Jump to content

Lamez

Members
  • Posts

    1,686
  • Joined

  • Last visited

    Never

Everything posted by Lamez

  1. I was trying to spear you guys, but since it is needed here is the index that is located in my "administration" directory: <?php $path = "../"; $title = "Member's Area"; $Login = true; include ($path."core/main.php"); echo "Welcome ".getFullName(); $footer = true; include ($path.$_core."main.php"); ?> here is the main.php <?php //ob_start(); //for debugging if(!$footer){ include($path."core/includes/functions.php"); echo '<title>'.$title.'</title>'; }else{ echo '<br /><a href="'.$path.'index.php">Home</a> | <a href="'.$path.'register.php">Register!</a> | <a href="'.$path.'login.php">Login!</a>'; if(LoggedIn()){ echo ' | <a href="'.$path.'user/">Member\'s Area</a> | <a href="?cmd=logout">Logout</a>'; } if(isAdmin()){ echo ' | <a href="'.$path.'administration/">Admin Area</a>'; } if(isMod() || isAdmin()){ echo ' | <a href="'.$path.'administration/moderators/">Mod Area</a>'; } } ?> Last but not least, the functions.php (the mac daddy) <?php include("db-config.php"); function clean($str){ $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } function checkExist($col, $var){ $col = clean($col); $var = clean($var); $q = mysql_query("SELECT * FROM ".TBL_PEOPLE." WHERE $col = '$var' LIMIT 1")or die("Function Check Exist: ".mysql_error()); $n = mysql_num_rows($q); if($n == 0){ return false; }else if($n > 0){ return true; } } function makeKey($id){ $key = $id.rand(0, 10); //To Be Unique for($j=0; $j<=3; $j++){ $key .= rand(11, 20); } for($k=0; $k<=3; $k++){ $key .= rand(21, 30); } return $key; } function RegisterUser($email, $email2, $first, $last, $pass, $pass2, $level){ resetArrays(); $email = strtolower(clean($email)); $email2 = strtolower(clean($email2)); $first = strtolower(clean($first)); $last = strtolower(clean($last)); $pass = clean($pass); $pass2 = clean($pass2); $level = clean($level); $id = mysql_num_rows(mysql_query("SELECT * FROM ".TBL_PEOPLE)); addValue("email", $email); addValue("email2", $email2); addValue("first", $first); addValue("last", $last); addValue("pass", $pass); addValue("pass2", $pass2); addValue("level", $level); if(!empty($email) && !empty($email2)){ if(checkMatch($email, $email2) == true){ if(checkEmail($email) == true){ if(checkExist("email", $email) == false){ $db_email = $email; }else{ addError("email", "Email already exist."); addError("email2", "Email already exist."); } }else{ addError("email", "Email is invalid."); addError("email2", "Email is invalid."); } }else{ addError("email", "Emails do not match."); addError("email2", "Emails do not match."); } }else{ if(empty($email)){ addError("email", "Email field is empty."); } if(empty($email2)){ addError("email2", "Email field is empty."); } } if(!empty($pass) && !empty($pass2)){ if(checkMatch($pass, $pass2) == true){ if(checkPass($pass) == true && checkPass($pass2) == true){ $db_pass = md5($id.$pass.$id); }else{ if(checkPass($pass) == false){ addError("pass", "Password is too small."); } if(checkPass($pass2) == false){ addError("pass2", "Password is too small."); } } }else{ addError("pass", "Passwords do not match."); addError("pass2", "Passwords do not match."); } }else{ if(empty($pass)){ addError("pass", "Password field is empty."); } if(empty($pass2)){ addError("pass2", "Password field is empty."); } } if(!empty($first)){ $db_first = $first; }else{ addError("first", "First name is empty."); } if(!empty($last)){ $db_last = $last; }else{ addError("last", "Last name is empty."); } if(checkForErrors($_SESSION['errorArray']) == true){ return false; }else{ resetArrays(); if($email == ADMIN){ $level = 8; }else if($email == MOD){ $level = 5; } $key = makeKey($id); mysql_query(" INSERT INTO ".TBL_PEOPLE." (id, level, email, first, last, password, activated, act_key, online) VALUES ('$id', '$level', '$db_email', '$db_first', '$db_last', '$db_pass', '0', '$key', '0') ")or die(mysql_error()); return true; } } function LoginUser($email, $pass){ resetArrays(); $email = clean($email); $pass = clean($pass); addValue("email", $email); $q = mysql_query("SELECT * FROM ".TBL_PEOPLE." WHERE email = '$email'"); $n = mysql_num_rows($q); if($n == 0){ addError("email", "Incorrect email or "); addError("pass", "incorrect password."); }else{ $f = mysql_fetch_array($q); $id = $f['id']; $level = $f['level']; $pass2 = $f['password']; $pass = md5($id.$pass.$id); if(checkMatch($pass, $pass2) == true){ resetArrays(); crunchCookie($id, $email); makeOnline($id); return true; }else{ addError("email", "Incorrect email or "); addError("pass", "incorrect password."); return false; } } } function crunchCookie($id, $email){ $cookie_host = preg_replace('|^www\.(.*)$|', '.\\1', $_SERVER['HTTP_HOST']); setcookie("~JRL-email", $email, time()+3600, "/", $cookie_host); setcookie("~JRL-id", $id, time()+3600, "/", $cookie_host); } function makeOnline($id){ $id = clean($id); mysql_query("UPDATE ".TBL_PEOPLE." SET online = '1' WHERE id = '$id'"); } function makeOffline($id){ $id = clean($id); mysql_query("UPDATE ".TBL_PEOPLE." SET online = '0' WHERE id = '$id'"); } function isOnline($email){ $q = mysql_query("SELECT * FROM ".TBL_PEOPLE." WHERE email = '$email'"); $f = mysql_fetch_array($q); if($f['online'] == 1){ return true; }else{ return false; } } function logOut(){ makeOffline(getUserInfo("id")); setcookie("~JRL-email", "", time()-3600, "/"); setcookie("~JRL-id", "", time()-3600, "/"); unset($_COOKIE['~JRL-email']); unset($_COOKIE['~JRL-id']); } function LoggedIn(){ if(isset($_COOKIE['~JRL-email']) && isset($_COOKIE['~JRL-id'])){ return true; }else{ return false; } } function isAdmin(){ if(LoggedIn()){ $level = getUserInfo("level"); if($level == { return true; }else{ return false; } }else{ return false; } } function isMod(){ if(LoggedIn()){ $level = getUserInfo("level"); if($level == 5){ return true; }else{ return false; } }else{ return false; } } function getUserInfo($var){ if(LoggedIn()){ $email = $_COOKIE['~JRL-email']; $id = $_COOKIE['~JRL-id']; if($var == "email"){ return $email; }else if($var == "id"){ return $id; }else{ $q = mysql_query("SELECT * FROM ".TBL_PEOPLE." WHERE id = '$id'") or die("FUNCTION 0 - getUserInfo ERROR: ".mysql_error()); $f = mysql_fetch_array($q) or die("FUNCTION 1 - getUserInfo ERROR: ".mysql_error()); return $f[$var]; } }else{ return false; } } function getFullName(){ $first = getUserInfo("first"); $last = getUserInfo("last"); return ucfirst($first)." ".ucfirst($last); } function checkEmail($email){ if (filter_var($email, FILTER_VALIDATE_EMAIL)){ return true; }else{ return false; } } function checkPass($pass){ $pass = strlen($pass); $required = 6; if($pass == $required){ return true; }else{ return false; } } function checkMatch($str1, $str2){ if($str1 === $str2){ return true; }else{ return false; } } function addError($field, $error){ $_SESSION['errorArray'][$field] = $error; } function addValue($field, $value){ $_SESSION['valueArray'][$field] = $value; } function getError($field){ return $_SESSION['errorArray'][$field]; } function getValue($field){ return $_SESSION['valueArray'][$field]; } function resetArrays(){ $_SESSION['errorArray'] = ""; $_SESSION['valueArray'] = ""; } function checkForErrors($array){ if($array == ""){ return false; }else{ return true; } } function currentPage(){ return substr($_SERVER["SCRIPT_NAME"],strrpos($_SERVER["SCRIPT_NAME"],"/")+1); } ?> There is two more pages that are very important, but I don't think they have anything to do with my problem. Do you guys see any errors? I am lost.
  2. I have the same problem.
  3. no I do, I have working pages that communicate with the database, and they are in sub folders as well. Like this: / (works) /members (works) /admin (does not work) /admin/mod (does not work) I am so lost!
  4. Hello, I am sick of getting this error. I will post it below, let me first explain how I get the error to appear. When I create a file in a sub-folder, and execute it, I get the error. However, I have a sub-folder with a script in it and it works just fine. I also tried to make a link to call a function, and I get the same error. Here is the error: Any ideas? P.S. the line it is talking about is a query that has worked before, on a different page.
  5. So it is. Also, sorry about posting in the wrong board. I forgot there was a Sql board. +1 for being a noob.
  6. This insert query looks to be alright, however I get this error: Here is the actually query: <?php //This is only a snippet function makeKey($id){ $key .= $id.rand(0, 10); //To Be Unique for($j=0; $j<=3; $j++){ $key .= rand(11, 20); } for($k=0; $k<=3; $k++){ $key .= rand(21, 30); } return $key; } $key = makeKey($id); mysql_query(" INSERT INTO ".TBL_PEOPLE." (id, level, email, first, last, password, activated, key, online) VALUES ('$id', '$level', '$db_email', '$db_first', '$db_last', '$db_pass', '0', '$key', '0') ")or die(mysql_error()); ?> Any ideas? Maybe I am just tired.
  7. I love the pear library. Here is more information: http://pear.php.net/package/Mail/docs
  8. Thank you so much, that fixed everything! I am new to arrays, and the manual did not solve my problems. Thanks again!
  9. Question, does this look right? I did this to get that information: <?php var_dump($_SESSION['errorArray']); ?> Here is the function that adds the values to the array <?php function addError($field, $error){ if(!array_key_exists($field, $error)){ $_SESSION['errorArray'][] = array($field => $error); } } ?> Does all that look right to you guys?
  10. just run it as a form, and make a page with a mysql delete query.
  11. that is a snippet of the code. You don't want the whole code.
  12. I would create a table with the actual word, and the hash. Then match hashes and return the raw word.
  13. Okay so what I am trying to do is call a certain value out of an array, which is stored in a $_SESSION variable (which is also an array). The array in question is my errorArray, and in the registration process, if an error occurs, I add the error to the errorArray. That part works just fine, it is just getting the value out. Here is what I have so far: <?php function getError($field){ return $_SESSION['errorArray'][$field]; } //example echo getError("email"); ?> This returns nothing. Any ideas? -Thanks! (again.)
  14. I gotcha, but that code is obvious, when you look at that code, you can tell where it has been defined. I don't think that is a problem as of now.
  15. Okay so I noticed the array that is being returned is huge, that is because I sent it multiple times. So I tried adding this: <?php if(isset($_SESSION['errorArray'])){ empty($_SESSION['errorArray']); } ?> but the array still looks like this Also when I use my function getError, it is not returning anything, any ideas why? Thanks guys!
  16. Thanks for the help, I will make those changes. Also can you tell me more about these "real variables". If you are talking about the $_people and the $_main_error variables. Those are all defined in a file called "constant_variables" So I can change one file, and the whole system changes, without opening six of seven different pages.
  17. in your if statements change it from an '=' to '=='. The if statement is returning false, and your last echo is showing the variables untouched.
  18. I am working on my RegisterUser function. The function checks the fields for errors, if errors do exist then it adds it to the errorArray, if not it continues. It will return true if no errors are present, and it will return false if errors do exist. Well I am not getting anything in return. I have no idea why. Here is the function(s) <?php include("db-config.php"); function clean($str){ $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } function checkExist($table, $col, $var){ $table = clean($table); $col = clean($col); $var = clean($var); $q = mysql_query("SELECT * FROM $table WHERE $col = '$var' LIMIT 1")or die("Function Check Exist: ".mysql_error()); $n = mysql_num_rows($q); $n = 0; if($n == 0){ return false; }else if($n > 0){ return true; } } function RegisterUser($table, $email, $email2, $first, $last, $pass, $pass2){ $table = clean($table); $email = strtolower(clean($email)); $email2 = strtolower(clean($email2)); $first = clean($first); $last = clean($last); $pass = clean($pass); $pass2 = clean($pass2); if(!empty($email) && !empty($email2)){ if(checkMatch($email, $email2) == true){ if(checkEmail($email) == true){ if(checkExist($table, "email", $email) == false){ $db_email = $email; }else{ addError("email", "Email already exist."); addError("email2", "Email already exist."); } }else{ addError("email", "Email is invalid."); addError("email2", "Email is invalid."); } }else{ addError("email", "Emails did not match."); addError("email2", "Emails did not match."); } }else{ if(empty($email)){ addError("email", "Email field is empty"); } if(empty($email2)){ addError("email2", "Email field is empty"); } } if(checkMatch($pass, $pass2) == true){ if(checkPass($pass) == true && checkPass($pass2)){ $db_pass = $pass; }else{ if(checkPass($pass) == false){ addError("pass", "Password is too small."); } if(checkPass($pass2) == false){ addError("pass2", "Password is too small."); } } }else{ addError("pass", "Passwords did not match."); addError("pass2", "Passwords did not match."); } if(!empty($first)){ $db_first = strtolower($first); }else{ addError("first", "First name is empty."); } if(!empty($last)){ addError("last", "Last name is empty."); }else{ $db_last = strtolower($last); } if(checkForErrors($_SESSION['errorArray']) == true){ return false; }else{ $id = mysql_num_rows(mysql_query("SELECT * FROM $table")); mysql_query("INSERT INTO $table (id, email, first, last, password) VALUES ('$id', '$db_email', '$db_first', '$db_last', '$db_pass')"); return true; } } function checkEmail($email){ if(preg_match("/[.+a-zA-Z0-9_-]+@[a-zA-Z0-9-]+.[a-zA-Z]+/", $email) > 0){ return true; }else{ return false; } } function checkPass($pass){ $pass = strlen($pass); $required = 6; if($pass == $required){ return true; }else{ return false; } } function checkMatch($str1, $str2){ if($str1 === $str2){ return true; }else{ return false; } } function addError($field, $error){ $_SESSION['errorArray'] = array($field => $error); } function getError($field){ if(!$_SESSION['errorArray'][$field]){ return $_SESSION['errorArray'][$field]; }else{ return ' '; } } function checkForErrors($array){ if(isset($array)){ return true; }else{ return false; } } ?> Here is the page that is suppose to handle the output" <?php $path = "../../"; include($path."core/main.php"); $type = $_POST['type']; if($type == 0){ $e = $_POST['e']; $e2 = $_POST['e']; $f = $_POST['f']; $l = $_POST['l']; $p = $_POST['p']; $p2 = $_POST['p2']; echo RegisterUser($_people, $e, $e2, $f, $l, $p, $p2); }else{ header("Location: ".$_main_error); } ?> Any thoughts would be great! -Thanks!
  19. Thorpe, the rows are suppose to be unique, if you function is more efficient, then I will use it, regardless. Also, I have echoed out the POST values, and they do return with the expected values. I do believe it is the function. I think it is time for a re-write. -Thanks guys!
  20. Interesting thorpe, but I don't want to know how many rows exist, I just want to know if one exist. So what I have now seems sufficient.
  21. define global variables. Also, any help would be appreciated!
  22. Yes I caught that as well, I have changed it. I have altered the functions page to this: <?php include("db-config.php"); function clean($str){ $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } function checkExist($table, $col, $var){ $table = clean($table); $col = clean($col); $var = clean($var); $q = mysql_query("SELECT * FROM $table WHERE $col = '$var' LIMIT 1")or die("Function Check Exist: ".mysql_error()); $n = mysql_num_rows($q); $n = 0; if($n == 0){ return false; }else if($n > 0){ return true; } } function RegisterUser($table, $email, $first, $last, $pass1, $pass2){ $email = clean($email); $first = clean($first); $last = clean($last); $pass1 = clean($pass); $pass2 = clean($pass2); $check = checkEmail($email); $error = "Reg:"; if($pass1 === $pass2){ $error .= "0"; }else{ $error .= "1"; } if($check == true){ $check = checkExist($table, "email", $email); if($check == false){ $error .= "0"; }else if($check == true){ $error .= "1"; } }else if($check == false){ $error .= "2"; } $first = strtolower($first); $last = strtolower($last); $pass = md5($id).sha1($pass1).md5($first.$last); $id = mysql_query("SELECT * FROM $table")or die ("ID Query: ".mysql_error()); $id = mysql_num_rows($id) or die (mysql_error()); if($error == "Reg:"){ mysql_query("INSERT INTO $table (id, email, first, last, password) VALUES ('".$id."', '".$email."', '".$first."', '".$last."', '".$pass."')")or die("Function Check Register: ".mysql_error()); return 0; }else{ return $error; } } function checkEmail($email){ if(preg_match("/[.+a-zA-Z0-9_-]+@[a-zA-Z0-9-]+.[a-zA-Z]+/", $email) > 0){ $pass = true; }else{ $pass = false; } return $pass; } ?> Looks good to me, I also get no MySQL errors! However I have encountered another, annoying, problem. The page that processes the information does not work all of a sudden, I have no idea why. I get no output what so ever, here is the page. <?php $path = "../../"; include($path."core/main.php"); $type = $_POST['type']; if($type == 0){ $e = $_POST['e']; $f = $_POST['f']; $l = $_POST['l']; $p = $_POST['p']; $p2 = $_POST['p2']; $check = RegisterUser($_people, $e, $f, $l, $p, $p2); if($check == 0){ echo "User Added."; }else{ //handleError($check); echo "Error!"; } echo $check; }else if($type == 1){ //add later. }else{ header("Location: ".$_main_error); } ?> I am lost at this point.
  23. Further note: I changed this: <?php $id = mysql_query("SELECT * FROM $_people")or die ("ID Query: ".mysql_error()); ?> to this: <?php $id = mysql_query("SELECT * FROM people")or die ("ID Query: ".mysql_error()); ?> and the error was depleted. So I found the problem, but when I echo out $_people (outside of the function, but on the same file), I get what I wanted. I wonder if I need to add the $_people into the function variables, and declare it when I need use the function? Any ideas?
  24. Then look up MySQL insert queries, and things revolving that matter. They will help a ton
  25. Hoped I helped. Mark as solved!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.