Jump to content

[SOLVED] Im just going round in circle's here, whats wrong ?.

jamesxg1

By jamesxg1
in PHP Coding Help

Recommended Posts

jamesxg1 Advanced Member

jamesxg1

Posted
Posted

Hiya peeps,

 

My login() is not working is there something wrong with it ?,

 

Login.php

<?php

include 'includes/commands.inc';

$command = new Command();
$command->MYSQLConnection();
$command->Login($_POST['username'], $_POST['password']);
  
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Login</title>
<link rel="stylesheet" type="text/css" href="core/css/form_view.css" media="all">
<script type="text/javascript" src="core/js/form_view.js"></script>
	   <script language='JavaScript' src='core/js/gen_validatorv5.js' type='text/javascript'>
   </script>
   <script language='JavaScript' src='core/js/sfm_moveable_popup.js' type='text/javascript'>
   </script>

   <style type='text/css'>
.error_strings
{
    font-family:Verdana;
    font-size:10px;
    color:#660000;
}
.sfm_float_error_box
{
    position:absolute;
    z-index:999;
    cursor:default;
    font-family:Verdana;
    font-size:10px;
    color:#660000;
    background-color:#ffff66;
    border-style:solid;
    border-width:1px;
    border-color:#660000;
}
.sfm_float_box_td
{
    padding:3px;
    cursor:default;
    font-family:Verdana;
    font-size:10px;
    color:#660000;
    background-color:#ffff66;
}
.sfm_close_box
{
    font-family:Verdana;
    font-size:10px;
    font-weight:bold;
    color:#ffffff;
    background-color:#660000;
    border-width:0px;
    text-align:center;
}
.sfm_textbox
{
    padding:2px;
}
.sfm_textarea
{
    padding:2px;
}
   </style>
   <div id='registerone_errorloc' class='error_strings' style=''>
   </div>
</head>

<body id="main_body" >

<img id="top" src="top.png" alt="">
<div id="form_container">

	<h1><a></a></h1>
	<form id="login" class="appnitro"  method="post" action="" name="login">
				<div class="form_description">
		<h2>Login Panel</h2>
                        <p>For Establishment Owners.</p>
	</div>						
		<ul ><p align="center">

				<li id="li_1" >
	<label class="description" for="element_1">Username: </label>
	<div>
		<input id="username" name="username" class="element text medium" type="text" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_1"><small>Your account username.</small></p> 
	</li>		<li id="li_2" >
	<label class="description" for="element_2">Password: </label>
	<div>
		<input id="password" name="password" class="element text medium" type="password" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_2"><small>Your account password.</small></p> 
	</li>				
				<li class="buttons">
		    
			<input id="submit" class="button_text" type="submit" name="submit" value="Submit" />
	</li>
		</ul>
	</form>	
   <script language='JavaScript' type='text/javascript'>
var loginValidator = new Validator("login");

loginValidator.EnableOnPageErrorDisplay();
loginValidator.SetMessageDisplayPos("right");

loginValidator.EnableMsgsTogether();
loginValidator.addValidation("username","req","Please fill in username");
loginValidator.addValidation("username","alnum_s","The input for username should be a valid alpha-numeric value");
loginValidator.addValidation("password","req","Please fill in password");
loginValidator.addValidation("password","alnum_s","The input for password should be a valid alpha-numeric value");
   </script>
	<div id="footer">

	</div>
</div>
<img id="bottom" src="bottom.png" alt="">
</p>
<body>

</body>
</html>

commands.inc

<?php

  class Command {
            private $dbusername;
            private $dbpassword;
            private $dbhost;
            private $dbbase;
            private $lusername;
            private $lpassword;
            private $randid;
            private $aname;
            private $aphone;
            private $aadress;
            private $aadresstwo;
            private $acounty;
            private $acity;
            private $apostcode;
            private $acountry;
            private $anum;
            private $mfirstname;
            private $mlastname;
            private $musername;
            private $mpassword;
            private $memail;
            private $mphone;
            private $maddress;
            private $maddresstwo;
            private $mcity;
            private $mcounty;
            private $mpostcode;
            private $mcountry;
            private $sesid;
            private $sesuser;
            private $estid;
            private $ename;
            private $ephone;
            private $eaddress;
            private $eaddresstwo;
            private $ecounty;
            private $ecity;
            private $epostcode;
            private $ecountry;

            
            
      function __construct() {
          
          $this->randid = mt_rand();


      }
                                          
      function MYSQLConnection($dbusername = "root", $dbpassword = "", $dbhost = "localhost", $dbbase = "sli") {

          $this->dbusername = $dbusername;
          $this->dbpassword = $dbpassword;
          $this->dbhost = $dbhost;
          $this->dbbase = $dbbase;
          
          $this->MYSQLConnect = mysql_connect($this->dbhost, $this->dbusername, $this->dbpassword);
          $this->SelectDB = mysql_select_db($this->dbbase, $this->MYSQLConnect) or die(mysql_error());
          
          return($this->SelectDB); 
      }

      function AddEst($aname, $aphone, $aaddress, $aaddresstwo, $acounty, $acity, $apostcode, $acountry, $anum) {

                   session_start();
                   
          $this->aname =       mysql_real_escape_string(addslashes($aname));
          $this->aphone =      mysql_real_escape_string(addslashes($aphone));
          $this->aaddress =    mysql_real_escape_string(addslashes($aaddress));
          $this->aaddresstwo = mysql_real_escape_string(addslashes($aaddresstwo));
          $this->acounty =     mysql_real_escape_string(addslashes($acounty));
          $this->acity =       mysql_real_escape_string(addslashes($acity));
          $this->apostcode =   mysql_real_escape_string(addslashes($apostcode));
          $this->acountry =    mysql_real_escape_string(addslashes($acountry));
          $this->anum =        mysql_real_escape_string(addslashes($anum));
          $this->randid =      mysql_real_escape_string(addslashes(mt_rand()));
          $this->aeusername =  mysql_real_escape_string(addslashes($_SESSION['username']));
          $this->aeid =        mysql_real_escape_string(addslashes($_SESSION['id']));

          
       mysql_query("INSERT INTO `establishments` (mid, username, id, name, address, addresstwo, postcode, county, phone, country, city) VALUES('$this->aeid', '$this->aeusername', '$this->randid', '$this->aname', '$this->aaddress', '$this->aaddresstwo', '$this->apostcode', '$this->acounty', '$this->aphone', '$this->acountry', '$this->acity')") or die(mysql_error());


       if($this->anum == '0') {

       mysql_query("UPDATE `members` SET sus = '0' WHERE username = '$this->aeusername' AND id = '$this->aeid'") or die(mysql_error());

       header('Location: login.php');

       } else {

       $addone = "Your establishment was sucessfully added.";

       return $addone;  

      }

}

      function EditEst($ename, $ephone, $eaddress, $eaddresstwo, $ecounty, $ecity, $epostcode, $ecountry) {

                   session_start();
                   
          $this->ename =       mysql_real_escape_string(addslashes($ename));
          $this->ephone =      mysql_real_escape_string(addslashes($ephone));
          $this->eaddress =    mysql_real_escape_string(addslashes($eaddress));
          $this->eaddresstwo = mysql_real_escape_string(addslashes($eaddresstwo));
          $this->ecounty =     mysql_real_escape_string(addslashes($ecounty));
          $this->ecity =       mysql_real_escape_string(addslashes($ecity));
          $this->epostcode =   mysql_real_escape_string(addslashes($epostcode));
          $this->ecountry =    mysql_real_escape_string(addslashes($ecountry));
          $this->eeusername =  mysql_real_escape_string(addslashes($_SESSION['username']));
          $this->eeid =        mysql_real_escape_string(addslashes($_SESSION['id']));
          $this->eestabid =    mysql_real_escape_string(addslashes($_SESSION['establishmentid']));

          
       mysql_query("UPDATE `establishments` SET name = '$this->ename', phone = '$this->ephone', address = '$this->eaddress', addresstwo = '$this->eaddresstwo', county = '$this->ecounty', city = '$this->ecity', postcode = '$this->epostcode', country = '$this->ecountry' WHERE mid = '$this->eeid' AND username = '$this->eeusername' AND id = '$this->eestabid'") or die(mysql_error());

       $editdone = "Your establishment was sucessfully edited.";

       return $editdone;  


}

      function AddMem($mfirstname, $mlastname, $musername, $mpassword, $memail, $mphone, $maddress, $maddresstwo, $mcity, $mcounty, $mpostcode, $mcountry) {
             
                                         session_start();
          
          $this->mfirstname =  mysql_real_escape_string(addslashes($mfirstname));
          $this->mlastname =   mysql_real_escape_string(addslashes($mlastname));
          $this->musername =   mysql_real_escape_string(addslashes($musername));
          $this->mpassword =   mysql_real_escape_string(addslashes(md5($mpassword)));
          $this->memail =      mysql_real_escape_string(addslashes($memail));
          $this->mphone =      mysql_real_escape_string(addslashes($mphone));
          $this->maddress =    mysql_real_escape_string(addslashes($maddress));
          $this->maddresstwo = mysql_real_escape_string(addslashes($maddresstwo));
          $this->mcity =       mysql_real_escape_string(addslashes($mcity));
          $this->mcounty =     mysql_real_escape_string(addslashes($mcounty));
          $this->mpostcode =   mysql_real_escape_string(addslashes($mpostcode));
          $this->mcountry =    mysql_real_escape_string(addslashes($mcountry));

        
                       $_SESSION['username'] = $this->musername;
                       $_SESSION['id'] = $this->randid;

            mysql_query("INSERT INTO `members` (id, firstname, lastname, email, phone, address, addresstwo, city, county, postcode, country, username, password, sus) VALUES('$this->randid', '$this->mfirstname', '$this->mlastname', '$this->memail', '$this->mphone', '$this->maddress', '$this->maddresstwo', '$this->mcity', '$this->mcounty', '$this->mpostcode', '$this->mcountry', '$this->musername', '$this->mpassword', '1')") or die(mysql_error());
             
          $to = "$this->memail";
          $subject = "Verification email";
          $body = "<a href=\"website/verify.php?name=$this->musername\">Click here to activate your account</a>";
          $headers = 'From: [email protected]' . "\r\n" .
          'Reply-To: [email protected]' . "\r\n" .
          'X-Mailer: PHP/' . phpversion();

         if (mail($to, $subject, $body, $headers)) {

         header('Location: registertwo.php');

           } else {  

        header('Location: register.php');
             
        }


       } 

      function Login($lusername, $lpassword) {
                  
          $this->lusername = mysql_real_escape_string(addslashes($lusername));
          $this->lpassword = mysql_real_escape_string(addslashes(md5($lpassword)));
          
          $this->LoginQ = "SELECT * FROM `members` WHERE username = '$this->lusername' AND password = '$this->lpassword'";
          $this->LoginR = mysql_query($this->LoginQ) or die (mysql_error());
              
          if(mysql_num_rows($this->LoginR) == '1') {
           
              while($fetch =  mysql_fetch_array($this->LoginR)) { 
                  
                  if($fetch['sus'] == '0') {

                                     session_start();
                            $_SESSION['username'] = $this->lusername;
                            $_SESSION['id'] = $fetch['id'];
                            $_SESSION['firstname'] = $fetch['firstname'];
                            $this->lid = $fetch['id'];
                                  header('Location: user_home.php');

                  }   else {
                      
                      echo ("Sorry but the account you are trying to access is suspended, Please try again.");
                      
                    exit();
                  }

              } 
                 

              echo "Sorry but the account you are trying to access is non existant, Please try again.";    
          }    
  }
  
      function Logout() {
        session_start();
        session_unset();
        session_destroy(); 

        header('Location: login.php'); 
    }

      function DelEst($estid) {
          
          $this->sesid =   mysql_real_escape_string(addslashes($_SESSION['id']));
          $this->sesuser = mysql_real_escape_string(addslashes($_SESSION['username']));
          $this->estid =   mysql_real_escape_string(addslashes($estid));
          
          mysql_query("DELETE FROM `establishments` WHERE mid = '$this->sesid' AND username = '$this->sesuser' AND id = '$this->estid' LIMIT 1") or die(mysql_error());
          $deldone = "The establishment you selected was succesfully delete from our database.";
          return $deldone;
      }
      
    
  }

?>

 

Many thanks,

 

James.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.