Jump to content

Page transverse does not happen in my web site - help please


arunkr

Recommended Posts

am a new bie for PHP.Hi i have uploaded review code to my webserver www.clickcity.in, the problem is after entering email and  password -> click " sign in ", blank page is displayed.

however url shows as "http://www.clickcity.in/my/login.php?f=login&referer=".please help me to resove the same.

now when i again go to www.clickcity.in in the same browser window , user is logged in.

<?php

@session_start();

include_once(dirname(__FILE__)."/../inc/func/get_sth.php");

include_once(_ABSPATH_.'/inc/func/header.php');

 

 

if($_SESSION["email"] or $_SESSION["display_name"] or $_SESSION["fb_user"] )

{

header("Location: ./");

exit;

}

 

 

$page_title = l('Log in').' | '.get_sitename();  //

 

$referer= rawurlencode($_GET['referer']);

if(empty($referer)) $referer=rawurlencode($_SERVER['HTTP_REFERER']);

if(strtolower(substr($referer,-9))=='login.php') $referer=rawurlencode('/');

 

$loginfail=0;

 

 

// Already Sent Login Form

if($_GET[f]=="login")

{

// Get varibles.

$email=strtolower(strip_tags(trim($_POST)));

$password=$_POST[password];

// Validate Login

if($member=validate_login($email,$password))

{

session_start();

$_SESSION["email"]=$email;

$_SESSION["display_name"]=$member['first_name']." ".$member['last_name'];

// Record Last Login Date

mysql_query("UPDATE `user` SET `last_login_date` = '".date(Ymd)."' WHERE email='$email' LIMIT 1 ;");

// Create Token

mysql_query("UPDATE `user` SET `token` = '".md5(rand())."' WHERE email='$email' LIMIT 1 ;");

 

// Redirect

header("Location: ".rawurldecode($referer));

exit;

}

else

{

$loginfail=1;  // Login Failed, Err Code = 1

}

}

// Already Sent Register

elseif($_GET[f]=="reg")

{

$form['firstname']=$firstname=strip_tags(trim($_POST[firstname]));

$form['lastname']=$lastname=strip_tags(trim($_POST[lastname]));

$form['email']=$email=strtolower(strip_tags(trim($_POST)));

$form['nickname']=$nickname=strip_tags(trim($_POST[nickname]));

$form['password']=$password=md5($_POST[password]);

$form['zip']=$zip=strip_tags(trim($_POST[zip]));

$form['city']=$city=$_POST[city];

$form['gender']=$gender=$_POST[gender];

$form['birthday']=$birthday=$_POST[year].$_POST[month].$_POST[day];

$form['reg_date']=$reg_date=date(Ymd);

 

// Validate CAPTCHA

if(_CAPTCHA_REG_ENABLE_ && !validate_captcha($_POST['code']))

{

$loginfail=4;  // Err Code = 4  Wrong CAPTCHA

}

 

// Check duplicate email

if(check_duplicate_email($_POST)) 

{

$loginfail=2;  // Found duplicate email.

}

 

// Check duplicate  nickname

if(check_duplicate_nickname($nickname)) 

{

$loginfail=3;  // Found duplicate nickname.

}

 

// Do Reg action if there's no Err Code

if($loginfail==0 && do_reg($firstname,$lastname,$email,$nickname,$password,$zip,$city,$gender,$birthday,$reg_date))

{

  @session_start();

  $_SESSION["email"]=$email;

  $_SESSION["display_name"]=$firstname." ".$lastname;

 

// Create Token

mysql_query("UPDATE `user` SET `token` = '".md5(rand())."' WHERE email='$email' LIMIT 1 ;");

 

  header("Location: ".rawurldecode($referer));

  exit;

}

}

 

// Check duplicate email

function check_duplicate_email($email)

{

$result=mysql_query("SELECT `email` FROM user where email='".$email."'");

$val=mysql_fetch_array($result);

if($val==$email)  return true;

else return false; // not found duplicate

}

 

// Check duplicate nickname

function check_duplicate_nickname($nickname)

{

$query=mysql_query("SELECT `nickname` FROM user where `nickname`='".$nickname."'");

$rows=mysql_num_rows($query); // 算总数

if($rows!=0&&!empty($nickname)) return true;

else return false;// not found duplicate

}

 

// Validate CAPTCHA

function validate_captcha($code)

{

  require(_ABSPATH_."/inc/captcha/securimage.php");

  $img = new Securimage();

  $valid = $img->check($code);

  if(!$valid)  return false;  // not valid

  else return true;

}

 

// Reg action

function do_reg($firstname,$lastname,$email,$nickname,$password,$zip,$city,$gender,$birthday,$reg_date)

{

  $query="insert into `user` (`first_name`,`last_name`,`email`,`nickname`,`password`,`zip`,`city`,`gender`,`birthday`,`reg_date`) values ('$firstname','$lastname','$email','$nickname','$password','$zip','$city','$gender','$birthday','$reg_date')";

  $result=mysql_query($query);

  return true;

}

 

// Validate Login

function validate_login($email,$password)

{

$result=mysql_query("SELECT * FROM user where email='$email'");

$val=mysql_fetch_array($result);

  if($val[password] && $val[password]===md5($password))  return $val;

  else  return false;

}

 

// Get State List to <select>

function get_state()

{

$str="SELECT * FROM `province`";

$rc = mysql_query($str);

while($row=mysql_fetch_array($rc)){

  $catid=$row['province_id'];

  $catname=$row['province_name'];

  $temp.= "<option value=\"".$catid."\">".$catname."</option>";

  }

return $temp;

}

 

$var_state=get_state();

 

$smarty->assign("page_title",$page_title);

$smarty->assign("var_state",$var_state);

$smarty->assign("form",$form);

$smarty->assign("loginfail",$loginfail);

$smarty->assign("referer",$referer);

$smarty->display('my/login.tpl');

?>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.