DeanWhitehouse

is it that hard???

i <?php // Random Game Design: PHP Website Template // Version 1 // Copyright Dean Whitehouse, 2008 require_once 'db_connect.php'; // Connect to database mysql_connect($dbhost,$dbuser,$dbpass) or die('Could not connect: ' . mysql_error()); $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $user_password2 = $_POST["user_password2"]; $user_email = $_POST["user_email"]; $user_email2 = $_POST["user_email2"]; $ip = $_SERVER['REMOTE_ADDR']; //if(isset($_POST['agree'])){ if(isset($_POST['signup'])){ if ($user_name && $user_password && $user_password2 && $user_email && $user_email2) { $user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE user_name='$user_name'")); if ($user_check >= 1) { require_once 'register.php'; echo "Sorry, but the username you requested is already in use. Please enter a different username."; } elseif ($user_password == $user_password2 && $user_email == $user_email2) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); mysql_query("INSERT INTO `$user` (user_id, user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','2')") or die('Error ' . mysql_error()); header("Location:http://".$_SERVER[HTTP_HOST]);//header("Location:http://".$_SERVER[HTTP_HOST])"/login.php"; } else { require_once 'register.php'; echo "Either the passwords or emails you entered do not match. Please check these details and try again"; } } } else { require_once 'register.php'; echo "Please fill in all of the required fields."; } //} ; ?> <html> <table bgcolor='#999999' align='center' width="400px"> <form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'> <tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr> <tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr> <tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr> <tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr> <tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2' maxlength="30"/><br /></td></tr> <tr><td><input type='submit' value='Complete Registration' name='signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr> </form> </table> </html> <?php mysql_close(); ?> this is my registration code. this is a link to the page. http://deanwhitehouse.awardspace.co.uk/test/register.php this is my login code. <?php require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } ?> when you register it should 1. redirect to the login page 2.if not all fields are filled in show an echo 3.if the passwords or emails don't match it should show an echo. this kinda works, but when i clicked remember me on the login page, it went all wrong, when i go to the registration page, it enters my username and password. If i delete these then fill them all in when i click submit it reloads the page, with no errors, same if i submit with nothin or different passwords.

Anyideas accepted, i really want to finish it today.

anyone??

yer its in an include in the db_connect. It worked fine before i added the remember me

Can anyone see how to fix my login form. It now redirects striaght away. this is the code <?php require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false){ if(isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } else { header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember_me"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> i added this if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } for the remeber me feature

can you not use the if(); with a variable $time and then set this using PHP time?

ok, solved, it was a input but there was no field to input it into. Another question though how can i make a remeber me box, that when checked keeps them logged in. I use cookies and sessions on the site

Error Column count doesn't match value count at row 1 what does it mean.

if you want to make sure all fields are filled in put. $firstname = $_POST["firstname"] $lastname = $_POST["lastname"] $age = $_POST["age"] if($firstname && $lastname && $age) {echo "all fields are filled in";} else { echo "please fill in all fields"; } this should send you in the right direction, this goes in the submit form. to echo onto the page add require_once 'page_name.php'; in the else curly brackets

<?php if($new_password == $new_passwordcheck) ?> that is how to check

using one of them methods, is it possible to show them a message if there ip is banned and if it isn't show them something else, something like this $ip = $_SERVER['REMOTE_ADDR']; //how can i store this address to ban them as this only shows the address??? if($ip == user1); { echo "go away"; } else { echo "Hello, we like you"; }

how do i track there IP and how do i actually ban it?

How can i ban someones ip, i am assuming that when they sign up i need to collect that data and post it to the database, then how can i ban it(if what i said is right) i would like to do the same with there username and email.

or ,use some javascript ,type in on google javascript back button

FOUND THE PROBLEM <?php if ($_SESSION['is_valid'] == true){ if ($_SESSION['user_level'] == 2){ echo "<table class='logged_in'><tr><td> Welcome"; echo $_SESSION['username']; echo ",<br><a href=''>User Profile</a><br> <a href=''>Settings</a><br> <a href='logout.php'>Logout</a> </td></tr><tr><td><font color='white'>Logged In</font></td></tr></table>"; } if ($_SESSION['user_level'] == 1){ echo "<table class='logged_in'><tr><td> Welcome "; echo $_SESSION['username']; echo ",<br><a href='user_profile.php'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href='logout.php'>Logout</a> </td></tr><tr><td><font color='white'>Logged In</font></td></tr></table>"; } } else { include_once ('login.php'); } ?> the include at the bottom, if i change this to an echo it works. any ideas why?

the connection is already being made in db_connect.php as i said it does work fine when im logged in, but not when i'm not

creates a file, but it only creates one with a set name,

so what do i need to change , i have tried placing the require_once for the file with the session_start(); at the thop of the list of requires and that didn't work. also this Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php:5) in /home/www/deanwhitehouse.awardspace.co.uk/test/header.php on line 3 line 5 in main_forum.php is the echo if(mysql_connect) { echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>";} to fix the headers sent problem i moved the require for the header.php to the top and that worked, but i still can't connect to it without being logged, in , its really wierd

can you use something like this <?php // Random Game Design: PHP Website Template // Version 1 // Copyright Dean Whitehouse, 2008 require_once 'install.php'; $config_file = "config.inc.php"; $fw=fopen($config_file,"w+") or die("Unable to open file!"); // Unable to open file $config_host = "\$dbhost = \"".$dbhost."\";\n"; $config_user = "\$dbuser = \"".$dbuser."\";\n"; $config_pass = "\$dbpass = \"".$dbpass."\";\n"; $config_db = "\$dbname = \"".$dbname."\";"; $config_write = $config_host.$config_user.$config_pass.$config_db; fwrite($fw, "<?php\n".$config_write."\n?>"); fclose($fw); ?> with what you want

ok, i added this code if(mysql_connect) { echo "You have successfully connected with these details to '$dbname'. <br>Username - '$dbuser'<br> Password - '$dbpass'<br> Database Host - '$dbhost'<br>";} just under the require_once 'db_connect.php'; and i get these errors You have successfully connected with these details to '********'. Username - '********' Password - '*******' Database Host - '********' //stars are not shown to me\\ Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php:5) in /home/www/deanwhitehouse.awardspace.co.uk/test/header.php on line 3 Warning: mysql_query() [function.mysql-query]: Access denied for user 'crazyemochild'@'82.197.131.40' (using password: NO) in /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php on line 12 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php on line 12 Access denied for user 'crazyemochild'@'82.197.131.40' (using password: NO)

ok, now when i add the db_connect script to the actual page, instead of using require_once 'db_connect'; i added require_once 'config.inc.php'; // Connect to database mysql_connect($dbhost,$dbuser,$dbpass) or die('Could not connect: ' . mysql_error()); // Select database mysql_select_db($dbname) or die('Could not find the database: ' . mysql_error()); $sql="SELECT * FROM $forum_quest ORDER BY id DESC"; $result=mysql_query($sql) or die (mysql_error()); which is the db_connect form, and this works

the thing is though, that it works perfectly when i am logged in, no errors at all, but when i am logged out,i get lots of errors

its so they no when the forum post was posted, but in there time zone

I have written a forum, and i get an error message, but this only displays when i am not logged in. Warning: mysql_query() [function.mysql-query]: Access denied for user 'crazyemochild'@'82.197.131.40' (using password: NO) in /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php on line 9 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/www/deanwhitehouse.awardspace.co.uk/test/main_forum.php on line 9 Access denied for user 'crazyemochild'@'82.197.131.40' (using password: NO) this is the main_forum.php code <?php require_once 'db_connect.php'; require_once 'config_table.inc.php'; require_once 'header.php'; require_once 'nav_bar.php'; require_once 'logged_in.php'; $sql="SELECT * FROM $forum_quest ORDER BY id DESC"; $result=mysql_query($sql) or die (mysql_error()); ?> <table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td> <td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td> <td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td> <td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td> <td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td> </tr> <?php while($rows=mysql_fetch_array($result)){ // Start looping table row ?> <tr> <td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td> <td bgcolor="#FFFFFF"><a href="view_topic.php?id=<? echo $rows['id']; ?>"><? echo $rows['topic']; ?></a><BR></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['view']; ?></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['reply']; ?></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['datetime']; ?></td> </tr> <?php // Exit looping and close connection } mysql_close(); ?> <tr> <td colspan="5" align="right" bgcolor="#E6E6E6"><a href="create_topic.php"><strong>Create New Topic</strong> </a></td> </tr> </table>