djsl

thanks socratesone the double quotes worked thanks for the advice on the users, I will rethink the way to do it.

I probably made this more complicated than it is All I want to do is send the $password (encrypted) to the database location $role

sorry for being so vague and no this is not my script it is a create account script I am trying to have 12 people per group the first person would create the account (this script) there is a dropdown in the form where he selects his role in the group then the others simply using the same username fill out a simple form later with their password I have set up fields in the database for all the different passwords for all the different people in the group and $role would be the location defining the individual password locations. the variable is $role and I want it to substitute the current location of the password 'members_password' that is currently in the script when used with a single person login this is the original line in the script: 'members_password' => kry_encrypt_password($password)); I tried different ways of doing it but I have not gotten it to work. I am new at this and learning, and I am sure it is very simple. I hope this makes sense. here is one way that I tried '$role' => kry_encrypt_password($password));

I have this code right now $sql_data_array = array('members_firstname' => kry_db_input($firstname), 'members_lastname' => kry_db_input($lastname), 'username' => kry_db_input($username), 'members_password' => kry_encrypt_password($password)); I would like to insert the password in a table depending on the $role var they picked in the form I have multiple users in a group using the same username but want them to have dfferent password. something like this 'members_$role' => kry_encrypt_password($password)); or '$role' => kry_encrypt_password($password)); of course my examples dont work as they are thanks

also with this if I log out and then login again it works fine but if I close the browser and reopen and try to log in then it will require the authentication. Does anyone know from looking at the script how to fix this. Any advise will be greatly appreciated. thanks

in the form action this is the line in the login script that I posted above <? echo kry_draw_form('login', kry_href_link('login.php', 'action=process', 'SSL')); ?> I am assuming that this requires ssl if that is the case and that is what is causing my problem, how can I use this login script without ssl thanks

here is the login script I am new at this, I would appreciate any help ?php require ('includes/handler.php'); $member_id = $_SESSION['member_id']; if ($_GET['action'] == 'logout') { $logout = session_id(); $result = kry_db_query("delete from sessions where sesskey = '" . $logout . "' "); $_SESSION['member_id'] = ''; } $_ip = getenv('REMOTE_ADDR'); if ($_GET['action'] == 'log') { $result = mysql_query("insert into access set access_ip = '" . $_ip . "', access_exp = now(), type = 'M'"); } $check_access_query = kry_db_query("select access_ip from access where access_ip = '" . $_ip . "' and type = 'M' "); if (SEC_LEV == 'High') { $paranoia = 20; } elseif (SEC_LEV == 'Medium') { $paranoia = 50; } else { $paranoia = 100; } if (SEC_LEV != 'Off') { $ip_query = kry_db_query("select * from banned where banned_ip = '" . $_ip . "' and type = 'M' "); if ((kry_db_num_rows($ip_query) == 0) && ($_ip != SAFE_IP)) { $check_access = kry_db_fetch_array($check_access_query); if (kry_db_num_rows($check_access_query) > $paranoia) { $sql_data_array = array('banned_ip' => $_ip, 'banned_comment' => 'Multiple Bad Logins', 'banned_email' => 'No Data', 'type' => 'M', 'banned_date' => 'now()'); kry_db_perform(banned, $sql_data_array); kry_db_query("delete from access where access_ip = '" . $_ip . "'"); } } } $error = false; if (isset($_GET['action']) && ($_GET['action'] == 'process')) { $user = pwd_protect($_POST['username']); $passwd = pwd_protect($_POST['password']); if (($user != '') && ($passwd != '')) { $login_query = kry_db_query("select members_id, members_status, members_password, error from members where username = '" . $user . "'"); $login = kry_db_fetch_array($login_query); if (kry_validate_password($passwd, $login['members_password'])) { $_SESSION['member_id'] = $login['members_id']; $cookie_domain = HTTP_COOKIE_DOMAIN; $cookie_path = HTTP_COOKIE_PATH; $pwd = $login['members_password']; $err = $login['error']; setcookie('user', $user, time() + (365 * 24 * 3600), $cookie_path, $cookie_domain); setcookie('passwd', $pwd, time() + (365 * 24 * 3600), $cookie_path, $cookie_domain); } else { $error = true; } if ($error != false) { kry_db_query("insert into access (access_ip, access_exp, type) values ('" . $_ip . "', now(), 'M')"); $message = 'No match found for this Username/Password combination'; } else { kry_db_query("delete from access where access_ip = '" . $_ip . "'"); if ($err == '') { kry_redirect(kry_href_link('members/index.php')); } else { kry_redirect(kry_href_link('pending.php')); } } } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"><html > <head> <META NAME="ROBOTS" CONTENT="NOINDEX"> <title><? echo TITLE; ?></title> <base href="<? echo HTTP_SERVER . SUB_DIRECTORY; ?>"> <? echo '<link rel="stylesheet" type="text/css" href="images/stylesheet.css">'; ?> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" > <div align="center"><img src="images/logo.jpg" width="354" height="54"> </div> <table border="0" width="48%" cellspacing="0" cellpadding="0" align="center"> <tr> <td valign="top" align="left" height="16"><?echo '<img src="images/security_header.gif" width="500" height="37" height="37">'; ?></td> </tr> <tr> <!-- body_text //--> <td valign="top" align="left" > <? echo kry_draw_form('login', kry_href_link('login.php', 'action=process', 'SSL')); ?> <table border="0" cellpadding="0" cellspacing="0" align="center"> <tr> <td width="100"><img src="images/spacer.gif" width="31" height="1" border="0"></td> <td width="159"><img src="images/spacer.gif" width="159" height="1" border="0"></td> <td width="114"><img src="images/spacer.gif" width="71" height="1" border="0"></td> <td width="82"><img src="images/spacer.gif" width="69" height="1" border="0"></td> <td width="25"><img src="images/spacer.gif" width="18" height="1" border="0"></td> </tr> <tr> <td colspan="5" valign="top" align="left" class="smalltext"> <p> </p> </td> </tr> <? if($message != ''){ ?> <tr> <td valign="top" align="left" height="16" colspan="5"> <table align="center" cellspacing="0" cellpadding="2" width="79%"> <tr> <td class="messageBad"> <? echo $message; ?> </td> </tr> <tr> <td class="smalltext"> </td> </tr> </table> </td> </tr> <? } ?> <tr> <td colspan="5" class="smalltext"> <table width="60%" border="0" cellspacing="0" cellpadding="0" align="center" class="smalltext"> <tr> <td align="right" width="31%">Username: </td> <td width="69%"> <? echo kry_draw_input_field('username',''); ?> </td> </tr> <tr> <td align="right" width="31%">Password: </td> <td width="69%"> <? echo kry_draw_password_field('password',''); ?> </td> </tr> <tr> <td width="31%" height="19"> </td> <td align="center" width="69%"> </td> </tr> <tr> <td width="31%" height="28"> </td> <td align="center" width="69%"> <? echo '<a href="join.php?path=back" target="_self"><img src="images/back.jpg" border="0" alt="Back"></a> '; ?> <? echo '<input type="image" alt="Submit" src="images/next.jpg" border="0">'; ?> </td> </tr> </table> </td> </tr> <tr> <td height="19" colspan="5" class="smalltext"> <br> </td> </tr> </table> <? echo '</form>'; ?> <div align="center" class="smalltext">Copyright 2009 © <a href="http://<?php echo $_SERVER["SERVER_NAME"]; ?>" target="_self"><?php echo $_SERVER["SERVER_NAME"]; ?></a> </div> </td> </tr> </table> </body> </html>

I am putting together a members area with a script I found everything works fine but when I enter the username and password and select login I get an authentication window that pops up and only if I re-enter the information will it let me log on. I am not using ssl Does anyone know how to solve this, thanks in advance. here is what the window says in IE: Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection.)

here is the code since the box is a predefined size 325 x 532, I would like to double the notes I can show, I guess my options are scrolling or have a next and prev button to go through the pages to view all of them but always show the last item added by default. thanks <div id="content_right"> <div id="notes_title">NOTES</div> <div id="notes_txt_box_top"> <div id="notes_left_box"><? echo $notesline1datenew; ?></div> <div id="notes_right_box"><? echo $notesline1 . ' ' . $notes_who_1; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline2datenew; ?></div> <div id="notes_right_box"><? echo $notesline2 . ' ' . $notes_who_2; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline3datenew; ?></div> <div id="notes_right_box"><? echo $notesline3 . ' ' . $notes_who_3; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline4datenew; ?></div> <div id="notes_right_box"><? echo $notesline4 . ' ' . $notes_who_4; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline5datenew; ?></div> <div id="notes_right_box"><? echo $notesline5 . ' ' . $notes_who_5; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline6datenew; ?></div> <div id="notes_right_box"><? echo $notesline6 . ' ' . $notes_who_6; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline7datenew; ?></div> <div id="notes_right_box"><? echo $notesline7 . ' ' . $notes_who_7; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline8datenew; ?></div> <div id="notes_right_box"><? echo $notesline8 . ' ' . $notes_who_8; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline9datenew; ?></div> <div id="notes_right_box"><? echo $notesline9 . ' ' . $notes_who_9; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline10datenew; ?></div> <div id="notes_right_box"><? echo $notesline10 . ' ' . $notes_who_10; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline11datenew; ?></div> <div id="notes_right_box"><? echo $notesline11 . ' ' . $notes_who_11; ?></div> </div> <div id="notes_txt_box"> <div id="notes_left_box"><? echo $notesline12datenew; ?></div> <div id="notes_right_box"><? echo $notesline12 . ' ' . $notes_who_12; ?></div>--></div> </div> <div id="notes_add_button"><a href="comments.php"><img src="images/add_notes.gif" width="68" height="20" /></a></div> </div><!--content right -->

Here is what I am doing I have a div in a page that contains 12 divs that echo data from tables. It allows users to add comments. I have an add button that the user can add a comment and everything works good from 1 to 12. I want to allow at least 24 comments to be added. I have to have either scrolling in same div or having two pages with a next page button, maybe using iframe which I rather avoid. What would be the best way to accomplish this.

thanks I found I had accidently put it in there more than once. Works great now

thanks for the help I tried it and it works great, the only problem that I have now is that I have multiple lines of dates that I want to show when I add the script to all the lines I get the following Fatal error: Cannot redeclare is_empty_date() (previously declared in........ thanks

here is what I have I am sending a timestamp using now to a table that is set to datetime through a form this is the entry in the table 2009-08-20 09:47:11 I use this to echo in html and it shows up good $notesline1date=mysql_result($result,$i,"notes_line_1_date"); $notesline1datenew = date('m j Y', strtotime($notesline1date)); <? echo $notesline9datenew; ?> the problem I am having is when no date has been set the table is 0000-00-00 00:00:00 but the echo shows up as 11 30 -0001 I would like it to be blank, and is there a better way of doing this I am figuring things out as I go. thanks in advance

I got it working I added ' ' on the target location variable '$appraisalfilelocation' mysql_query("UPDATE members SET appraisal_file_location = '$appraisalfilelocation' WHERE username = '$username'"); thanks for your help

ok I changed the line and added the error reporting thanks for your help here is what I got for the error Notice: Undefined index: custom in includes/csecure.php on line 70 csecure.php is the page that tells users that they are banned and line 70 is: $custom = kry_db_input($_POST['custom']); here is the code from that page $_ip = getenv('REMOTE_ADDR'); if (defined('SITE_NAME')) { $custom = kry_db_input($_POST['custom']); $result = kry_db_query("select * from banned where banned_ip = '" . $_ip . "' and type = 'M' "); if ($myrow = kry_db_fetch_array($result)) { die($_error_message); } $member_id = $_SESSION['member_id']; $accQuery = kry_db_query("select members_email_address from members where members_id = '" . (int)$member_id . "' "); $accRes = kry_db_fetch_array($accQuery); $email = $accRes['members_email_address']; $result = kry_db_query("select * from banned where banned_email = '" . $email . "'"); if ($myrow = kry_db_fetch_array($result)) { die($_error_message); } } else { die($_error_message); }