mike177

Hi, I'm getting a parse error on ling 44 which is $query line. I've checked through the file and from what I can see its all up to scratch. Any suggestions - I attched the complete file if your feeling adventurace. function confirmPass($email, $pass){ if(!get_magic_quotes_gpc()){ $email = addslashes($email); } $query = "SELECT password FROM "Accounts" WHERE email = '$email'"; $result = mysql_query($query); if(!$result || (mysql_num_rows($result) < 1)){ return 1; } $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($pass); if($password == $dbarray['password']){ return 0; } else{ return 2; } } [attachment deleted by admin]

does any 1 have any sugestions or would I be right in saying that there is not a single desent tutorial on how to write a proper login system on the internet that doesnt use sessions for god saks

Hi, I've been using php for about a year and a half now but I'm having a lot of trouble designing a good solid login system. My current system runs the profile, account settings, register and login system all from 4 files. I fell it’s to centralised. I want to have a file for each single system, e.g. the login page is just one page with all the functions and database connection and error handling all in one. Could someone please give some suggestions on how I could achieve this or show some example?

Hi, I've been using php for about a year and a half now but I'm having a lot of trouble designing a good solid login system. My current system runs the profile, account settings, register and login system all from 4 files. I fell it’s to centralised. I want to have a file for each single system, e.g. the login page is just one page with all the functions and database connection and error handling all in one. Could someone please give some suggestions on how I could achieve this or show some example? Thanks in advance for anyhelp.

Hi, I have my main menu in a php file to show the logged in and logged out menu. The problem is that I need the user id to be displayed as part of the profile.php link (profile.php?id=000000009). I can do this in normal html and I used to be able to do it in PHP but I've forgotton. Some help please, thanks in advance for any help. The first block of code is where I'm working. <?php if(isset($_COOKIE['id']) && isset($_COOKIE['sessionID'])){ echo "<a href=\"/app/signOut.php\">Sign Out</a> <a href=\"/app/account.php\">Account</a> <a href=\"/app/mail.php\">Mail</a> <a href=\"/app/groups.php\">Groups</a> <a href=\"/app/friends.php\">Friends</a> <a href=\"/app/profile.php?id=\">Profile</a> <a href=\"/app/home.php\">Home</a>"; } else{ echo "<a href=\"/app/signIn.php\">Sign In</a> <a href=\"/app/signUp.php\">Sign Up</a> <a href=\"/index.php\">Home</a>"; } ?>

Hi, I have a admin area on my site. I want to for example disable registration or logging in. I can do this buy changing a value in the script to true or false but I want to be able to do this via the admin area. I know you can have a file and then use a php script / form to change a variable in it, Like a switch. Does anyone know a methode of doing this. Cheer's Thanks in advance for any help.

Hi, I have been using globals alot in my scripts and app's and theres alot of security risks with them so my question is how to get around them. e.g not use them. Does anyone know any methods? thanks in advance for any help.

I have checked it a little more and I know its just the error ckecking but i dont know how to apply it. Any sugestions

Hi, I have created a account update form but my error checking is a little off. When I try to change the password it says I havent entered a new password when I have and when I try to change the email address it asks me for my current and new password. I have included the core file, which hold the vaildation check. Theres also process but that just directs the for out and functions which I'm sure it's not the problem. The error handling file isn;t the problem becuase it works fine on other forms. Thanks in advance for nay help. All suggestions welcome. The editAccount functions is at bottom of the core file.

Cheers that works a treat.

index.php <?php $email = $_COOKIE['email']; echo "[<a href=\"profile.php?email=$email\">My Profile</a>]" ?> profile.php <?php echo $_GET['$email']; ?> Thats all I have on the 2 pages. I no the cookies are set and working fine but when I try to get information from the url nothing happen's

Hi, I am trubg to get the users email address out of the url. When they log in they are refirected to the index.php page from there they can go to the profile from the folloing link, pofile.php?email=master@hotmail.com. now when they land on the profile page I want to echo there email (just as an example). I use just a simple echo $_GET['email']. But it's not working. any suggestions. Thanks for any help in advance.

Hi, Just a small question. For example Facebook. When you go to your profile they put your id in the url and then they some how get the id from the URL to then query the database for their information that corrorsponds with the id. Could any one give me some pointers on how they do this. I no how they out the id in the url but not how to re-use it. Thanks in advance for any help.

Yea I just want the cookie to expire either when the user clicks the logout link to execute the logout script or when the user closes the browser. So I want the cookie to last as long as the user is logged in.

Hi, I need a little help with cookies. I want m cookies on my site to never expire unless the browser is closed or the user logout. On the php site it says to set the expire to 0. I tried this and the cookie expired a few seconds later. Does any one have some suggestions. Thanks in advance for any help.

Hi, I use this forum often now so I thought I would ask you first. I have a site and it's starting to get loads of pages. Now instead of having a link to each I want to give each an id so I can have a nice tidy URL that looks like this: www.domain.com/Page.php?id=786. I have tried this little script but it only worked inside a directory. <?php if(file_exists($login.php)){ include("http://www.domain.com/User/login.php") } ?> Does anyone have an idea on how I could achieve this. I know Microsoft uses a system like this but its in asp, There links are like this, microsoft.com/Linkid?=36796. Thanks in advance for any help.

Hi, I have written my own login script. It's 90% complete and I'm currently installing the edit account feature. I have 4 files which operate the system. Core.php, Process.php, Functions.php and Error_Handling.php. Error_Handling.php just handles the output of input errors ect, Core is the hart of the system and contains the main functions. Functions.php contains the functions the need to be preformed on a database ect and Process.php is where a form for example is sent the routed off the selected files and redirects the user to the correct page. The system works fine excluding the account edit feature. The page is able to load but when the code is executed I get a fatal error explaining that I am calling to a function in process.php on line 86 which is not defined. Now here’s where I get in deep water. I use the same methods on different functions and its works fine. But when I use it on the editAccount() function is error that it’s undefined as I mentioned. I have attached the complete source code so you can have a good look for your self. I am running the latest version of php. Thanks in advance for any help. [attachment deleted by admin]

I'm not one to fight so I will let our differences go over my head as if nothing happened.

Seens this issue isn't been resolved I attached the complete source code so you can look for yourselves and not have to wait for me. [attachment deleted by admin]

<?php function editAccount($subcurpass, $subnewpass, $subemail){ global $functions, $error; //The database and form object /* New password entered */ if($subnewpass){ /* Current Password error checking */ $field = "curpass"; //Use field name for current password if(!$subcurpass){ $error->setError($field, "* Current Password not entered"); } else{ /* Check if password too short or is not alphanumeric */ $subcurpass = stripslashes($subcurpass); if(strlen($subcurpass) < 4 || !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){ $error->setError($field, "* Current Password incorrect"); } /* Password entered is incorrect */ if($functions->confirmUserPass($this->email,md5($subcurpass)) != 0){ $error->setError($field, "* Current Password incorrect"); } } /* New Password error checking */ $field = "newpass"; //Use field name for new password /* Spruce up password and check length*/ $subpass = stripslashes($subnewpass); if(strlen($subnewpass) < 4){ $error->setError($field, "* New Password too short"); } /* Check if password is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){ $error->setError($field, "* New Password not alphanumeric"); } } /* Change password attempted */ else if($subcurpass){ /* New Password error reporting */ $field = "newpass"; //Use field name for new password $error->setError($field, "* New Password not entered"); } /* Email error checking */ $field = "email"; //Use field name for email if($subemail && strlen($subemail = trim($subemail)) > 0){ /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $error->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } /* Errors exist, have user correct them */ if($error->num_errors > 0){ return false; //Errors with form } /* Update password since there were no errors */ if($subcurpass && $subnewpass){ $functions->updateUserField($this->email,"password",md5($subnewpass)); } /* Change Email */ if($subemail){ $functions->updateUserField($this->email,"email",$subemail); } /* Success! */ return true; } ?>

All the files are inclduded. All form submits are sent to process which then sends them off the core which is the hart of the system, then if it needs to preform a operation on a database it selectes a functions from functions.php.

The lastest version, and its defined in process its erroring on the the line that starts the functions.

} /*error with form*/ else if($retval == 1){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $error->getErrorArray(); header("Location: register.php"); } /*Registration Failed*/ else if($retval == 2){ $_SESSION['regsuccess'] = false; header("Location: http://mnielsen.awardspace.com"); } } function procEditAccount(){ global $core, $error; /* Account edit attempt */ $retval = $core->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']);

Yes line 86 is relevant, I never said it wasn't. I said that the remainder of the file isn't relevant. Also it would be the function line as it is called for though it error's undefined.

Hi, have written my own login script and now I'm buliding a feature to edit your account information. I have 90% of it completed but I am getting an error, Call to a undefined function in process.php on 86. I checked through the files and from what I can tell everythings okay. But my attempts to solve the issue have failed so I call on the forums. Porcess.php <?php function procEditAccount(){ global $core, $error; /* Account edit attempt */ $retval = $core->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']); /* Account edit successful */ if($retval){ $_SESSION['useredit'] = true; header("Location: index.php"); } /* Error found with form */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $error->getErrorArray(); header("Location: accountedit.php"); } } ?> core.php <?php function editAccount($subcurpass, $subnewpass, $subemail){ global $functions, $error; //The database and form object /* New password entered */ if($subnewpass){ /* Current Password error checking */ $field = "curpass"; //Use field name for current password if(!$subcurpass){ $error->setError($field, "* Current Password not entered"); } else{ /* Check if password too short or is not alphanumeric */ $subcurpass = stripslashes($subcurpass); if(strlen($subcurpass) < 4 || !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){ $error->setError($field, "* Current Password incorrect"); } /* Password entered is incorrect */ if($functions->confirmUserPass($this->email,md5($subcurpass)) != 0){ $error->setError($field, "* Current Password incorrect"); } } /* New Password error checking */ $field = "newpass"; //Use field name for new password /* Spruce up password and check length*/ $subpass = stripslashes($subnewpass); if(strlen($subnewpass) < 4){ $error->setError($field, "* New Password too short"); } /* Check if password is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){ $error->setError($field, "* New Password not alphanumeric"); } } /* Change password attempted */ else if($subcurpass){ /* New Password error reporting */ $field = "newpass"; //Use field name for new password $error->setError($field, "* New Password not entered"); } /* Email error checking */ $field = "email"; //Use field name for email if($subemail && strlen($subemail = trim($subemail)) > 0){ /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $error->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } /* Errors exist, have user correct them */ if($error->num_errors > 0){ return false; //Errors with form } /* Update password since there were no errors */ if($subcurpass && $subnewpass){ $functions->updateUserField($this->email,"password",md5($subnewpass)); } /* Change Email */ if($subemail){ $functions->updateUserField($this->email,"email",$subemail); } /* Success! */ return true; } ?> Note that there is more to the files though it's not relevant. Thanks in advance for any help.