Daniel0

[quote author=premiso link=topic=54859.msg1169733#msg1169733 date=1240684541] [quote author=-null- link=topic=54859.msg1169714#msg1169714 date=1240681822] I've been using Dreamweaver for editing and have recently started using Eclipse for debugging. I find Eclipse really really slow however and now it's started throwing errors everytime I do anything.  Can anyone recommend any other free editors that allow debugging control. [/quote] NetBeans, I just found out, is a really good editor that is fast (a lot faster than eclipse) and works well. I would have to recommend that one. [/quote] I've been using NetBeans for the last while. It seems very responsive and much more stable than Eclipse based IDEs. I think I'll probably make it my main editor.

Code I post here is almost never to be used verbatim as it'll quite often lack something. First of all it's because I lack contextual information to be able to write a complete script. Secondly, I don't want to create a complete script for people. To be honest, I would completely rewrite the vast majority of scripts people post on these forums. I don't do that because it's not worth my time and because it's not immediately useful for the people posting here. I added that check to illustrate that you should check the password somewhere. I could have written it all in pseudo-code, but that probably wouldn't help very much. In a real application you would probably have information about the user (thus the password) loaded anyway, so you could just use that. Either way, the initial login is not sufficient check for such actions. What if I walk up to your computer that's logged on? Am I then you, should I be able to do everything as though I was you? What if I steal your cookie? Changing a password is high-risk, filling out e.g. a comment form isn't.

Turn on error logging to a file and see if something comes up.

Well, first of all, the password shouldn't be stored in the database. Secondly, for high risk features it's a good idea to indeed check the user's credentials, and an active session shouldn't be proof of that. You probably don't need the username, but at the very least the password. If you want to see a real world application of that then try to here, change your password here, or checkout Linux' sudo or Vista's/7's UAC. Also, stop those or die(mysql_error()); things. They pose a potential security risk and just abruptly ending execution isn't a proper way of error handling. Also, why did you discard all the code you were given?

Something like this: <?php $dbhost = "localhost"; //change this to your DB host $dbuser = "User"; //change this to your DB username $dbpass = "pass"; //change this to your DB password $dbname = "logon"; //change this to your DB name for your account info mysql_connect($dbhost, $dbuser, $dbpass); mysql_select_db($dbname); if (isset($_POST['Submit'])) { $user = mysql_real_escape_string($_POST['user']); $pass = mysql_real_escape_string($_POST['pass']); $newpass = mysql_real_escape_string($_POST['newpass']); $newpass2 = mysql_real_escape_string($_POST['newpass2']); $errors = array(); if(empty($user) || empty($pass) || empty($newpass) || empty($newpass2)) { $errors[] = "Please fill in all required fields"; } if(strlen($newpass < 5) { $errors[] = "Your new password must be longer than 5 characters"; } if(strlen($newpass > 20) { $errors[] = "Your new password must be shorter than 20 characters"; } if($newpass != $newpass2) { $errors[] = "Your new passwords do not match"; } $res = mysql_query("SELECT password FROM accounts WHERE username='{$user}' LIMIT 1"); if (!$res || mysql_num_rows($res) != 1) { $errors[] = "That user does not exist"; } else { list($dbPass) = mysql_fetch_row($res); if ($pass !== $dbPass) { $errors[] = "Incorrect password"; } } if (count($errors) == 0) { $res = mysql_query("UPDATE accounts SET password='{$newpass}' WHERE username='{$user}'"); } else { echo "Please fix these errors: " . join('<br>', $errors); } } You'll have to adjust it to fit your database schema.

It has to get to the user somehow, and then the user has to give it back again. HTTP is a stateless protocol. Each request is completely separate from any antecedent requests as far as the webserver is concerned. For those reasons cookies were invented so you had some way of keeping track of people.

Modify its contents...

Right, sorry yeah, that's my fault. I was thinking for a moment that $i was the cursor, which it of course isn't. You're right

mysql_fetch_*() moves the pointer one position forward automatically, so you would have to decrement by 2 on each iteration instead.

I refreshed that one a few times and eventually I got this: Those two domain names are supposed to resolve to 208.89.220.190 and 72.233.17.134, respectively. You could perhaps try to add entries for those in your /etc/hosts file.

Below this line: mysql_query("INSERT INTO `users` (username,password,email) VALUES ('$username','$password','$email')") or die (mysql_error()); // Inserts the user. Just echo something like this: echo 'Daniel is cool'; I don't know how else to explain it...

Just echo something below the last call to mysql_query().

You'll probably still have better luck speaking with their support department. They'll know how your server should be configured to work with their script.

Perhaps, but we're not here to do your job for you. If you can't even be bothered taking your time to only post the relevant stuff, then why would someone else use their valuable time on helping you? Well, then why are you posting the entire thing? Search the forum for suggestions on OOP/app design books.

You need to actually get the results first. You only have the resource returned by mysql_query. See: mysql_fetch_assoc

Dude, nobody wants to read through all that crap. Learn basic troubleshooting and learn how to ask questions.

You could store the SID in a cookie, or you could just use PHP's built-in support for sessions, which you can easily modify to use a database. There is really no reason not to use PHP's built-in features.

What type is lastOnline?

That would be ORDER BY description, title. http://dev.mysql.com/doc/refman/5.0/en/select.html

SELECT foo FROM bar ORDER BY baz;

The above snippet strips all spaces from a string and then sorts it. It'll work for any array you feed it. For database rows you'd probably want to sort it in the query.

You were already told several times in this topic.

What is it you don't understand? The browser has its own "cookie jar" and the script has its own "cookie jar". The script logs in and stores the cookies in its own cookie jar, and the browser still has its original cookies. If you now point your browser to Yahoo's home page it will not be logged in. I told you that you could investigate how Firefox stores its cookies in its SQLite database and then insert them manually into that. To do that you need to be a programmer or pay someone who already is a programmer to do it for you. I'm a programmer, so you can pay me to do it for you, or you can become a programmer and do it yourself. This is not a place where you go and say "make this script for me".

How "doesn't it work"?

Well, you still haven't told me what you want to happen except you want to login. The above script logs you in (assuming you put the correct credentials in the first array).