nitation

Ok. Thank you

Hello everyone, I have a problem with displaying record. Here is a scenario: Two users are logged in to an application at the same time, user A write a message to user B, how can User B see that such message without refreshing the page. Thanks in advance

Work like magic. thanks a million

this is my login script <?php session_start(); ob_start(); error_reporting(E_ALL); ini_set('display_errors', 'off'); include_once 'includes/en.php'; include_once 'config.php'; $errorMsg=ENTER_ACCESS_CODE; if (isset($_POST['log'])) { $username=$_POST['username']; $password=$_POST['password']; $pin=$_POST['pin']; $regid=$_POST['regid']; $username = stripslashes($username); $password = stripslashes($password); $pin = stripslashes($pin); $regid = stripslashes($regid); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $pin = mysql_real_escape_string($pin); $regid = mysql_real_escape_string($regid); $sql="SELECT * FROM register_account WHERE username='$username' AND password='$password' AND pin='$pin' AND status=1"; $result=mysql_query($sql) or die("connection error"); $count=mysql_num_rows($result); // If result matched $username $pin and $password, table row must be 1 row if($count==1){ $_SESSION['username'] = $username; $_SESSION['password'] = $password; $_SESSION['pin'] = $pin; $_SESSION['regid'] = $regid; header("location:index.php"); } else { $errorMsg=ACCESS_CODE_ERROR_WRONG; } } ob_end_flush(); ?>

I did this both and am getting no value for them. <?=$_SESSION['regid']?> <?=$regid?>

Not working. Have a look at my code: <?php session_start(); $regid=(int)$_SESSION['regid']; $sqluser2=mysql_query("select*from register_account where regid={$regid}") or die(mysql_error()); if(!empty($sqluser2)) { $rowuser=mysql_fetch_array($sqluser2); $regid=$rowuser["regid"]; $surname=$rowuser["lastname"]; $firstname=$rowuser["firstname"]; $pin=$rowuser["pin"]; } ?> <?php echo $pin; ?> Outputs nothing

so what do i do in this situation. I want the user to click on a link and it should open a page with his information.

Hello folks, I am finding it hard to retrieve the id (mysql field) for a specific user. This is the scenario: When a user login to my system, i want the user to be able to click on a link to change his/her password. The login system works fine, but when the user clicks on the link, the change_password page will display without the user's information. This is what am doing: <a href="<?php echo "change_pin.php?regid={$_SESSION['regid']}" ?></a> I set this $_SESSION['regid'] from my login page after successful login like this: if($count==1){ $_SESSION['username'] = $username; $_SESSION['regid'] = $regid; Any help ~

Hello. I have a page named foo.php, how do i force the page not to display when a user type it directly to the browser. scenario: when a user type http://www.mydomain.com/foo.php i want it to redirect the user to http://www.mydomain.com/index.php Please note: That is only when they type it. Somewhere in my code, i will still make use of foo.php I guess what am looking for is not just a header redirect. header("Location:some_link.php"); exit;

Never mind. I got it resolved.

Hi folks, I want to verify if am on the right track. Am trying to prevent cross-server session stealing on my web page. This is what i came with so far. Do you think am on the right track? <?php IF (!isset($_SESSION['hash']) || ($_SESSION['hash'] != md5($_SERVER['SERVER_NAME'].':'.$_SERVER['HTTP_HOST']))) { $_SESSION = array(); IF (isset($_COOKIE[session_name(md5($_SERVER['SERVER_NAME']))])) {setcookie(session_name(md5($_SERVER['SERVER_NAME'])), '', time()-42000, '/');} session_destroy(); session_start(); $_SESSION['hash'] = md5($_SERVER['SERVER_NAME'].':'.$_SERVER['HTTP_HOST']); } ?>

Thanks all. I got through with it. Just a minor problem. :-)

Hello folks, I am using an IF statement in my code. But it's not displaying according to my database values. Please take a look. $query = "SELECT * FROM nsit_news ORDER BY news_id " . " LIMIT $offset, $rowsPerPage"; $result = mysql_query($query) or die (mysql_error()); $numrow = mysql_num_rows($result); echo "<table border=\"0\" width=\"280%\" cellspacing=\"0\" cellpadding=\"2\">\n"; echo "<tr class=\"dataTableHeadingRow\"> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\"><font color=\"#c415\">No[#]</font></td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">News Title</td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Created By</td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Edited by</td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Edited Date</td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Current Status</td> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Date Created</td> <a href=\"createNews.php\"><img src=\"images/create_news_btn.gif\"></a> <td class=\"dataTableHeadingContent\" align=\"left\" valign=\"top\">Perform Action </td> </tr>\n"; for($i = 0; $i < $numrow; $i++) { $row = mysql_fetch_array($result); if($i % 2) { echo "<tr bgcolor=\"#fff\">\n"; } else { echo "<tr bgcolor=\"#e3a679\">\n"; } echo "<td class=\"dataTableContent\">".$row['news_id']."</td> <td class=\"dataTableContent\">".$row['news_title']."</td> <td class=\"dataTableContent\">".$row['admin_createdby']."</td> <td class=\"dataTableContent\">".$row['admin_lastedit']."</td> <td class=\"dataTableContent\">".$row['lasteditdate']."</td> <td class=\"dataTableContent\">".$row['news_status']."</td> <td class=\"dataTableContent\">".$row['addeddate']."</td> <td class=\"dataTableContent\"> <a href=\"editNews.php?news_id={$row['news_id']}\"><img src=images/icon_edit.gif title=\"Edit\"></a> <a href=\"javascript:delnewspanel('$row[news_id]','$row[news_title]')\"><img src=images/icon_delete.gif title=\"Delete\"></a> <a href=\"javascript:void(0)\" onclick=\"window.open('newsStatus.php?news_id={$row['news_id']}','Publish Menu','width=300,height=200')\"> if($news_status==1) { $news_status_btn=$nopublish; } else { $news_status_btn=$publish; } $news_status_btn</a> </td>\n"; echo "</tr>\n"; }

I changed the $lastname to $lastlogin as i have both fields in my database. Have a look at my code <?php session_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); require_once 'includes/en.php'; require_once 'includes/config.php'; if (!isset($_SESSION['username'])) { header ("Location: login.php"); exit(); } require_once 'templates/header_html.php'; ?> <!-- header_eof //--> <div id="colone"> <div class="reportBox"> <div class="header">Administrator: <?php echo $_SESSION['username']; ?> </div> <div class="row"><span class="rigth"> </span></div> <?php if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='" . $_SESSION['nsit_adminid'] . "'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $adminip=$usrrow["adminloginip"]; $lastlogin=$usrrow["adminlastlogin"]; } } } ?> <div class="row"><span class="left">Last login date:</span><span class="rigth"><?php echo $lastlogin; ?></span></div> <div class="row"></div> <div class="row"></div> <div class="row"></div> </div> <div class="reportBox"> <div class="header">New Agents: </div> <div class="row"> </div> </div> </div> <div id="coltwo"> <div class="reportBox"> <div class="header">New Users: </div> </div> <div class="reportBox"> <div class="header">Counter History </div> </div> </div> <div id="colthree"> <div class="reportBox"> <div class="header">New Clients: </div> </div> </div> <?php require_once 'templates/footer.php'; ?>

I tried the code you modified, but nothing displayed using the below <?php echo $_SESSION['nsit_admini']; ?> AND this <?php echo $lastname; ?> This is the notice error i got Notice: Undefined variable: lastlogin in C:\Program Files\xampp\htdocs\myfiles\nsit\neosharp\admin\index2.php My error_reporting is turned on

Anyone to advice on what to do???

I wrote this now and it's not displaying the information for the logged in user. <?php if (isset($_SESSION['nsit_adminid'])) { $sqlusr=mysql_query("select * from $tbl_name where adminid='$nsit_adminid'"); if(!empty($sqlusr)) { $numusers=mysql_num_rows($sqlusr); if($numusers==1) { $usrrow=mysql_fetch_array($sqlusr); $lastname=$usrrow["lastname"]; $init=$usrrow["initials"]; } } } ?>

When you say "store it 1st in the session" you mean <?php session_start(); ob_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); include_once 'includes/en.php'; include_once 'includes/config.php'; $errorMsg=""; if (isset($_POST['log'])) { $username=$_POST['username']; $passid=$_POST['passid']; $username = stripslashes($username); $passid = stripslashes($passid); $username = mysql_real_escape_string($username); $passid = mysql_real_escape_string($passid); $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $_SESSION['nsit_adminid'] = $nsit_adminid; $_SESSION['username'] = $username; $_SESSION['passid'] = $passid; $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'"; $lastlogin = $data['adminlastlogin']; $_SESSION['adminlastlogin'] = $adminlastlogin; $DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error()); header("location:index.php"); } else { $errorMsg=ERROR_USER; } } ob_end_flush(); ?> I included $nsit_adminid first in the session. if($count==1){ $_SESSION['nsit_adminid'] = $nsit_adminid;

What if i create my session in a page and include it on every page that it would be needed. For instance. <?php session_start(); $nsit_name=session_name(); $nsit_sid=session_id(); $nsit_adminid=$_SESSION['adminid']; $nsit_username=$_SESSION['adminuser']; ?>

Hi folks, I have just created a login system. I wanted to know how i can select a specific user's information from the database using sessions. This is how my login looks like <?php session_start(); ob_start(); error_reporting(E_ALL); ini_set('display_errors', 'on'); include_once 'includes/en.php'; include_once 'includes/config.php'; $errorMsg=""; if (isset($_POST['log'])) { $username=$_POST['username']; $passid=$_POST['passid']; $username = stripslashes($username); $passid = stripslashes($passid); $username = mysql_real_escape_string($username); $passid = mysql_real_escape_string($passid); $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='".md5($_POST['passid'])."'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ $_SESSION['username'] = $username; $_SESSION['passid'] = $passid; $sql="SELECT * FROM $tbl_name WHERE adminuser='$username' and adminpass='$passid'"; $lastlogin = $data['adminlastlogin']; $_SESSION['adminlastlogin'] = $adminlastlogin; $DB_Query = @mysql_query("UPDATE `$tbl_name` SET adminlastlogin=Now() WHERE adminuser='$username'") OR die('MySQL error: '.mysql_error()); header("location:index.php"); } else { $errorMsg=ERROR_USER; } } ob_end_flush(); ?>

Yes. A scenario like; a user login and the last date and time would be updated and echoed on the home page. Like this: Your last login was on 0000-00-00

Am so dumb. How could i have skipped that. It worked! Another thing is how do i update the last login of a user on my database?

Good day, I am receiving a notice when i turn on my error reporting. I don't know what to do! Here is my code <?php error_reporting(E_ALL); ini_set('display_errors', 'on'); include_once 'includes/en.php'; include_once 'includes/config.php'; ob_start(); if (isset($_POST['log'])) { $username=$_POST['username']; // This is line 10 This is the notice i encounter: Notice: Undefined index: username in C:\Program Files\xampp\htdocs\myfiles\admin\login.php on line 10

javascript can certainly do this for you.

Note: if you running any web server on your computer you need to stop one for the other, else, you will experience conflict. If you don't know what to do, contact an administrator.