cluce
-
Posts
354 -
Joined
-
Last visited
Never
Posts posted by cluce
-
-
Your . may not be getting evaluated. Try this and see if it works.
<?php $p = mysqli_real_escape_string($mysqli,trim(strip_tags($_POST['password']))); $p = $p . STR_PWSALT; $sql = "SELECT username, f_name, l_name, password FROM employees WHERE username = '$checkuser' AND password = sha1('$checkpassword.STR_PWSALT') LIMIT 1"; $result = @mysqli_query($mysqli, $sql) or die(header("Location: error.html")); ?>I am able to login. its the authentication code to check for a valid login user on all my other pages that wasnt working.
-
not a very good idea to hold passwords in the session. Why not after the person is authenticated, you just set a value
$_SESSION['auth'] = 1;
Now just check to see if the value is set and a value of 1
if(isset($_SESSION['auth']) && $_SESSION['auth'] == 1){ // run code } else { // redirect to login page header('Location:login.php'); }Ray
thanks. I will do this.
-
I am having trouble matching username and password that is in database.
On my first page I am using this query to login:
//trims and strips tags and escapes fields $checkuser = mysqli_real_escape_string($mysqli,trim(strip_tags($_POST['username']))); $_SESSION['password'] = $checkpassword = mysqli_real_escape_string($mysqli,trim(strip_tags($_POST['password']))); //create and issue the query $sql = "SELECT username, f_name, l_name, password FROM employees WHERE username = '$checkuser' AND password = sha1('$checkpassword.STR_PWSALT') LIMIT 1"; $result = @mysqli_query($mysqli, $sql) or die(header("Location: error.html"));and on every other page I am including an authentication page with the following:
//authenticate employee $val = "SELECT username, password FROM employees WHERE username = '" . $_SESSION['validate']."' AND password = '".sha1($_SESSION['password'].STR_PWSALT)."'"; $auth = mysqli_query($mysqli,$val) or die(header("Location: error.html")); if (mysqli_num_rows($auth) != 1) { $_SESSION['authenticate'] = "<font color='red'>You must be logged in</font>"; mysqli_close($mysqli); header ("Location: employee_resource.php5"); exit(); } echo($val);The probelm I am having is this "AND password = '".sha1($_SESSION['password'].STR_PWSALT)."'"; is not matching the password thats in the database. I would think it would be the samne as the query used on my first page to login but its not because it redirects me to the login everytime. Also, when I echo($val) the query, the hash password is diiferent from what I see in the databse. can someone see tell me why its not matching up with my first query's password?
I am able login without the authentication page. I am just using it for added security.
-
Parse error: syntax error, unexpected T_VARIABLE in C:\www\vhosts\ran\authenticate.php5 on line 7
Here is my code..can someone tell me what the syntax error is???thx
//authenticate employee //line 7 here----> $val = "SELECT username, password FROM employees WHERE username = '" . $_SESSION['validate'] . "' AND password = sha1('"$_SESSION['password']"'.STR_PWSALT')"; $auth = @mysqli_query($mysqli,$val) or die(header("Location: error.html")); -
I SOLVED IT!!! I had a missing ' in the font tag for zip
-
The problem I am having is in my .$row[zip] is showing A phone number from the databaase instead of the zip. I cant see what I am doing wrong. Can soemone help me with this? Thanks
my output looks like this....
Username: misamis
Full name: Chris Sam
Address: 5501 lemon Drive
City: indiana
State: LA
Zip: 504-123-1234////this should be zip code???
///missing phone number here????
Alternate Phone Number: 985-123-1234
Email: c@yahoo.com
Company: Company:
Last successful login: Jun 9 2008 at 03:39:42 PM
here is my code below:
<?php //create query and retrieve record of user logged on //create and issue the query $SQL = "SELECT username, first_name, last_name, address, city, state, zip, phone, altphone, email, company, DATE_FORMAT(last_login, '%b %e %Y at %r') aS last_login FROM auth_users WHERE username = '".$_SESSION['identity']."'"; $result = mysqli_query($mysqli,$SQL); $row = mysqli_fetch_array($result); echo "<strong>Username:</strong> "."<font color='blue'>".$row['username']."</font>"; echo "<br />"; echo "<strong>Full name:</strong> "."<font color='blue'>".$row['first_name'] . " " . $row['last_name']."</font>"; echo "<br />"; echo "<strong>Address:</strong> "."<font color='blue'>".$row['address']."</font>"; echo "<br />"; echo "<strong>City:</strong> "."<font color='blue'>".$row['city']."</font>"; echo "<br />"; echo "<strong>State:</strong> "."<font color='blue'>".$row['state']."</font>"; echo "<br />"; echo "<strong>Zip:</strong> "."<font color='blue'>".$row['zip']."</font>"; echo "<br />"; echo "<strong>Phone Number:</strong> "."<font color='blue'>".$row['phone']."</font>"; echo "<br />"; echo "<strong>Alternate Phone Number:</strong> "."<font color='blue'>".$row['Altphone']."</font>"; echo "<br />"; echo "<strong>Email:</strong> "."<font color='blue'>".$row['email']."</font>"; echo "<br />"; echo "<strong>Company:</strong> "."<font color='blue'>".$row['company']."</font>"; echo "<br />"; echo "<strong>Last successful login:</strong> "."<font color='blue'>".$row['last_login']."</font>"; echo "<br />"; ?>
-
sorry but i cant seem to find the solve link. ist been awhile since I have been on here.
-
I fixed this. thanks for the help. I was using the wrong table. because I had dropped this table in my database and appended those fields in one table.
-
Can someone help me fix my errors?
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\www\vhosts\reagan\empInfo.php5 on line 19
Notice: Undefined index: update in C:\www\vhosts\reagan\empInfo.php5 on line 134
here is my cod below:
<?php //create query and retrieve record of user logged on //create and issue the query $SQL = "SELECT username, first_name, last_name, address, city, state, zip, phone, altphone, email, company, DATE_FORMAT(last_login, '%b %e %Y at %r') aS last_login FROM auth_users WHERE username = '".$_SESSION['identity']."'"; $result = mysqli_query($mysqli,$SQL); $row = mysqli_fetch_array($result); echo "<strong>Username:</strong> "."<font color='blue'>".$row['username']."</font>"; echo "<br />"; echo "<strong>Full name:</strong> "."<font color='blue'>".$row['first_name'] . " " . $row['last_name']."</font>"; echo "<br />"; echo "<strong>Address:</strong> "."<font color='blue'>".$row['address']."</font>"; echo "<br />"; echo "<strong>City:</strong> "."<font color='blue'>".$row['city']."</font>"; echo "<br />"; echo "<strong>State:</strong> "."<font color='blue'>".$row['state']."</font>"; echo "<br />"; echo "<strong>Zip:</strong> "."<font color='blue'>".$row['zip']."</font>"; echo "<br />"; echo "<strong>Phone Number:</strong> "."<font color='blue'>".$row['phone']."</font>"; echo "<br />"; echo "<strong>Alternate Phone Number:</strong> "."<font color='blue'>".$row['Altphone']."</font>"; echo "<br />"; echo "<strong>Email:</strong> "."<font color='blue'>".$row['email']."</font>"; echo "<br />"; echo "<strong>Company:</strong> "."<font color='blue'>".$row['company']."</font>"; echo "<br />"; echo "<strong>Last successful login:</strong> "."<font color='blue'>".$row['last_login']."</font>"; echo "<br />"; ?>
-
I did read somewhere it may be becasue the web server is set for SMTP authentication and it is requiring it. IS this true?
here is my code for the form which worked before:
<?php session_start(); $date = trim(strip_tags($_POST['date'])); $lastname = trim(strip_tags($_POST['lastname'])); $middle = trim(strip_tags($_POST['middle'])); $firstname = trim(strip_tags($_POST['firstname'])); $address = trim(strip_tags($_POST['address'])); $address_continue = trim(strip_tags($_POST['address_continue'])); $city = trim(strip_tags($_POST['city'])); $state = trim(strip_tags($_POST['state'])); $zip = trim(strip_tags($_POST['zip'])); $phone = trim(strip_tags($_POST['phone'])); $alternate = trim(strip_tags($_POST['alternate'])); $email = trim(strip_tags($_POST['email'])); $position = trim(strip_tags($_POST['position'])); $referred = trim(strip_tags($_POST['referred'])); $coverletter = trim(strip_tags($_POST['coverletter'])); $resume = trim(strip_tags($_POST['resume'])); if (empty($lastname) or empty($middle) or empty($firstname) or empty($address) or empty($city) or empty($state) or empty($zip) or empty($phone) or empty($email) or empty($position)) { $_SESSION['validate'] = "<font color = red>Please fill in all the required fields</font>"; header ("Location: o_application.php"); }else{ $to = "ecooper@rwer.com"; $subject = "Kilo-Pak Online Application"; $body ="\n\n Date: ".$date." \n\n Last Name: ".$lastname." \n\n Middle: ".$middle." \n\n First Name: ".$firstname." \n\n Address: ".$address." \n\n : ".$address_continue." \n\n City: ".$city." \n\n State: ".$state." \n\n Zip: ".$zip." \n\n Phone Number: ".$phone." \n\n Alternate Phone: ".$alternate." \n\n Email: ".$email." \n\n Position: ".$position." \n\n Reffered by: ".$referred." \n\n Cover letter: ".$coverletter." \n\n Resume: ".$resume.""; mail ($to, $subject, $body); header("Location: thanks.htm"); } ?> -
I am trying to send email through a web form and I get an error. I had just migrated to IIS server and was on a unix server. can someone tell me what this erro means?
Warning: mail() [function.mail]: SMTP server response: 550 Requested action not taken: mailbox unavailable or not local in C:\Inetpub\vhosts\kilopak.com\httpdocs\o_application.php on line 46
Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\vhosts\kilopak.com\httpdocs\o_application.php:46) in C:\Inetpub\vhosts\kilopak.com\httpdocs\o_application.php on line
-
I have a css style sheet that reference my html tags but it wont use my image as a background in my #header section. It only uses colors?? This is strange. I would think If could use a color it wouold use the image too. Does anybody see what could be the problem in my code below:
HTML page code :
<html xmlns="http://www.w3.org/1999/xhtml"> <head><title></title> </head> <body> <form id="form1" runat="server"> <div id="allpages"> <div id="header"> <uc:Header ID="header1" runat="server" /> </div> <div id="nav"> <uc:Navigation ID="nav1" runat="server" /> </div> <div id="maincontent"> </div> </div> <div id="footer"> <uc:Footer ID="Footer1" runat="server" /> </div> </form> </body> </html>
css page:
* { font-family: Tahoma, Arial, Helvetica; } body { font-size: 80%; margin: 0; } a { color: #0033cc; } H1 { font-size: xx-large; font-weight: bold; color: #cc0033; } .Pct { font-size: large; font-weight: bold; color: orange; } /* AllPages will allow you to define the width and position of all the pages in the site */ #allpages { margin: auto; width: 750px; border: #ccccff 0px solid; } /* CurrentSurveySection defines the font, width, and border of the current survey link area */ .CurrentSurveySection { width: 270px; } /* question css class defines the font, width, and border of the question grid for a survey*/ .questions { background-color: #ffffff; width: 750px; border: solid 0px #cccccc; } /* the website's header for all pages */ #header { background-image: url(App_Themes/cleanOrange/Images/bg1.jpg); } /* the navigation formatting for all pages */ #nav { text-align: center; background-image: url(App_Themes/cleanOrange/Images/bg.gif); } /* the formatting around the main content areas for all pages as they are contained within a master page*/ #maincontent { padding-right: 10px; padding-left: 10px; padding-bottom: 3px; padding-top: 3px; width: 730px; } /* the website's footer for all pages */ #footer { margin-top: 30px; font-size: smaller; text-align : center; } -
Yeah. Now I see what my options are to create web pages like that and what tools to use. Now I just need to figure out what languagse would be the easiest for me to use.
-
Thanks for the reply. Its become more clearer to me. And it uses some javascript too. As far as forms, they only execute when you click a button. Well, I am trying to be more interactive than that, such as, the page starts to populate the selected data from the database as soon as the user clicks a link or picture.
-
Hello,
I need some advice from the PHP experts.
Could I create web pages that interact with the user like this using php or do I need to use asp for something like this. If so, how difficult would this be. I can see how it is done with asp which I am familiar with but I have been using php at work and I cant see how it can be done using php. Now that I think about it I havent seen a php page with this sort of web page interactivity.I know php and how to use dreamweaver and a little asp or asp.net.
thanks
-
Now I am to the web server because he is able to see all the files on the remote site but when I publish a changed file it is not updating the website in production. I use Dreamweaver so I am not sure what is going on and the co-worker only knows Frontpage.
I know our web hosting company uses Unix as a web server but I read somewhere if you use FTP you don't need extensions. Frontpage shows he is connected to the webserver and it even looks like it publishes the files successfully..Its just the updates are not updating the site?? I am at a lost? Anybody have any ideas?
-
Hello,
I am not sure how to do this but the instructions I found are not working.
When I go to publish my site with Frontpage 2003 with the FTP setting. When I
put in the IP address of the domain in the FTP address text box and I check
off the passive option, then I click the OK button , nothing happens. The
window won't close. I know my settings are right because I use the same
settings with Dreamweaver.
Do I need to download extensions or something? Or does my web server need to have the extensions? I need to set this up for
somebody elses that uses frontpage because thats all he knows how to use. I do use a username and password to log on to the
web server but frontpage doesn't give me a place to do that. Maybe this
cant be done with frontpage? I dont know? can anybody give me any ideas?
thanks
-
I forgot to put <tr> tags for the headers
-
-
can someone tell me how to format my table data to courier new and the font size to 10 and the font color to green within my code.
$display_block = "<p align = 'center'> <table id='mytable' class='sortable' border = '1' bordercolor = 'gray cellpadding= '0' cellspacing = '0'> <thead> <th bgcolor = 'orange'>Item Number</th> <th bgcolor = 'orange'>Manufacturer</th> <th bgcolor = 'orange'>Category</th> <th bgcolor = 'orange'>Description</th> <th bgcolor = 'orange'>Model</th> <th bgcolor = 'orange'>Quantity</th> <th bgcolor = 'orange'>Kw</th> <th bgcolor = 'orange'>Hours</th> <th bgcolor = 'orange'>Price</th> </thead> <tbody>"; //if authorized, get the values while ($info = mysqli_fetch_array($result)) { //create display string $display_block .= " <tr> <td>".$info['Item_No']."</td> <td>".$info['Manufacturer']."</td> <td>".$info['Category']."</td> <td>".$info['Description']."</td> <td>".$info['Model']."</td> <td>".$info['Qty']."</td> <td>".$info['Kw']."</td> <td>".$info['Hours']."</td> <td>".$info['Price']."</td> </tr>"; } $display_block .= "</tbody></table></p>"; -
got it..thanks for your feedback
-
I fixed the right side that was messed up by deleted the no-repeat code from here
TH {
BORDER-RIGHT: #ffa500 1px solid; PADDING-RIGHT: 12px; BORDER-TOP: #ffa500 1px solid; PADDING-LEFT: 12px; BACKGROUND: url(images/BG11.jpg);***no-repeat code *** PADDING-BOTTOM: 4px; FONT: bold 10px/22px "Trebuchet MS", Verdana, Arial, Helvetica, sans-serif; VERTICAL-ALIGN: middle; TEXT-TRANSFORM: uppercase; COLOR: #4f6b72; PADDING-TOP: 8px; BORDER-BOTTOM: #ffa5001px solid; LETTER-SPACING: 1px; TEXT-ALIGN: center
now i just need to figure out where the last blue background is coming from.
-
I apoligize if this is'nt in the appropriate spot but I wasnt sure where to put it. I am using mostly php with html, and javascript. i have a table that can be sorted dynamically on a web site by clicking on the header which works everywhere but firefox. The problem is the links in the table headers wont show up so they can be clicked on to sort the colunm. I dont think its the actual javascript file because as soon as I take out the string with the table data that is being populated from the databsase and use the example table data it works.
for example, I am able to sort the records when I use this..
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>Table Sorter Proof of Concept</title> <link rel="stylesheet" href="style.css" type="text/css" /> <script type='text/javascript' src='common.js'></script> <script type='text/javascript' src='css.js'></script> <script type='text/javascript' src='standardista-table-sorting.js'></script> </head> <?php //connect to database include'db.php'; //get all data from table $sql = "SELECT * from products"; $result = @mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli)); $display_block = "<p align = 'center'> <table class='sortable' border = '1' bordercolor = 'black' cellpadding= '0' cellspacing = '0'> <thead> <tr> <td></td> <th colspan='2'>Name</th> <td></td> <td></td> <td></td> </tr> <tr> <th>Date</th> <th>Forename</th> <th>Surname</th> <th>Number</th> <th>Price</th> <th>IP Address</th> <th>Scientific</th> </tr> </thead> <tfoot> <tr> <td></td> <td></td> <td></td> <th class='numeric'>385</th> <th class='numeric'>$160.91</th> <td></td> <td></td> </tr> </tfoot> <tbody> <tr> <td>21/01/2006</td> <td>Neil</td> <td>Crosby</td> <td class='numeric'>123</td> <td class='numeric'>$1.96</td> <td>192.168.1.1</td> <td>-12E2</td> </tr> <tr class='odd'> <td>01/02/2006</td> <td>Becca</td> <td>Courtley</td> <td class='numeric'>122</td> <td class='numeric'>$23.95</td> <td>192.167.2.1</td> <td>12E2</td> </tr> <tr> <td>17/11/2004</td> <td>David</td> <td>Freidman</td> <td class='numeric'>048</td> <td class='numeric'>$14.00</td> <td>192.168.2.1</td> <td>13e-2</td> </tr> <tr class='odd'> <td>17/10/2004</td> <td>Sylvia</td> <td>Tyler</td> <td class='numeric'>43</td> <td class='numeric'>$104.00</td> <td>192.168.2.17</td> <td>12.1e2</td> </tr> <tr> <td>17/11/2005</td> <td>Carl</td> <td>Conway</td> <td class='numeric'>49</td> <td class='numeric'>$17.00</td> <td>192.168.02.13</td> <td>12e3</td> </tr> </tbody> </table>"; ?> </html> <?php echo($display_block);?>
But it doesnt work with this........
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><head> <title>Product Inventory</title> <script type='text/javascript' src='common.js'></script> <script type='text/javascript' src='css.js'></script> <script type='text/javascript' src='standardista-table-sorting.js'></script> <style type="text/css"> <!-- .style5 {font-family: "Times New Roman", Times, serif; font-size: 14px; } --> </style> </head> <?php //connect to database include'db.php'; //checks if category is selected or submitted if (!isset($_POST['submit'])||(($_POST['select']) == 'All categories')){ //get all data from table $sql = "SELECT * from products"; $result = @mysqli_query($mysqli, $sql) or die(mysqli_error($mysqli)); }else{ //get selected data of records $get_list_sql = "SELECT * FROM products WHERE Category = '".$_POST['select']."'"; $result = mysqli_query($mysqli, $get_list_sql) or die(mysqli_error($mysqli)); } $display_block = "<p align = 'center'> <table class='sortable' border = '1' bordercolor = 'black' cellpadding= '0' cellspacing = '0'> <thead align='center'> <th bgcolor = 'orange'>Item Number</th> <th bgcolor = 'orange'>Manufacturer</th> <th bgcolor = 'orange'>Category</th> <th bgcolor = 'orange'>Description</th> <th bgcolor = 'orange'>Model</th> <th bgcolor = 'orange'>Quantity</th> <th bgcolor = 'orange'>Kw</th> <th bgcolor = 'orange'>Hours</th> <th bgcolor = 'orange'>Price</th> </thead> <tbody>"; //if authorized, get the values while ($info = mysqli_fetch_array($result)) { //create display string $display_block .= " <tr> <td>".$info['Item_No']."</td> <td>".$info['Manufacturer']."</td> <td>".$info['Category']."</td> <td>".$info['Description']."</td> <td>".$info['Model']."</td> <td>".$info['Qty']."</td> <td>".$info['Kw']."</td> <td>".$info['Hours']."</td> <td>".$info['Price']."</td> </tr>"; } $display_block .= "</tbody></table></p>"; ?> <style type="text/css"> <!-- body { background-color: #333333; background-image: url(images/bg_tile.gif); } .style8 {font-size: 12px} .style10 {font-family: "Times New Roman", Times, serif; font-size: 14px; font-weight: bold; } a:visited { color: #000000; text-decoration: none; } a:hover { color: #FF6600; background-color: #999999; text-decoration: underline; } a:link { color: #000000; text-decoration: none; } a:active { color: #FF6600; text-decoration: none; } .style12 {font-size: 14px} .style13 {font-family: "Times New Roman", Times, serif; font-size: 18px; } .style14 {color: #FF0000} </style> <div align="center"> <table width="1035" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <th height="42" align="left" valign="middle" scope="col"><div align="center"> <p><img src="images/reagman_L.gif" alt="Reagan logo" width="99" height="98" /><img name="ReaganPower" src="images/Reagan Power.gif" width="581" height="59" border="0" id="ReaganPower" alt="Reagan logo" /><img src="images/reagman_R.gif" alt="Reagan logo" width="99" height="98" /></p> </div> <div align="center"></div></th> </tr> <tr> <th height="23" align="left" valign="middle" bordercolor="#797268" bgcolor="#EDA350" scope="col"> </th> </tr> <tr> <td width="881" align="left" valign="top" bordercolor="#797268" bgcolor="#FFFFFF"><p>Products>Product Inventory: <br /> <br /> Click on column heading to sort.<br /> <a href="product_inventory.php5"></a></p> <form id="form1" name="form1" method="post" action=""> <label> <div align="right">Display by Category: <select name="select" class="input"> <option>All categories</option> <option>Diesal</option> <option>Engines</option> <option>Generators</option> </select> <input name="submit" type="submit" id="submit" value="enter" /> </div> </label> </form> <p><?php echo "$display_block"; //free results mysqli_free_result($result); ?></p> <p> </p></td> </tr> </table> </div> </body> </html>I have been trying to debug this for two days and now I need some advice from the best:). any help is appreciatted
-
thanks. cool website but I know how to do that. I even deleted the image from the directory and I still have the blue header row in the table that displays the data. ???
I even edited the same image with macromedia fireworks but it only covers the left side of the header row at the top of my web page itself along the right side is still messed up.
but that doesnt change the blue header background in the table that displays my data. I think its becasue my my web design itself is done with tables which is messing it up.
I think there is one more blue color code somewhere I need to change???
[SOLVED] having trouble querying sha1 passwords from database in where clause
in PHP Coding Help
Posted
I ran into another problem. The username and password is both the primary key because the username alone can be dupicates. SO this will not work. I have to set 2 sessions to use across my web appliction to identify and authentiacte a user. I might be able to use another field besides the password to set as a session to match up in where clause wheerever needed.