST[email] == "")     {     $sql = "SELECT email AND password FROM Member WHERE username = '{$_SESSION[username]}'";     $result = mysql_query($sql);     $row = mysql_fetch_array($result,MYSQL_NUM);     if($row[0] == $_POST[email] && $row[1] == $_POST[password])         {         if( $_POST[password1] == $_POST[password2])              {              $newpass = md5($row[1]);              $sql2 = "UPDATE Member SET password = $newpass WHERE username = '{$_SESSION[username]}'";              $result2 = mysql_query($sql2);              if(mysql_affected_row() == 1)                  {                   //if it ran okay                   echo "Your password has been updated.";                  }              else                  {                   //if it did not run okay                   echo "Your password could not be updated, please contact an admin.";                   }           echo "Your passwords did not match";       }     echo"Could not find the email or password in the database";    }   echo"Please fill in all the fields"; } ?> [/code] And unfortunatley when i go to this page, it is just white. No error messages or anything! I have checked that all $_POST variables all going through to the page okay, so it must be something else that is making it not work. The thing that is getting me is that it isnt showing any error messages just not appearing. Thanks in Advance.
  3. You could give them a another variable, and store it in their cookies. On my site, when someone logs in they are given a random hash which is stored in their cookies, and my mysql database, and everytime they go to a new page it asks for their current hash and compares from their cookie to the database, if it is different it boots them. This means that if someone were to steal the cookies and hijack the session, the user qould just have to log back in and the cookie id would have changed and the hacker will be booted. Also you need to require the old password when changing it to a new one so that if a session is hijacked, they cant change the password.
  4. [!--quoteo(post=372438:date=May 8 2006, 11:16 PM:name=High_-_Tek)--][div class=\'quotetop\']QUOTE(High_-_Tek @ May 8 2006, 11:16 PM) [snapback]372438[/snapback][/div][div class=\'quotemain\'][!--quotec--] Short and simple [code] <?php unset($_COOKIE['activsessid']); ?> [/code] [/quote] This doesn't work, i have tried with quotes, without, and it is right after my opening <?php on logout.php. This is so frustrating, it just doesnt make sense...
  5. [!--quoteo(post=372416:date=May 8 2006, 10:24 PM:name=wildteen88)--][div class=\'quotetop\']QUOTE(wildteen88 @ May 8 2006, 10:24 PM) [snapback]372416[/snapback][/div][div class=\'quotemain\'][!--quotec--] You wont be able to delete a cookie of off a users cvomputer. However you can set the cookie with blank values apart from the name and set the expire time sometime back in the past. That should stop the browser from using the cookie again. [/quote] I appreciate the insight. edit: Problem still there! It works on my Internet Explorer but not on my friends computer and my firefox! Code is now [code] setcookie('activsessid', '', time()-360000); [/code]
  6. [!--quoteo(post=372409:date=May 8 2006, 10:09 PM:name=Prismatic)--][div class=\'quotetop\']QUOTE(Prismatic @ May 8 2006, 10:09 PM) [snapback]372409[/snapback][/div][div class=\'quotemain\'][!--quotec--] [code] setcookie(activsessid,$activsessid, time()-360000); [/code] [/quote] Didn't work! Probably because $activsessid is not defined on the page, but would register globals take it from $_COOKIE[activsessid] where it is defined?
  7. For security reason i set a cookie every time someone logs in like this [code]     setcookie(activsessid,$activsessid, time()+360000); [/code] Then on my logout button i have tried lots of differnet things but at the moment my code is [code] setcookie(activsessid); [/code] but for some reason the cookie remains, i have tried setting a time()-100 and other stuff, but it wont work. And N.B, i know the cookie is still there because it appeares when i do javascript:alert(document.cookie). Can anyone help? Thanks in Advance!
  8. [!--quoteo(post=371911:date=May 7 2006, 12:04 AM:name=twizler)--][div class=\'quotetop\']QUOTE(twizler @ May 7 2006, 12:04 AM) [snapback]371911[/snapback][/div][div class=\'quotemain\'][!--quotec--] Instead of: mysql_fetch_array($result,MYSQL_NUM); Try: mysql_fetch_num($result); [/quote] Fatal error: Call to undefined function: mysql_fetch_num() I appreciate the fast replies. This is my exact code now.. [code] $sql = "SELECT '.$choiceofpractice.' FROM Member WHERE username = '$_SESSION[username]'"; $result = mysql_query($sql); $row  = mysql_fetch_num($result); echo "$row[0]"; [/code]
  9. [!--quoteo(post=371903:date=May 6 2006, 11:39 PM:name=twizler)--][div class=\'quotetop\']QUOTE(twizler @ May 6 2006, 11:39 PM) [snapback]371903[/snapback][/div][div class=\'quotemain\'][!--quotec--] $query variable is your sql statement. $result = mysql_query($query); $arrayname = mysql_fetch_assoc($result) To pull from an array do: $arrayname['rowtitle']; There are three different types to "fetch" from your query. Assoc: Returns an associative array Num: Return enumerated array Both: Return Both [/quote] So why, when i put say [code] mysql_fetch_array($result,MYSQL_NUM); echo "$row[0]"; [/code] does it say 1?! And i cant do an associative array because i do not know what the rowtitle is because it is dynamic.
  10. [!--quoteo(post=371899:date=May 6 2006, 11:26 PM:name=twizler)--][div class=\'quotetop\']QUOTE(twizler @ May 6 2006, 11:26 PM) [snapback]371899[/snapback][/div][div class=\'quotemain\'][!--quotec--] User a variable in your sql statement: $sql = "SELECT ".$choice." FROM Member WHERE username = '$_SESSION[username]'"; make $choice = the users choice. [/quote] Yeh mate, i am doing that, thats the problem, how do i get it into an array by that. Is it [code] extract($row); echo "$$choice"; [/code] because that does not seem to work, but that is the syntax that i am familiar with.
  11. [!--quoteo(post=371878:date=May 6 2006, 10:23 PM:name=AndyB)--][div class=\'quotetop\']QUOTE(AndyB @ May 6 2006, 10:23 PM) [snapback]371878[/snapback][/div][div class=\'quotemain\'][!--quotec--] [code]$sql = "SELECT choice FROM Member WHERE username = '$_SESSION[username]'"; [/code] [/quote] 'choice' must be dynamic. I didn't mention that choice is determined by a $_POST variable and then changed to $choice later. Basically what the code does is takes the users choice, and then looks up information regarding their choice, to do other non-important things with. Because there are mutliple choices i must search by $choice.
  12. Hey, I'm searching my database like this [code] $sql = "SELECT $choice FROM Member WHERE username = '$_SESSION[username]'"; $result = mysql_query($sql); [/code] Which will not work, it should find a percentage, but it always comes back with 1?! I'm sure the problem is that i am searching primarily by $choice which is obviously a variable. Because when i search manually by editing the code from $choice to one of rows i get the right answer. I'm trying loads of different ways of getting the data into an array but it always come out with the value 1. And lastly, in attempts to solve the problem, i have echo'ed $choice and it has came out how it supposed to be, so no problems there. I am trying to [code] $row  = mysql_fetch_array($result,MYSQL_ASSOC); extract($row); echo "$row[$choice]"; [/code] and all i get is 1. What am I doing wrong?!
  13. [!--quoteo(post=360508:date=Apr 1 2006, 12:29 AM:name=play_)--][div class=\'quotetop\']QUOTE(play_ @ Apr 1 2006, 12:29 AM) [snapback]360508[/snapback][/div][div class=\'quotemain\'][!--quotec--] Sometimes it ends up in the bulkmail. try checking it there. [/quote] I have checked, and its not there. Also done it to a hotmail, and a googlemail account, neither worked. Is there any way i could implement an error message so that i know whats going wrong, and if it thinks it's being sent? EDIT: I have also now made it so that once you have registered you go to a page, and i made echo $_SESSION['email'] which was defined as $email, so that means that i know its not getting the email wrong, and there must be something wrong with my script.
  14. Hello again, i just made a script that sends an email when a person first registers on my site, it's just a pleasantry little email saying hey basically. However when im trying to make it work, it won't come up with any error messages, but i never receive the mail. Could someone please take a look at this... [code]    $to = $email;        $subject = "Welcome to  ...";        $body = "Hello, and thank you for registering for my game, ...<br />, just go                back to the                          website to login and start playing!<br /> I look forward to seeing you.<br />Regards, The ..                           team";        $headers = "From: webmaster@mysite.co.uk\n";          mail($to,$subject,$body,$headers);          header("Location: home.php"); [/code] And i have set $email with the value of the person there. And the worst part is, i have made it work before! Thanks in Advance,
  15. But could this session be exited by exiting the browser, thus negating the time limit?
  16. Hey! I'm making a php/mysql based website, and an important part of said website, is the access to certain pages. I have to limit the viewing of the pages per user to every 5 minutes or so. Now, i know how to do this using cookies, however cookies can be deleted from the user's browser thus giving them access to the restricted page whenever they are willing to delete their cookies. Is there any way i could use Session's to avoid this problem. I have looked around a bit and can not find anywhere about session's expiring after certain periods of time like the: "time()+300" with cookies. and even if you can, can you just close the browser to start a new session every time they want to view the page. The only other alternate would be for me to make a "Time" table on my MYSQL database, but that would probably mean alot of comparision's and query's which could only slow the whole website down. Any thoughts on this would be greatly appreciated! Yours faithfully, Adthegreat.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.