Jump to content

Search the Community

Showing results for tags 'session'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (Dreamweaver, Zend, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 11 results

  1. First let me explain my code. It comprises of three php files. inc_fn_header_and_menu.php, contains the HTML and CSS header details and it initializes the session via session_start(); This is later included in project_status.php] . In project_status.php] , I have included another file project_status_app.php which contains a HTML form. project_status.php: <?php include 'inc_fn_header_and_menu.php'; function includeFile($file,$variable) { $var = $variable; include($file); } if (isset($_GET['id']) && $_GET['id']!="") { $pid = $_GET['id']; $_SESSION['pidForApproval'] = $_GET['id']; $query = 'SELECT * FROM `profile` WHERE pid ='.'\''.$pid.'\''; $result=mysqli_query($db,$queryToRetrievePP) or die("There are no records to display ... \n" . mysqli_error()); foreach ($result as $row) { $status = $row['status']; } } ...........some PHP and HTML code....... <div id="customerPurchaseApprovalForm"> <?php echo '<p>APPROVAL FOR CUSTOMER PURCHASE</p>'; $discountApprovalStatus = "Granted"; if ($discountApprovalStatus == "Granted") { includeFile("project_status_app.php",$highestannualvalue); } else { //......... } In project_status_app.php I am attempting to retrieve pidForApproval from the $_SESSION array. <?php // put your code here UPDATE `pp` SET `customer_purchase_remarks` = 'hahaha' WHERE `pp`.`id` = 207; if ($_SERVER['REQUEST_METHOD'] == 'POST') { include '../../inc/fastlogin.php'; $sql = "UPDATE pp SET customer_purchase_remarks ='{$_POST['remarkstxt']}' WHERE pp.pid='{$_SESSION['pidForApproval']}'"; $result = mysqli_query ( $fastdb, $sql ) ; if (mysqli_affected_rows($fastdb) != 1) { $_SESSION['err_cpa_rmks'] = "<p>Error while updating WHERE id='{$_SESSION['pidForApproval']}'</p>"; //echo "<p>Error while updating WHERE id='{$_POST['pidForApproval']}'</p>".mysqli_error($fastdb); } else { $_SESSION['suc_cpa_rmks'] = "<p>Records was updated successfully.</p>"; //echo "Records was updated successfully."; } header ("location: project_status.php?id="$_SESSION['pidForApproval']); exit(); } ?> When I load project_status.php, project_status_app.php is supposed to display the form. Once the user fills in the form the and the submit button has been pressed, the UPDATE statement is supposed to run and then it is supposed to navigate back to project_status.php?id=FA142. But the update is failing and the when the project_status.php is loaded back, the url looks like this http://localhost/fast/project_status.php?id= . The id is empty. It is supposed to be something like this http://localhost/fast/project_status.php?id=FA142. With the id being populated at the header ("location: project_status.php?id=".$_SESSION['pidForApproval']); I suspected that my $_SESSION['pidForApproval'] is not being populated in project_status.php but I echoed back $_SESSION['pidForApproval'] in that file itself and I can see it is being populated. Hence, I suspect that the $_SESSION['pidForApproval'] is not being passed to project_status_app.php. I have already attempted to include session_start(); clause in project_status_app.php but that gives an error, stating that the session has already started, in inc_fn_header_and_menu.php. Can someone help me as to why the $_SESSION['pidForApproval'] is not being passed on to the project_status_app.php file. Thank you.
  2. I am using the following code in PDO query $this->query('SELECT * FROM users WHERE id = :id'); // line 11 $this->bind(':id', $_SESSION['users']['id']); // line 12 it is working on local server, but on live server its giving some error or warning (i am not sure) PHP Notice: Undefined index: users in ... on line 12 but the query is still working correctly. Please guide me what should i do to stop getting this error or warning or notice. Thanks🙂
  3. Hi, Just wondering if someone could point me in the right direction, I have a simple PHP MySQL login script which passes/stores data via sessions. It works fine, there is no problem with it. All I would like to do is pass some additional data from the users MySQL table. Currently it users just username and password, but I would like it to pass firstname and surname data as well. So when a user logs in with their username and password, on the next page it might say Welcome, Michael Smith. The script below is originally setup for the username to be a persons name, as it's used in the login welcome message in the login.php But I might change the username to be an email address, if I can pull in the additional data. config.php <?php /***************************** File: includes/config.php Written by: Frost of Slunked.com Tutorial: User Registration and Login System ******************************/ // start the session before any output. session_start(); // Set the folder for our includes $sFolder = '/predictor/login'; /*************** Database Connection You will need to change the user (user) and password (password) to what your database information uses. Same with the database name if you used something else. ****************/ mysql_connect('localhost', 'root', '') or trigger_error("Unable to connect to the database: " . mysql_error()); mysql_select_db('football') or trigger_error("Unable to switch to the database: " . mysql_error()); /*************** password salts are used to ensure a secure password hash and make your passwords much harder to be broken into Change these to be whatever you want, just try and limit them to 10-20 characters each to avoid collisions. ****************/ define('SALT1', '24859f@#$#@$'); define('SALT2', '^&@#_-=+Afda$#%'); // require the function file require_once($_SERVER['DOCUMENT_ROOT'] . $sFolder . '/includes/functions.php'); // default the error variable to empty. $_SESSION['error'] = ""; // declare $sOutput so we do not have to do this on each page. $sOutput=""; ?> login.php <?php /***************************** File: login.php Written by: Frost of Slunked.com Tutorial: User Registration and Login System ******************************/ require($_SERVER['DOCUMENT_ROOT'] . '/predictor/login/includes/config.php'); // If the user is logging in or out // then lets execute the proper functions if (isset($_GET['action'])) { switch (strtolower($_GET['action'])) { case 'login': if (isset($_POST['username']) && isset($_POST['password'])) { // We have both variables. Pass them to our validation function if (!validateUser($_POST['username'], $_POST['password'])) { // Well there was an error. Set the message and unset // the action so the normal form appears. $_SESSION['error'] = "Bad username or password supplied."; unset($_GET['action']); } }else { $_SESSION['error'] = "Username and Password are required to login."; unset($_GET['action']); } break; case 'logout': // If they are logged in log them out. // If they are not logged in, well nothing needs to be done. if (loggedIn()) { logoutUser(); $sOutput .= '<h1>Logged out!</h1><br />You have been logged out successfully. <br /><h4>Would you like to go to <a href="index.php">site index</a>?</h4>'; }else { // unset the action to display the login form. unset($_GET['action']); } break; } } $sOutput .= '<div id="index-body">'; // See if the user is logged in. If they are greet them // and provide them with a means to logout. if (loggedIn()) { $sOutput .= '<h1>Logged In!</h1><br /><br /> Hello, ' . $_SESSION["username"] . ' how are you today?<br /><br /> <h4>Would you like to <a href="login.php?action=logout">logout</a>?</h4> <h4>Would you like to go to <a href="index.php">site index</a>?</h4>'; }elseif (!isset($_GET['action'])) { // incase there was an error // see if we have a previous username $sUsername = ""; if (isset($_POST['username'])) { $sUsername = $_POST['username']; } $sError = ""; if (isset($_SESSION['error'])) { $sError = '<span id="error">' . $_SESSION['error'] . '</span><br />'; } $sOutput .= '<h2>Login to our site</h2><br /> <div id="login-form"> ' . $sError . ' <form name="login" method="post" action="login.php?action=login"> Username: <input type="text" name="username" value="' . $sUsername . '" /><br /> Password: <input type="password" name="password" value="" /><br /><br /> <input type="submit" name="submit" value="Login!" /> </form> </div> <h4>Would you like to <a href="login.php">login</a>?</h4> <h4>Create a new <a href="register.php">account</a>?</h4>'; } $sOutput .= '</div>'; // lets display our output string. echo $sOutput; ?> functions.php <?php /***************************** File: includes/functions.php Written by: Frost of Slunked.com Tutorial: User Registration and Login System ******************************/ /*********** bool createAccount (string $pUsername, string $pPassword) Attempt to create an account for the passed in username and password. ************/ function createAccount($pUsername, $pPassword, $pFirstname, $pSurname) { // First check we have data passed in. if (!empty($pUsername) && !empty($pPassword) && !empty($pFirstname) && !empty($pSurname)) { $uLen = strlen($pUsername); $pLen = strlen($pPassword); $fLen = strlen($pFirstname); $sLen = strlen($pSurname); // escape the $pUsername to avoid SQL Injections $eUsername = mysql_real_escape_string($pUsername); $sql = "SELECT username FROM users WHERE username = '" . $eUsername . "' LIMIT 1"; // Note the use of trigger_error instead of or die. $query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error()); // Error checks (Should be explained with the error) if ($uLen <= 4 || $uLen >= 11) { $_SESSION['error'] = "Username must be between 4 and 11 characters."; }elseif ($pLen < 6) { $_SESSION['error'] = "Password must be longer then 6 characters."; }elseif (mysql_num_rows($query) == 1) { $_SESSION['error'] = "Username already exists."; }else { // All errors passed lets // Create our insert SQL by hashing the password and using the escaped Username. $sql = "INSERT INTO users (`username`, `password`, `firstname`, `surname`) VALUES ('" . $eUsername . "', '" . hashPassword($pPassword, SALT1, SALT2) . "', '" . $pFirstname . "', '" . $pSurname . "');"; $query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error()); $sql2 = "INSERT INTO predictions (userID, predictionID, week) SELECT LAST_INSERT_ID(), id, week FROM fixtures"; $query = mysql_query($sql2) or trigger_error("Query Failed: " . mysql_error()); if ($query) { return true; } } } return false; } /*********** string hashPassword (string $pPassword, string $pSalt1, string $pSalt2) This will create a SHA1 hash of the password using 2 salts that the user specifies. ************/ function hashPassword($pPassword, $pSalt1="2345#$%@3e", $pSalt2="taesa%#@2%^#") { return sha1(md5($pSalt2 . $pPassword . $pSalt1)); } /*********** bool loggedIn verifies that session data is in tack and the user is valid for this session. ************/ function loggedIn() { // check both loggedin and username to verify user. if (isset($_SESSION['loggedin']) && isset($_SESSION['userID']) && isset($_SESSION['username'])) { return true; } return false; } /*********** bool logoutUser Log out a user by unsetting the session variable. ************/ function logoutUser() { // using unset will remove the variable // and thus logging off the user. unset($_SESSION['username']); unset($_SESSION['userID']); unset($_SESSION['loggedin']); return true; } /*********** bool validateUser Attempt to verify that a username / password combination are valid. If they are it will set cookies and session data then return true. If they are not valid it simply returns false. ************/ function validateUser($pUsername, $pPassword) { // See if the username and password are valid. $sql = "SELECT * FROM users WHERE username = '" . mysql_real_escape_string($pUsername) . "' AND password = '" . hashPassword($pPassword, SALT1, SALT2) . "' LIMIT 1"; $query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error()); // If one row was returned, the user was logged in! if (mysql_num_rows($query) == 1) { $row = mysql_fetch_assoc($query); $_SESSION['username'] = $row['username']; $_SESSION['userID'] = $row['userID']; $_SESSION['password'] = $row['password']; $_SESSION['loggedin'] = true; return true; } return false; } ?> USERS TABLE ID username password firstname surname 1 rich 12345 Richard Branson 2 alan 67898 Lord Sugar
  4. I have a simple user login where it inserts the user session into database like this (id, user_id, hash). It works fine. I can delete the session from the database when the user logs out. Now I realized something. When I close the browser window, it'll destroy the session(log out the user) as intended but it won't delete the session from the database. I was wondering if there is a way to do that?
  5. i want to display 'Welcome userid!' after user has successfully logged in. I managed to display it after successfully logged in, but when the user key in the wrong userid and password, the 'Welcome userid' is also displayed. What should i do about it? Below are my coding: login.html processLogin.php index.html
  6. Hello there, I have this as login in function for an application. function login($username, $password) { $db =& $this->db; Kit::ClassLoader('userdata'); if (Config::Version('DBVersion') < 62) { // We can't do CSPRNG because the field doesn't exist, so we need to do standard user login // This can ONLY happen during an upgrade. $dbh = PDOConnect::init(); $sth = $dbh->prepare('SELECT UserID, UserName, UserPassword, UserTypeID FROM `user` WHERE UserName = :userName'); $sth->execute(array('userName' => $username)); $rows = $sth->fetchAll(); if (count($rows) != 1) { setMessage(__('Username or Password incorrect')); return false; } $userInfo = $rows[0]; // Check the password using a MD5 if ($userInfo['UserPassword'] != md5($password)) { setMessage(__('Username or Password incorrect')); return false; } } else { // Get the SALT for this username if (!$userInfo = $db->GetSingleRow(sprintf("SELECT UserID, UserName, UserPassword, UserTypeID, CSPRNG FROM `user` WHERE UserName = '%s'", $db->escape_string($username)))) { setMessage(__('Username or Password incorrect')); return false; } // User Data Object to check the password $userData = new Userdata($db); // Is SALT empty if ($userInfo['CSPRNG'] == 0) { // Check the password using a MD5 if ($userInfo['UserPassword'] != md5($password)) { setMessage(__('Username or Password incorrect')); return false; } // Now that we are validated, generate a new SALT and set the users password. $userData->ChangePassword(Kit::ValidateParam($userInfo['UserID'], _INT), null, $password, $password, true /* Force Change */); } else { // Check the users password using the random SALTED password if ($userData->validate_password($password, $userInfo['UserPassword']) === false) { setMessage(__('Username or Password incorrect')); return false; } } } // there is a result so we store the userID in the session variable $_SESSION['userid'] = Kit::ValidateParam($userInfo['UserID'], _INT); $_SESSION['username'] = Kit::ValidateParam($userInfo['UserName'], _USERNAME); $_SESSION['usertype'] = Kit::ValidateParam($userInfo['UserTypeID'], _INT); // Set the User Object $this->usertypeid = $_SESSION['usertype']; $this->userid = $_SESSION['userid']; // update the db // write out to the db that the logged in user has accessed the page $SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d", $_SESSION['userid']); $db->query($SQL) or trigger_error(__('Can not write last accessed info.'), E_USER_ERROR); // Switch Session ID's global $session; $session->setIsExpired(0); $session->RegenerateSessionID(session_id()); return true; } i am trying to squeeze in an alternative authentication for users on ldap as such if local authentication fails // alternativelly validate against Tivoli Directory server $ldap_host = "www.zflexldap.com:389"; $password = "password"; // Tivoli Directory DN $ldap_dn = "ou=users,ou=guests,dc=zflexsoftware,dc=com"; // connect to active directory $ldap = ldap_connect($ldap_host) or die("Couldn't connect to LDAP Server"); //username specified on post form is from TDS server // $dn = "uid=".$username.","; $dn = "uid=guest1,ou=users,ou=guests,dc=zflexsoftware,dc=com"; ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); // verify user and password if($bind = @ldap_bind($ldap, $dn, $password)) all attempts thou has been breaking the application. thanks
  7. I'm editing the Woocommerce e-mail files, and have got a session working. When it's echoed on the e-mail it appears as expected - "1 Day Health & Safety Awareness Chelmsford". However the if statement is not working. This is shown below, can anyone tell me where I'm going wrong? if (strpos($_SESSION['ahsname'], 'safety awareness') !== false) { // This is what I want to happen, the session should (and does) contain the string shown above //include( get_template_directory() . '/instructions/chelmsford-hsa-ahs.html'); echo "YES"; }else{ // This should not happen but it does! echo "NO "; echo $_SESSION['ahsname']; // the session is echoed with the bit I'm checking for included as mentioned above }
  8. I'm trying to create a code that moves a string array A B C D E around based on the amount specified entered into a field in a form and the direction which is also entered into the form. What I want to do is to make the $newarray equal $array when the page is refreshed and the submit button is hit again. That way A B C D E when moved LEFT by 1 will be B C D E A and then if RIGHT and 2 is entered, you will see E A B C D. I've been struggling to get session working and just ended up more lost. Here is the code I got so far. I would greatly appreciate any help with this. <html> <div style="border:1px solid black;font-weight:bold;"> <div style="border:none;">A B C D E</div> <form method="POST"> <input type="text" name="thebutton"/> <input type="text" name="offset"/> <input type="submit" value="SUBMIT"/> </form> </div> <?php session_start(); if (isset($_POST["offset"], $_POST["thebutton"])) { $shift=$_POST["offset"]; $direction=$_POST["thebutton"]; $counter=0; $array=array('A','B','C','D','E'); if ($direction=="LEFT"){ for($i=$shift; $counter+$shift<5; $i++,$counter++){ $newarray[$counter]=$array[$counter+$shift]; } for($j=0; $j<$shift; $j++){ $newarray[$counter + $j]=$array[$j]; } } if ($direction=="RIGHT"){ for($counter=0,$k=5-$shift; $counter<$shift; $counter++){ $newarray[$counter]=$array[$counter+$k]; } for($j=0; $j<5-$shift; $j++){ $newarray[$counter + $j]=$array[$j]; } } echo $newarray[0]; echo $newarray[1]; echo $newarray[2]; echo $newarray[3]; echo $newarray[4]; } ?> </html>
  9. Hi there, I have an issue that drives me nuts for some days now. I used php.ini to store the sessions to a folder outside root directory: session.save_path = "/home/castos/SESSIONS" As long as the file i call is in the public_html directory (root), session data are OK. If for any reason i use AJAX to call data from a sub-directory (lets say public_html/ajax/test.php), then SESSION data are no longer there (but the session_id is still the same). If i move the same file inside root (public_html/test.php) and call it using AJAX then it works just fine. I feel that the problem could be inside the configuration of the SESSION in php.ini so i am posting the rest of the session configuration: session.save_handler = files session.use_cookies = 1 session.use_only_cookies = 1 session.name = CUSTSESSID session.cookie_httponly = 1 session.cookie_secure = 1 session.hash_function = sha512 session.hash_bits_per_character = 5 session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = "/" session.cookie_domain = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 100 session.gc_maxlifetime = 1440; session.referer_check = session.entropy_length = 256 session.entropy_file = "/dev/urandom" session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 Any help will be much appreciated! Thanks!
  10. Hello We have a testing site where users create a profile then take an aptitude test. Was working fine several months ago but we're trying to set up tests now and when the user enters their information and hits submit, we get these errors. (first it was the white screen, then I turned on the errors and received this) Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in ~/inc/connect.inc.php on line 11 Notice: Undefined variable: i_price in ~/profile-2.inc.php on line 97 Fatal error: Call to undefined function session_register() in ~/profile-2.inc.php on line 101 I'm assuming the Fatal Error is what's causing the profile not to be set up(and thus get the white screen). The code in profile-2 is: # Create new record: $now = time(); $password_name = random_password(PASS_LENGTH); $password_hash = bin2hex(mhash(MHASH_MD5, $password_name)); $i_qry2 = db_qry("INSERT INTO reports(createdate,passhash,fname,lname,age,gender,sport,loc,phone,address1,address2,city,state,zip,email,price) VALUES ($now,'$password_hash','$f_firstname','$f_lastname',$f_age,$f_gender,'$f_sport','$f_loc','$f_phone','$f_address1','$f_address2','$f_city','$f_state','$f_zip','$f_email','$i_price')") or die("Error: profile-2, SQL request error #2 ".mysql_error()); $i_sid = mysql_insert_id($sql_link); # Register SID in session: session_register('r_id'); <<<<this is line 101 $_SESSION['r_id'] = $i_sid; session_register('r_pass'); $_SESSION['r_pass'] = ''; session_register('r_ccode'); $_SESSION['r_ccode'] = stripslashes($f_ccode); Does anyone have a suggestion on what might be the problem and how I go about fixing it? Thanks in advance.
  11. Hello. I have a problem in displaying the user data form database which associated with the user. Maybe i'm messing up the _SESSION part. Im stucked at this part when im changing the add_parcel send_to attribute from (student_username) to (student_name). Since i wanted to display the name of student not the username. <?php session_start(); if(!($_SESSION['username'])){ header("location:index.php?login_first"); } ?> <!-- end navbar top --> <?php include("sidemenu.php"); ?> <!-- page-wrapper --> <div id="page-wrapper"> <div class="row"> <!-- Page Header --> <div class="col-lg-12"> <h1 class="page-header">Dashboard</h1> </div> <!--End Page Header --> </div> <div class="row"> <!-- Welcome --> <div class="col-lg-12"> <div class="alert alert-info"> <?php include("connection.php"); $username=$_SESSION['username']; $sql=mysql_query("SELECT student_name FROM register WHERE student_username='$username'"); $ee=mysql_fetch_array($sql); ?> <i class="fa fa-folder-open"></i><b> Hello ! </b>Welcome Back <b><?php echo $ee['student_name']; ?> </b> </div> </div> <!--end Welcome --> </div> <div class="row"> <div class="col-lg-12"> <div class="table table-responsive"> <table class="table table-hover"> <thead> <tr> <th>S.no</th> <th>Parcel Number</th> <th>Date Recieved</th> <th>Date of Collected</th> <th>Recieved Time</th> <th>Collect Time</th> <th>Status</th> <th>Sent By</th> <th>Sent To</th> </tr> </thead> <?php include("connection.php"); $sql1=mysql_query("SELECT * FROM add_parcel WHERE send_to='$username'"); $i=1; while($row=mysql_fetch_array($sql1)){ echo '<tr class="record"><td>'.$i++.'</td><td>'.$row['parcel_num'].'</td><td>'.$row['date_recieve'].'</td><td>'.$row['date_collect'].'</td><td>'.$row['recieve_time'].'</td><td>'.$row['collect_time'].'</td><td>'.$row['status'].'</td><td>'.$row['sender_name'].'</td><td>'.$row['send_to'].'</td></tr>'; } ?> </html> I tried to change the below code $sql1=mysql_query("SELECT * FROM add_parcel WHERE send_to='$username'"); to $sql1=mysql_query("SELECT * FROM add_parcel"); it displayed all the data of table. I will attach together with some screenshot as well to make it easier. below is image of the Dashboard of user (Screenshot_1 (1).png). Add parcel panel (Screenshot_1 (2).png) Table add_parcel (Screenshot_1 (3).png) Table register (Screenshot_1 (4).png)
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.