Jump to content

woody79

Members
 View Profile  See their activity

  • Posts

    58

  • Joined

  • Last visited

    Never

 Content Type 

Everything posted by woody79

  1. woody79
    I performed that little test and the session id shows all the time.
  2. woody79
    Sorry about that I took that code out of my archive and modified it a bit. There is actually two class files: maxlogin.4.php and maxlogin.5.php. The php4 class just has var instead of private and public plus MaxLogin instead of __construct.
  3. woody79
    I have a page that sets a two sessions and one that reads them. The page that reads them looks like this: <?php session_start(); if (isset($_SESSION['maxauth'])) { print_r(unserialize($_SESSION['maxinfo'])); } else { echo "No"; } ?> When I refresh the page it sometimes gives me print_r(unserialize($_SESSION['maxinfo'])); , but otherwise No. I have refreshed the page 10 times and 2 times out of 10 the session was recognized. My dev server (Windows-PHP5) gets 10 out of 10, but my actual host (Unix-PHP4) gets 2 out of 10. Why is this?
  4. woody79
    By the way it works fine on my dev machine running Apache 2.2.9 and PHP 5.2.6, but on my actual hosting server it doesn't which is running Apache 1.3.33 and PHP 4.3.10. Does this mean that I will have to write my login class again?
  5. woody79
    I have a login that when the user enters details they are redirected to a page that checks if they are logged in and if not sends them to the login page. After you login (that is if it accepts you) the main page is readable, but if you refresh the page you are sent back to the login. It's as if the session is lost. There is also an error where when you login you end up back at the login. Am I doing something wrong? If so what is it and how can I fix it? Login Class: <?php class MaxLogin { public $authrealm = "Welcome"; private $authtype; private $mysqlhost; private $mysqluser; private $mysqlpass; private $mysqldata; private $maxid; private $maxfname; private $maxsurname; private $maxusr; private $maxpwd; private $maxip; private $maxemail; private $maxprivileges; function __construct($authtype = "web", $mysqlhost = "localhost", $mysqluser = "root", $mysqlpass, $mysqldata) { $this->authtype = $authtype; $this->mysqlhost = $mysqlhost; $this->mysqluser = $mysqluser; $this->mysqlpass = $mysqlpass; $this->mysqldata = $mysqldata; mysql_connect($mysqlhost, $mysqluser, $mysqlpass) or die('Could not connect: ' . mysql_error()); mysql_select_db($mysqldata) or die('Could not select database: ' . mysql_error()); session_start(); } function __get($property) { return $this->$property; } function isNotLoggedIn() { if(!isset($_SESSION['maxauth'])) { return 1; } else { return 0; } } function checkLogin($maxuser = "maxgrade-username", $maxpass = "maxgrade-password") { if ($this->authtype == "web") { if (!isset($_POST[$maxuser]) || !isset($_POST[$maxpass])) { return 0; } else { $maxsql = "SELECT * FROM users WHERE "; $maxsql .= "(username = '" . addslashes($_POST[$maxuser]) . "') "; $maxsql .= "AND "; $maxsql .= "(password = '" . addslashes($_POST[$maxpass]) . "')"; $maxquery = mysql_query($maxsql); $maxnumrows = mysql_num_rows($maxquery); if ($maxnumrows > 0) { while($maxrow = mysql_fetch_assoc($maxquery)) { $_SESSION['maxauth'] = $maxrow['id']; $_SESSION['maxinfo'] = serialize( array( "id" => $maxrow['id'], "fname" => $maxrow['fname'], "surname" => $maxrow['surname'], "username" => $maxrow['username'], "password" => $maxrow['password'], "ip" => $_SERVER['REMOTE_ADDR'], "email" => $maxrow['email'], "privileges" => $maxrow['privileges'] ) ); $this->maxid = $maxrow['id']; $this->maxfname = $maxrow['fname']; $this->maxsurname = $maxrow['surname']; $this->maxusr = $maxrow['username']; $this->maxpwd = $maxrow['password']; $this->maxip = $_SERVER['REMOTE_ADDR']; $this->maxemail = $maxrow['email']; $this->maxprivileges = $maxrow['privileges']; mysql_query("UPDATE users SET ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE id='" . $maxrow['id'] . "'"); return 1; } } else { return 0; } } } else if ($this->authtype == "realm") { if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="' . $this->authrealm . '"'); return 0; } else { $maxsql = "SELECT * FROM users WHERE "; $maxsql .= "(username = '" . addslashes($_SERVER['PHP_AUTH_USER']) . "') "; $maxsql .= "AND "; $maxsql .= "(password = '" . addslashes($_SERVER['PHP_AUTH_PW']) . "')"; $maxquery = mysql_query($maxsql); $maxnumrows = mysql_num_rows($maxquery); if ($maxnumrows > 0) { while($maxrow = mysql_fetch_assoc($maxquery)) { $_SESSION['maxauth'] = $maxrow['id']; $_SESSION['maxinfo'] = serialize( array( "id" => $maxrow['id'], "fname" => $maxrow['fname'], "surname" => $maxrow['surname'], "username" => $maxrow['username'], "password" => $maxrow['password'], "ip" => $_SERVER['REMOTE_ADDR'], "email" => $maxrow['email'], "privileges" => $maxrow['privileges'] ) ); $this->maxid = $maxrow['id']; $this->maxfname = $maxrow['fname']; $this->maxsurname = $maxrow['surname']; $this->maxusr = $maxrow['username']; $this->maxpwd = $maxrow['password']; $this->maxip = $_SERVER['REMOTE_ADDR']; $this->maxemail = $maxrow['email']; $this->maxprivileges = $maxrow['privileges']; mysql_query("UPDATE users SET ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE id='" . $maxrow['id'] . "'"); return 1; } } else { header('WWW-Authenticate: Basic realm="' . $this->authrealm . '"'); return 0; } } } } function destroyLogin() { session_destroy(); } } ?> index.php (login): include("./maxgrade_includes/maxlogin.5.php"); $login = new MaxLogin("web", "localhost", "root", "", "sitedb"); if (isset($_GET['action'])) { if ($_GET['action'] == "signout") { $login->destroyLogin(); header("Location: index.php"); } } else if ($login->checkLogin("maxgrade-username", "maxgrade-password")) { header("Location: main.php"); } main.php: include("./maxgrade_includes/maxlogin.5.php"); $login = new MaxLogin("web", "localhost", "root", "", "sitedb"); if ($login->isNotLoggedIn()) { header("Location: index.php"); }
  6. woody79
    What I meant by: Was that I have a "lightbox" that appears when somebody using IE6 opens the page and offers something like
  7. woody79
    Personally I don't because I believe that if they haven't updated there web browser there internet viewing privileges should be revoked. PS. Whilst writing this I thought about checking the User Agent String for IE6 and then denying access.
  8. woody79
    Personally I prefer PHP because I don't want to specify void, static, integer, string, boolean, decimal, float or any others.
  9. woody79
    I have this world map(attached) that php loads and crops it down to 320x240 and the x and y coordinates can be changed. When the x or y coordinates go out side the picture i would like it to wrap around. at the moment i am only concentratring on the x coordinate. i can't get the wrap around part to work correctly. Help would be greatly appreciated. map.php <?php // The file $filename = 'world32k.jpg'; $percent = 0.5; // Content type header('Content-type: image/jpeg'); //create $image_p = imagecreatetruecolor(320, 240); $image_q = imagecreatetruecolor(320, 240); $white = imagecolorallocate($image_q, 255, 255, 255); imagefill($image_q, 0, 0, $white); $image = imagecreatefromjpeg($filename); //mask var list($width, $height) = getimagesize($filename); $x = 1100; $y = 350; if(($width-($x+320)) < 0) { imagecopyresampled($image_p, $image, 0, 0, $x, $y, 320, 240, 320, 240); imagecopyresampled($image_q, $image, 0, 0, (($width-($x+320))*2), $y, 320, 240, 320, 240); imagecopymerge($image_p, $image_q, 110, 0, 0, 0, 320, 240, 100); //imagejpeg($image_p, null, 100); imagejpeg($image_p, null, 100); } //mask //imagecopyresampled($image_p, $image, 0, 0, 1100, 350, 320, 240, 320, 240); // Output //imagejpeg($image_p, null, 100); ?> [attachment deleted by admin]
  10. woody79
    I am creating a project and part of it is that it takes videos from the web using this format: http://cache.googlevideo.com/get_video?video_id= I am still trying to work out how to make php download this file to a directory. I was wondering if antbody could help me out with this problem?
  11. woody79
    i have a feeling it is with the mktime
  12. woody79
    Would anybody know where i have gone wrong in this script? $tm7781=date ("d:m:Y H:i:s", mktime (date("H"),date("i"),date("s"),date("m"),date("d")-1,date("Y"))); mysql_query("DELETE FROM tracker WHERE endsession < '$tm7781'");
  13. woody79
    How do i preg_match a single space
  14. woody79
    function weddingser() { document.getElementById('bar').style.backgroundImage = "url(images/logo20.png)"; } Anyone know why the image does not change
  15. woody79
    Apologies to wildteen, you were talking about the first $trackid and i thought you meant the sceond one. Thank you everyone
  16. woody79
    And }else{ closes the $trackid == 1
  17. woody79
    Line 308 <?php } //line 308 ?> </body> </html>
  18. woody79
    Look carefully as it is being closed
  19. woody79
    This is the script: <?php $linkid = mysql_connect("localhost","usr","pwd"); $linkdb = mysql_select_db("tracker"); $result = mysql_query("SELECT * FROM login WHERE username='".md5($_SERVER['PHP_AUTH_USER'])."' AND password='".md5($_SERVER['PHP_AUTH_PW'])."'"); $number = mysql_num_rows($result); if($number != 0) { $trackid = 1; }else{ $trackid = 0; } if($trackid == 1) { function adduser() { global $linkid,$linkdb; $GLOBAL['valign'] = "middle"; $halign = "center"; if(isset($_POST['name']) && isset($_POST['username']) && isset($_POST['password'])) { $username = md5($_POST['username']); $password = md5($_POST['password']); $name = strtolower($_POST['name']); $sqlquery = "INSERT INTO login(name, username, password)"; $sqlquery .= "VALUES('$name', '$username', '$password')"; mysql_query($sqlquery); echo "<div align=\"center\" style=\"color:#ff0000;\">User Added Sucessfully!</div><br />"; }else{ ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?cmd=adduser" method="post"> <table border="0"> <tr> <td><strong>Full Name: </strong></td> <td><input type="text" name="name" /></td> </tr> <tr> <td><strong>Username: </strong></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><strong>Password: </strong></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" value="Add User" /></td> </tr> </table> </form> <?php } } function remuser() { global $linkid,$linkdb; if(isset($_GET['removename'])) { mysql_query("DELETE FROM login WHERE name='".$_GET['removename']."'"); echo "<div align=\"center\" style=\"color:#ff0000;\">User Removed Sucessfully!</div><a href=\"".$_SERVER['PHP_SELF']."?cmd=vrecord\"></a>"; }else{ $remresult = mysql_query("SELECT * FROM login"); $remnumber = mysql_num_rows($remresult); $remi = 0; if($remnumber == 0) { echo "<div align=\"center\" style=\"color:#ff0000;\">There appears to be no users to remove!</div><br />"; }else{ while($remnumber != $remi) { $remoutput = mysql_result($remresult,$remi,"name"); list($remfirst, $remlast) = explode(" ", $remoutput); $remfirst = ucfirst($remfirst); $remlast = ucfirst($remlast); if(preg_match("/h:/i",$remoutput)) { echo ""; }else{ echo "<a href=\"".$_SERVER['PHP_SELF']."?cmd=remuser&removename=".$remoutput."\" class=\"remusr\">".$remfirst." ".$remlast."</a><br />"; } $remi++; } } } } function vrecord() { global $linkid,$linkdb; if(!isset($_GET['uid'])) { $recresult = mysql_query("SELECT * FROM tracker"); $recnumber = mysql_num_rows($recresult); $reci = 0; if($recnumber == 0) { echo "<div align=\"center\" style=\"color:#ff0000;\">There appears to be nobody to track!</div><br />"; }else{ echo "<table border=\"0\">\n\t<tr style=\"background-color:#9999CC; font-family:Arial, Helvetica, sans-serif;\">\n\t\t<th>User</th>\n\t\t<th>IP Address</th>\n\t\t<th>Session Started</th>\n\t\t<th>Session Ended</th>\n\t\t<th>Path</th>\n\t\t<th>Actions</th>\n\t</tr>\n"; while($recnumber != $reci) { $recoutput1 = mysql_result($recresult,$reci,"user"); $recoutput2 = mysql_result($recresult,$reci,"ip"); $recoutput3 = mysql_result($recresult,$reci,"timestamp"); $recoutput4 = mysql_result($recresult,$reci,"endsession"); $recoutput5 = mysql_result($recresult,$reci,"tracker"); $recoutput6 = mysql_result($recresult,$reci,"uid"); echo "\t<tr ".(($reci%2) ? "style=\"background-color:#CCCCCC;\"" : "style=\"background-color:#EEEEEE;\"").">\n\t\t<td><a href=\"mailto:".$recoutput1."@kolbe.wa.edu.au\">".$recoutput1."</a></td>\n\t\t<td>".$recoutput2."</td>\n\t\t<td>".$recoutput3."</td>\n\t\t<td>".$recoutput4."</td>\n\t\t<td>".$recoutput5."</td>\n\t\t<td align=\"center\"><a href=\"javascript: confirmDelete('?cmd=vrecord&uid=".$recoutput6."')\"><img src=\"edit-delete.png\" border=\"0\" /></a></td>\n\t</tr>\n"; $reci++; } echo "</table>"; } }else{ mysql_query("DELETE FROM tracker WHERE uid='".$_GET['uid']."'"); echo "<div align=\"center\" style=\"color:#ff0000;\">Tracker ID removed Sucessfully!</div><a href=\"".$_SERVER['PHP_SELF']."?cmd=vrecord\">Go Back To View Records</a><br />"; } } function home() { global $linkid,$linkdb; $filenameh = "bulletin.php"; if(!file_exists($filenameh)){ $fdh = fopen ($filenameh , "w+"); fclose($fdh); } $fdh = fopen ($filenameh, "r"); $contentsh = fread ($fdh, filesize($filenameh)); fclose ($fdh); echo $contentsh; } function edtblltn() { global $linkid,$linkdb; $textpost = stripslashes($_POST['bodytext']); $submitted = $_POST['submit']; $myFile = "bulletin.php"; if($submitted == "Change") { $fh = fopen($myFile, 'w'); fwrite($fh, $textpost); fclose($fh); $theData = $textpost; }else{ $fh = fopen($myFile, 'r'); $theData = fread($fh, filesize($myFile)); fclose($fh); } ?> <form method="post"> <table width="100%" border="0"> <tr> <th align="left"><font color="#999999" size="+6" face="Arial, Helvetica, sans-serif">Edit Bulletin</font></th> </tr> <tr> <td align="center"><textarea cols="80" rows="16" name="bodytext" style="font-family:Arial, Helvetica, sans-serif; color:#000000; font-size:16px;"><?php echo $theData; ?></textarea></td> </tr> <tr> <td align="right"><input type="submit" name="submit" value="Change" /></td> </tr> </table> </form> <?php } function title() { if($_GET['cmd'] == "home") { print " - Home"; } if($_GET['cmd'] == "vrecord") { print " - View Records"; } if($_GET['cmd'] == "adduser") { print " - Add User"; } if($_GET['cmd'] == "remuser") { print " - Remove User"; } if($_GET['cmd'] == "edtblltn") { print " - Edit Bulletin"; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Web Tracker Admin<?php title(); ?></title> <style type="text/css"> <!-- body, td, th { font-family: Arial, Helvetica, sans-serif; font-size: 16px; color: #000000; } table { font-family: Arial, Helvetica, sans-serif; font-size: 16px; color: #000000; border:0; } .nav { font-size:24px; } .nav td { border-bottom:thin dashed #FFFFFF; } .nav a { font-size:24px; text-decoration:none; color:#666666; } .nav a:hover { font-size:24px; color:#CCCCCC; } .main { background-color:#333333; } --> </style> <script type="text/javascript"> function confirmDelete(delUrl) { if (confirm("Are you sure you want to delete this record?")) { document.location = delUrl; } } function nav(cell,guide) { if(guide == true) { document.getElementById(cell).style.borderBottom='#CCCCCC thin dashed'; }else{ document.getElementById(cell).style.borderBottom='thin dashed #FFFFFF'; } } </script> </head> <body bgcolor="<?php if($trackid == 1) { echo "#000000"; }else{ echo "#ffffff"; } ?>"> <?php if($trackid == 1) { ?> <table width="100%" align="center"> <tr valign="top"> <td width="170"><table cellspacing="10" bgcolor="#FFFFFF"> <tr> <td width="150" align="center"><img src="logo.png" /></td> </tr> <tr class="nav"> <td valign="top" id="home"><a href="?cmd=home" onMouseOver="nav('home',1);" onMouseOut="nav('home',0);">Home</a></td> </tr> <tr class="nav"> <td valign="top" id="vrec"><a href="?cmd=vrecord" onMouseOver="nav('vrec',1);" onMouseOut="nav('vrec',0);">View Records</a></td> </tr> <tr class="nav"> <td valign="top" id="ausr"><a href="?cmd=adduser" onMouseOver="nav('ausr',1);" onMouseOut="nav('ausr',0);">Add User</a></td> </tr> <tr class="nav"> <td valign="top" id="rusr"><a href="?cmd=remuser" onMouseOver="nav('rusr',1);" onMouseOut="nav('rusr',0);">Remove User</a></td> </tr> <tr class="nav"> <td valign="top" id="edtb"><a href="?cmd=edtblltn" onMouseOver="nav('edtb',1);" onMouseOut="nav('edtb',0);">Edit Bulletin</a></td> </tr> </table></td> <td class="main" valign="<?php if($_GET['cmd'] == "home") { echo "top"; } if($_GET['cmd'] == "vrecord") { echo "top"; } if($_GET['cmd'] == "adduser") { echo "middle"; } if($_GET['cmd'] == "remuser") { echo "top"; } if($_GET['cmd'] == "edtblltn") { echo "middle"; } ?>"><table width="100%" height="100%" class="main"> <tr> <td align="<?php if($_GET['cmd'] == "home") { echo "left"; } if($_GET['cmd'] == "vrecord") { echo "center"; } if($_GET['cmd'] == "adduser") { echo "center"; } if($_GET['cmd'] == "remuser") { echo "center"; } if($_GET['cmd'] == "edtblltn") { echo "center"; } ?>"><?php if($_GET['cmd'] == "home") { home(); } if($_GET['cmd'] == "vrecord") { vrecord(); } if($_GET['cmd'] == "adduser") { adduser(); } if($_GET['cmd'] == "remuser") { remuser(); } if($_GET['cmd'] == "edtblltn") { edtblltn(); } ?></td> </tr> </table></td> </tr> </table> <?php }else{ ?> <center> <table border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center" valign="middle"><img src="logo.png" /><br /><div align="center" style="color:#FF0000; font-size:36px; font-weight:bold;">Entry Prohibited</div></td> </tr> </table> </center> <?php } ?> </body> </html> //this is line 311 This is the Error: I can't work out why it gives me an error. Can anyone please help? By the way this is a tracking script and if you are looking for one, you can use this one. Works best with a realm.
  20. woody79
    Don't ask why it is set up like this, it was previous people!!!
  21. woody79
    if(preg_match("/[h:]/i","h:Name Here")) { echo "Ok"; }else{ echo "Uh-Oh"; } That's great and all, but if you remove the "h:" it stills says ok then if you remove the "H" from Here it says Uh-Oh. I need it to test if the h: is not there
  22. woody79
    I need to do a preg_match on "h:" which is case insensitive. I have tryed this if(preg_match("/h:/i","h:Name Here")) { echo "Ok"; }else{ echo "Uh-Oh"; } This didn't work. Can someone please help me?
  23. woody79
    What do you mean exactly?
  24. woody79
    When the computer is inside the workplace and it is set to bypass proxy for local servers, $_SERVER['REMOTE_ADDR'] gives me their LAN IP. When they access the page from outside the workplace, it gives me DNS. I have no idea why!
  25. woody79
    I would like to get the users wan ip address, but $_SERVER['REMOTE_ADDR'] just gives me DNS, anyone know why and how to get round this problem
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.