Jump to content

bigdessert

Members
  • Posts

    16
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

bigdessert's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Parse error: syntax error, unexpected T_STRING, expecting T_VARIABLE or '$' in /home/gastrain/public_html/test/register.php on line 3 when trying that one
  2. this shows every time no matter what i do. You are not authorized to view this page
  3. [quote author=Fearsoldier link=topic=121202.msg498425#msg498425 date=1168121946] if(defined['inSite']){ theres your problem: replace with if(defined('inSite')){ [/quote] I have this, but still does not work. here is my first page: [code] <?php define('inSite',true); header( 'Location: http://www.site.com/test/register.php' ); ?> [/code] and the second page [code]<?php require_once("inc/init.inc.php"); if(defined('inSite')) { $page_title = $lngstr['page_title_register']; if(getConfigItem(CONFIG_can_register)) { if(isset($_POST['bsubmit'])) { include_once($DOCUMENT_PAGES."register-2.inc.php"); } else { include_once($DOCUMENT_PAGES."register-1.inc.php"); } } else { $page_title = $lngstr['page_title_signin']; $input_err_msg = $lngstr['err_no_permissions_to_register']; include_once($DOCUMENT_PAGES."signin-1.inc.php"); } } else {echo "You are not authorized to view this page";} ?>[/code]
  4. to my understanding though, this will create the same encrypted string no matter what computer/time the page is accessed.  This meaning that someone could share the address including the hashed session and get access. I think this is why Hotdawg was suggesting <?php define('inSite',true); ?> and on the register.php page it should begin with: Code: <?php if(defined['inSite']){ echo "You have done this the right way!"; //followed by the registration form, etc. }else{ echo "hacking attempt, access denied."; exit (); ?>
  5. i cannot seem to get this to work any way.  Any ideas???
  6. alrighty, found the missing } before exit(); But its not seeming to passing the info.....it says the hacking message every time.
  7. do i need to pass the variable in the url at all??
  8. [quote author=fert link=topic=121202.msg497937#msg497937 date=1168058837] [code] if(defined['inSite']) [/code] should be [code] if(defined('inSite')) [/code] [/quote] Changing that got me this error Parse error: syntax error, unexpected $end in /home/gastrain/public_html/test/title.php on line 8
  9. First Page.....then goes through checkout......via paypal... [code]<?php /*#################################################   Simple PayPal and PHP Sessions Example          #   by: PayPal_PatrickO for PayPal, an eBay Company #   date: 2/9/2005                                  #   "checkout.php"                                  #                                                   #   This example illustrates using sessions with    #   PayPal.                                        # #################################################*/ // call session_start() to create a session. //session_start(); define('inSite',true); //create a session variable for this example - just to illustrate sessions. //$_SESSION['user'] = "tin"; ?> <form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value="tim@bigdessert.com"> <input type="hidden" name="item_name" value="session example"> <input type="hidden" name="amount" value="0.01"> <input type="hidden" name="return"   value="http://www.gastrain.com/test/title.php"> <input type="hidden" name="no_note" value="1"> <input type="hidden" name="currency_code" value="USD"> <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but23.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> </form>[/code] contents of title.php [code]<?php if(defined['inSite']){ echo "You have done this the right way!"; //followed by the registration form, etc. }else{ echo "hacking attempt, access denied."; exit (); ?>[/code]
  10. i get Parse error: syntax error, unexpected '[' in /home/gastrain/public_html/test/title.php on line 2 also how long does the user have to register? after checkout they are directed right to the registration page and should sign up within 5 mins...
  11. ok i guess from the start....a person purchases a certification test.  When they purchase that certification test then they get to register with the testing software.  the registration happens at site.com/register.php.  Now i want to make it so that if a user just types in site.com/register.php from anywhere other than the checkout, then they get a page that says they have no access. I was trying to attemp this with sessions, but i dont know if its going to work.
  12. Ok i am a rook here to sessions, but on my first page i have session_start(); $_SESSION['user'] = "test"; thats gets passed like this http://www.site.com/test/register.php?<?php echo strip_tags(SID);?> so then in the address bar it shows http://www.gastrain.com/test/register.php?PHPSESSID=2L3KJH14KJHDIUY3 session part of register.php session_cache_expire(1); //ettempting to expire the session after 1 min, dont work though. session_start(); if ($_SESSION['user'] = "test") { do what i want. Basicall i am trying to make it so that only a user with the proper session can see a page.  The session is set during a checkout, then passed to the page where the user registers.  if i assign the $_SESSION['user'] = "test", then the PHPSESSID= is always the same.  So if 1 hour later the user goes to http://www.gastrain.com/test/register.php?PHPSESSID=2L3KJH14KJHDIUY3, they will still have access regardless if the session was set to expire. 1. is there a way to make the PHPSESSID= change every time and still be able to verify the user came from the checkout section?? 2. if thats not possible is there an easier way i can do this?? i would like to use database, but that is not possible. Thanks, Tim
  13. They would be registering right after payment.  During registration they do create a username/password.  When they create this, they can log into the site 3 days later to take the test.  So i suppose the session would work. Do i need to store the session in a database, or is this something that is just passed on.
  14. Basically i am setting up a testing site using igivetest.  I want it so that a client pays for a test.  Then gets directed to the registration page build into igivetest.  Then they can register and take the test. If someone stumbles onto my test page i want it so that they cannot access the registration. Basically for now i have it so that after a client pays they get redirected to a temp page that inserts a code into mysql database.  Then it only shows the registration page if that "code" is present.  After the user registers, it removes the "code" from the database. Is this the best and safest way to prevent unpaid registrations or is there something better?? I kind of want to make it so that this is shopping cart independent as I have not decided on a cart yet. Thanks,
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.