Jump to content

localhost

Members
 View Profile  See their activity

  • Posts

    152

  • Joined

  • Last visited

    Never

 Content Type 

Posts posted by localhost

    privileges

    in PHP Coding Help

    Posted

    I need to know the script that I can have that does this:

    - Checks the username
    - Then checks their privilege.

    The above 2 I need help with, the query's to check their username and what their privilege is.

    - Then I need to know how to use it in an if statement like some said,

    if($priv==10) {
    // do this
    } else {
    // do this
    }

    This way, I can start protecting the admin panel, and the news submission, etc.

    privileges

    in PHP Coding Help

    Posted

    the script to actually fetch from the database the user thats trying to do admin stuff has a privilege of 10

    i want a file called check.php

    and basically i want it to be run before doing any admin tasks

    and i want it to check the user thats logged in, and their privilege wether its 1 or 10 and if its 10 to do certain things

    privileges

    in PHP Coding Help

    Posted

    alright so whenever any user signs up to my site their priv table is set to "1"

    i want this to be completely backended, i just want a script that will check for priv..and then an if statement like

    if priv==1
    whatever
    }

    if priv==10
    echo " admin panel link";
    include('admin/');
    }

    you guys get it right?

    news system...

    in PHP Coding Help

    Posted

    [code]<?php

    /*
    submit news script made by dann for access
    from the admin panel
    admin/
    */

    include('../includes/connect.php');

    session_start();

    $user = $_SESSION['user'];

    if($user) {

    if(isset($_POST['submit'])) {

    $username = $_POST['username'];
    $title = $_POST['title'];
    $description = $_POST['description'];
    $ip = $_POST['ip'];
    $date = $_POST['date'];

    if($title==NULL || $description==NULL || $username==NULL || $ip==NULL || $date==NULL) {
    echo "All fields must be filled in.";
    } else {
    $query = "INSERT INTO news (`username`, `title`, `description`, `ip`, `date`) VALUES ('$username', '$title', '$description', '$ip', '$date')";
    $result = mysql_query($query) or die('Could not insert news into system contact Copernicus');

    } // for submit button if
    } // for if is NULL
    } else { // for the logged in if statement
    echo "you must be logged in.";
    }

    ?>
    <style type="text/css">
    <!--
    .style1 {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: x-small;
    }
    -->
    </style>
    <title>Submit News</title>
    <p><input type="hidden" name="username" value=" <?php $_SESSION['user']; ?> " />
      <Br>
      <span class="style1">Title:<Br>
      <input type="text" name="title" />
        
      <BR>
      Description:
      <Br>
      <input name="description" type="text" value="" height="50">
      <BR>
      <input type="submit" name="submit" value="Submit">
      <input type="hidden" name="ip" value=" <?php echo $_SERVER['REMOTE_ADDR']; ?> ">
      <input type="hidden" name="date" value=" <?php echo date('m/d/Y'); ?> ">
      </span></p>
      [/code]

    this doesnt submit it to the database, any idea why???

    Registration not writing to database

    in PHP Coding Help

    Posted

    So...

    // Check to see if required fields are filled
    if($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {
    echo "All fields with a * are required.";
    } else {
    // Query to insert the form values into our database table designated 'users'
    $query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";
    $result = mysql_query($query) or die('Could not insert user details into database.');
    }

    Would that help it?

    Registration not writing to database

    in PHP Coding Help

    Posted

    This is coded from my head so I am not sure why it isn't working...The form shows and it submits and refreshs the form, but it doesn't write to the database! :( Here is the code:

    [code]
    <?php

    ######################################################################
    # Created by: Dann(localhost) for Twilight Programmers                 #
    # Created on: May 31, 2006                                             #
    # File: Register.php                                                 #
    # Use: To register new users and their information into the database #
    ######################################################################

    // Connect to database
    include('connect.php');

    // If the submit button if pushed we do the following...
    if(isset($_POST['submit'])) {

    // Set POST form variables

    $username = $_POST['username'];
    $email = $_POST['email'];
    $password = $_POST['password'];
    $cpassword = $_POST['cpassword'];
    $website = $_POST['website'];
    $location = $_POST['location'];
    $aim = $_POST['aim'];
    $msn = $_POST['msn'];
    $yim = $_POST['yim'];
    // Hidden POST form variables
    $regdate = $_POST['regdate'];
    $regip = $_POST['regip'];
    $priv = $_POST['priv'];

    // To track IP
    $ip = $_SERVER['REMOTE_ADDR'];

    // Uses base64 so we can decode it when sending a lost password
    $enc_password = base64_encode($password);

    // Query to check if a username or email is already taken
    $sql = "SELECT COUNT(*) AS count FROM users WHERE username = '" . mysql_real_escape_string($_POST['username']) . "' OR email = '" . mysql_real_escape_string($_POST['email']) . "'";

    $sql_result = mysql_query($sql);
    $row = mysql_fetch_array($sql_result);

    if ($row['count'] > 0) {
      echo "Username or e-mail already taken.";
    } else {

    // Check to see if both passwords are the same
    if($password!=$cpassword) {
    echo "Passwords do not match.";
    }


    // Check to see if required fields are filled
    if($username==NULL || $email==NULL || $password==NULL || $cpassword==NULL) {
    echo "All fields with a * are required.";

    // Query to insert the form values into our database table designated 'users'
    $query = "INSERT INTO users (`username`, `email`, `password`, `website`, `location`, `aim`, `msn`, `yim`, `regdate`, `regip`, `priv`) VALUES ('$username', '$email', '$enc_password', '$website', '$location', '$aim', '$msn', '$yim', '$regdate', '$regip', '$priv')";
    $result = mysql_query($query) or die('Could not insert user details into database.');

    }
    }
    }

    print "<title>Register</title>
    <style type=\"text/css\">
    <!--
    .style1 {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: x-small;
    }
    -->
    </style>";

    // Form for registration
    echo "<form action=\"\" method=\"POST\">
    <p>
      <input type=\"hidden\" name=\"regdate\" value=\" <?php echo date('m/d/y'); ?> \">
      <input type=\"hidden\" name=\"regip\" value=$ip>
      <input type=\"hidden\" name=\"priv\" value=\"1\">
    </p>
    <p class=\"style1\">* Indicates a field is required</p>
    <p><span class=\"style1\">
      *Username:
      <input type=\"text\" name=\"username\">
      <Br>
      *eMail:
      <input type=\"text\" name=\"email\">
      <Br>
      *Password:
      <input type=\"password\" name=\"password\">
      <BR>
      *Confirm Password:
      <input type=\"password\" name=\"cpassword\">
      <Br>
      Location:
      <input type=\"text\" name=\"location\">
      <Br>
      Website:
      <input type=\"text\" name=\"website\">
      <Br>
      AIM:
      <input type=\"text\" name=\"aim\">
      <BR>
      MSN:
      <input type=\"text\" name=\"msn\">
      <Br>
      YIM:</span>
      <input type=\"text\" name=\"yim\">
      <Br>
      <input type=\"submit\" name=\"submit\" value=\"Register\">
      </form>";
      
    ?>

    [/code]

    Simple PHP Task - Help

    in PHP Coding Help

    Posted

    Well yeah, start with registration, then use sessions to log them in. A news system isn't that hard, securing it against sql injection could be although considering only basketball team members will have access I wouldn't worry about that.

    Login script...

    in PHP Coding Help

    Posted

    Here's my current code:

    [code]
    <?php
    session_start();
    ob_start();
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>Login - Pranksters</title>
    <style type="text/css">
    <!--
    .text {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: x-small;
        color: #666666;
    }
    #form1 #username {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: 10px;
        color: #666666;
    }
    body,td,th {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: 12px;
    }
    -->
    </style>
    </head>

    <body>
    <form id="form1" name="form1" method="post" action="">
      <table width="59%" border="0" cellspacing="3">
        <tr>
          <td>Username:
            <br />
            <input name="username" type="text" id="username" /></td>
        </tr>

        <tr>
          <td>Password:      
            <br />
            <input name="password" type="password" id="username" />
          <br />
          <span class="text">
          <input name="remember" type="checkbox" id="remember" value="yes" />
    Keep me logged in on this computer </span>      <br /></td>
        </tr>
        <tr>
          <td><input name="Login" type="submit" id="username" value="Submit" /></td>
        </tr>
        <tr>
          <td><?php
        
        //Include Connection File
        include('inc/connect.php');
        
        //If login is pressed
        if(isset($_POST['Login']))
        {
            // Get the user info
            $username = strip_tags($_POST['username']);
            $password = strip_tags($_POST['pass']);
            $user = addslashes($username);
            $pass = addslashes($password);
            $md5pass = md5($pass);
            
            // Get the date
            $date = date("d/m/y");
            
            // See if they are in the databse
            $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `pass` = '$md5pass' LIMIT 1") or die(mysql_error());
            
            if(mysql_num_rows($query) >= "1")
            {
                
                        // Cookie is equal to 10 years
                        setcookie("loggedin", "$username", time()+60*60*24*365*10, "/", "thecodingplace.com", 0);
                
                header("Location: index.php");
            }
            else
            {
                echo 'Not logged in';
            }
        }  
    ?></td>
        </tr>
      </table>
    </form>
    </body>
    </html>


    [/code]

    problem is, it sets the cookie but says not logged in, and it doesnt redirect...help?

    Login script...

    in PHP Coding Help

    Posted

    Anybody?

    EDIT - I've added the form on the bottom, code here:

    [code]
    <style type="text/css">
    <!--
    .style3 {
        font-family: Verdana, Arial, Helvetica, sans-serif;
        font-size: x-small;
    }
    -->
    </style>

    <span class="style3">Username:
    <input type="text" name="uname">
    <br>
    Password:
    <input type="password" name="pass">
    <br>
    <input type="submit" name="submit" value="Login">
    </span>
    [/code]

    Login script...

    in PHP Coding Help

    Posted

    What are the advantages and disadvantages between sessions and cookies?

    I'm still new to PHP...so by looking up some cookie stuff I was able to code this...but I know it won't work I just need to know what I have to do to make it work...

    [code]

    <?php

    include('inc/connect.php');

    $uname = $_POST['uname'];
    $pass = $_POST['pass'];

    $chkpass = md5($pass);

    $query = "SELECT * FROM users WHERE username==$uname"
    $result = mysql_query($query) or die('Failed to connect to user database');

    $value = '$_COOKIE["Pranksters"]';

    setcookie("Pranksters", $value);


    ?>

    [/code]

    Login script...

    in PHP Coding Help

    Posted

    I need a login script, I finally got my registration working..it uses md5 encryption. So I'll need a user and pass field and it has to change to md5 before it goes through to the database. I need it to use cookies and I would prefer only 1 cookie be set upon login. I have absolutely no idea how to go upon this...

    table name - users
    connect - inc/connect.php
    row - username
    row - pass

    If someone could just give me the basic maybe I could try and get it working and post back for help.

    Thanks!

    Registration not working?

    in PHP Coding Help

    Posted

    Took a small part this time:

    [code]
    if($pass!=$cpass || $username==$invalid || $email==$invalid || $pass==$invalid || $cpass==$invalid) {
    echo "<font color=red>ERROR: Make sure all fields marked with a * are filled, and that your username and password match.</font><BR>";
    } else {
    $query = "INSERT INTO users (`username`, `email`, `pass`, `aim`, `msn`, `yim`, `priv`, `regip`, `regdate`)
    VALUES ('$username', '$email', '$sec_pass', '$aim', '$msn', '$yim', '$priv', '$regip', '$regdate')";
    $result = @mysql_query($query)
            or die("There was a problem with this query: ".mysql_error());
    }

    $query2 = "SELECT * FROM `users`";
    $result2 = mysql_query($query2) or die('Username query could not be executed');
    while($row = mysql_fetch_array(result2)){
    if($username == $row['username']){
    echo "Username already taken.";
    }


    header("Location: http://www.google.com");
    ?>
    [/code]

    And you can see the error here:
    [a href=\"http://www.thecodingplace.com/dl/usersystem/register.php\" target=\"_blank\"]http://www.thecodingplace.com/dl/usersystem/register.php[/a]

    Line 68 is just </p>

    Anyway about the book, I might buy one soon...I just need to get some cash.

    Registration not working?

    in PHP Coding Help

    Posted

    Kind of like this?

    [code]

    <?php

    include('inc/connect.php');


    $username = $_POST['username'];
    $email = $_POST['email'];
    $pass = $_POST['pass'];
    $cpass = $_POST['cpass'];
    $aim = $_POST['aim'];
    $msn = $_POST['msn'];
    $yim = $_POST['yim'];
    $priv = $_POST['priv'];
    $regip = $_POST['regip'];
    $regdate = $_POST['regdate'];

    $invalid = "";

    $sec_pass = sha1('$pass');

    if($pass!=$cpass || $username==$invalid || $email==$invalid || $pass==$invalid || $cpass==$invalid) {
    echo "<font color=red>ERROR: Make sure all fields marked with a * are filled, and that your username and password match.</font><BR>";
    } else {
    $query = "INSERT INTO users (`username`, `email`, `pass`, `aim`, `msn`, `yim`, `priv`, `regip`, `regdate`)
    VALUES ('$username', '$email', '$sec_pass', '$aim', '$msn', '$yim', '$priv', '$regip', '$regdate')";
    $result = @mysql_query($query)
            or die("There was a problem with this query: ".mysql_error());
    }

    $uquery = while($row = mysql_fetch_array(result2)){
    if($username == $row['username']){
    echo "Username already taken.";
    }
    $result = mysql_query($uquery) or die('Username query could not be executed');

    header("Location: http://www.google.com");
    ?>

    <form action="" method="POST"> * Indicates a required field
    <p>
      <input type="hidden" name="priv" value="1" />
      <input type="hidden" name="regip" value=" <?php echo $_SERVER['REMOTE_ADDR']; ?> " />
      <input type="hidden" name="regdate" value=" <?php echo date('m/d/y'); ?> " />
      *Username:
      <input type="text" name="username" value="" />
      <BR>
      *eMail:
      <input type="text" name="email" value="">
      <Br>
      *Password:
      <input type="password" name="pass" value="">
      <Br>
      *Confirm Password:
      <input type="password" name="cpass" value="">
      <Br>
      AIM:
      <input type="text" name="aim" value="">
      <BR>
      MSN:
      <input type="text" name="msn" value="">
      <br>
      YIM:
      <input type="text" name="yim" value="">
      <Br>
      <input type="submit" name="submit" value="Register">
    </p>

    [/code]

    That gives me this error:
    Parse error: parse error, unexpected T_WHILE in /home/tcp/public_html/dl/usersystem/register.php on line 30

    P.S. - sorry for asking for so much help, I just really want to get some php experience.

    Registration not working?

    in PHP Coding Help

    Posted

    Works perfectly and writes to the database! Thanks alot, I didn't even notice there wasn't a comma in between email and pass. I have even got sha1 working.

    Is there a way to make it so when they hit register, it takes them to a different page?

    And how would I do a statement like if username exists state an error message saying this user already exists.

    This is my current code:

    [code]
    <?php

    include('inc/connect.php');


    $username = $_POST['username'];
    $email = $_POST['email'];
    $pass = $_POST['pass'];
    $cpass = $_POST['cpass'];
    $aim = $_POST['aim'];
    $msn = $_POST['msn'];
    $yim = $_POST['yim'];
    $priv = $_POST['priv'];
    $regip = $_POST['regip'];
    $regdate = $_POST['regdate'];

    $sec_pass = sha1('$pass');

    if($pass!=$cpass) {
    echo "Passwords must match.";
    } else {
    $query = "INSERT INTO users (`username`, `email`, `pass`, `aim`, `msn`, `yim`, `priv`, `regip`, `regdate`)
    VALUES ('$username', '$email', '$sec_pass', '$aim', '$msn', '$yim', '$priv', '$regip', '$regdate')";
    $result = @mysql_query($query)
            or die("There was a problem with this query: ".mysql_error());
    }


    ?>

    <form action="" method="POST"> * Indicates a required field
    <p>
      <input type="hidden" name="priv" value="1" />
      <input type="hidden" name="regip" value=" <?php echo $_SERVER['REMOTE_ADDR']; ?> " />
      <input type="hidden" name="regdate" value=" <?php echo date('m/d/y'); ?> " />
      *Username:
      <input type="text" name="username" value="" />
      <BR>
      *eMail:
      <input type="text" name="email" value="">
      <Br>
      *Password:
      <input type="password" name="pass" value="">
      <Br>
      *Confirm Password:
      <input type="password" name="cpass" value="">
      <Br>
      AIM:
      <input type="text" name="aim" value="">
      <BR>
      MSN:
      <input type="text" name="msn" value="">
      <br>
      YIM:
      <input type="text" name="yim" value="">
      <Br>
      <input type="submit" name="submit" value="Register">
    </p>
    [/code]

    Registration not working?

    in PHP Coding Help

    Posted

    With this one:

    $query = "INSERT INTO users (`username`, `email`, `pass`, `aim`, `msn`, `yim`, `priv`, `regip`, `regdate`)
    VALUES ('$username', '$email' '$pass', '$aim', '$msn', '$yim', '$priv', '$regip', '$regdate')";

    I still get the same error...present here:
    [a href=\"http://www.thecodingplace.com/dl/usersystem/register.php\" target=\"_blank\"]http://www.thecodingplace.com/dl/usersystem/register.php[/a]

    Registration not working?

    in PHP Coding Help

    Posted

    I did replace unique_id with just "id".
    Which is what it is called. Here is the sql query I used for the script:

    [code]

    CREATE TABLE users (  
               id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,  
               username VARCHAR(255) NOT NULL,
           email VARCHAR(255) NOT NULL,
           pass VARCHAR(32) NOT NULL,  
               aim VARCHAR(255) NOT NULL,
           msn VARCHAR(255) NOT NULL,
           yim VARCHAR(255) NOT NULL,
           priv VARCHAR(255) NOT NULL,  
               regip VARCHAR(255) NOT NULL,  
               regdate VARCHAR(255) NOT NULL
               )  
               TYPE = myisam;
    [/code]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.