DeanWhitehouse
-
Posts
2,527 -
Joined
-
Last visited
Posts posted by DeanWhitehouse
-
-
you need a space after ==
numbers need to have spaces between them eg.
$word == number
not
$word ==number
same with all numbers they need a space before and after
-
ok, if you get any errors post the code aswell as the error and i will try and help
-
but when i use this code,
<?php // Random Game Design: PHP Website Template // Version 1 // Copyright Dean Whitehouse, 2008 require_once 'includes/db_connect.php'; // Connect to database mysql_connect($dbhost,$dbuser,$dbpass) or die('Could not connect: ' . mysql_error()); $user_name = mysql_real_escape_string($_POST["user_name"]); $user_password =mysql_real_escape_string($_POST["user_password"]); $user_password2 =mysql_real_escape_string ($_POST["user_password2"]); $user_email =mysql_real_escape_string ($_POST["user_email"]); $user_email2 =mysql_real_escape_string ($_POST["user_email2"]); $ip = $_SERVER['REMOTE_ADDR']; $success = "/reg_success.php"; $checkpw = $user_password == $user_password2; $checkem = $user_email == $user_email2; if ($_SESSION['is_valid'] == false) { //if(isset($_POST['agree'])){ if(isset($_POST['signup'])) { if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $checkmail = "/^[a-zA-Z0-9._-]+@[a-zA-Z0-9-]+\.[a-zA-Z.]{2,5}$/"; if (preg_match($checkmail, $user_email)) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM $user WHERE user_email='$user_email' OR user_name='$user_name'")); $length = strlen($user_password); $length1 = strlen($user_name); if ($length >= 6) { if ($length1 >= 4) { if ($user_check >= 1) { require_once 'register.php'; echo "Sorry, but the username or email you requested is already in use. Please enter a different username."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userpwsd','$user_email','$ip','2')") or die('Error ' . mysql_error()); echo "Succesfully Registered. You will recieve a confirmation email shortly."; header ("http://".$_SERVER[HTTP_HOST].$success); } } } } if($length <= 5) { require_once 'register.php'; echo "Password Too Short<br>"; } if($length1 <= 3) { require_once 'register.php'; echo "Username Too Short.<br>"; } if(!$checkpw) { require_once 'register.php'; echo "The passwords you entered do not match. Please check these details and try again.<br>"; } if(!$checkem) { require_once 'register.php'; echo "The emails you entered do not match. Please check these details and try again.<br>"; } } if (!preg_match($checkmail, $user_email)) { echo "Invalid e-mail address<br>"; } else { require_once 'register.php'; echo "Please fill in all of the required fields."; } } ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Min. 6<br>Max. 10</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } ?>if it is a valid email it works if it isn't i get echoed there aswell
Password Too Short
Username Too Short.
even when it isn't, and this only happens when the regex is there
-
well, with this you will get dynamic links that show
user_profile?id=1
etc.
this is my login code, showing how to add the sessions, and yes this will get you what you want
<?php require_once 'includes/db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = mysql_real_escape_string($_POST["user_name"]); $user_password =mysql_real_escape_string($_POST["user_password"]); $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); $sql = "SELECT * FROM $user WHERE user_name='$user_name' AND user_password='$userpwsd' LIMIT 1;"; $result = mysql_query($sql) or die(mysql_error(). " in $sql"); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } ?> -
yer, your on the right track, and i dunno about php5
-
u need to use sessions on the login, there make dynamic links using there sessions.
here is an example
<?php require_once 'db_connect.php'; require_once 'nav_bar.php'; require_once 'logged_in.php'; if ($_SESSION['is_valid'] == true){ $user_id = $_SESSION['user_id']; $sql = "SELECT * FROM $user WHERE `user_id`='{$user_id}' LIMIT 0,1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $username = $row['user_name']; $email = $row['user_email']; echo "$username<br>"; $show_email = $row['show_email']; if ($show_email == 1) { echo "Email:<a href='mailto:$email'>$email</a>"; } elseif ($show_email == 0) { echo "Email:Hidden"; } } else { echo "Please login to view this page."; } ?>and a members page,
<?php require_once 'db_connect.php'; require_once 'nav_bar.php'; require_once 'logged_in.php'; if ($_SESSION['is_valid'] == true){ if (isset($_GET['id'])) { if ((int) $_GET['id'] > 0) { $user_id = $_GET['id']; $sql = "SELECT * FROM $user WHERE `user_id`='{$user_id}' LIMIT 0,1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $userprofname = $row['user_name']; $profemail = $row['user_email']; echo "$userprofname<br>"; $show_email = $row['show_email']; if ($show_email == 1) { echo "Email:<a href='mailto:$profemail'>$email</a>"; } elseif ($show_email == 0) { echo "Email:Hidden"; } exit(); } else { echo "Invalid user ID passed to page! <br />"; echo "<a href=\"members.php\">Return to user list</a>"; exit(); } } //No ID passed to page, display user list: $query = "SELECT user_id, user_name FROM $user"; $result = mysql_query($query) or die("Error:" . mysql_error()); if (mysql_num_rows($result) > 0) { echo "User List:<br />"; while ($row = mysql_fetch_assoc($result)) { echo '<a href="?id=' . $row['user_id'] . '">' . $row['user_name'] . '</a><br />'; } } } else { echo "Please login to view this page."; } ?>this is my user profile link
<br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br>
-
Ok, i now have this
if(isset($_POST['signup'])) { if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i"; if (preg_match($checkemail, $user_email)) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM $user WHERE user_email='$user_email' OR user_name='$user_name'")); $length = strlen($user_password); $length1 = strlen($user_name); if ($length >= 6) { if ($length1 >= 4) { if ($user_check >= 1) { require_once 'register.php'; echo "Sorry, but the username or email you requested is already in use. Please enter a different username."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userpwsd','$user_email','$ip','2')") or die('Error ' . mysql_error()); echo "Succesfully Registered. You will recieve a confirmation email shortly."; header ("http://".$_SERVER[HTTP_HOST].$success); } } } } if($length <= 5) { require_once 'register.php'; echo "Password Too Short<br>"; } if($length1 <= 3) { require_once 'register.php'; echo "Username Too Short.<br>"; } if(!$checkpw) { require_once 'register.php'; echo "The passwords you entered do not match. Please check these details and try again.<br>"; } if(!$checkem) { require_once 'register.php'; echo "The emails you entered do not match. Please check these details and try again.<br>"; } } elseif (!preg_match($checkemail, $user_email)) { echo "Invalid e-mail address<br>"; } else { require_once 'register.php'; echo "Please fill in all of the required fields."; } } ?>but i get an error when there is nothing entered and it also stops anything below it working properly
-
ok, thanks
-
is this part, ok, because it doesn't show, am i doing it right?
<tr><td>Username: </td><td><input type='text' name='user_name' value="<?php echo $_COOKIE["cookname"]; ?>" /><br /></td></tr> </form>
-
from what i gather i can use either ereg or preg_match, to check for a certain character in a string.
but i can't understand how to do it using either ereg() or preg_match
can someone explain, i wan2 be able to check for this symbol @ in a $_POST
-
ok, thanks, the only thing is, that i can't tell if this is working, as i always remain logged in anyway.
-
soz, lol, i got a bit confused, as it is the first time i used something like that
-
i get an unexpected TSTRING error with this
$length = int strlen(string $user_password);
how can i fix this, as adding "" to it doesn't work
-
o rite, thanks, and i didn't want to test it as it is emebbed in this code, and it would mean i would have to delete my tables in the database to test,
but i will make a register page to test it on.
<?php /*Random Game Design: PHP Website Template/CMS Version 1 Copyright Dean Whitehouse, 2008*/ require_once '../includes/db_connect.php'; if(isset($_POST['admin_signup'])){ $user_name = mysql_real_escape_string($_POST["user_name"]); $user_password =mysql_real_escape_string($_POST["user_password"]); $user_password2 =mysql_real_escape_string ($_POST["user_password2"]); $user_email =mysql_real_escape_string ($_POST["user_email"]); $user_email2 =mysql_real_escape_string ($_POST["user_email2"]); $ip = $_SERVER['REMOTE_ADDR']; if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 ")); $length = strlen($user_password); if ($length >= 6) { if ($user_check >= 1) { echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userpwsd','$user_email','$ip','1')") or die('Error ' . mysql_error()); require_once 'main_write.php'; require_once 'redirect_install.php'; } } else { echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } else { echo "Please fill in all of the required fields."; } } mysql_close(); ?> <?php if(isset($_POST['continue_saved'])) { ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php exit(); } if(isset($_POST['table_saved'])) { require_once '../includes/db_connect.php'; mysql_connect($dbhost,$dbuser,$dbpass) or die('Could not connect: ' . mysql_error()); // Select database mysql_select_db($dbname) or die('Could not find the database: ' . mysql_error()); $sql_user = "CREATE TABLE $user( user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY, user_name varchar(100) NOT NULL, user_password varchar(100) NOT NULL, user_email varchar(100) NOT NULL, user_ip varchar(20) NOT NULL, user_ban varchar(3) NOT NULL, ban_reason varchar(100) NOT NULL, ban_length varchar(25) NOT NULL, userlevel tinyint(1) unsigned NOT NULL, random_key varchar(32) NOT NULL, user_activated varchar(25) NOT NULL )"; $sql_forum1 = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forum2 = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; $make_user= mysql_query($sql_user); $make_forum = mysql_query($sql_forum1); $make_forum1 = mysql_query($sql_forum2); $checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1"); $checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1"); $checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1"); if (!$make_user) { echo("'$user' Table already exists.<br>'$user' table could not be created.<br>"); } else { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.<br>'$forum_quest' table could not be created.<br>"); } else { echo("'$forum_quest' Table Created.<br>"); } if (!make_forum1) { echo("'$forum_quest' Table already exists.<br>'$forum_quest' table could not be created.<br>"); } else { echo("'$forum_answ' Table Created.<br>"); } ?><form action="<?php $_SERVER['PHP_SELF'] ?>" method="post"> <input type="submit" value="Continue" name="continue_saved"/> <? mysql_close(); exit(); } if(isset($_POST['table_names'])) { require_once '../includes/db_connect.php'; $dbhost = $_POST["dbhost"]; $user = $_POST["user"]; $forum_quest = $_POST["forum_question"]; $forum_answ = $_POST ["forum_answers"]; if ($user.$forum_quest.$forum_answ) { require_once "config_writetable.php"; echo "Table details saved:<br>User details saved:$user<br>Forum Questions saved:$forum_quest<br>Forum Answers saved:$forum_answ"; ?> <p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post"> <input type='submit' value='Continue' name='table_saved'> </form> </p> <?php } else { echo ("Please go back and fill in the required fields"); } exit(); } if(isset($_POST['check'])) { // Database Connection Information $dbhost = $_POST["dbhost"]; // Database Host $dbuser = $_POST["dbuser"]; // Database Username $dbpass = $_POST["dbpass"]; // Database Password $dbname = $_POST["dbname"]; // Database Name // Attempt to connect to the database using the user submitted form. $con = mysql_connect($dbhost, $dbuser, $dbpass); if ($con) { require_once 'config_write.php'; echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>Please enter the table names you want, or if you want to use the preset names click continue. NOTE: Each table must be a different name. Please do not leave any blank spaces. "; ?> <table align="center" bgcolor="#333333" width="300px" border="0"> <form method="post" action="<?php $_SERVER['PHP_SELF']; ?>"> <tr><td><font color="#FFFFFF">User Details:</td><td><input type='text' name='user'></td></tr> <tr><td><font color="#ffffff">Forum Questions</td> <td><input type="text" name='forum_question'></td></tr> <tr><td><font color='#ffffff'>Forum Answers</td> <td><input type='text' name='forum_answers'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='table_names'></td></tr> </font> </form> </table> <?php exit(); } else { echo 'Error connecting to database:' . mysql_error() . '\n'; // Database creation failed ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } // Close connection to the database mysql_close(); } else { ?> <!--<p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form>--> </p> <?php } if(isset($_POST['simple_start'])) if(isset($_POST['advanced_start'])) { echo ('Please enter the details used to connect to your MySql database.'); ?> <table align='center' bgcolor="#999999" width='300px' border='0'><form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"> <tr><td> Database Host:</td><td> <input type='text' name='dbhost'><br></td></tr> <tr><td> Database Username:</td><td> <input type='text' name='dbuser'><br></td></tr> <tr><td> Database Password: </td><td> <input type='text' name='dbpass'><br></td></tr> <tr><td> Database Name: </td><td> <input type='text' name='dbname'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='check'> </td></tr></form> </table> <?php } } else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br> <form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Simple Setup' name='simple_start'> <form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Advanced Setup' name='advanced_start'></form> </p> <?php } ?>and this is my updated bit, i believe this is what u ment
$length = int strlen(string $user_password);
-
I don't no if i used cookies properly in this , can someone check please, also can some explain why the bottom bit in the form isn't working, where i have the echo in the form?
<?php session_start(); /*Random Game Design: PHP Website Template/CMS Version 1 Copyright Dean Whitehouse, 2008*/ if (isset($_GET['logout'])) { //setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); //setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true) { if ($_SESSION['user_level'] == 2) { ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['id_username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } if ($_SESSION['user_level'] == 1) { ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['id_username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'includes/db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userpwsd' LIMIT 1;"; $result = mysql_query($sql) or die(mysql_error(). " in $sql"); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['id_username'] = $row['user_name']; $_SESSION['id_user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['id_username'] = $row['user_name']; $_SESSION['id_user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <table bgcolor='#999999' align='right'><form action=" <?php echo $server ?> " method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' value="<?php echo $_COOKIE["cookname"]; ?>" /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> -
but JS can be turned off, in certain browsers, so it can be got around
-
Hey Blade that needs to be posted as a new topic since it isn't relevant to this discussion
I think it is, this post is about remember me, i am just checking if my code was right,and also if dragen wanted to use it if he didn't get the answer he wanted.
BTW, dragen, soz for interupting your thread, but i didn't want to waste forum space.
448191. how do i do that, as i haven't an idea how.
-
I want to set a minimum password lenght, would this be the right way to do it?
if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 ")); $length = strlen($user_password); if ($length >= 6) { if ($user_check >= 1) { echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userpwsd','$user_email','$ip','1')") or die('Error ' . mysql_error()); require_once 'main_write.php'; require_once 'redirect_install.php'; } } else { echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } else { echo "Please fill in all of the required fields."; } } -
anyone, no about my remeber me feature, or does everything look ok in the code(above)
-
can u show your signup code
-
ok, thanks for the code to do the error checking, i found out that i had left out a code to write the tablenames.
-
this is the error
Incorrect table name '' in SELECT * FROM `` WHERE user_name='test' AND user_password='4028a0e356acc947fcd2bfbf00cef11e128d484a' LIMIT 1;
-
how would i get this remember me feature to work.
<?php require_once 'includes/db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userpwsd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } ?> -
I can't see why this is happening. Can u?
<?php require_once 'includes/db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } ?>this is the code, and this is where the error is
if (mysql_num_rows($result) == 1){
ereg and preg_match
in PHP Coding Help
Posted
ok, but that still leaves the error, this is part of the code, where it is happening
$checkmail = "/^[a-zA-Z0-9._-]+@[a-zA-Z0-9-]+\.[a-zA-Z.]{2,5}$/"; if (preg_match($checkmail, $user_email)) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM $user WHERE user_email='$user_email' OR user_name='$user_name'")); $length = strlen($user_password); $length1 = strlen($user_name); if ($length >= 6) { if ($length1 >= 4) { if ($user_check >= 1) { require_once 'register.php'; echo "Sorry, but the username or email you requested is already in use. Please enter a different username."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $userPswd = md5($user_password); $userpwsd = sha1($userPswd); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userpwsd','$user_email','$ip','2')") or die('Error ' . mysql_error()); echo "Succesfully Registered. You will recieve a confirmation email shortly."; header ("http://".$_SERVER[HTTP_HOST].$success); } } } } if($length <= 5) { require_once 'register.php'; echo "Password Too Short<br>"; } if($length1 <= 3) { require_once 'register.php'; echo "Username Too Short.<br>"; } if(!$checkpw) { require_once 'register.php'; echo "The passwords you entered do not match. Please check these details and try again.<br>"; } if(!$checkem) { require_once 'register.php'; echo "The emails you entered do not match. Please check these details and try again.<br>"; } } if (!preg_match($checkmail, $user_email)) { echo "Invalid e-mail address<br>"; } else { require_once 'register.php'; echo "Please fill in all of the required fields."; } }