kayla

kaylafleury original, i know

What is happening on the 25th april? I'm going to a princess party the day before. Woooo! What an exciting life i lead

What nationality is he? I'm racking my brains here >.<

I've taken in your advice in storing their usertype in a cookie also. This is the coding i've used: The cookie has been set here; Login Script <?php //check for required fields from the form if ((!$_POST['username']) || (!$_POST['password'])) { header("Location: staff_login.php"); exit; } //get referring page $page = $_POST['page']; //read values from form $form_user = $_POST['username']; $form_password = $_POST['password']; $db_host='127.0.01'; $db_database='college_81646'; $db_username='student'; $db_password='college'; //create connection $connection= mysql_connect($db_host, $db_username, $db_password); if(!$connection){ die ("Could not connect to the database: <br />".mysql_error()); } //select database $db_select = mysql_select_db($db_database); if (!$db_select) { die ("Could not select the database: <br />".mysql_error()); } //create the query $sql ="SELECT users.username, users.password, users.user_type FROM users WHERE username = '$form_user' AND password ='$form_password'"; //execute the query $result = mysql_query($sql) or die ("Could not query the database: <br/>".mysql_error()); if (mysql_num_rows($result) == 1) { $usertype=mysql_result($result, 0, 'user_type'); //set authorization cookie setcookie("usertype",$usertype,0, "/", '', 0); } else { echo "Could not log you in."; echo ("<p>Click <a href='staff_login.php'>here</a> to return to the login page.</p>"); } //close connection mysql_close($connection); ?> I have then used the cookie here: <?php $page = $_SERVER['REQUEST_URI']; //if (!isset ($_COOKIE['usertype'])) //{ // header("Location: staff_login.php?page=$page"); // exit; //} echo $_COOKIE['usertype']; if ($_COOKIE['usertype'] != 'staff') { echo "You are not authorized to view this page"; echo "Click <a href='staff_login.php?page=$page'>here</a> to return to the login page."; } else { //declare database details $db_host='127.0.0.1'; $db_database='college_81646'; $db_username='student'; $db_password='college'; //create connection $connection = mysql_connect($db_host, $db_username, $db_password); if (!$connection){ die ("Could not connect to the database: <br />". mysql_error()); } // Select the database $db_select=mysql_select_db($db_database); if (!$db_select) { die ("Could not select the database: <br />". mysql_error()); } //declare the SQL statement that will query the database $query = "SELECT users.user_id, users.forename, users.surname, modules.module_name, grades.grade FROM users, grades, modules WHERE (users.user_id = grades.user_id) AND (modules.module_id=grades.module_id) ORDER BY modules.module_name, grades.grade"; //execute the query $result = mysql_query( $query); if (!$result) { die ("Could not query the database: <br />". mysql_error()); } //output date echo ("<center>"); echo( "<p style='font-size: x-small; font-family: Verdana;'>".date("l, F dS Y.")."</p>" ); //output database contents echo("<p style='font-size: 16pt; font-family: Verdana;'>Student Grades</p>"); echo("<table border='1' cellspacing='0' cellpadding='10' bordercolor='#6495ED' style='font-size: x-small; font-family: Verdana;'>"); echo ("<tr bgcolor='#CDCDCD' class='title'><td width='60'><b>User ID</b></td> <td width='120'><b>Forename</b></td> <td width='120'><b>Surname</b></td> <td width='120'><b>Module Name</b></td> <td width='120'><b>Grade</b></td> </tr>"); //fetch tha data from the database & display in a table while ($row = mysql_fetch_array($result)) { echo ("<tr>"); echo "<td><a href='staff_individual_grade.php?user_id=".$row{'user_id'}."'>".$row{'user_id'}."</a></td>"; echo "<td>".$row{'forename'}."</td>"; echo "<td>".$row{'surname'}."</td>"; echo "<td>".$row{'module_name'}."</td>"; echo "<td>".$row{'grade'}."</td>"; echo ("</tr>"); } echo ("</table>"); //Close the connection mysql_close($connection); } ?> <body> </body> </html> However, the cookie is not working how i want it to. It should display a message if the usertype stored in the cookie does not equal 'staff' but instead, it is actually displaying the whole page and vice versa. Dou you know what this could be? I've checked for extra spaces, etc and asked my lecturer to look at it but we are both confused.

I have a home page where the user can click on what they are (i.e. student, staff or admin). Theoretically, these links will be linked straight to the pages that they can view, lets call these 'view-pages' atm. These view-pages will contain cookies that I would like to distinguish whether the user has logged in and if they are the correct user type. If the user hasnt logged in, it will automatically redirect them to a log in page and after they have logged in they will be redirected back to the view-page. When you say groups, do you mean that each separate user type will have their own log in page? I thought about doing this but I thought there possibly could be a different way using less pages of coding.

I also have no idea about cookies if anybody could explain them to me please.

As part of my uni project I need to create a login page that will identify the 'usertype' of the person that trying to login and then redirect them to an appropriate page. There is 3 usertypes: admin, staff and student. All the info is called from a database. My main problem is that i'm basically stuck on what coding to write for it. Do i need a page for each user type or can i just do it using one? The coding i have so far is.... Login Page. <html> <head></head> <body> <center> <font face= 'Arial'><img src="login_title.jpg"> <form method= "post" action= "college_login_script.php"> <p>User Name:<br><br> <input type = "text" name= "username"></p> <p>Password:<br><br> <input type = "password" name="password"> </p> <input type="hidden" name="page" value="<?php echo $_GET['page'];?>"> <p><input type = "SUBMIT" name="submit" value= "Login"></p> </form> </font> <a href=home_page.html>Return to Home Page</a> </center> </body </html> Script for login page <?php //check for required fields from the form if ((!$_POST['username']) || (!$_POST['password'])) { header("Location: college_login.php"); exit; } //get referring page $page = $_POST['page']; //read values from form $form_user = $_POST['username']; $form_password = $_POST['password']; $db_host='127.0.01'; $db_database='college_81646'; $db_username='student'; $db_password='college'; //create connection $connection= mysql_connect($db_host, $db_username, $db_password); if(!$connection){ die ("Could not connect to the database: <br />".mysql_error()); } //select database $db_select = mysql_select_db($db_database); if (!$db_select) { die ("Could not select the database: <br />".mysql_error()); } //create the query $sql ="SELECT forename, surname, usertype FROM users WHERE username = '$form_user' AND password ='$form_password'"; //execute the query $result = mysql_query($sql) or die ("Could not query the database: <br/>".mysql_error()); if (mysql_num_rows($result) == 1) { //if authorized, get the values of the first and last name $f_name = mysql_result($result, 0, 'forename'); $l_name = mysql_result($result, 0, 'surname'); //set authorization cookie setcookie("auth", "secret", 0, "/", '', 0); setcookie("user", "admin", 0, "/", '', 0); header("Location: $page"); } else { echo "Could not log you in."; } //close connection mysql_close($connection); echo ("<p>Click <a href='college_login.php'>here</a> to return to the login page.</p>") ?> Any help would be much appreciated as I am really confused as what to do

Thanks. Thats worked perfectly

As part of my uni project, I have created a system that enables users to edit grades. The user will login and click on a student name, which will then take them to a form allowing them to edit and save the grades. What I'm looking to do is to display the student name at the top of the editting page. I've tried a couple ways of doing this, but they all seem to miss the first line of the table I'm displaying, as if its part of loop when the code is actually outside the code. The code I have at the moment is: <?php // get user id $Fid = $_GET['user_id']; //declare database details $db_host='127.0.01'; $db_database='college_81646'; $db_username='student'; $db_password='college'; //create connection $connection= mysql_connect($db_host, $db_username, $db_password); if(!$connection){ die ("Could not connect to the database: <br />".mysql_error()); } //select database $db_select = mysql_select_db($db_database); if (!$db_select) { die ("Could not select the database: <br />".mysql_error()); } //decalre the sql statement $query="SELECT users.forename, users.surname, modules.module_name, grades.grade FROM users, modules, grades WHERE (users.user_id = grades.user_id) AND (modules.module_id = grades.module_id) AND users.user_id=".$Fid ; //execute the query $result = mysql_query( $query ); if (!$result) { die ("Could not query the database: <br />". mysql_error()); } echo "<center>"; $row = mysql_fetch_array($result); echo "<b>".$row{'forename'}; echo "\n"; echo $row{'surname'}; echo "<br>"; echo("<table border='1' cellspacing='0' cellpadding='10' bordercolor='#6495ED' style='font-size: x-small; font-family: Verdana;'>"); echo ("<tr bgcolor='#CDCDCD' class='title'> <td width='120'><b>Module Name</b></td> <td width='60'><b>Grade</b></td> <td width='50'><b>Delete?</b></td> </tr>"); echo ("<form method='get' action='update_grade.php'>"); $count = 0; while ($row = mysql_fetch_array($result)) { echo ("<tr>"); echo "<td>".$row{module_name}."<br></td>"; echo "<td><input name='StudentGrade$count' size='10' maxlength='20' value='".$row{grade}."'<br></td>"; echo "<td><input type='checkbox' name='kill' value='kill'></td>"; echo ("</tr>"); $count = $count + 1; } echo ("</table>"); echo "<br><input type='submit' value ='submit' align='right'>"; echo "<input name='user_id' type='hidden' value='".$Fid."'>"; echo "</form>"; echo "</center>"; //close connection mysql_close($connection); ?> The code which I have used to try to display the students name at the top of the page is: echo "<center>"; $row = mysql_fetch_array($result); echo "<b>".$row{'forename'}; echo "\n"; echo $row{'surname'}; echo "<br>"; If anybody can help me by telling me how to display the name without missing the first line of my table out then that would be a great help! Thanks in advance! x

Hi, Sorry for the very late reply, my week has been a bit busy. So basically, users would register using this form: <html> <title>Registration</title> <body> <form method="post" action="register.pl"> <center> <table width="500" border=2 bordercolor="#FFFFFF" bgcolor="#CDCDCD" cellpadding="4" cellspacing="0" style="font-size: xx-small; font-family: Verdana;"> <tr> <td colspan="2" bgcolor="#FFFFFF"><img src="stc.jpg"></td> </tr> <tr> <td colspan="2" bgcolor="#6495ED"><b><h1>Register Here</h1></b></td> </tr> <tr> <td align="left"><p>Forename:</td> <td> <input type="text" name="forename" size=30> </td> </tr> <tr> <td align="left"><p>Surname:</td> <td> <input type="text" name="surname" size=30> </td> </tr> <tr> <td align="left"><p>Email Address:</td> <td> <input type="text" name="email" size=30> </td> </tr> <tr> <td align="left"><p>Password:</td> <td> <input type="text" name="password" size=30> </td> </tr> <tr> <td colspan=2 align="right"> <input type="submit" value="Register"> </td> </tr> </table> </center> </form> </body> </html> This is the perl file that processes what has been entered in the form: #!/usr/bin/perl -wT use CGI qw (:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); use strict; print header; print start_html("Registration"); print h2("Registration"); my $email = param('email'); my $forename = param('forename'); my $surname = param('surname'); my $password = param('password'); open(OUTF, ">>var/www/81646/userinfo.txt") or dienice("Couldn't open userinfo.txt for writing: $!"); # lock file flock(OUTF,2); # reset file to end incase someone has wrote to it whilst waiting for lock seek(OUTF,0,2); print OUTF "Forename: $forename\n"; print OUTF "Surname: $surname\n"; print OUTF "Email: $email\n"; print OUTF "Password: $password\n"; print OUTF "<hr align='left' width='200'>"; close(OUTF); print h2("Thank You"); print p("You details have been registered. Click <a href='registration.html'>here</a> to return to the registration page."); print end_html; sub dienice { my($msg) = @_; print "<h2>Error</h2>\n"; print $msg; exit } This is then stored to a text file called userinfo.txt. This file can be then be viewed in the browser using this file: #!/usr/bin/perl -wT use CGI qw (:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); use strict; print header; print start_html("Registration"); print h2("Registration"); open(INF,"var/www/81646/userinfo.txt") or dienice("Couldn't open userinfo.txt for reading: $! \n"); my @data = <INF>; close(INF); print "<hr>\n"; foreach my $i (@data) { print "$i\n"; } print "<br><br><a href='registration.html'>Add a new student</a>; sub dienice{ my ($errmsg) = @_; print "<h3>Error</h3>\n"; print "<p>$errmsg</p>\n"; exit; } print end_html; All that works perfectly fine. What I want to do is to create another page that will allow, say an admin, to edit any information in the text file. I have been informed by my lecturer that it may be possible to do this by displaying all the info in the text file in a text area box on a form but we have not learnt how to do this at all and i can't find anything on google. I know how to edit using hardcoded data, but thats not what I want to do. Any help would be much appreciated. x

Does anybody know how to edit a text file using a form in perl? I've tried googling but I'm just getting confused Thank you! x

FIXED IT Thanks anyways. I was just being a noob.

Omg. I did something really noobish and had it inserting into the wrong table. Haha, sorry! It works now but when I enter data, it goes in twice. This anything to do with my code?

Thanks. I'll try that. Could it have anything to do with the structure of the table in the db? Since I have an extra id field which is automated and a usertype field which the admin will edit.

Hi, As part of a uni project we have to create a system where users can enter their registration details into a form and they are then saved onto a database. We've did something very similar before in class for adding cars to a database, which worked fine. However, when we have came to edit this coding so it reflects our project, it just doesn't seem to work. We've tried debugging it by adding echo statements and found that the code goes through until the end. Heres the code that used on the registration form: <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Registration</title> <link href="mystyles.css" rel="stylesheet" type="text/css" /> </head> <body> <form method="get" action="add_student_to_database.php"> <center> <table width="500" border=2 bgcolor="#CDCDCD" cellpadding="4" cellspacing="0"> <tr> <td colspan="2" bgcolor="#6495ED"><p><b>New Student</b></td> </tr> <tr> <td align="left"><p>Forename:</td> <td> <input name="StudentForename" size="20" maxlength="20"> </td> </tr> <tr> <td align="left"><p>Surname:</td> <td> <input name="StudentSurname" size="20"> </td> </tr> <tr> <td align="left"><p>Email Address:</td> <td> <input name="StudentEmail" size="50"> </td> </tr> <tr> <td align="left"><p>Password:</td> <td> <input name="StudentPassword" size="20"> </td> </tr> <tr> <td colspan=2 align="right"> <input type="submit" value="Register"> </td> </tr> </table> </center> <input name="addStudent" type="hidden" value="1"> </form> </body> </html> And this is the code that we are using to add it to the database: <?php //read form values $Fforename = $_GET['StudentForename']; $Fsurname = $_GET['StudentSurname']; $Femail = $_GET['StudentEmail']; $Fpassword = $_GET['StudentPassword']; $db_host='127.0.01'; $db_database='registration_81646'; $db_username='student'; $db_password='college'; //create connection $connection= mysql_connect($db_host, $db_username, $db_password); if(!$connection){ die ("Could not connect to the database: <br />".mysql_error()); } //select database $db_select = mysql_select_db($db_database); if (!$db_select) { die ("Could not select the database: <br />".mysql_error()); } //declare the SQL statement that will query the database $query = "INSERT INTO cars (forename, surname, email, password) VALUES ('$Fforename', '$Fsurname', '$Femail', '$Fpassword')"; //execute query mysql_query( $query); //close connection mysql_close($connection); ?> If anybody could help it would be much appreciate! <3

Thanks alot! I wasn't sure, as when I was googling about it, I found a couple of blogs that said hashing was a bad idea but adding 'salt' seems to be a sensible idea in order to make it more secure.

I am creating a client zone for a company as part of a uni project. I was thinking of creating a php page for employees to log in and edit or add passwords for clients. My only problem comes when encrypting the passwords. I've heard of salting and hashing but I'm not sure of what would be best to use. The data is being accessed by the clients is on an Access db (not ideal for multiple access, i know) Also, when the client logs in with their password will it automatically be recognised? Or will i need code which de-encrypts it? Sorry if I don't make much sense, but any help would be greatly appreciated!

Not at all I'm from South Shields and I support Sunderland. Got a season ticket in fact! So I'm a sandancer that supports the mackems

Ah great. Thanks! I did try googling but I was probably entering the wrong key words.

As part of my uni course I am doing a placement at a company whom want me to create a client zone for their website. Basically, they want me to create the code to get data from a MS Access db and display it on this client zone. I know how to connect to the db using ODBC but I was wondering, when it comes to creating queries to add, delete data, etc. is it just the same code as when using mysql, or is different? I hope I make sense!

Oh my... now you owe me all the time I'm going to spend there. Oopsies I spent ages on it too. I actually managed to get to the end of the website *hangs head in shame*

I don't even know my own mobile number which I've had for at least 5 years o_O I do know all my passwords though. I have a set few and use them depending how important the thing that being accessed is. I tend to keep forgetting my pin number for my bank though, which isn't very helpful!

Hahaha! Thats so cool! Try this website: www.lamebook.com If you haven't already heard of it, its all the stupid things people post on facebook.

Haaa! It seems I am the only person using Avira which is a bit worrying :/ I did have Norton/Symantec when I first got my laptop which was terrible to uninstall. You have to download a whole another program. Anybody recommend anything better than Avira? Or am I ok with that?

Thanks! There is some very interesting stuff. I've been looking through some of the scripts that members and its amazing some of the things you can do with PHP. I think I have a lot learn! But hopefully, this forum will be part of the process