Jump to content

Dunoon

Members
  • Posts

    13
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

Dunoon's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Madtechie Ok, I did some digging and the program that is being used is PHP Login System with Admin Features. I checked the emails going to ster@ and they really don't say much. Here are a few: Query: INSERT INTO `ChangeLog` (`Timestamp` , `User` , `Action` , `IP`) VALUES ('1254438650', 'Guest', 'Mass E-Mail Sent: 100', '74.111.141.90') MySQL Error: Query: SELECT * FROM active_guests MySQL Error: A ton of emails like that but doesn't tell the error. Anyway, I decided to do a Mass Email test.. The first time I included everyone in the database and sent the email.. That is when I got the errors. So I decided to send an email to just 3 on the list and it worked fine. This could be a constant connection issue, I am not for sure. Would placing the code you suggested tell me something to that effect? Thanks again.
  2. Madtechie I have looked over the code and didn't see eactly what you were talking about. I am posting the full code here.. I was doing some digging and found out that an email does get sent to the webmaster when there is a error but it does really tell you anything. Sorry, really trying to learn MySQL.. Here is the code: <? /** * Database.php * * The Database class is meant to simplify the task of accessing * information from the website's database. * * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC) * Last Updated: August 17, 2004 */ include("constants.php"); class MySQLDB { var $connection; //The MySQL database connection var $connection2; //The MySQL database connection var $num_active_users; //Number of active users viewing site var $num_active_guests; //Number of active guests viewing site var $num_members; //Number of signed-up users /* Note: call getNumMembers() to access $num_members! */ /* Class constructor */ function MySQLDB(){ /* Make connection to database */ $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error()); mysql_select_db(DB_NAME, $this->connection) or die(mysql_error()); $this->connection2 = mysql_connect(DB_SERVER2, DB_USER2, DB_PASS2) or die(mysql_error()); mysql_select_db(DB_NAME2, $this->connection2) or die(mysql_error()); /** * Only query database to find out number of members * when getNumMembers() is called for the first time, * until then, default value set. */ $this->num_members = -1; if(TRACK_VISITORS){ /* Calculate number of users at site */ $this->calcNumActiveUsers(); /* Calculate number of guests at site */ $this->calcNumActiveGuests(); } } /** * confirmUserPass - Checks whether or not the given * username is in the database, if so it checks if the * given password is the same password in the database * for that user. If the user doesn't exist or if the * passwords don't match up, it returns an error code * (1 or 2). On success it returns 0. */ function confirmUserPass($username, $password){ /* Add slashes if necessary (for query) */ if(!get_magic_quotes_gpc()) { $username = addslashes($username); } /* Verify that user is in database */ $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'"; $result = $this->query($q, $this->connection); if(!$result || (mysql_numrows($result) < 1)){ return 1; //Indicates username failure } /* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($password); /* Validate that password is correct */ if($password == $dbarray['password']){ return 0; //Success! Username and password confirmed } else{ return 2; //Indicates password failure } } /** * confirmUserID - Checks whether or not the given * username is in the database, if so it checks if the * given userid is the same userid in the database * for that user. If the user doesn't exist or if the * userids don't match up, it returns an error code * (1 or 2). On success it returns 0. */ function confirmUserID($username, $userid){ /* Add slashes if necessary (for query) */ if(!get_magic_quotes_gpc()) { $username = addslashes($username); } /* Verify that user is in database */ $q = "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'"; $result = $this->query($q, $this->connection); if(!$result || (mysql_numrows($result) < 1)){ return 1; //Indicates username failure } /* Retrieve userid from result, strip slashes */ $dbarray = mysql_fetch_array($result); $dbarray['userid'] = stripslashes($dbarray['userid']); $userid = stripslashes($userid); /* Validate that userid is correct */ if($userid == $dbarray['userid']){ return 0; //Success! Username and userid confirmed } else{ return 2; //Indicates userid invalid } } /** * usernameTaken - Returns true if the username has * been taken by another user, false otherwise. */ function usernameTaken($username){ if(!get_magic_quotes_gpc()){ $username = addslashes($username); } $q = "SELECT username FROM ".TBL_USERS." WHERE username = '$username'"; $result = $this->query($q, $this->connection); return (mysql_numrows($result) > 0); } /** * usernameBanned - Returns true if the username has * been banned by the administrator. */ function usernameBanned($username){ if(!get_magic_quotes_gpc()){ $username = addslashes($username); } $q = "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'"; $result = $this->query($q, $this->connection); return (mysql_numrows($result) > 0); } /** * addNewUser - Inserts the given (username, password, email) * info into the database. Appropriate user level is set. * Returns true on success, false otherwise. */ function addNewUser($username, $password, $email){ $time = time(); /* If admin sign up, give admin user level */ if(strcasecmp($username, ADMIN_NAME) == 0){ $ulevel = ADMIN_LEVEL; }else{ $ulevel = USER_LEVEL; } $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', '9', '$email', $time)"; return $this->query($q, $this->connection); } /** * updateUserField - Updates a field, specified by the field * parameter, in the user's row of the database. */ function updateUserField($username, $field, $value){ $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'"; return $this->query($q, $this->connection); } function updateSportField($sport, $status, $season){ $q = "UPDATE `Sports` SET `SportStatus` = '$status' , `SportSeason` = '$season' WHERE `SportNumber` = '$sport'"; $result = $this->query($q); if(!$result){ die(mysql_errno($result) . ": " . mysql_error($result)); return false; }else{ return true; } } /** * getUserInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given username. If query fails, NULL is returned. */ function getUserInfo($username){ $q = "SELECT * FROM ".TBL_USERS." WHERE username = '$username'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * getEventInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given event id. If query fails, NULL is returned. */ function getEventInfo($id){ $q = "SELECT * FROM Calendar_Events WHERE EventID = '$id'"; $result = $this->query($q); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * getAthleteInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given athlete id. If query fails, NULL is returned. */ function getAthleteInfo($id){ $q = "SELECT * FROM Athletes WHERE AthleteID = '$id'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_assoc($result); return $dbarray; } function verifyInfo($id,$type){ if($type=='A'){$loc = 'Athletes';}elseif($type=='V'){$loc = 'Volunteers';} $q = "SELECT * FROM ".$loc." WHERE `UID` = '$id'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_num_rows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_assoc($result); return $dbarray; } /** * getVolunteerInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given Volunteer id. If query fails, NULL is returned. */ function getVolunteerInfo($id){ $q = "SELECT * FROM Volunteers WHERE VolunteerID = '$id'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getSIFInfo($id){ $q = "SELECT * FROM `SportForms` WHERE `ID` = '$id'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * getPageText - Returns the result array from a mysql * query asking for all information stored regarding * the given page text. If query fails, NULL is returned. */ function getPageText($page, $location){ $q = "SELECT * FROM `Pages` WHERE `PageName` = '".$page."' AND `PageLocation` = '".$location."'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } /** * getSpotlightInfo - Returns the result array from a mysql * query asking for all information stored regarding * the given sport spotlight. If query fails, NULL is returned. */ function getSpotlightInfo($sport){ $q = "SELECT * FROM `Spotlight` WHERE `Sport` = '".$sport."'"; $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_array($result); return $dbarray; } function getCMTInfo($id,$email = 0,$limit = "*"){ if($limit != '*'){$q_limit = " LIMIT ".$limit;} if(isset($email) && $email != '0'){ $q = "SELECT * FROM `CMT` WHERE `EMail` = '".$email."'".$q_limit; }else{ $q = "SELECT * FROM `CMT` WHERE `ID` = '".$id."'".$q_limit; } $result = $this->query($q, $this->connection); /* Error occurred, return given name by default */ if(!$result || (mysql_numrows($result) < 1)){ return NULL; } /* Return result array */ $dbarray = mysql_fetch_assoc($result); return $dbarray; } /** * getNumMembers - Returns the number of signed-up users * of the website, banned members not included. The first * time the function is called on page load, the database * is queried, on subsequent calls, the stored result * is returned. This is to improve efficiency, effectively * not querying the database when no call is made. */ function getNumMembers(){ if($this->num_members < 0){ $q = "SELECT * FROM ".TBL_USERS; $result = $this->query($q, $this->connection); $this->num_members = mysql_numrows($result); } return $this->num_members; } /** * calcNumActiveUsers - Finds out how many active users * are viewing site and sets class variable accordingly. */ function calcNumActiveUsers(){ /* Calculate number of users at site */ $q = "SELECT * FROM ".TBL_ACTIVE_USERS; $result = $this->query($q, $this->connection); $this->num_active_users = mysql_numrows($result); } /** * calcNumActiveGuests - Finds out how many active guests * are viewing site and sets class variable accordingly. */ function calcNumActiveGuests(){ /* Calculate number of guests at site */ $q = "SELECT * FROM ".TBL_ACTIVE_GUESTS; $result = $this->query($q, $this->connection); $this->num_active_guests = mysql_numrows($result); } /** * addActiveUser - Updates username's last active timestamp * in the database, and also adds him to the table of * active users, or updates timestamp if already there. */ function addActiveUser($username, $time){ $q = "UPDATE ".TBL_USERS." SET timestamp = '$time' WHERE username = '$username'"; $this->query($q, $this->connection); if(!TRACK_VISITORS) return; $q = "REPLACE INTO ".TBL_ACTIVE_USERS." VALUES ('$username', '$time')"; $this->query($q, $this->connection); $this->calcNumActiveUsers(); } /* addActiveGuest - Adds guest to active guests table */ function addActiveGuest($ip, $time){ if(!TRACK_VISITORS) return; $q = "REPLACE INTO ".TBL_ACTIVE_GUESTS." VALUES ('$ip', '$time')"; $this->query($q, $this->connection); $this->calcNumActiveGuests(); } /* These functions are self explanatory, no need for comments */ /* removeActiveUser */ function removeActiveUser($username){ if(!TRACK_VISITORS) return; $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE username = '$username'"; $this->query($q, $this->connection); $this->calcNumActiveUsers(); } /* removeActiveGuest */ function removeActiveGuest($ip){ if(!TRACK_VISITORS) return; $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE ip = '$ip'"; $this->query($q, $this->connection); $this->calcNumActiveGuests(); } /* removeInactiveUsers */ function removeInactiveUsers(){ if(!TRACK_VISITORS) return; $timeout = time()-USER_TIMEOUT*60; $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE timestamp < $timeout"; $this->query($q, $this->connection); $this->calcNumActiveUsers(); } /* removeInactiveGuests */ function removeInactiveGuests(){ if(!TRACK_VISITORS) return; $timeout = time()-GUEST_TIMEOUT*60; $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE timestamp < $timeout"; $this->query($q, $this->connection); $this->calcNumActiveGuests(); } /** * query - Performs the given query on the database and * returns the result, which may be false, true or a * resource identifier. */ function query($query){ $result = mysql_query($query, $this->connection); if(!$result || mysql_error() != ''){@mail('ster@specialolympiccounty.org','SOAC Error',"Query: ".$query."\r\nMySQL Error: ".mysql_error());} return $result; } function sportdb($query){ $result = mysql_query($query, $this->connection2); if(!$result || mysql_error() != ''){@mail('ster@specialolympiccounty.org','SOAC Error',"Query: ".$query."\r\nMySQL Error: ".mysql_error());} return $result; } }; /* Create database connection */ $database = new MySQLDB; ?> Thanks again for all your help.
  3. Hi All, I am just starting to learn MySQL and continue to read. The Special Olympics in my area is having a problem with there Mass emailing program and I told them I would at least look at it. When I will the emailing script I get these errors. Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /homepages/0/d252328289/htdocs/admin/include/database.php on line 359 Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /homepages/0/d2523/htdocs/admin/include/database.php on line 348 Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /homepages/0/d2523/htdocs/admin/include/database.php on line 359 Warning: Cannot modify header information - headers already sent by (output started at /homepages/0/d2523/htdocs/admin/include/database.php:359) in /homepages/0/d2523/htdocs/admin/process.php on line 448 I have been googling and have not found an answer yet and would like to know if someone can help me. I will post each offending line of code here: Line 348: $this->num_active_users = mysql_numrows($result); Line 359: $this->num_active_guests = mysql_numrows($result); Line 448 of the process.php file: header("Location: index.php"); I can post more of the code if need be. Also, if you can recommend a really good hands on Learning MySQL, please let me know what it is . Thanks Dunoon
  4. MadTechie Thank you for all your help.. All the errors are gone. I just emailed them and ask them to check it out and see if everything is functioning like it was before. I will keep you posted. Thanks for everything.
  5. Well, after checking around a bit the statement below is wrong. I am still have the same error on this other page as before. When I put the include(../sessions.php) line in all it did was bump the code down and make the error on line #26. Sorry I did catch it earlier. "Well, that took care of line 25 now once I made the change it says: Login Username: <input type="text" name="user" maxlength="30" value=" Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 26 " I am still getting this error Username: <input type="text" name="user" maxlength="30" value=" Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 25 with that line being: <td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td>
  6. ok I have found the form.php file that has the Call Form in it: Hope this helps. <? /** * Form.php * * The Form class is meant to simplify the task of keeping * track of errors in user submitted forms and the form * field values that were entered correctly. * * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC) * Last Updated: August 19, 2004 */ class Form { var $values = array(); //Holds submitted form field values var $errors = array(); //Holds submitted form error messages var $num_errors; //The number of errors in submitted form /* Class constructor */ function Form(){ /** * Get form value and error arrays, used when there * is an error with a user-submitted form. */ if(isset($_SESSION['value_array']) && isset($_SESSION['error_array'])){ $this->values = $_SESSION['value_array']; $this->errors = $_SESSION['error_array']; $this->num_errors = count($this->errors); unset($_SESSION['value_array']); unset($_SESSION['error_array']); } else{ $this->num_errors = 0; } } /** * setValue - Records the value typed into the given * form field by the user. */ function setValue($field, $value){ $this->values[$field] = $value; } /** * setError - Records new form error given the form * field name and the error message attached to it. */ function setError($field, $errmsg){ $this->errors[$field] = $errmsg; $this->num_errors = count($this->errors); } /** * value - Returns the value attached to the given * field, if none exists, the empty string is returned. */ function value($field){ if(array_key_exists($field,$this->values)){ return htmlspecialchars(stripslashes($this->values[$field])); }else{ return ""; } } /** * error - Returns the error message attached to the * given field, if none exists, the empty string is returned. */ function error($field){ if(array_key_exists($field,$this->errors)){ return "<span style=\"color:#FF0000; font-size:16px;\">".$this->errors[$field]."</span>"; }else{ return ""; } } /* getErrorArray - Returns the array of error messages */ function getErrorArray(){ return $this->errors; } }; ?>
  7. When I login it is at an admin page. Not the login.php page..That was just the way the site was setup. Ok, I looked in the sessions.php file and at the bottom found: /** * Initialize session object - This must be initialized before * the form object because the form uses session variables, * which cannot be accessed unless the session has started. */ $session = new Session; /* Initialize form object */ $form = new Form; ?> Have not found the class yet.
  8. Well, that took care of line 25 now once I made the change it says: Login Username: <input type="text" name="user" maxlength="30" value=" Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 26 The code for line 26 is: <td align="right"><? echo $form->error("user"); ?></td> Boy, getting so close to getting this fixed
  9. Awesome..that fixed that part.. When that page finally came up all looked ok until I hit the go back to main page link then I got this: Login Username: <input type="text" name="user" maxlength="30" value=" Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/login.php on line 25 <? if($session->logged_in){ echo "<h1>Logged In</h1>"; echo "Welcome <b>$session->username</b>, you are logged in. <br><br>" ."[<a href=\"userinfo.php?user=$session->username\">My Account</a>] " ."[<a href=\"useredit.php\">Edit Account</a>] "; if($session->isAdmin()){ echo "[<a href=\"admin/admin.php\">Admin Center</a>] "; } echo "[<a href=\"process.php\">Logout</a>]"; }else{ ?> <form action="process.php" method="POST"> <table width="75%" border="0" align="center" cellpadding="5" cellspacing="0"> <tr> <th colspan="3">Login</th> </tr> <? if($form->num_errors > 0){ ?> <tr> <td colspan="3"><?php echo "<span style=\"color:#FF0000; font-size:16px;\">".$form->num_errors." error(s) found</span>"; ?></td> </tr> <?php } ?> <tr> <td width="60px">Username:</td> <td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td> <td align="right"><? echo $form->error("user"); ?></td> </tr> <tr> <td width="60px">Password:</td> <td><input type="password" name="pass" maxlength="30" value="<? echo $form->value("pass"); ?>"></td> <td align="right"><? echo $form->error("pass"); ?></td> </tr> <tr> <td> </td> <td> <?php if(isset($_SESSION["referrer"])){ ?> <input type="hidden" name="referrer" value="<?php echo($_SESSION["referrer"]); ?>"> <?php unset($_SESSION["referrer"]);} ?> <input type="hidden" name="sublogin" value="1"><input type="submit" value="Login"></td> <td align="right"><span style="color:#FF0000; font-size:16px;">[<a href="forgotpass.php">Forgot Password?</a>]</span></td> </tr> </table> </form> <?php } ?> Line 25 is: <td><input type="text" name="user" maxlength="30" value="<? echo $form->value("user"); ?>"></td> It is probably right in frontof my face but I can't see it. Thanks for the great help and being patient with me.
  10. Hi. I found a file called adminprocess.php that includes the sessions.php file.. Here it is: <? /** * AdminProcess.php * * The AdminProcess class is meant to simplify the task of processing * admin submitted forms from the admin center, these deal with * member system adjustments. * * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC) * Last Updated: August 15, 2004 */ include("../include/session.php"); class AdminProcess { /* Class constructor */ function AdminProcess(){ global $session; /* Make sure administrator is accessing page */ if(!$session->isAdmin()){ header("Location: ../login.php"); return; } /* Admin submitted update user level form */ if(isset($_POST['subupdlevel'])){ $this->procUpdateLevel(); } /* Admin submitted delete user form */ else if(isset($_POST['subdeluser'])){ $this->procDeleteUser(); } /* Admin submitted delete inactive users form */ else if(isset($_POST['subdelinact'])){ $this->procDeleteInactive(); } /* Admin submitted ban user form */ else if(isset($_POST['subbanuser'])){ $this->procBanUser(); } /* Admin submitted delete banned user form */ else if(isset($_POST['subdelbanned'])){ $this->procDeleteBannedUser(); } /* Should not get here, redirect to home page */ else{ header("Location: ../login.php"); } } /** * procUpdateLevel - If the submitted username is correct, * their user level is updated according to the admin's * request. */ function procUpdateLevel(){ global $session, $database, $form; /* Username error checking */ $subuser = $this->checkUsername("upduser"); /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ../index.php?mode=admin/admin"); } /* Update user level */ else{ $database->updateUserField($subuser, "userlevel", (int)$_POST['updlevel']); header("Location: ../index.php?mode=admin/admin"); } } /** * procDeleteUser - If the submitted username is correct, * the user is deleted from the database. */ function procDeleteUser(){ global $session, $database, $form; /* Username error checking */ $subuser = $this->checkUsername("deluser"); /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ../index.php?mode=admin/admin"); } /* Delete user from database */ else{ $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'"; $database->query($q); header("Location: ../index.php?mode=admin/admin"); } } /** * procDeleteInactive - All inactive users are deleted from * the database, not including administrators. Inactivity * is defined by the number of days specified that have * gone by that the user has not logged in. */ function procDeleteInactive(){ global $session, $database; $inact_time = $session->time - $_POST['inactdays']*24*60*60; $q = "DELETE FROM ".TBL_USERS." WHERE timestamp < $inact_time " ."AND userlevel != ".ADMIN_LEVEL; $database->query($q); header("Location: ../index.php?mode=admin/admin"); } /** * procBanUser - If the submitted username is correct, * the user is banned from the member system, which entails * removing the username from the users table and adding * it to the banned users table. */ function procBanUser(){ global $session, $database, $form; /* Username error checking */ $subuser = $this->checkUsername("banuser"); /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ../index.php?mode=admin/admin"); } /* Ban user from member system */ else{ $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'"; $database->query($q); $q = "INSERT INTO ".TBL_BANNED_USERS." VALUES ('$subuser', $session->time)"; $database->query($q); header("Location: ../index.php?mode=admin/admin"); } } /** * procDeleteBannedUser - If the submitted username is correct, * the user is deleted from the banned users table, which * enables someone to register with that username again. */ function procDeleteBannedUser(){ global $session, $database, $form; /* Username error checking */ $subuser = $this->checkUsername("delbanuser", true); /* Errors exist, have user correct them */ if($form->num_errors > 0){ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ../index.php?mode=admin/admin"); } /* Delete user from database */ else{ $q = "DELETE FROM ".TBL_BANNED_USERS." WHERE username = '$subuser'"; $database->query($q); header("Location: ../index.php?mode=admin/admin"); } } /** * checkUsername - Helper function for the above processing, * it makes sure the submitted username is valid, if not, * it adds the appropritate error to the form. */ function checkUsername($uname, $ban=false){ global $database, $form; /* Username error checking */ $subuser = $_POST[$uname]; $field = $uname; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered<br>"); } else{ /* Make sure username is in database */ $subuser = stripslashes($subuser); if(strlen($subuser) < 5 || strlen($subuser) > 30 || !eregi("^([0-9a-z])+$", $subuser) || (!$ban && !$database->usernameTaken($subuser))){ $form->setError($field, "* Username does not exist<br>"); } } return $subuser; } }; /* Initialize process */ $adminprocess = new AdminProcess; ?> Thanks for looking.
  11. Well I found the function in the sessions.php file: /** * isAdmin - Returns true if currently logged in user is * an administrator, false otherwise. */ function isAdmin(){ return ($this->userlevel == ADMIN_LEVEL || $this->username == ADMIN_NAME); } I found the Admin_Name located in the constants.php file. I changed it to my username with the correct Admin_level. Still trying to figure out the code and get it fixed. Still popping the same error. What else would you like me to post that may help figure out the problem. Still learn the rope of php.. Thanks again for the help
  12. Thanks for your help..I will look around for the function. Sorry about not using tags..:-(
  13. Hi All.. I am just learning PHP and have ran into a problem. I am looking at some code for a friend that works with the county special olympics. A student did there website...Somethings have stopped work and he will not answer his email. The interface is setup as an Admin Center. When you login and click on the Admin center link this error pops up: Fatal error: Call to a member function on a non-object in /homepages/0/d252328289/htdocs/admin/admin/admin.php on line 81 I have looked at the admin.php page and here is what is on line 81 if(!$session->isAdmin()){ header("Location: ../login.php"); } Could someone nicely explain this to me. I am still learning Php. Thanks for all your help. PS. Here is the whole code: <? /** * Admin.php * * This is the Admin Center page. Only administrators * are allowed to view this page. This page displays the * database table of users and banned users. Admins can * choose to delete specific users, delete inactive users, * ban users, update user levels, etc. * */ /** * displayUsers - Displays the users database table in * a nicely formatted html table. */ function displayUsers(){ global $database; $q = "SELECT username,userlevel,email,timestamp " ."FROM ".TBL_USERS." ORDER BY userlevel DESC,username"; $result = $database->query($q); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if(!$result || ($num_rows < 0)){ echo "Error displaying info"; return; } if($num_rows == 0){ echo "Database table empty"; return; } /* Display table contents */ echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n"; echo "<tr><td><b>Username</b></td><td><b>Level</b></td><td><b>Email</b></td><td><b>Last Active</b></td></tr>\n"; for($i=0; $i<$num_rows; $i++){ $uname = mysql_result($result,$i,"username"); $ulevel = mysql_result($result,$i,"userlevel"); $email = mysql_result($result,$i,"email"); $time = date("m/d/Y g:i A", mysql_result($result,$i,"timestamp")); echo "<tr><td>$uname</td><td>$ulevel</td><td>$email</td><td>$time</td></tr>\n"; } echo "</table><br>\n"; } /** * displayBannedUsers - Displays the banned users * database table in a nicely formatted html table. */ function displayBannedUsers(){ global $database; $q = "SELECT username,timestamp " ."FROM ".TBL_BANNED_USERS." ORDER BY username"; $result = $database->query($q); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if(!$result || ($num_rows < 0)){ echo "Error displaying info"; return; } if($num_rows == 0){ echo "Database table empty"; return; } /* Display table contents */ echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n"; echo "<tr><td><b>Username</b></td><td><b>Time Banned</b></td></tr>\n"; for($i=0; $i<$num_rows; $i++){ $uname = mysql_result($result,$i,"username"); $time = date("m/d/Y g:i A", mysql_result($result,$i,"timestamp")); echo "<tr><td>$uname</td><td>$time</td></tr>\n"; } echo "</table><br>\n"; } /** * User not an administrator, redirect to main page * automatically. */ if(!$session->isAdmin()){ header("Location: ../login.php"); } else{ /** * Administrator is viewing page, so display all * forms. */ ?> <h1>Admin Center</h1> <span style="color:#FF0000; font-size:16px;"> <b>::::::::::::::::::::::::::::::::::::::::::::</b></span> <span style="color:#FF0000; font-size:16px;">Logged in as <b><? echo $session->username; ?></b></span><br><br> Back to [<a href="../login.php">Main Page</a>]<br><br> <? if($form->num_errors > 0){ echo "<span style=\"color:#FF0000; font-size:16px;\">" ."!*** Error with request, please fix</span><br><br>"; } ?> <table align="left" border="0" cellspacing="5" cellpadding="5"> <tr><td> <? /** * Display Users Table */ ?> <h3>Users Table Contents:</h3> <? displayUsers(); ?> </td></tr> <tr> <td> <br> <? /** * Update User Level */ ?> <h3>Update User Level</h3> <? echo $form->error("upduser"); ?> <table> <form action="admin/adminprocess.php" method="POST"> <tr><td> Username:<br> <input type="text" name="upduser" maxlength="30" value="<? echo $form->value("upduser"); ?>"> </td> <td> Level:<br> <select name="updlevel"> <option value="1">1 <option value="9">9 </select> </td> <td> <br> <input type="hidden" name="subupdlevel" value="1"> <input type="submit" value="Update Level"> </td></tr> </form> </table> </td> </tr> <tr> <td><hr></td> </tr> <tr> <td> <? /** * Delete User */ ?> <h3>Delete User</h3> <? echo $form->error("deluser"); ?> <form action="admin/adminprocess.php" method="POST"> Username:<br> <input type="text" name="deluser" maxlength="30" value="<? echo $form->value("deluser"); ?>"> <input type="hidden" name="subdeluser" value="1"> <input type="submit" value="Delete User"> </form> </td> </tr> <tr> <td><hr></td> </tr> <tr> <td> <? /** * Delete Inactive Users */ ?> <h3>Delete Inactive Users</h3> This will delete all users (not administrators), who have not logged in to the site<br> within a certain time period. You specify the days spent inactive.<br><br> <table> <form action="admin/adminprocess.php" method="POST"> <tr><td> Days:<br> <select name="inactdays"> <option value="3">3 <option value="7">7 <option value="14">14 <option value="30">30 <option value="100">100 <option value="365">365 </select> </td> <td> <br> <input type="hidden" name="subdelinact" value="1"> <input type="submit" value="Delete All Inactive"> </td> </form> </table> </td> </tr> <tr> <td><hr></td> </tr> <tr> <td> <? /** * Ban User */ ?> <h3>Ban User</h3> <? echo $form->error("banuser"); ?> <form action="admin/adminprocess.php" method="POST"> Username:<br> <input type="text" name="banuser" maxlength="30" value="<? echo $form->value("banuser"); ?>"> <input type="hidden" name="subbanuser" value="1"> <input type="submit" value="Ban User"> </form> </td> </tr> <tr> <td><hr></td> </tr> <tr><td> <? /** * Display Banned Users Table */ ?> <h3>Banned Users Table Contents:</h3> <? displayBannedUsers(); ?> </td></tr> <tr> <td><hr></td> </tr> <tr> <td> <? /** * Delete Banned User */ ?> <h3>Delete Banned User</h3> <? echo $form->error("delbanuser"); ?> <form action="admin/adminprocess.php" method="POST"> Username:<br> <input type="text" name="delbanuser" maxlength="30" value="<? echo $form->value("delbanuser"); ?>"> <input type="hidden" name="subdelbanned" value="1"> <input type="submit" value="Delete Banned User"> </form> </td> </tr> </table> </body> </html> <? } ?>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.