DeanWhitehouse

logged_in is already posted here, and heres nav_bar and db_connect, i don;t think it is. <?php // Random Game Design: PHP Website Template // Version 1 // Copyright Dean Whitehouse, 2008 // Include config file require_once 'config.inc.php'; require_once 'config_table.inc.php'; // Connect to database mysql_connect($dbhost,$dbuser,$dbpass) or die('Could not connect: ' . mysql_error()); // Select database mysql_select_db($dbname) or die('Could not find the database: ' . mysql_error()); ob_start(); session_start(); ?> db_connect.php <?php $server = "http://".$_SERVER[HTTP_HOST] ; if ($_SESSION['is_valid'] == true){ if ($_SESSION['user_level'] == 2){ echo "<table class='nav_bar'><tr><td> <a class='nav_bar' href='$server'>Home</a> </td></tr><tr><td><font color='white'>Logged In</font></td></tr> <tr><tr><a href='members.php'>Members</a></td></tr></table>"; } if ($_SESSION['user_level'] == 1){ echo "<table class='nav_bar'><tr><td> <a class='nav_bar' href='$server'>Home</a> </td></tr><tr><tr><a href='members.php'>Members</a></td></tr></table>"; } } else { echo " <table class='nav_bar'><tr><td> <a class='nav_bar' href='$server'>Home</a> </td></tr><tr><tr><a href='members.php'>Members</a></td></tr></table>"; } ?> nav_bar.php

they are echoed,in the logged_in script, it echos there username, and it does change, but i don't know how

if it's solved, please click solved at the bottom of the page.

hmm ,tried that didn't work. I just can see how it's doing this. Should i identify people not just by user_id but user_name?

No Problem, if it's closed please click solved at the bottom

i can't see how this is happening, as it isn;t setting any thing on the members page

Np, read the comments next time though, there were there for a reason

don;t you have to ecnrypt it first like this $password = "then the encryption and password"; then insert that variable into the database

did you change what i said, or just copied and pasted the code? if you just copied and pasted, it won't here is the code, with changes $prevsql = "SELECT entries.*, categories.cat FROM entries, categories WHERE entries.cat_id = categories.id ORDER BY dateposted DESC LIMIT 1, 5;"; $prevresult = mysql_query($prevsql); $numrows_prev = mysql_num_rows($prevresult);

this might be it $prevsql = "SELECT entries.*, categories.cat FROM entries, categories // $prevsql WHERE entries.cat_id = categories.id ORDER BY dateposted DESC LIMIT 1, 5;"; $prevresult = mysql_query($presql); //$presql $numrows_prev = mysql_num_rows($prevresult);

this is logged_in.php this also has the login form in it <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true) { if ($_SESSION['user_level'] == 2) { ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } if ($_SESSION['user_level'] == 1) { ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> and yes they are identified by there user_id stored in a variable

I have a site, where the users can have profiles, i was just testing something when i found this security issue. When i view the page listing the members and click on one, i become that member, i can edit there settings everything. How can i fix this. this is my member page code. <?php require_once 'db_connect.php'; require_once 'nav_bar.php'; require_once 'logged_in.php'; if ($_SESSION['is_valid'] == true){ if (isset($_GET['id'])) { if ((int) $_GET['id'] > 0) { $user_id = $_GET['id']; $sql = "SELECT * FROM $user WHERE `user_id`='{$user_id}' LIMIT 0,1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $username = $row['user_name']; $email = $row['user_email']; echo "$username<br>"; $show_email = $row['show_email']; if ($show_email == 1) { echo "Email:<a href='mailto:$email'>$email</a>"; } elseif ($show_email == 0) { echo "Email:Hidden"; } exit(); } else { echo "Invalid user ID passed to page! <br />"; echo "<a href=\"members.php\">Return to user list</a>"; exit(); } } //No ID passed to page, display user list: $query = "SELECT user_id, user_name FROM $user"; $result = mysql_query($query) or die("Error:" . mysql_error()); if (mysql_num_rows($result) > 0) { echo "User List:<br />"; while ($row = mysql_fetch_assoc($result)) { echo '<a href="?id=' . $row['user_id'] . '">' . $row['user_name'] . '</a><br />'; } } } else { echo "Please login to view this page."; } ?> this is a big risk, please help

o rite, because i closed a page i made when i was logged in, and went back to it after ten minutes and i was still logged in. How can i make it so when they close the page, the session is ended.

how long do sessions usually last? Or do they never time out?

are you setting the sessions on every page with session_start();

what is it for, if its for a login form, use sessions

how can i set time zones , if the timezone name is in the database?

no you need an uplaod form, search google for the code.

i thought that you store the image on the server and then in the database store the url to it , then echo "<img src='$imagelink'>"; and $imagelink will be the url from the database

ok, thanks , how do i overwrite the tables?? is it something like IF TABLE table_name EXISTS DELETE

Am i to assume no one knows???

$sql_forum1 = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forum2 = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; soz i updated it a bit, bust still the same problem

does anyone have any idea?

i am creating three tables using PHP $sql_user = "CREATE TABLE $user( user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY, user_name varchar(100) NOT NULL, user_password varchar(100) NOT NULL, user_email varchar(100) NOT NULL, user_ip varchar(20) NOT NULL, user_ban varchar(3) NOT NULL, ban_reason varchar(100) NOT NULL, ban_length varchar(25) NOT NULL, userlevel tinyint(1) unsigned NOT NULL, random_key varchar(32) NOT NULL, user_activated varchar(25) NOT NULL )"; $sql_forumques = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forumansw = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; i have a code to check if they already exist, but for the bottom two tables, it always says table created. this is my checking code $make_user= mysql_query($sql_user); $make_forum = mysql_query($sql_forum1); $make_forum1 = mysql_query($sql_forum2); $checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1"); $checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1"); $checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1"); if (!$make_user) { echo("'$user' Table already exists.<br>'$user' table could not be created.<br>"); } else { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.<br>'$forum_quest' table could not be created.<br>"); } else { echo("'$forum_quest' Table Created.<br>"); } if (!make_forum1) { echo("'$forum_quest' Table already exists.<br>'$forum_quest' table could not be created.<br>"); } else { echo("'$forum_answ' Table Created.<br>"); }

ok, thanks DW Shows that i can't use if,else and elseif statements, lol