DeanWhitehouse

related question this code if (!$make_user) { echo("'$user' Table already exists.'$user' table could not be created.<br>"); } elseif($make_user) { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif ($make_forum) { echo("'$forum_quest' Table Created.<br>"); } if (!make_foru) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif($make_foru) { echo("'$forum_answ' Table Created.<br>"); } ?><form action="<?php $_SERVER['PHP_SELF'] ?>" method="post"> <input type="submit" value="Continue" name="continue_saved"/> <? mysql_close(); exit(); } is ment to echo which tables are created or not, but if the first one isn't it doesn't show the rest.

i thought it might be that, soz for the stupid quest

or echo "<body bgcolor='#FFFFFF>"; this will set the page background color to white same with background images, just remember that you use '' instead of ""

i thought sessions time out after, a little while, but if you leave my site and then go back on, you are still logged in. Is this because i left the site for only a minute, or because the cookie stayed stored??

I have a lot of forms, <?php /*Random Game Design: PHP Website Template/CMS Version 1 Copyright Dean Whitehouse, 2008*/ if(isset($_POST['continue'])) { require_once '../includes/db_connect.php'; $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $user_password2 = $_POST["user_password2"]; $user_email = $_POST["user_email"]; $user_email2 = $_POST["user_email2"]; $ip = $_SERVER['REMOTE_ADDR']; if(isset($_POST['admin_signup'])){ if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 ")); if ($user_check >= 1) { include_once 'create_admin.php'; echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')") or die('Error ' . mysql_error()); include'main_write.php'; require_once 'redirect_install.php'; } else { include_once 'create_admin.php'; echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } else { include_once 'create_admin.php'; echo "Please fill in all of the required fields."; } } mysql_close(); ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php exit(); } if(isset($_POST['tablename_saved'])) { require_once '../includes/db_connect.php'; $sql_user = "CREATE TABLE $user( user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY, user_name varchar(100) NOT NULL, user_password varchar(100) NOT NULL, user_email varchar(100) NOT NULL, user_ip varchar(20) NOT NULL, user_ban varchar(3) NOT NULL, ban_reason varchar(100) NOT NULL, ban_length varchar(25) NOT NULL, userlevel tinyint(1) unsigned NOT NULL, random_key varchar(32) NOT NULL, user_activated varchar(25) NOT NULL )"; $sql_forumques = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forumansw = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; $make_user= mysql_query($sql_user); $make_forum = mysql_query($sql_forumques); $make_foru = mysql_query($sql_forumansw); $checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1"); $checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1"); $checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1"); if (!$make_user) { echo("'$user' Table already exists.'$user' table could not be created.<br>"); } elseif($make_user) { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif ($make_forum) { echo("'$forum_quest' Table Created.<br>"); } if (!make_foru) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif($make_foru) { echo("'$forum_answ' Table Created.<br>"); } ?><form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type="submit" value="Continue" name="continue"/>'; <? mysql_close(); exit(); } if(isset($_POST['table_names'])) { require_once '../includes/db_connect.php'; $dbhost = $_POST["dbhost"]; $user = $_POST["user"]; $forum_quest = $_POST["forum_question"]; $forum_answ = $_POST ["forum_answers"]; if ($user.$forum_quest.$forum_answ) { include ("config_writetable.php"); ?> <p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type='submit' value='Continue' name='tablename_saved'> </form> </p> <?php } else { echo ("Please go back and fill in the required fields"); } exit(); } if(isset($_POST['check'])) { // Database Connection Information $dbhost = $_POST["dbhost"]; // Database Host $dbuser = $_POST["dbuser"]; // Database Username $dbpass = $_POST["dbpass"]; // Database Password $dbname = $_POST["dbname"]; // Database Name // Attempt to connect to the database using the user submitted form. $con = mysql_connect($dbhost, $dbuser, $dbpass); if ($con) { include 'config_write.php'; echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>Please enter the table names you want, or if you want to use the preset names click continue. NOTE: Each table must be a different name. Please do not leave any blank spaces. "; ?> <table align="center" bgcolor="#333333" width="300px" border="0"> <form method="post" action="<?php $_SERVER['PHP_SELF']; ?>"> <tr><td><font color="#FFFFFF">User Details:</td><td><input type='text' name='user' value='rgd_users'></td></tr> <tr><td><font color="#ffffff">Forum Questions</td> <td><input type="text" name='forum_question' value='forum_question'></td></tr> <tr><td><font color='#ffffff'>Forum Answers</td> <td><input type='text' name='forum_answers' value='forum_answers'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='table_names'></td></tr> </font> </form> </table> <?php exit(); } else { echo 'Error connecting to database:' . mysql_error() . '\n'; // Database creation failed ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } // Close connection to the database mysql_close(); } else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } if(isset($_POST['start'])) { echo ('Please enter the details used to connect to your MySql database.'); ?> <table align='center' bgcolor='#333333' width='300px' border='0'><form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"> <tr><td> Database Host:</td><td> <input type='text' name='dbhost'><br></td></tr> <tr><td> Database Username:</td><td> <input type='text' name='dbuser'><br></td></tr> <tr><td> Database Password: </td><td> <input type='text' name='dbpass'><br></td></tr> <tr><td> Database Name: </td><td> <input type='text' name='dbname'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='check'> </td></tr></form> </table> <?php } else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } ?> to help i will this is where the form is that is causing the problem if(isset($_POST['continue'])) { require_once '../includes/db_connect.php'; $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $user_password2 = $_POST["user_password2"]; $user_email = $_POST["user_email"]; $user_email2 = $_POST["user_email2"]; $ip = $_SERVER['REMOTE_ADDR']; if(isset($_POST['admin_signup'])){ if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 ")); if ($user_check >= 1) { include_once 'create_admin.php'; echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')") or die('Error ' . mysql_error()); include'main_write.php'; require_once 'redirect_install.php'; } else { include_once 'create_admin.php'; echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } else { include_once 'create_admin.php'; echo "Please fill in all of the required fields."; } } mysql_close(); ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php exit(); } if(isset($_POST['tablename_saved'])) { require_once '../includes/db_connect.php'; $sql_user = "CREATE TABLE $user( user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY, user_name varchar(100) NOT NULL, user_password varchar(100) NOT NULL, user_email varchar(100) NOT NULL, user_ip varchar(20) NOT NULL, user_ban varchar(3) NOT NULL, ban_reason varchar(100) NOT NULL, ban_length varchar(25) NOT NULL, userlevel tinyint(1) unsigned NOT NULL, random_key varchar(32) NOT NULL, user_activated varchar(25) NOT NULL )"; $sql_forumques = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forumansw = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; $make_user= mysql_query($sql_user); $make_forum = mysql_query($sql_forumques); $make_foru = mysql_query($sql_forumansw); $checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1"); $checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1"); $checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1"); if (!$make_user) { echo("'$user' Table already exists.'$user' table could not be created.<br>"); } elseif($make_user) { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif ($make_forum) { echo("'$forum_quest' Table Created.<br>"); } if (!make_foru) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif($make_foru) { echo("'$forum_answ' Table Created.<br>"); } ?><form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type="submit" value="Continue" name="continue"/>'; <? mysql_close(); exit(); } if(isset($_POST['table_names'])) { require_once '../includes/db_connect.php'; $dbhost = $_POST["dbhost"]; $user = $_POST["user"]; $forum_quest = $_POST["forum_question"]; $forum_answ = $_POST ["forum_answers"]; if ($user.$forum_quest.$forum_answ) { include ("config_writetable.php"); ?> <p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type='submit' value='Continue' name='tablename_saved'> </form> </p> <?php } else { echo ("Please go back and fill in the required fields"); } exit(); } when i click continue ?> <p>Table name's saved, press continue to create the table.<form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type='submit' value='Continue' name='tablename_saved'> </form> </p> <?php it add this ?tablename_saved=Continue to the URL. And i believe this is why this code is not run if(isset($_POST['continue'])) { require_once '../includes/db_connect.php'; $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $user_password2 = $_POST["user_password2"]; $user_email = $_POST["user_email"]; $user_email2 = $_POST["user_email2"]; $ip = $_SERVER['REMOTE_ADDR']; if(isset($_POST['admin_signup'])){ if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE userlevel=1 ")); if ($user_check >= 1) { include_once 'create_admin.php'; echo "Sorry, but the head admin account is already created. Please delete the table in your mysql database and run the install.php file."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','1')") or die('Error ' . mysql_error()); include'main_write.php'; require_once 'redirect_install.php'; } else { include_once 'create_admin.php'; echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } else { include_once 'create_admin.php'; echo "Please fill in all of the required fields."; } } mysql_close(); ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='admin_signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php exit(); } if(isset($_POST['tablename_saved'])) { require_once '../includes/db_connect.php'; $sql_user = "CREATE TABLE $user( user_id int(11) AUTO_INCREMENT NOT NULL PRIMARY KEY, user_name varchar(100) NOT NULL, user_password varchar(100) NOT NULL, user_email varchar(100) NOT NULL, user_ip varchar(20) NOT NULL, user_ban varchar(3) NOT NULL, ban_reason varchar(100) NOT NULL, ban_length varchar(25) NOT NULL, userlevel tinyint(1) unsigned NOT NULL, random_key varchar(32) NOT NULL, user_activated varchar(25) NOT NULL )"; $sql_forumques = "CREATE TABLE $forum_quest( id int(4) NOT NULL AUTO_INCREMENT PRIMARY KEY, topic varchar(255) NOT NULL default '', detail longtext NOT NULL, name varchar(65) NOT NULL default '', email varchar(65) NOT NULL default '', datetime varchar(25) NOT NULL default '', view int(4) NOT NULL default '0', reply int(4) NOT NULL default '0' )AUTO_INCREMENT=1"; $sql_forumansw = "CREATE TABLE $forum_answ( question_id int(4) NOT NULL default '0', a_id int(4) NOT NULL default '0', a_name varchar(65) NOT NULL default '', a_email varchar(65) NOT NULL default '', a_answer longtext NOT NULL, a_datetime varchar(25) NOT NULL default '', KEY a_id (`a_id`) )"; $make_user= mysql_query($sql_user); $make_forum = mysql_query($sql_forumques); $make_foru = mysql_query($sql_forumansw); $checkifexist_user = mysql_query ("SELECT * FROM '$user' LIMIT 0,1"); $checkifexist_quest = mysql_query ("SELECT * FROM '$forum_quest' LIMIT 0,1"); $checkifexist_answ = mysql_query ("SELECT * FROM '$forum_answ' LIMIT 0,1"); if (!$make_user) { echo("'$user' Table already exists.'$user' table could not be created.<br>"); } elseif($make_user) { echo("'$user' Table Created.<br>"); } if (!make_forum) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif ($make_forum) { echo("'$forum_quest' Table Created.<br>"); } if (!make_foru) { echo("'$forum_quest' Table already exists.'$forum_quest' table could not be created.<br>"); } elseif($make_foru) { echo("'$forum_answ' Table Created.<br>"); } ?><form action="<?php $_SERVER['PHP_SELF'] ?>"> <input type="submit" value="Continue" name="continue"/>'; <? mysql_close(); exit(); } please correct me if i am wrong.

well i am using sessions for them logged in, but i thought cookies are the only way to have a remember me feature.

ok, that works i think, there is no way to be sure. BTW was does exit(); do???

ok, after the database details form it prints this Array ( [dbhost] => *** [dbuser] => *** [dbpass] => *** [dbname] => **** [check] => Continue ) with detials init but i have hidden these on the above version and on the second form it prints this Array ( [user] => rgd_users [forum_question] => forum_question [forum_answers] => forum_answers [table_names] => Continue )

the one at the top is

yes to the both, i am plaaning on adding securtity to all the important files.

its for a CMS system, and this is part of the install files. So they can connect through to there database. And i am adding sessions to help protect the pages, and also an IP session that will be set when it is first run so only the person with that ip can access it

anyone , this is just the part that isn't working properly if(isset($_POST['check'])) { // Database Connection Information $dbhost = $_POST["dbhost"]; // Database Host $dbuser = $_POST["dbuser"]; // Database Username $dbpass = $_POST["dbpass"]; // Database Password $dbname = $_POST["dbname"]; // Database Name // Attempt to connect to the database using the user submitted form. $con = mysql_connect($dbhost, $dbuser, $dbpass); if (!$con) { die('Could not connect: ' . mysql_error()); } // Error, connection cannot be made if ($con) { include 'config_write.php'; echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>Please enter the table names you want, or if you want to use the preset names click continue. NOTE: Each table must be a different name. Please do not leave any blank spaces. "; ?> <table align='center' bgcolor='#333333' width='300px' border='0'> <form method='post' action=<?php $_SERVER['PHP_SELF']; ?>'> <tr><td> <font color='#FFFFFF'> User Details:</td><td> <input type='text' name='user' value='rgd_users'><br></td></tr> <tr><td><font color='#ffffff'>Forum Questions</td> <td><input type='text' name='forum_question' value='forum_question'></td></tr> <tr><td><font color='#ffffff'>Forum Answers</td> <td><input type='text' name='forum_answers' value='forum_answers'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='table_names'></td></tr> </font> </form> </table> <?php } else { echo 'Error connecting to database:' . mysql_error() . '\n'; // Database creation failed ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } // Close connection to the database mysql_close(); } else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } any help would be really good, the problem is this else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } shows all the time

I am trying to intergrate several forms, into one page. this is my code <?php /*Random Game Design: PHP Website Template/CMS Version 1 Copyright Dean Whitehouse, 2008*/ if(isset($_POST['check'])) { // Database Connection Information $dbhost = $_POST["dbhost"]; // Database Host $dbuser = $_POST["dbuser"]; // Database Username $dbpass = $_POST["dbpass"]; // Database Password $dbname = $_POST["dbname"]; // Database Name // Attempt to connect to the database using the user submitted form. $con = mysql_connect($dbhost, $dbuser, $dbpass); if (!$con) { die('Could not connect: ' . mysql_error()); } // Error, connection cannot be made if ($con) { include 'config_write.php'; echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>Please enter the table names you want, or if you want to use the preset names click continue. NOTE: Each table must be a different name. Please do not leave any blank spaces. <table align='center' bgcolor='#333333' width='300px' border='0'>"; ?> <form method='post' action=<?php $_SERVER['PHP_SELF']; ?>'> <tr><td> <font color='#FFFFFF'> User Details:</td><td> <input type='text' name='user' value='rgd_users'><br></td></tr> <tr><td><font color='#ffffff'>Forum Questions</td> <td><input type='text' name='forum_question' value='forum_question'></td></tr> <tr><td><font color='#ffffff'>Forum Answers</td> <td><input type='text' name='forum_answers' value='forum_answers'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='table_names'></td></tr> </font> </form> </table> <?php } else { echo 'Error connecting to database:' . mysql_error() . '\n'; // Database creation failed ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } // Close connection to the database mysql_close(); } if(isset($_POST['start'])) { echo ('Please enter the details used to connect to your MySql database.'); ?> <table align='center' bgcolor='#333333' width='300px' border='0'><form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"> <tr><td> Database Host:</td><td> <input type='text' name='dbhost'><br></td></tr> <tr><td> Database Username:</td><td> <input type='text' name='dbuser'><br></td></tr> <tr><td> Database Password: </td><td> <input type='text' name='dbpass'><br></td></tr> <tr><td> Database Name: </td><td> <input type='text' name='dbname'><br></td></tr> <tr><td></td><td><input type='submit' value='Continue' name='check'> </td></tr></form> </table> <?php } else { ?> <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> </p> <?php } ?> ok, the first form on the list(which is the second one displayed) shows this underneath it <p>Welcome to the random game design website template. Please follow this set-up and then you can customise your site fully.<br>Plese only click this button once, as it will reset your progress.<form method='post' action="<?php $_SERVER['PHP_SELF']; ?>"><input type='submit' value='Start' name='start'></form> How can i fix it, i only want to show that if they haven't clicked start( i am planning on adding sessions for security) could i use them to do it?

np, btw the code was ment to be this $mes .="$Name< br >";

so is how i'm doing it wrong, for the remember me feature?? Can someone show me how to do it correctly

put <br> after the message eg. $mes .="$Name<br>";

i have written a remember me feature into my script, but i don't think it is working ( when i log out, it doesn't have my username already in the box) but i don't no, becuase i close the page and re-open it and i'm still logged in but that might be my session not closing? this is my code { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?>

here is a tutorial link http://www.egmods.com/Main/Tutorials/php/intermediate/pms/page5.php

erm i would use a database to store a lot of the values.

ok, thanks i will try that

i have a remember me checkbox (i don't think it works) and a hide email checkbox , how can i store whether its checked or not,(not in the database but on the actual box) so if a user ticks hide email, when they view there settings again the box is still ticked, bot unticked. Here are both codes the hide email and the remember me code. <?php require_once 'db_connect.php'; require_once 'nav_bar.php'; require_once 'logged_in.php'; if ($_SESSION['is_valid'] == true){ $user_id = $_SESSION['user_id']; $sql = "SELECT * FROM $user WHERE `user_id`='{$user_id}' LIMIT 0,1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $email = $row['user_email']; $show_email = $row['show_email']; $user_password = $_POST["user_password"]; $user_password2 = $_POST["user_password2"]; $user_email = $_POST["user_email"]; $user_email2 = $_POST["user_email2"]; if(isset($_POST['update'])) { if($user_email) { if($user_email == $user_email2) { mysql_query("UPDATE $user SET user_email = '$user_email' WHERE user_id = '$user_id'")or die('Could not update email: ' . mysql_error()); } else { echo "Email Addresses do not match"; } } if($user_password) { if($user_password == $user_password2) { mysql_query("UPDATE $user SET user_password = '$user_password' WHERE user_id = '$user_id'")or die('Could not change password: ' . mysql_error()); } else { echo "Passwords do not match"; } } if((isset($_POST['hideemail'])) && ($_POST['hideemail'] == 0)) { mysql_query("UPDATE $user SET show_email = '0' WHERE user_id = '$user_id'")or die('Could not change settings: ' . mysql_error()); echo "Settings Saved"; } elseif((isset($_POST['hideemail'])) && ($_POST['hideemail'] == 1)) { mysql_query("UPDATE $user SET show_email = '1' WHERE user_id = '$user_id'")or die('Could not change settings: ' . mysql_error()); echo "Settings Saved"; } } ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' value="<?php echo "$email"; ?>" /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' value="<?php echo "$email"; ?>" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 30 characters.</td></tr> <tr><td width="10px">New Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30" /><br /></td></tr> <tr><td>Email Status:</td></tr><td><tr><?php if ($show_email == 1) { echo "Visible"; } elseif ($show_email == 0) { echo "Hidden"; } ?></td></tr> <tr><td width="10px">Hide Email</td><td width="10px">Yes<input type="radio" value="0" name="hideemail"/> No<input type="radio" value="1" name="hideemail"/> </td></tr> <tr><td><input type='submit' value='Save Changes' name='update' /></td> </form> </table> </html> <?php } else { echo "Please login to view this page."; } ?> <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true) { if ($_SESSION['user_level'] == 2) { ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } if ($_SESSION['user_level'] == 1) { ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?>

it is because i put elseif instead of if, i dunno why it is but it is

I have this code <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true) { if ($_SESSION['user_level'] == 2) { ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } elseif ($_SESSION['user_level'] == 1) { ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false) { if (isset($_POST['login'])) { $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; if(isset($_POST['remember'])) { setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> which shows certain links depending on the user level, but now i don't no what i done but it doesn't show the admin link. any ideas?? i haven't changed this code but i have changed other codes and all my tables are the same and i have two users with different levels , testing this out on.

have done thanks, now i will need to set a page limit, i'm assuming i can do this by done by adding a sql limit? for example LIMIT 10

thanks, i think i was close mine was <?php require_once 'db_connect.php'; if (isset($_GET['id'])) { $user_id = $_GET['id']; $sql = "SELECT * FROM $user WHERE `user_id`='{$user_id}' LIMIT 0,1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); $username = $row['user_name']; $email = $row['user_email']; echo "$username<br>"; $show_email = $row['show_email']; if ($show_email == 1) { echo "Email:<a href='mailto:$email'>$email</a>"; } elseif ($show_email == 0) { echo "Email:Hidden"; } } ?> Members <?php $sql1 = "SELECT * FROM $user WHERE `user_name` AND `user_id`"; $result1 = mysql_query($sql1); $row1 = mysql_fetch_assoc($result1); $username1 = $row1['user_name']; $userid = $row1['user_id']; ?> <a href="?id=<?php echo "$userid"; ?>"><?php echo "$username1"; ?></a>