Search the Community

Hi all im new to the forum Im trying to display a message on my checkout page when a customer successfully adds a product to the basket! For example I have a buy button on my product page, when the user clicks "buy" the page redirects to checkout.php and adds that particualr item to the basket. It would be great to display a message to the user in the checkout to inform the user that their item has been added. I have attached my checkout and config files. Any help would be greatly appreciated checkout.php config.php

i am using sessions. first on admin folder and second on user folder. in admin folder, i use $_SESSION['username']; in user folder, i use $_SESSION['username1']; now when i click on logout button in localhost/xxx/admin/logout.php i also logged out from localhost/xxx/logout.php. is there a way.. not to be logged out from user panel when click logout button in admin panel????

I followed this YouTube tutorial on how to make a registration page with a username and password. Also a login page that checks you credentials against the database and logs you in. After you are logged in, it starts a session. That's where it stopped. I want to do two things. I want to display on the site if you are logged in or if you are visiting as a guest. And my site's main purpose is photo uploading. So I would like to have under each uploaded photo the username of who uploaded it, or guest if they were not registered. I really am clueless on where to go from here. So if anyone could even point me in the right direction that would be great. I am teaching myself to program and am totally new to sessions, users etc. Here is the config.php file <?php $sql = mysql_connect("localhost","root","") or die(mysql_error()); $slect_db = mysql_select_db("login", $sql); ?> The registrer.php file <?php include ('config.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST['password'])); if (empty($username)) { echo("You have to fill in an username!"); } else { if(empty($password)){ echo ("You have to fill in a password!"); } else { $query = mysql_query("SELECT * FROM users WHERE username = '$username'"); $rows = mysql_num_rows($query); } if ($rows > 0) { die("Username taken!"); } else { $user_input = mysql_query("INSERT INTO users (username, password) VALUES ('$username','$password')"); echo("Succesfuly Registered!"); } } } ?> <html> <head> <title>Register</title> </head> <body> <form action="register.php" method="post"> Username: <input type="text" name="username" /><br/> Password: <input type="password" name="password"/><br/> <input type="submit" value="Register!"/> </form> </body> </html> and the login.php file <?php include ("config.php"); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST['password'])); $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); $query_rows = mysql_num_rows($query); if($query_rows > 0) { echo ("Succesfull Login!"); session_start(); $_SESSION['login'] = "1"; } else { echo ("Username and/or password incorrect"); } } ?> <html> <head> <title>Login</title> </head> <body> <form action="login.php" method="post"> Username: <input type="text" name="username" /><br/> Password: <input type="password" name="password"/><br/> <input type="submit" value="Login!"/> </form> </body> </html>

Hi, I'm trying to create a login form so that when a user logs in, they stay logged in and I'm wondering, which is better to use? The cookie method by doing: setcookie or the session_start() method? So far I've been unsuccessful with the session_start(); method. Any suggestions? Thanks.

Hey, I am trying to see if the current store_name session is equal to any of the session name I have assigned into the $store_array but I don't seem to be getting any luck. Below is my code. Any suggestions? $store_array = array('store1', 'store2'); function chain_report(){ global $store_array; if($_SESSION["store_name"] == $store_array) {

Hey guys, I'll try to keep this short and simple. I've spent hours upon hours (probably 30-40+ over the week) trying to decide the best and most secure route to take with php sessions, I wouldn't trouble the community for help if I haven't put the time into it myself. After looking around I have come across a basic thought: - Check if session is already active - Set name and Params - Start Session - Check user_agent\ip (I'm not pushing this so much other than letting logged in users be aware of another device) - Regenerate Id and allow old Session id to work for a minute or so - Write encrypted data - Read encrypted data Pretty much I'm stuck on Regenerating the Id, I see how others are doing it but i guess i'm intimidated by it. Also, I have seen a few others who connect to the database to update regenerate id and update every write to store data. Performance wise is this worth it? I know if you're working with multiple servers this can benefit passing the session data, but if this is the case.

Hey, I am creating a session class for one of my ecommerce application. Below is the class I have created. I was wondering how would I go about creating a message for the session being expierd and a message if the session was not found? Also does this class look correct? Thanks class Session { public $mycart; public $store_name; public $discount_session; function __construct() { session_start(); $this->store_name(); } function store_name() { if(isset($_SESSION['store_name'])) { $this->store_name = $_SESSION['store_name']; } } function my_cart() { if(isset($_SESSION['my_cart'])) { $this->mycart = $_SESSION['store_name']; } } function discount_session() { if(isset($_SESSION['discount_session'])) { $this->discount_session = $_SESSION['discount_session']; } } } $session = new Session;

I have coded a couple of applications and for logging in users, I do the following: ask the user for a username create a password salt and encrypt the password store the username and encrypted password in a database e-mail the user his password on a login page, ask the user for his username/password pair salt and encrypt the password provided by the user compare the encrypted password value to the one stored in my database if the encrypted value matches I do a session_start() and store the user_id in a session variable. on every page I do session_start() and check the session variable for the user_id if the user_id is not found redirect to the login page if it is give them access to whatever they should have access to. Now, I have inheritted a program that I did not write and it handles authentication using the PEAR:Auth module. I had a user complain that he was being repeatedly redirected tot he login page. I could not replicate his problem and closing and re-opening his browser solved the problem on his end, but I'm assuming he's not insane so I am tempted to rip out the existing PEAR:Auth methodology of tracking users and replace it with what I am used to. However, PEAR:Auth must do more than php sessions or nobody would use it so I worry that if I replace it I will eaither be making things less secure or losing some functionality. Try as I might, I can't see what I'd lose by replacing PEAR with something simpler. What am I missing? What does PEAR:Auth give me that php sessions doesn't? Thanks, David

the first chunk of code is in my index.php file. I am trying to pass the $_SESSION['mes_id1'] variable into another php file called up.php and it will not get passed. the second chunk of code is the up.php file and the third chunk of code is my config.php file. any help is very much appreciated!!!!! thank you in advance!!!! index.php <?php session_id(); session_start(); mysql_connect("localhost", "FoleyHurley", "*******"); mysql_select_db("voting2"); ?> <div id="mipods" class="section2" style="display: none;"> <!-- assign mysql data rows to corresponding php variables --> <?php $sql = mysql_query("SELECT * FROM blogData ORDER BY id DESC"); $sql2=mysql_query("SELECT * FROM messages WHERE mod(mes_id,2) = 0 ORDER BY mes_id DESC"); $sql3=mysql_query("SELECT * FROM messages WHERE mod(mes_id,2) = 1 ORDER BY mes_id DESC"); while(($row = mysql_fetch_array($sql))&&($row2 = mysql_fetch_array($sql2))&&($row3 = mysql_fetch_array($sql3)) ){ $id = $row['id']; $title = $row['title']; $content = $row['content']; $category = $row['category']; $podcast = $row['podcast']; $datetime = $row['datetime']; $message1=$row2['msg']; $mes_id1=$row2['mes_id']; $totalvotes1=$row2['totalvotes']; $message2=$row3['msg']; $mes_id2=$row3['mes_id']; $totalvotes2=$row3['totalvotes']; $_SESSION['message1'] = $message1; $_SESSION['message2'] = $message2; $_SESSION['mes_id1'] = $mes_id1; $_SESSION['mes_id2'] = $mes_id2; $_SESSION['totalvotes1'] = $totalvotes1; $_SESSION['totalvotes2'] = $totalvotes2; ?> <?php // variable used to display file name of $podcast without the extension $noext = $podcast; $echodub = rawurlencode($podcast); // code to display $noext without the file extension $info = pathinfo($noext); $noext_name = basename($noext,'.'.$info['extension']); ?> <!-- echo php variables in html format, in a table with the class of "podcast" --> <table class="podcast" border="1"> <tr> <td class="title"> <?php echo $title; ?> </td> <td class="timeandcategory"> <?php echo $datetime; ?> <br> <?php echo $category; ?> <?php echo $_SESSION['mes_id1']; ?> <?php echo $_SESSION['mes_id2']; ?> <?php echo session_id(); ?> </td> </tr> <tr> <td class="content"> <?php echo $content; ?> </td> <td class="myfblike"> <a href="https://twitter.com/share" class="twitter-share-button" data-url="http://localhost:8888/blog1/index.php#<?php echo $noext; ?>" data-counturl="http://localhost:8888/blog1/index.php#<?php echo $noext; ?>" data-text="listen to SD's new podcast! www.sportdebaters.com#<?php echo $noext; ?> @SDebaters " data-related="SDebaters" data-hashtags="SDebaters">Tweet</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> <span class='st_fblike_large' displayText='Facebook Like'></span><br> <span class='st_facebook_large' displayText='Facebook'></span><br> <span class='st_twitterfollow_large' displayText='Twitter Follow'></span><br> <span class='st_pinterest_large' displayText='Pinterest'></span><br> <span class='st_email_large' displayText='Email'></span><br> <span class='st_sharethis_large' displayText='ShareThis'></span><br> </td> </tr> <tr> <td class="audio"> <!--echo the audio file --> <ul class="playlist"> <li><a href="<?php echo"uploads/$podcast"; ?>"><?php echo"$noext_name"; ?></a></li> </ul> <!--<div id="sm2-container"> (I don't have an SM2 flash movie... but lets save this for later but for now I will comment out the div this is contained in also....) SM2 flash movie goes here </div> --> </td> <td> <div id="main"> <div id="left"> <span class='up'><a href="" class="vote" id="<?php echo $_SESSION['mes_id1']; ?>" name="up"><img src="up.png" alt="Down" /></a></span><br /> <?php echo $_SESSION['totalvotes1'] ?><br /> <!--<span class='down'><a href="" class="vote" id="<?php echo $mes_id1; ?>" name="down"><img src="down.png" alt="Down" /></a></span>--> </div> <div id="message"> <?php echo $_SESSION['message1'] ?> </div> <div class="clearfix"></div> </div> <div id="main"> <div id="left"> <!--<span class='up'><a href="" class="vote" id="<?php echo $mes_id2; ?>" name="up"><img src="up.png" alt="Down" /></a></span>--><br /> <?php echo $_SESSION['totalvotes2'] ?><br /> <span class='down'><a href="" class="vote" id="<?php echo $_SESSION['mes_id2']; ?>" name="down"><img src="down.png" alt="Down" /></a></span> </div> <div id="message"> <?php echo $_SESSION['message2'] ?> </div> <div class="clearfix"></div> </div> </td> </tr> </table> <br> <?php } ?> </div> up.php <?php session_start(); include("config.php"); $ip=$_SERVER['REMOTE_ADDR']; $ip_sql=mysql_query("select ip_add from Voting_IP where mes_id_fk='".$_SESSION['mes_id1']."' and ip_add='$ip'"); $count=mysql_num_rows($ip_sql); $ip_sql2=mysql_query("select ip_add from Voting_IP where mes_id_fk='".$_SESSION['mes_id2']."' and ip_add='$ip'"); $count2=mysql_num_rows($ip_sql2); if($count==0 && $count2!=0) { $sql = "update Messages set totalvotes=totalvotes+1 where mes_id='".$_SESSION['mes_id1']."'"; mysql_query( $sql); $sql_in = "insert into Voting_IP (mes_id_fk,ip_add) values ('".$_SESSION['mes_id1']."','$ip')"; mysql_query( $sql_in); $sql = "update Messages set totalvotes=totalvotes-1 where mes_id='".$_SESSION['mes_id2']."'"; mysql_query( $sql); $sql_in = "DELETE FROM Voting_IP WHERE mes_id_fk='".$_SESSION['mes_id2']."'"; mysql_query( $sql_in); } else if($count==0 && count2==0) { $sql = "update Messages set totalvotes=totalvotes+1 where mes_id='".$_SESSION['mes_id1']."'"; mysql_query( $sql); $sql_in = "insert into Voting_IP (mes_id_fk,ip_add) values ('".$_SESSION['mes_id1']."','$ip')"; mysql_query( $sql_in); } ?> config.php <?php $mysql_hostname = "localhost"; $mysql_user = "FoleyHurley"; $mysql_password = "******"; $mysql_database = "voting2"; $prefix = ""; $bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database"); mysql_select_db($mysql_database, $bd) or die("Could not select database"); ?>

hi if anyone can help me with a solution to this i would be gratefull i have a paginator function which at the moment while testing is set to display 2 products per page so if i have 10 products ill obviously have 5 page-tabs in my navigation i have filters on the page in order to drill the data set down ie, product type, price range ...etc i seem to having an issue in saving the state of my filters to work with the paginator properley ive supplied the main paginator function pagination.php the function is called in categories.php ive attached both files categories.php (this page gets the category id thats passed from the navigation menu which you will see if you visit http://inspiredskills.com/categories.php?id=1 and displays all products related to that category so we have the category/product listing and a filters menu/form and the left hand side which does indeed drill the products down now the filters work fine with the dataset no problem but i cannot get it to work with the paginator properley basically ive had limited success . but not the complete stable solution i need i cannot pass the saved state of the filter to work in conjuction with my paginator properley if anyone can point me in the right direction of achieving this id be gratefull to look at the product listing page go here http://inspiredskills.com/categories.php?id=1 and you will see what im trying to achieve cheers James pagination.php categories.php

Hi guys, Had a few questions. First off, my gear. Using CS5.5 for development with server 2003 iis6.0. What I'm developing is pretty straight forward, and has the following features: 1) Secure form people use to register company info & user info. 2) Once logged in, users will be able to post/update/edit/delete information about funerals to a universal funeral info database. 3) There will be two types of user accounts. An admin that can see all funeral information from all funeral homes, and then funeral home accounts that will only be able to see their individual account data. That's it...so I had a few questions... 1) I've been able to create a registration form pretty easily, and it posts to my database no problem. Only one issue that I can see right now. The password column shows the actual password...no encryption. Is there an easy way to encrypt the passwords that won't harm a user's ability to access their individual account? 2) I'm using dreamweaver's user authentication to allow access to restricted areas within the web site. When a person log's in, it verify's their information by checking their username/pwd. Then it further restricts a persons ability to view everything by fetching an access level associated with each user. I was able to echo and print the access level variable, which correlates to the user's account number. I want to use this information in a dynamic page that lists all records (funerals) associated with that account number. I can do that easily enough, but is PHP secure enough to prevent someone from logging in with a username & password and simply changing the account number (aka access level), and then running amuck with the funeral listings? Is that what's called an SQL injection attack? 3) I suppose I could add some more security, but not sure if it would help? What if instead of not just searching the account number for their funeral information, it matched their account number AND the name of the company when it pulled in information from the universal database? I want to make sure this is secure since we're dealing with funeral homes. It would take a sick #$#@ to screw with someone's funeral information, but I'd rather be safe than sorry. Thanks for any advice folks

I’m moving a longstanding working site from on server to another. In the move my session handling is acting differently on the new server. My first clue was that my PHPSESSION files in the new 777 folder I built is saving a new session file each link / click. For a bit… I set session.use_trans_sid = 1 in my php5.php but… I don’t want the session id in the address bar, and B.) it didn’t actually work for forwards (REFRESH to another page.(worked fine when clicking a link) and C) my url rewrites are not working…. So step1 compare the old phpinfo file to the new one and make sure everything matches. Easy enough for most commands but…. And this is where I make this post to ask… How do I set…???? PHP Variables _REQUEST["PHPSESSID"] 1913085bab063a403cd0737472ea36a7 _COOKIE["PHPSESSID"] 1913085bab063a403cd0737472ea36a7 And do I need to? There are existing _request and cookie listing in my phpinfo view... but the new one doesn't show _REQUEST["PHPSESSID"] yet on the existing/old site it is listed. Is this something I need to turn on? do I use the php5 file to do it? Help! Please. P.S. I'm looking forward to being a php freak!!!

I have this login page using sessions but when I provide the correct username and password, am just re-directed to the same login page but if the credentials are wrong, am issued with a warning. When i check the logged data in the database on provision of correct username and password, a blank username is logged as logged in at that time. I need your help. here is my code. // login.php <?php session_start(); include("config.php"); $error = ""; if($_SERVER["REQUEST_METHOD"] == "POST") { // username and password sent from form $myusername=addslashes($_POST['username']); $mypassword=addslashes($_POST['password']); $error="<h3><strong>Your Login Name or Password is invalid</h3></strong>"; $sql="SELECT uid FROM users WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); $row=mysql_fetch_array($result); $active=$row['active']; //if( isset($_SESSION[$myusername]) ) $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1) { if( isset($_SESSION[$myusername]) ) //session_register("myusername"); //$_SESSION['login_user']=$myusername; $_SESSION['login_user']= $_POST['username']; header("location: welcome.php"); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> <style type="text/css"> @import url("../../../Users/devtech/Documents/Unnamed Site 1/CSS/colors5.css"); body { font-family:Arial, Helvetica, sans-serif; font-size:14px; background-image: url(); background-color: #FFFFFF; background-repeat: repeat-x; } label { font-weight:bold; width:100px; font-size:14px; font-family: "Times New Roman", Times, serif; text-decoration: none; } .box { border:#666666 solid 1px; } body,td,th { color: #0000FF; font-weight: bold; background-color: #FFFFCC; line-height: normal; text-transform: capitalize; font-family: "Times New Roman", Times, serif; background-attachment: scroll; background-position: left bottom; text-decoration: overline; } </style> </head> <p align="center"> </p> <body> <img src="images/COMVOO Logo.jpg" width="194" height="156"/> <div align="center"> <div align="left" style="width:300px; border: solid 1px #333333; "> <div style="background-color:#333333; color:#FFFFFF; padding:3px;"><em><strong>COMVOO LOGIN</strong></em></div> <div style="margin:30px"> <form action="" method="post"> <label>UserName :</label> <input type="text" name="username" class="box"/> <br /> <br /> <label>Password :</label> <input type="password" name="password" class="box" /> <br/> <br /> <input type="submit" value=" Submit "/> <br /> </form> <div style="font-size:11px; color:#cc0000; margin-top:30px"><?php echo $error; ?></div> </div> </div> </div> </div> </body> </html> //// lock.php <?php session_start(); include('config.php'); // $inactive = 299; // set timeout period in seconds // $user_check=$_SESSION['login_user']; $ses_sql=mysql_query("select username from users where username='$user_check' "); $row=mysql_fetch_array($ses_sql); $login_session=$row['username']; if(!isset($login_session)) { header("Location:login.php"); } /////////////////////////////////// else if (isset($_SESSION['timeout'])) { $session_life = time() - $_SESSION['timeout']; if ($session_life > $inactive) { session_destroy(); header("Location: logout.php"); //header("Location: login.php"); } } $_SESSION['timeout'] = time(); /////////////////////////////////// ?> /////////// welcome.php <?php //include('lock.php'); //include("config.php"); require_once("config.php"); require_once("lock.php"); ?> <?php $login="INSERT INTO logaudit (eventid, username, event, eventdate) VALUES ('', '$login_session', 'logged in', NOW())"; $sql2=mysql_query($login); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Welcome </title> <style type="text/css"> <!-- body { background-color: #FFFFCC; background-image: url(); background-repeat: no-repeat; } --> </style></head> <?php $url=$_SERVER['REQUEST_URI']; header("Refresh: 300; URL=$url"); ?> lock.php

Hi all, I've been working with php for awhile, but unfortunately I cannot grasp php session and find a solution to my problem. I have a situation where I set a session value on 1st script and trying to unset it on 2nd script, but unfortunately the session variable will not unset. The session is used for displaying status or error values and after displaying status , session should be unset. On 1st script I use code: session_start(); ... $_SESSION['SESS_STATUS']='This is status msg. '; session_write_close(); header("location: 2nd.php"); exit(); On 2nd script I display session value and unset the session: session_start(); ... if(isset($_SESSION['SESS_STATUS'])) { $status = $_SESSION['SESS_STATUS']; echo $status; unset($_SESSION['SESS_STATUS']); } Msg gets displayed but unfortunately session 'SESS_STATUS' will not unset, so when this page gets refreshed, or navigated trough browser again, the same msg gets displayed again. On every page i use session_start(); so session is continued. I have tried many different ways to unset the session variable but with no luck. Any help or advice is appreciated. Thanks very much !

I appreciate all the help in my last post and that issue has been resolved and working perfectly. Now I'm in need of creating a session because I need the ID passed from one page to the next because I want to add to that row based upon that ID. Here is the first page code: (Someone told me how to insert code here but I forget.) <?php session_start(); $_SESSION['pid']=$_POST['pid']; ?> Also have tried just a plain old $pid="$_POST['pid']; then declaring session as $pid. on the second page I'm using: <?php session_start(); echo $_SESSION['pid']; ?> (just using echo now to see if I'm getting the variable I'm wanting). I get nothing. I'm not passing that ID and I REALLY need it. Help?

Basically I've a Contact Form where a user fills in Name, Email Address and Comments and then there is aSubmit button. If I just hit "Submit" without filling in anything or wrong information, it takes me to this page,send_form_email.php. This page has all the validators in it. I want it to sort of (I say sort of because I still need to check whether they input everything correctly) bypass this page and go to "submitted-contact.php" page (it's going to this page but its not showing the following as specified in the 2) where it displays one of the 2 things: 1) Login Success 2) Try Again! Right now, there's nothing showing. :| send_form_email.php has this at the very top and it calls header location to the page, submitted-contact.php SEND_FORM_EMAIL CODE [/b] [b]<?php session_start(); $_SESSION['error']=true; $_SESSION['error']=false; ?> <?php if(isset($_POST['email'])) { // EDIT THE 2 LINES BELOW AS REQUIRED $email_to = "blah@hotmail.com"; $email_subject = "Your email subject line here"; function died($error) { // your error code can go here echo $error; die(); } // validation expected data exists if(!isset($_POST['first_name']) || !isset($_POST['email']) || !isset($_POST['comments'])) { died(''); } $first_name = $_POST['first_name']; // required $email_from = $_POST['email']; // required $comments = $_POST['comments']; // required $error_message = ""; $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/'; if(!preg_match($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } $string_exp = "/^[A-Za-z .'-]+$/"; if(!preg_match($string_exp,$first_name)) { $error_message .= 'The First Name you entered does not appear to be valid.<br />'; } if(strlen($comments) < 2) { $error_message .= 'The Comments you entered do not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\n\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "First Name: ".clean_string($first_name)."\n"; $email_message .= "Email: ".clean_string($email_from)."\n"; $email_message .= "Comments: ".clean_string($comments)."\n"; // create email headers $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); $sendit= @mail($email_to, $email_subject, $email_message, $headers); if($sendit){ header('Location:submitted-contact.php'); }else{echo "Email failed to send";} } ?> SUBMITTED-CONTACT.PHP CODE <!DOCTYPE html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"><style type="text/css"></style> <title>CKK Internet Marketing</title> <link href="style.css" rel="stylesheet" type="text/css" media="all"> <link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Lato"> <link rel="shortcut icon" href="images/favicon.ico" /> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script> <script src="js/jquery.sticky.js"></script> <script src="js/jquery.cycle.all.js"></script> <script src="js/jquery.smoothscroll.js"></script> <script> $(document).ready(function(){ $(".navigation").sticky({topSpacing:0}); }); </script> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-27381915-2']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </head> <body class="submitted"> <div class="navigation"> <div class="container"> <a href="#"><img src="images/logo.png"</a> <ul> <li><a href="/">Home</a></li> <li><a href="/about">About Us</a></li> <li><a href="/service">Services</a></li> <li><a href="/blog">Blog</a></li> <li><a href="/index.html#contact">Contact</a></li> </ul> </div> </div> <div id="submitted-content-2"> <div class="content container"> <?php if (!isset($_SESSION['flunk'])){ $myString = "MESSAGE FLUNKED!"; echo $myString; }else (!isset($_SESSION['pass'])){ $myString2 = "MESSAGE PASSED!"; ?> <div class="clear"></div> </div> </div> </div> <div class="clear"></div> <div class="footer"> <div class="container"> </div> </div> </body> </html> The php code in submitted-contact.php, the following code is in the right location but just the wrong syntax? <div id="submitted-content-2"> <div class="content container"> <?php if (!isset($_SESSION['flunk'])){ $myString = "MESSAGE FLUNKED!"; echo $myString; }else (!isset($_SESSION['pass'])){ $myString2 = "MESSAGE PASSED!"; ?> <div class="clear"></div> </div> </div> </div> Basically, I want to commute from send_form_email.php to submitted-contact.php one of the two things: 1) If user inputted everything well on the Contact Page, show them, "You're logged in" 2) If user inputted wrong information or did not fill in everything on the Contact Page, show them, "Try Again" I want that to be shown withing my <div class="content container"> Sorry, I know this was a long post but I really could use a hand on this. I have been trying to figure this out for the past couple of days! :| Thanks guys D3158

hi friends, I am new to PHP I would like to know more about the sessions about where to create and where to establish and creating a expiring page when user kept the page idle for few mins so please let me know more about the session functions thanking you.

I'm trying out session cookies for the first time, and I have run into some troubles. Im recieving the following errors below; Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at filelocation/filename:3) in filelocation/filename on line 4 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at filelocation/filename:3) in filelocation/filename on line 4 Any help would be great! <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <?php session_start(); ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Tree Quoter</title> <link href="style.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="content_slider_style.css" /> <link rel="stylesheet" type="text/css" href="form.css" /> <script type="text/javascript" src="js/jquery.1.3.2.min.js" ></script> <script type="text/javascript" src="js/jquery-ui.min.js" ></script> <script type="text/javascript"> $(document).ready(function(){ $("#featured > ul").tabs({fx:{opacity: "toggle"}}).tabs("rotate", 3000, true); }); </script> </head> <body> <div id="templatemo_body_top"> <div id="templatemo_body_bottom"> <div id="templatemo_wrapper"> <div id="templatemo_header"> <div id="site_title"> <h1><a href="http://www.treequoter.co.uk"><strong>Tree Quoter</strong><span>Expert tree surgeons, competitive quotes</span></a></h1> </div> <!-- end of site_title --> </div> <div id="templatemo_menu"> <ul> <li><a href="index.html" class="current">Home</a></li> <li><a href="services.html">Get quotes</a></li> <li><a href="blog.html">Get Clients</a></li> <li><a href="gallery.html">More info</a></li> <li><a href="contact.html">Contact Us</a></li> </ul> </div> <!-- end of templatemo_menu --> <div id="templatemo_main_wrapper_01"> <div id="templatemo_main_wrapper_02"> <div id="templatemo_main_wrapper_03"> <div id="templatemo_main"> <div id="templatemo_slider"> <div id="featured" > <ul class="ui-tabs-nav"> <li class="ui-tabs-nav-item ui-tabs-selected" id="nav-fragment-1"><a href="#fragment-1"><img src="images/content_slider/image1-small.jpg" alt="" /><span>Professional tree felling by expert tree surgeons</span></a></li> <li class="ui-tabs-nav-item" id="nav-fragment-2"><a href="#fragment-2"><img src="images/content_slider/image2-small.jpg" alt="" /><span> Tree removal, a section at a time</span></a></li> <li class="ui-tabs-nav-item" id="nav-fragment-3"><a href="#fragment-3"><img src="images/content_slider/image3-small.jpg" alt="" /><span>Brush chipping and recycling</span></a></li> <li class="ui-tabs-nav-item" id="nav-fragment-4"><a href="#fragment-4"><img src="images/content_slider/image4-small.jpg" alt="" /><span> Stump Grinding, creating new spaces</span></a></li> </ul> <!-- First Content --> <div id="fragment-1" class="ui-tabs-panel" style=""> <img src="images/content_slider/image1.jpg" alt="" /> <div class="info" > <h2><a href="#" >Professional Tree Felling</a></h2> <p>An expert tree surgeon will be able to safely fell a diseased or dangerous tree, sometimes even in confined spaces.... <a href="#" >read more</a></p> </div> </div> <!-- Second Content --> <div id="fragment-2" class="ui-tabs-panel ui-tabs-hide" style=""> <img src="images/content_slider/image2.jpg" alt="" /> <div class="info" > <h2><a href="#" >Tree Removal</a></h2> <p>Sometimes the only safe way to remove a tree is to take away a section at a time, roping as we go.... <a href="#" >read more</a></p> </div> </div> <!-- Third Content --> <div id="fragment-3" class="ui-tabs-panel ui-tabs-hide" style=""> <img src="images/content_slider/image3.jpg" alt="" /> <div class="info" > <h2><a href="#" >Brush Chipping</a></h2> <p>Brush cut from your tree is often chipped and taken away. This can then be spread over garden beds or burnt in power stations.... <a href="#" >read more</a></p> </div> </div> <!-- Fourth Content --> <div id="fragment-4" class="ui-tabs-panel ui-tabs-hide" style=""> <img src="images/content_slider/image4.jpg" alt="" /> <div class="info" > <h2><a href="#" >Stump Grinding</a></h2> <p>Post tree removal, people often ask for their stump to be removed, creating extra space in their bed, or simply for aesthetics.... <a href="#" >read more</a></p> </div> </div> </div> </div> <!-- end of templatemo_slider --> <div id="clientform"> <p>Please enter your details below, and 3 of your local tree surgeons will get in touch! or <a href="login.html">login</a><br /><br/></p> <?php $_SESSION['name'] = $_POST['name']; $_SESSION['email'] = $_POST['email']; $_SESSION['phone'] = $_POST['phone']; $_SESSION['postcode'] = $_POST['postcode']; $_SESSION['type'] = $_POST['type']; $_SESSION['start'] = $_POST['start']; ?> <form action="client_start_2.php" method="post"> <p class="left"><label for="name" class="required">Your Name</label><br> <input class="field required" id="name" name="name" placeholder="Your Name" required tabindex="1" type="text" ></p> <p class="right"><label for="email" class="required">Your Email Address</label><br> <input class="field required" id="email" name="email" placeholder="Your Email Address" required tabindex="1" type="email"></p> <div style="clear:both" /> <p class="left"><label for="phone">Your Phone Number</label><br> <input class="field" id="phone" name="phone" placeholder="Your Phone Number" tabindex="3" type="text"></p> <p class="right"><label for="postcode">Your Full Postcode</label><br> <input class="field" id="postcode" name="postcode" placeholder="Your Full Postcode" tabindex="4" type="text"></p> <div style="clear:both" /> <p class="left"><label for="type" class="required">Type of works</label><br> <select class="dropdown required" id="type" name="type" required="required" tabindex="9"> <option value=""> Please Select </option> <option value="1">Tree Surgery</option> <option value="2">Stump Grinding</option> <option value="3">Tree Surgery and Stump Grinding</option> </select></p> <p class="right"><label for="phone">Ideal Start Date</label><br> <input class="field" id="start" name="start" placeholder="Your Ideal Start Date" tabindex="5" type="text"></p> <div style="clear:both"> <p class="left"><label for="question" class="required">Brief Description of Works</label><br> <textarea class="textarea required" id="description" name="description" placeholder="Job Description" required tabindex="10"></textarea></p> <p class="button"><button tabindex="6" type="submit">Submit</button></p> <div style="clear:both" /> </form> </div> <!-- end of clientform --> </div></div></div></div></div></div></div> <div id="templatemo_footer"> <a href="index.html" class="current">Home</a> | <a href="services.html">Get Quotes</a> | <a href="blog.html">Get Clients</a> | <a href="gallery.html">More Info</a> | <a href="contact.html">Contact Us</a> <br /><br /> Copyright © 2012 <a href="#">Tree Quoter</a> | Designed by <a href="http://www.websites.cx" target="_parent">Websites.cx</a> </div> <!-- end of templatemo_footer --> </div> </div> <!-- end of wrapper --> </div> </div> </body> </html>

In a regular form, how would I go about to populate a php session variable with the value of the checkbox the user checked, all without reloading the page? I don't need to error check or anything for this, as I do that once the user submits the form. I just want to add a value to an existing session variable as soon as the user check the box. Any help is greatly appreciated.

Because I have a multi server setup, I was thinking about using cookies for all session data. Obviously the data will be encrypted. But do you guys have any best practices you would recommend? For example, right now, I look for a cookie call (app_name). if that exists I decrypt the data, unserialize it and see if I can the proper ID (and 1 other validation field). If they do, then I fill the local session with all the data I need and I make sure the cookie has the up-to-date data. Should I not use a cookie with (app-name)? If I just use session_name() and set the session/cookie name? Or will that delete the data in the cookie if it already exists? Any advice would be great! I'm really trying hard not to save session data in the DB to account for the multi-server setup. Thanks!

Basically thought I got this working before and now i'm stuck. I'm setting and getting a cookie using a set function ("setRememberMeToken") and retrieving them using a get function ("getRememberMeCheck") [see functions bellow in the final box]... however when i close the browser the cookie session is lost when i reopen.. I used a browser extension called Cookie-editor in chrome to check and I see nothing saved upon reopening (cookie named "token" as it uses tokens in MYSQL DB). This is the thing, if i run (this code bellow).. it actually saves the session fine and works great... saved in a experimental file I named ~/test/test/cookithing.php. <?php include '../includes/config.php'; function setRememberMeToken($pdo, $user_id) { $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later setcookie("token", $token, $expirationDate, "/"); echo $_COOKIE["token"] = $token; $test = true; $to = date('Y-m-d', $expirationDate); $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); } setRememberMeToken($pdo, 1); echo "<br>"; echo sha1($_COOKIE["token"]); ?> So by vising this page it works!.. however not ideal situation to be in as I need it to get to work upon login... Forgetting about the code above for s second, here is the code I use for login (ask if you need more)... if (isset($_POST['remember-me'])){ setRememberMeToken($pdo, $_SESSION["userID"] ); // <----- set token //echo "<br>"; //echo sha1($_COOKIE["token"]); } and the main functions are here:.. <?php function setRememberMeToken($pdo, $user_id) { $token = bin2hex(random_bytes('25')); $expirationDate = time() + (86400 * 7); // <-- 7 days later (make sure your comments are accurate) setcookie("token", $token, $expirationDate, "/"); $_COOKIE["token"] = $token; $test = true; $to = date('Y-m-d', $expirationDate); $sql = "INSERT INTO `user_token` (`user_id`, `expires`, `tokenHash`) VALUES (?, ?, ?);"; $stmt= $pdo->prepare($sql); $stmt->execute([$user_id, $to, sha1($token)]); } function getRememberMeCheck($pdo) { $stmt = $pdo->prepare(" SELECT users.name, users.user_id FROM user_token, users WHERE tokenHash = ? AND expires > NOW() AND users.user_id = user_token.user_id "); $stmt->execute([sha1($_COOKIE["token"])]); $db_query = $stmt->fetch(); if (!$db_query){ return false; } $_SESSION["loggedin"] = true; $_SESSION["username"] = $db_query['name']; $_SESSION["the_usr_id"] = $db_query['user_id']; $_SESSION["userID"] = $db_query['user_id']; // ADDED DUE TO DESCRIPTION ("PROB WILL BE OK") return true; } function isRemembered() { return isset($_COOKIE['token']); } ?> Can anyone see what I'm doing wrong.. right now I'm fairly clueless..? ____________ Edit: also, my header file contains this (see bellow) also.. include 'includes/remember_token.php'; include 'includes/count_online.php'; if (isset($_COOKIE['token'])) { getRememberMeCheck($pdo); } .. this checks if the cookie is set.