Search the Community

Here's a scenario. I am setting up a sponsor referral link. If any user signs up on the site through that referral link, they will be matched with the sponsor of that referral link. Normally I can do this using a simple GET method but I want to use cookies so that the referral link will be valid for 30 days. So if a user decides to come back to the site a week later, they will still be matched with that sponsor assuming they haven't deleted their cookies. For eg. // referral link mysite.com/signup?sponsor=john Here is my cookie code. The issue i am having is that if I go to a different page on the site and come back to the signup page, the cookie gets reset or becomes invalid. Can you tell me what i'm doing wrong? Do I have to use the database to store the cookies or what? $get_user = $_GET['sponsor']; $number_of_days = 30 ; $date_of_expiry = time() + 60 * 60 * 24 * $number_of_days ; setcookie( "sponsor", $get_user, $date_of_expiry); if(isset($_COOKIE['sponsor'])) { echo 'set'; } else { echo 'not set'; }

SELECT user_id FROM users WHERE active = :active ORDER BY RAND() LIMIT 1 The above query works. But what if the users table is filled with thousands of users? Will this query break or be very slow? If so, what's the alternative solution to this?

Say I want to allow users to chat with each other either through text or video on my site, what would be the best way to go on about doing that? I know basic text chat system can be created with PHP/Mysql/Ajax. What about video chat? Or is there a chat plugin/service out there that I can use to implement in my site? Note that I am looking for something can allow thousands of registered users to chat with each other at the same time.

I have a simple user login where it inserts the user session into database like this (id, user_id, hash). It works fine. I can delete the session from the database when the user logs out. Now I realized something. When I close the browser window, it'll destroy the session(log out the user) as intended but it won't delete the session from the database. I was wondering if there is a way to do that?

I'm making my own CMS for my company so going through making the pages for the back end. What I want to do that I'm stuck on is -------------- I want to allow the user to specify how many input text fields they want shown on the page. I'm thinking that they could write a number then click submit, send the data to the same page (PHP self or action blank) and then the required amount of input fields would be echoed out. Echoing out is easy, I want to know how to find out how many fields are required, and then process it. Thanks in advance.

The code works but it puts the files into /uploadir/. The users directories go by their email addresses ($email). Using the error reporting it tells me: ! ) Notice: Undefined variable: email in /var/www/html/Lab5/uploadfile.php on line 10 Call Stack # Time Memory Function Location 1 0.0010 129288 {main}( ) ../uploadfile.php:0 Any help is much appreciated!! <?php error_reporting(E_ALL | E_NOTICE); ini_set('display_errors','1'); session_start(); if ($_COOKIE["auth"] == "1") { $file_dir = "/var/www/html/uploaddir/$email"; foreach($_FILES as $file_name => $file_array) { echo "path: ".$file_array["tmp_name"]."<br/>\n"; echo "name: ".$file_array["name"]."<br/>\n"; echo "type: ".$file_array["type"]."<br/>\n"; echo "size: ".$file_array["size"]."<br/>\n"; if (is_uploaded_file($file_array["tmp_name"])) { move_uploaded_file($file_array["tmp_name"], "$file_dir/".$file_array["name"]) or die ("Couldn't copy"); echo "File was moved!<br/>"; } } } else { //redirect back to login form if not authorized header("Location: userlogin.html"); exit; } ?>

Hi i have a simple script that functions perfect and easy but i am looking for a way to secure it a little is there any way for me to create a simple user checking system ? i have a mysql db with both usernames and passwords is there any way to get the username and password from a get comand in the url and check the db to see if they exist and if they do run the rest of my code and if not throw access denied ? i know this is not 100% secure but i its how i want it to be done could anyone help me with this ?

How can i detect someone who is using proxy and has 2 or more accounts on my website?Or anyway, the important thing for me it is that they dont cheat because i have a competition and its forbidden to have 2 or more accounts.

I can't find out whats the problem here, would appreciate some input in how to think building my "if". The problem is that I don't seem to catch if an email exists, nor if user exists and neither can I create a new user :/. Appreciate your help alot! <?php // Start the session in case of errors to display within the page of user creation session_start(); $err_msg = array(); $errflag = false; // Check if the submit button was pressed if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_POST['submit'] === 'Skapa') { // Crypt password $options = ['cost' => 10]; $username = strip_tags($_POST['uname']); $password = strip_tags(password_hash($_POST['pword'], PASSWORD_DEFAULT, $options)); $email = strip_tags($_POST['uname'], '@'); // Check so all the fields are filled if ($_POST['uname'] == '' || $_POST['pword'] == '' || $_POST['pwordcheck'] == '') { $err_msg[] = 'Please enter all fields<br>'; $errflag = true; } // See if passwords and confirm matches if ($_POST['pword'] !== $_POST['pwordcheck']) { $err_msg[] = 'Passwords doesn\'t match!<br>'; $errflag = true; } // Check password length, atleast 8 characters if (strlen($_POST['pword']) < 7) { $err_msg[] = 'Password must be atleast 8 characters long'; $errflag = true; } // Check if email exists include_once('../includes/db.inc.php'); $db = new PDO(DB_INFO, DB_USER, DB_PASS); $sql = "SELECT COUNT(*) AS count FROM movies WHERE email = :emailadress"; $stmt = $db->prepare($sql); $stmt->bindParam(':emailadress', $email); $stmt->execute(); $row = $stmt->fetch(PDO::FETCH_ASSOC); if ($row > 0) { $err_msg[] = 'Email already taken!'; $errflag = true; $db = NULL; } // Check if user exists include_once('../includes/db.inc.php'); $db = new PDO(DB_INFO, DB_USER, DB_PASS); $sql = "SELECT uname FROM users WHERE uname = :username"; $stmt = $db->prepare($sql); $stmt->bindParam(':username', $username); $stmt->execute(); $row = $stmt->fetch(PDO::FETCH_ASSOC); if ($row > 0) { $err_msg[] = 'User already exists'; $errflag = true; $db = NULL; } if ($errflag = false) { // Everything passed, create the user! include_once('../includes/db.inc.php'); $db = new PDO(DB_INFO, DB_USER, DB_PASS); $sql = "INSERT INTO users (uname, pword, email) VALUES (:username, :password, :emailadress)"; $stmt = $db->prepare($sql); $stmt->bindParam(':username', $username); $stmt->bindParam(':password', $password); $stmt->bindParam(':emailadress'); $stmt->execute(); $_SESSION['uname'] = $username; header('Location: ../template/header.php'); exit; } // If any error, send the user back and display messages if ($errflag == true) { $_SESSION['err_msg'] = $err_msg; session_write_close(); header('Location: ../user/create.php'); exit; } } else { $_SESSION['err_msg'] = $err_msg; session_write_close(); header('Location: ../user/create.php'); exit; } ?>

Hey, I'm really new to PHP and having some difficulties with $_SESSION and getting userid from the database. I've managed to put content to my database and also a login script. Though, adding sessions has been a pain. Here's what I got so far: $sql = "SELECT username, password FROM users WHERE username = '$username' and password = '$pas'"; $query_login = $db->prepare($sql); $query_login->execute(array('userid' => $userid, 'username' => $username, 'password' => $pas)); $result = $query_login->rowcount(); if ($result>0) { session_start(); $_SESSION['username'] = $username; $_SESSION['logged'] = 1; $_SESSION['userid'] = $result['userid']; header('Location: ../user/user.php'); }

Hi, I'm trying to let JavaScript check if a givin user exist in the database. It seems that the _check-user.php always returns 0, but if I fill in a name that doesn't exist, and echo out the result variable in JS, the echo will return 1. Is there someone who could help me? JavaScript part: function checkUser() { $.post("_check_user.php", { 'username': document.getElementById("username").value }, function(result) { if (result == 1) { document.getElementById("checkUser").className = "succes"; document.getElementById("checkUser").innerHTML = "Name is available"; }else{ document.getElementById("checkUser").className = "errormsg"; document.getElementById("checkUser").innerHTML = "Name is not available!"; } }); } _check-user.php: <?php include("config.php"); $result = mysql_query("SELECT login FROM users WHERE login='".clean_string($_POST["username"])."'"); if(mysql_num_rows($result)>0){ echo 0; }else{ echo 1; } ?>

Normally you would add unique meta tags(title, description) for each page of the website. However, what if it's a user based website where a user can add posts with title and description? Is it better to add user's title/post name in the meta tags or keep it as your own?

Hi folks, Is there any specific ORACLE method to show the traffic, data changes and specific user that logged in and made changes ? I need help with this since i need to show the user WHAT, WHEN, and WHO made the changes with the database values. Can I monitor this traffic daily and make some kind of report with PHP ? Any help would be really appreciated Thanks.

Hi Prior to a few months ago, when a user hit the final submit button on our site (fitness testing) - the athlete's report (actually an email with a link to view their results) would be automatically be emailed to them and we'd also get an email confirming the test was taken. Now, we still get the confirmation email but the athlete doesn't receive an email. I've located this code and am wondering if there's additional code we need to add to get the process working again: # Email the secret link to the athlete: $i_secret_url = $set_baseurl.'report.php?sid='.$i_sid.'&a='.urlencode($i_passhash); $i_headers = "From: ManOfSteeleSports.com <info@manofsteelesports.com>\nX-Mailer: ManOfSteeleSports.com PHP Mail v1.0\nReply-To: ManOfSteeleSports.com <info@manofsteelesports.com>\nX-Priority: 3 (Normal)"; $i_message = 'Dear '.stripslashes($i_rec1["fname"]).' '.stripslashes($i_rec1["lname"]).', Thanks for the advice in advance!

Hello to everyone ! I am new in php, and need some help. I had, a website coded, in html, and decided to change it in php. In the old version, I had some controls for giving the user the oportunity to change the text and background color of my website based in his/her, choice, by using some buttons. When I changed my website, into php, I was also try to change the color controls of the old website, to work in php. Unfortunatelly, I achieved to change only the half part of these controls, basically only the background color selection and make a dropdown menu for that. But I couldn't create a dropdown menu for changing the font controls. As I know, in PHP there is not actually the possibility to control the color of the text, there is no color actually but the colors are being implemented as html in the client side.(Correct me if I am Wrong) My questions are: 1) how can I implement a drop down menu, which will give the oportunity to the visitors of my website, to change the color of the text in my website 2) how can I take actually the selected value from the html, and store it to a php cookie, like I did it in the background color selection Thanks in Advance !!!

Hi again , Im trying to create form which allows the users to edit their data , I've created the form ,added the sql i think is right but its not working and giving me sql erro that the data can't be inserted . this is my code for the form details.php : <?php include '../header.php'; include '../config2.php'; session_start(); $id = $_POST['ID']; ?> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/parsley.js"></script> <script> $(document).ready(function() { // submit data on click and check if valid $('#sendData').click(function(e) { //check if valid with parsley var valid = $('#detailform').parsley ( 'validate' ); if ( valid === false ) { e.preventDefault(); } else { $.post("updateprocess.php", $("#detailform").serialize()); } }); }); </script> <div id="title"> <div class="inner"> <h1>Changing Your Account Details</h1> </div> </div> <div id="content" class="right-sidebar"> <div class="container inner"> <div id="main" role="main"> <div class="container"> <h3>Please Choose Which information Your would like to change</h3> <form data-validate="parsley" method="POST" action="updateprocess.php" id="detailform" > <label>Email Address</label> <input type="text" name="login_email" data-required="true" value="<?php echo $account['login_email']; ?>"/> <label>Change a password</label> <input type="password" name="login_password" data-notblank="true"/> <label>Re-enter new password</label> <input type="password" name="confirm" data-notblank="true"/> <label>First Name</label> <input type="text" name="first_name" data-required="true" value="<?php echo $account['first_name']; ?>" disabled="disabled" /> <label>Last Name</label> <input type="text" name="last_name" data-notblank="true" /> <label>Address line 1</label> <input type="text" name="address_one" data-required="true" value="<?php echo $account['address_one']; ?>"/> <label>Address line 2</label> <input type="text" name="address_two" data-required="true" value="<?php echo $account['address_two']; ?>"/> <label>Town/City</label> <input type="text" name="town_city" data-required="true" value="<?php echo $account['town_city']; ?>" /> <label>County</label> <input type="text" name="county_option" data-required="true" value="<?php echo $account['county_option']; ?>"/> <label>Postcode</label> <input type="text" name="post_code" data-required="true" value="<?php echo $account['post_code']; ?>"/> <label>Phone number</label> <input type="text" name="phone_number" data-required="true" value="<?php echo $account['phone_number']; ?>"/> <p></p> <p></p> <p></p> <p></p> <p></p> <input type="checkbox" class="checkbox" id="agree" name="agree" /> I Agree With Terms & Conditions</p> <td> <input type="submit" name="submit" class="button" value= "Save"/></td> </form> </div> <div class="space"></div> </div> <ul class="sidebar" role="complementary"> <li> <h2>Navigation</h2> <ul class="link-list"> <li><a href="/account/dashboard.php">Dashboard</a></li> <li><a href="/account/transfer.php">Transfer Money</a></li> <li><a href="/account/transactions.php">Transactions</a></li> <li><a href="/account/withdrawal.php">Withdraw Funds</a></li> <li><a href="/account/upload.php">Upload Funds</a></li> <li><a href="/account/details.php">Change My details</a></li> </ul> </li> </ul> </div> </div> <?php include '../footer.php'; ?> this is the update.php script <?php include "config2.php"; $id = $_POST['ID']; $sql="SELECT * FROM users WHERE id='$id'"; $result=mysql_query($sql); $id = $_POST['ID']; $rows=mysql_fetch_array($result); $email = $_POST['login_email']; $pass = md5($_POST['login_password']); $confirm = md5($_POST['confirm']); $fname = $_POST['first_name']; $lname = $_POST['last_name']; $addressone = $_POST['address_one']; $addresstwo = $_POST['address_two']; $towncity = $_POST['town_city']; $countyoption = $_POST['county_option']; $postcode = $_POST['post_code']; $phone = $_POST['phone_number']; $update = 'UPDATE users SET( login_email, login_password, confirm, first_name, last_name, address_one, address_two, town_city, county_option, post_code, phone_number) VALUES("'.$email.'","'.$pass.'","'.$confirm.'","'.$fname.'","'.$lname.'","'.$addressone.'","'.$addresstwo.'","'.$towncity.'","'.$countyoption.'","'.$postcode.'","'.$phone.'")WHERE id="'.$id.'""'; //$insert = 'UPDATE users SET login_email="'.$email.'", login_password="'.$pass.'", confirm="'.$confirm.'", first_name="'.$fname.'", last_name="'.$lname.'", address_one="'.$addressone.'", address_two="'.$addresstwo.'", town_city="'.$towncity.'", county_option="'.$countyoption.'", post_code="'.$postcode.'", phone_number="'.$phone.'" WHERE id="'.$id.'""'; mysql_query($update) or die("Failed Updating Your Data,check SQL"); header( 'Location: ../account/success.php' ) ; ?>

Hello There. My name is Andreas. Well I have begin coding and come to the part at my menu where the username should be in my menu. I have a login form and it look like this: <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { $connect = mysql_connect("localhost","root","") or die ("Could not connect to MySQL Host"); mysql_select_db("host") or die ("Cound not find MySQL Database"); $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrows = mysql_num_rows($query); if($numrows !=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&$password==$dbpassword) { header ("Location: http://localhost/Host/index.php"); $_SESSION['username']=$dbusername; } else echo "Incorrect password"; } else die ("That username does not exists"); } else die ("Please enter a username"); ?> But when I use this php code in my menu: <?php if ($_SESSION['username']) { echo "<li><a href='#'><span>$_SESSION['username'];</span></a> <ul> <li><a href='client/account/logout.php'><span>Logout</span></a></li> <li><a href='client/account/profile.php'><span>Profile</span></a></li> </ul> </li>"; } ?> But i get a error in the session section and I know its something with the $_session code. But I dont know what to type in between the <span> and </span>. This is the image I get in Adobe DreamWeaver:

Hey Guys, I'm currently working on a user registration form and everything is working pretty well, except one major problem. The PHP script sees DavidJones and David Jones as 2 different users. So I was wondering how to go about making the registration script disregard spaces so that users don't end up with the same usernames, only with spaces/no spaces. It would get confusing. So if "David Jones" was already registered and another user was registering as "DavidJones" or "Dav id J ones", then it wouldn't let him. Thanks!

Hey guys, i've been searching the web trying to figure out the best method of storing images in a database table when it comes to user registration. Basically, users will register with only 3 elements: Upload Image( turned into Avatar/Thumbnail), E-mail, and Password. Now i've figured out the basics on how to store user information such as the e-mail and pass, but I still haven't found any direct answers on the topic of properly managing user avatars/thumbnails. Now these avatars will be displayed everytime the user posts, much like any forum or social network. So, do I store the image itself in the database? Do I store it in a user_avatar file/directory on the server and have a direct link in the table to fetch and display the image? What would be the best method to go about this? I thought about maybe having a table with user_ID, avatar_ID and avatar_link(direct link to image).

Hi all, first post here so please bear with me. I chose to try and reach out to the internet community for help on this one because it is over my head. I currently have a bootstrap based HTMl website. I would like to add a login system so my employees can access restricted pages in order to download company matierals. I have the html and css for a login popup already created but I have no idea what to do for the php backend to make it function. I understand that I need to point it to a mySQL database along with various php code. Idealy, I want to create usernames for the employees to keep things simple and consistent. I don't neccesairly need an admin panel because I can simply hard code the material download links into the restricted page. Any help would be appreciated. here is a link to my site - www.youngexplosives.com

I am running a PHP-based Browsergame. My actual banning system gets the ip using this function which I found to be very good. function get_real_ip() { $client_ip = (isset($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : ''; $x_forwarded_for = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; $remote_addr = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : ''; if (!empty($client_ip)) { $ip_expl = explode('.',$client_ip); $referer = explode('.',$remote_addr); if($referer[0] != $ip_expl[0]) { $ip=array_reverse($ip_expl); $return=implode('.',$ip); } else { $return = $client_ip; } } else if (!empty($x_forwarded_for)) { if(strstr($x_forwarded_for,',')) { $ip_expl = explode(',',$x_forwarded_for); $return = end($ip_expl); } else { $return = $x_forwarded_for; } } else { $return = $remote_addr; } unset ($client_ip, $x_forwarded_for, $remote_addr, $ip_expl); return $return; } Now the problem is, that I still can't get the correct ip, a user still keeps on loggin on. So how does he do that and how to prevent him to register again and again?

hello all, first post here. im fairly new to php and am still trying to really get a hold of what im doing. right now im just trying to build a simple login function for my site and am completely stuck. here is what i have so far. in function authuser im trying to create a query, return the result, compare it with those that were posted on index.php and if it matches the database i would like the login function. to start the session. i hope that makes sense. and if there is a better way to do this or something im missing please let me know index.php if($_SERVER['REQUEST_METHOD'] === 'POST') { $username = $_POST['username']; $password = md5($_POST['password']); if(empty($username) || empty($password)){ $data['status'] = 'Please fill out both inputs'; } else { // login authuser($username,$password); } } functions.php function login($username,$password) { session_start(); } function authuser($username,$password) { $sql = "SELECT * FROM users WHERE username='$username' and password='$password'"; $results = mysql_query($sql); $rows = mysql_num_rows($results); if($rows==1) { session_register("admin"); } else { echo "Wrong Username or Password"; } }

Hello, I'm not sure if this is in the right area but if it's not please feel free to move it. I'm in the process of creating a game where a user from the users table will be allowed to create and select characters that are binded to that users profile. Allowing users to have up to two characters that can be selected to "Play As" after login in with the user account. My problem is since while I am not extremely new to php, this approach has me a bit stumped. How could I bind characters created by a userid to that userid? Is it something simple that I missed and just am over thinking? For example sake, we'll use 'users' table and 'characters' table. Any help or suggestions? Much appreciated!

My user authentication code -- <?php $useremail = $_POST['emailfield'] ; $userpassword = $_POST['pwfield'] ; require ('sqlauth2.php') ; mysql_select_db($database, $con); $sql = "SELECT * FROM userregistry WHERE email='".$useremail."' AND password='".$userpassword."'" ; $run = mysql_query($sql) ; $row = mysql_fetch_array($run) ; if(mysql_num_rows($run) == 1) { echo "SUCCESS <br>" ; } else { echo "No login for you " ; } ?> Looks perfect, but I keep getting this error Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\bullet2\logincheck.php on line 10 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\bullet2\logincheck.php on line 12 No login for you Any idea ? Searched everywhere, couldn't find anything proper. I know there is something wrong somewhere, can't seem to find it. Help me out people, thanks !!!